refactor(measured_boot): remove passing of BL2 hash via device tree
Subsequent patches will provide a solution to do the BL2 hash measurement
and recording in BL1 itself, hence in preparation to adopt that solution
remove the logic of passing BL2 hash measurement to BL2 component
via TB_FW config.
Change-Id: Iff9b3d4c6a236a33b942898fcdf799cbab89b724
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 2871b1b..08c014d 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -48,9 +48,6 @@
#pragma weak bl2_platform_setup
#pragma weak bl2_plat_arch_setup
#pragma weak bl2_plat_sec_mem_layout
-#if MEASURED_BOOT
-#pragma weak bl2_plat_get_hash
-#endif
#if ENABLE_RME
#define MAP_BL2_TOTAL MAP_REGION_FLAT( \
@@ -323,11 +320,3 @@
{
return arm_bl2_plat_handle_post_image_load(image_id);
}
-
-#if MEASURED_BOOT
-/* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
-void bl2_plat_get_hash(void *data)
-{
- arm_bl2_get_hash(data);
-}
-#endif
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index 30473be..6aae9ae 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,10 +15,6 @@
#include <common/tbbr/tbbr_img_def.h>
#if TRUSTED_BOARD_BOOT
#include <drivers/auth/mbedtls/mbedtls_config.h>
-#if MEASURED_BOOT
-#include <drivers/auth/crypto_mod.h>
-#include <mbedtls/md.h>
-#endif
#endif
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
@@ -115,82 +111,13 @@
* images. It's critical because BL2 won't be able to proceed
* without the heap info.
*
- * In MEASURED_BOOT case flushing is done in
- * arm_bl1_set_bl2_hash() function which is called after heap
- * information is written in the DTB.
+ * In MEASURED_BOOT case flushing is done in a function which
+ * is called after heap information is written in the DTB.
*/
flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize(dtb));
#endif /* !MEASURED_BOOT */
}
-}
-
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- * Executed only from BL1.
- */
-void arm_bl1_set_bl2_hash(const image_desc_t *image_desc)
-{
- unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
- const image_info_t image_info = image_desc->image_info;
- uintptr_t tb_fw_cfg_dtb;
- int err;
- const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
-
- tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
- assert(tb_fw_config_info != NULL);
-
- tb_fw_cfg_dtb = tb_fw_config_info->config_addr;
-
- /*
- * If tb_fw_cfg_dtb==NULL then DTB is not present for the current
- * platform. As such, we cannot write to the DTB at all and pass
- * measured data.
- */
- if (tb_fw_cfg_dtb == 0UL) {
- panic();
- }
-
- /* Calculate hash */
- err = crypto_mod_calc_hash(MBEDTLS_MD_ID,
- (void *)image_info.image_base,
- image_info.image_size, hash_data);
- if (err != 0) {
- ERROR("%scalculate%s\n", "BL1: unable to ",
- " BL2 hash");
- panic();
- }
-
- err = arm_set_bl2_hash_info((void *)tb_fw_cfg_dtb, hash_data);
- if (err < 0) {
- ERROR("%swrite%sdata%s\n", "BL1: unable to ",
- " BL2 hash ", "to DTB\n");
- panic();
- }
-
- /*
- * Ensure that the info written to the DTB is visible to other
- * images. It's critical because BL2 won't be able to proceed
- * without the heap info and its hash data.
- */
- flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize((void *)tb_fw_cfg_dtb));
-}
-
-/*
- * Reads TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB.
- * Executed only from BL2.
- */
-void arm_bl2_get_hash(void *data)
-{
- const void *bl2_hash;
-
- assert(data != NULL);
-
- /* Retrieve TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB */
- bl2_hash = FCONF_GET_PROPERTY(tbbr, dyn_config, bl2_hash_data);
- (void)memcpy(data, bl2_hash, TCG_DIGEST_SIZE);
}
-#endif /* MEASURED_BOOT */
#endif /* TRUSTED_BOARD_BOOT */
/*
diff --git a/plat/arm/common/arm_dyn_cfg_helpers.c b/plat/arm/common/arm_dyn_cfg_helpers.c
index 5f20c8d..8ebb6d6 100644
--- a/plat/arm/common/arm_dyn_cfg_helpers.c
+++ b/plat/arm/common/arm_dyn_cfg_helpers.c
@@ -20,18 +20,15 @@
#define DTB_PROP_MBEDTLS_HEAP_SIZE "mbedtls_heap_size"
#if MEASURED_BOOT
-#define DTB_PROP_BL2_HASH_DATA "bl2_hash_data"
#ifdef SPD_opteed
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this property should be removed when this feature is supported.
*/
#define DTB_PROP_HW_SM_LOG_ADDR "tpm_event_log_sm_addr"
-#endif
+#endif /* SPD_opteed */
#define DTB_PROP_HW_LOG_ADDR "tpm_event_log_addr"
#define DTB_PROP_HW_LOG_SIZE "tpm_event_log_size"
-
-static int dtb_root = -1;
#endif /* MEASURED_BOOT */
/*******************************************************************************
@@ -81,9 +78,8 @@
*/
int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr, size_t heap_size)
{
-#if !MEASURED_BOOT
int dtb_root;
-#endif
+
/*
* Verify that the DTB is valid, before attempting to write to it,
* and get the DTB root node.
@@ -123,28 +119,6 @@
#if MEASURED_BOOT
/*
- * This function writes the BL2 hash data in HW_FW_CONFIG DTB.
- * When it is called, it is guaranteed that a DTB is available.
- *
- * This function is supposed to be called only by BL1.
- *
- * Returns:
- * 0 = success
- * < 0 = error
- */
-int arm_set_bl2_hash_info(void *dtb, void *data)
-{
- assert(dtb_root >= 0);
-
- /*
- * Write the BL2 hash data in the DTB.
- */
- return fdtw_write_inplace_bytes(dtb, dtb_root,
- DTB_PROP_BL2_HASH_DATA,
- TCG_DIGEST_SIZE, data);
-}
-
-/*
* Write the Event Log address and its size in the DTB.
*
* This function is supposed to be called only by BL2.