refactor(measured boot): move image measurement to generic layer
Right now, the assumption is that the platform post-load hook takes
care of measuring the image that just got loaded. This is how it's
implemented on FVP.
This patch moves the measurement into the generic code
instead. load_auth_image() now calls plat_mboot_measure_image(),
which is a new platform interface introduced in this patch to measure
an image. This is called just after authenticating the image.
Implement plat_mboot_measure_image() for the Arm FVP platform. The code
is copied straight from the post-load hook.
As a result, the FVP specific implementation of
arm_bl2_plat_handle_post_image_load() is no longer needed. We can go
back to using the Arm generic implementation of it.
Change-Id: I7b4b8d28941a865e10af9d0eadaf2e4850942090
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/common/bl_common.c b/common/bl_common.c
index a7e2816..3c37bcf 100644
--- a/common/bl_common.c
+++ b/common/bl_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -202,12 +202,27 @@
return -EAUTH;
}
- /*
- * Flush the image to main memory so that it can be executed later by
- * any CPU, regardless of cache and MMU state. This is only needed for
- * child images, not for the parents (certificates).
- */
if (is_parent_image == 0) {
+#if IMAGE_BL2
+ /*
+ * Measure the image.
+ * We do not measure its parents because these only play a role
+ * in authentication, which is orthogonal to measured boot.
+ *
+ * TODO: Change this code if we change our minds about measuring
+ * certificates.
+ */
+ rc = plat_mboot_measure_image(image_id);
+ if (rc != 0) {
+ return rc;
+ }
+#endif
+ /*
+ * Flush the image to main memory so that it can be executed
+ * later by any CPU, regardless of cache and MMU state. This
+ * is only needed for child images, not for the parents
+ * (certificates).
+ */
flush_dcache_range(image_data->image_base,
image_data->image_size);
}
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 5fc21a5..bbf8ee80 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -213,6 +213,7 @@
void bl2_plat_mboot_init(void);
void bl2_plat_mboot_finish(void);
+int plat_mboot_measure_image(unsigned int image_id);
#else
static inline void bl2_plat_mboot_init(void)
{
@@ -220,6 +221,10 @@
static inline void bl2_plat_mboot_finish(void)
{
}
+static inline int plat_mboot_measure_image(unsigned int image_id __unused)
+{
+ return 0;
+}
#endif /* MEASURED_BOOT */
/*******************************************************************************
diff --git a/plat/arm/board/fvp/fvp_bl2_setup.c b/plat/arm/board/fvp/fvp_bl2_setup.c
index 634210b..5a17a0d 100644
--- a/plat/arm/board/fvp/fvp_bl2_setup.c
+++ b/plat/arm/board/fvp/fvp_bl2_setup.c
@@ -70,45 +70,3 @@
return arm_bl_params;
}
-#if MEASURED_BOOT
-static int fvp_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- const bl_mem_params_node_t *bl_mem_params =
- get_bl_mem_params_node(image_id);
-
- assert(bl_mem_params != NULL);
-
- image_info_t info = bl_mem_params->image_info;
- int err;
-
- if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
- /* Calculate image hash and record data in Event Log */
- err = event_log_measure_and_record(info.image_base,
- info.image_size, image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "record", image_id, err);
- return err;
- }
- }
-
- err = arm_bl2_handle_post_image_load(image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "handle", image_id, err);
- }
-
- return err;
-}
-
-int arm_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- int err = fvp_bl2_plat_handle_post_image_load(image_id);
-
- if (err != 0) {
- ERROR("%s() returns %i\n", __func__, err);
- }
-
- return err;
-}
-#endif /* MEASURED_BOOT */
diff --git a/plat/arm/board/fvp/fvp_measured_boot.c b/plat/arm/board/fvp/fvp_measured_boot.c
index 3697c3f..64d4a85 100644
--- a/plat/arm/board/fvp/fvp_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_measured_boot.c
@@ -4,9 +4,12 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <assert.h>
#include <stdint.h>
+#include <common/desc_image_load.h>
#include <drivers/measured_boot/event_log/event_log.h>
+
#include <plat/arm/common/plat_arm.h>
/* FVP table with platform specific image IDs, names and PCRs */
@@ -62,3 +65,27 @@
dump_event_log(log_addr, log_size);
}
+
+int plat_mboot_measure_image(unsigned int image_id)
+{
+ const bl_mem_params_node_t *bl_mem_params =
+ get_bl_mem_params_node(image_id);
+
+ assert(bl_mem_params != NULL);
+
+ image_info_t info = bl_mem_params->image_info;
+ int err;
+
+ if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
+ /* Calculate image hash and record data in Event Log */
+ err = event_log_measure_record(info.image_base,
+ info.image_size, image_id);
+ if (err != 0) {
+ ERROR("%s%s image id %u (%i)\n",
+ "BL2: Failed to ", "record", image_id, err);
+ return err;
+ }
+ }
+
+ return 0;
+}