Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 57b669fc513af2b87619982865d486f3cdb7e279^! / . / common / bl_common.c
commit57b669fc513af2b87619982865d486f3cdb7e279[log] [tgz]
authorManish V Badarkhe <Manish.Badarkhe@arm.com>Mon Sep 20 09:06:02 2021 +0100
committerManish V Badarkhe <Manish.Badarkhe@arm.com>Tue Oct 12 17:53:47 2021 +0100
tree34deb8372bbc7565d5f8d35491cd4f293df78fee
parent3c2db6f2d96775933e73c44b704facc04be3d1ed [diff] [blame]
refactor(measured boot): move image measurement to generic layer

Right now, the assumption is that the platform post-load hook takes
care of measuring the image that just got loaded. This is how it's
implemented on FVP.

This patch moves the measurement into the generic code
instead. load_auth_image() now calls plat_mboot_measure_image(),
which is a new platform interface introduced in this patch to measure
an image. This is called just after authenticating the image.

Implement plat_mboot_measure_image() for the Arm FVP platform. The code
is copied straight from the post-load hook.

As a result, the FVP specific implementation of
arm_bl2_plat_handle_post_image_load() is no longer needed. We can go
back to using the Arm generic implementation of it.

Change-Id: I7b4b8d28941a865e10af9d0eadaf2e4850942090
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

diff --git a/common/bl_common.c b/common/bl_common.c
index a7e2816..3c37bcf 100644
--- a/common/bl_common.c
+++ b/common/bl_common.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -202,12 +202,27 @@
 		return -EAUTH;
 	}
 
-	/*
-	 * Flush the image to main memory so that it can be executed later by
-	 * any CPU, regardless of cache and MMU state. This is only needed for
-	 * child images, not for the parents (certificates).
-	 */
 	if (is_parent_image == 0) {
+#if IMAGE_BL2
+		/*
+		 * Measure the image.
+		 * We do not measure its parents because these only play a role
+		 * in authentication, which is orthogonal to measured boot.
+		 *
+		 * TODO: Change this code if we change our minds about measuring
+		 * certificates.
+		 */
+		rc = plat_mboot_measure_image(image_id);
+		if (rc != 0) {
+			return rc;
+		}
+#endif
+		/*
+		 * Flush the image to main memory so that it can be executed
+		 * later by any CPU, regardless of cache and MMU state. This
+		 * is only needed for child images, not for the parents
+		 * (certificates).
+		 */
 		flush_dcache_range(image_data->image_base,
 				   image_data->image_size);
 	}