Merge changes from topic "mb/mb-signer-id" into integration
* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'plat_mboot_measure_key' function
feat(tc): implement platform function to measure and publish Public Key
feat(auth): measure and publicise the Public Key
feat(fvp): implement platform function to measure and publish Public Key
feat(fvp): add public key-OID information in RSS metadata structure
feat(auth): add explicit entries for key OIDs
feat(rss): set the signer-ID in the RSS metadata
feat(auth): create a zero-OID for Subject Public Key
docs: add details about plat_mboot_measure_key function
feat(measured-boot): introduce platform function to measure and publish Public Key
diff --git a/docs/design_documents/measured_boot.rst b/docs/design_documents/measured_boot.rst
index 8130d7d..c4e5213 100644
--- a/docs/design_documents/measured_boot.rst
+++ b/docs/design_documents/measured_boot.rst
@@ -204,6 +204,28 @@
In FVP, Non volatile counters get measured and recorded as Critical data
using the backend via this interface.
+#. **Function : plat_mboot_measure_key()**
+
+ .. code-block:: c
+
+ int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len);
+
+ - This function is used by the platform to measure the passed key and
+ publicise it using any of the supported backends.
+ - The authentication module within the trusted boot framework calls this
+ function for every ROTPK involved in verifying the signature of a root
+ certificate and for every subsidiary key that gets extracted from a key
+ certificate for later authentication of a content certificate.
+ - A cookie, passed as the first argument, serves as a key-OID pointer
+ associated with the public key data, passed as the second argument.
+ - Public key data size is passed as the third argument to this function.
+ - This function must return 0 on success, a signed integer error code
+ otherwise.
+ - In FVP platform, this function is used to calculate the hash of the given
+ key and forward this hash to RSS alongside the measurement of the image
+ which the key signs.
+
--------------
*Copyright (c) 2023, Arm Limited. All rights reserved.*
diff --git a/docs/design_documents/rss.rst b/docs/design_documents/rss.rst
index 2be8067..2ad2ee7 100644
--- a/docs/design_documents/rss.rst
+++ b/docs/design_documents/rss.rst
@@ -262,7 +262,8 @@
- ``SW type``: Optional. Short text description (e.g.: BL1, BL2, BL31, etc.)
.. Note::
- Signer-id and version info is not implemented in TF-A yet.
+ Version info is not implemented in TF-A yet.
+
The caller must specify in which measurement slot to extend a certain
measurement and metadata. A measurement slot can be extended by multiple
@@ -321,9 +322,38 @@
size_t version_size;
uint8_t sw_type[SW_TYPE_MAX_SIZE];
size_t sw_type_size;
+ void *pk_oid;
bool lock_measurement;
};
+Signer-ID API
+^^^^^^^^^^^^^
+
+This function calculates the hash of a public key (signer-ID) using the
+``Measurement algorithm`` and stores it in the ``rss_mboot_metadata`` field
+named ``signer_id``.
+Prior to calling this function, the caller must ensure that the ``signer_id``
+field points to the zero-filled buffer.
+
+Defined here:
+
+- ``include/drivers/measured_boot/rss/rss_measured_boot.h``
+
+.. code-block:: c
+
+ int rss_mboot_set_signer_id(struct rss_mboot_metadata *metadata_ptr,
+ const void *pk_oid,
+ const void *pk_ptr,
+ size_t pk_len)
+
+
+- First parameter is the pointer to the ``rss_mboot_metadata`` structure.
+- Second parameter is the pointer to the key-OID of the public key.
+- Third parameter is the pointer to the public key buffer.
+- Fourth parameter is the size of public key buffer.
+- This function returns 0 on success, a signed integer error code
+ otherwise.
+
Build time config options
^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -361,8 +391,8 @@
INFO: Image id=24 loaded: 0x4001300 - 0x400153a
INFO: Measured boot extend measurement:
INFO: - slot : 7
- INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: - signer_id : b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec 32 73
+ INFO: : e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22 9a da
INFO: - version :
INFO: - version_size: 0
INFO: - sw_type : TB_FW_CONFIG
@@ -377,8 +407,8 @@
INFO: Image id=1 loaded: 0x404d000 - 0x406412a
INFO: Measured boot extend measurement:
INFO: - slot : 8
- INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: - signer_id : b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec 32 73
+ INFO: : e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22 9a da
INFO: - version :
INFO: - version_size: 0
INFO: - sw_type : BL_2
@@ -483,31 +513,31 @@
INFO: a2 6a df 34 c3 29 48 9a dc 38 04 67 31 2e 35 2e
INFO: 30 2b 30 01 60 02 58 20 b8 01 65 a7 78 8b c6 59
INFO: 42 8d 33 10 85 d1 49 0a dc 9e c3 ee df 85 1b d2
- INFO: f0 73 73 6a 0c 07 11 b8 a4 05 58 20 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 04 60 01 6a
+ INFO: f0 73 73 6a 0c 07 11 b8 a4 05 58 20 b0 f3 82 09
+ INFO: 12 97 d8 3a 37 7a 72 47 1b ec 32 73 e9 92 32 e2
+ INFO: 49 59 f6 5e 8b 4a 4a 46 d8 22 9a da 04 60 01 6a
INFO: 46 57 5f 43 4f 4e 46 49 47 00 02 58 20 21 9e a0
INFO: 13 82 e6 d7 97 5a 11 13 a3 5f 45 39 68 b1 d9 a3
INFO: ea 6a ab 84 23 3b 8c 06 16 98 20 ba b9 a4 05 58
- INFO: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 04 60 01 6d 54 42 5f 46 57 5f 43 4f 4e 46 49
+ INFO: 20 b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec 32
+ INFO: 73 e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22 9a
+ INFO: da 04 60 01 6d 54 42 5f 46 57 5f 43 4f 4e 46 49
INFO: 47 00 02 58 20 41 39 f6 c2 10 84 53 c5 17 ae 9a
INFO: e5 be c1 20 7b cc 24 24 f3 9d 20 a8 fb c7 b3 10
- INFO: e3 ee af 1b 05 a4 05 58 20 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 04 60 01 65 42 4c 5f
+ INFO: e3 ee af 1b 05 a4 05 58 20 b0 f3 82 09 12 97 d8
+ INFO: 3a 37 7a 72 47 1b ec 32 73 e9 92 32 e2 49 59 f6
+ INFO: 5e 8b 4a 4a 46 d8 22 9a da 04 60 01 65 42 4c 5f
INFO: 32 00 02 58 20 5c 96 20 e1 e3 3b 0f 2c eb c1 8e
INFO: 1a 02 a6 65 86 dd 34 97 a7 4c 98 13 bf 74 14 45
- INFO: 2d 30 28 05 c3 a4 05 58 20 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 04 60 01 6e 53 45 43
+ INFO: 2d 30 28 05 c3 a4 05 58 20 b0 f3 82 09 12 97 d8
+ INFO: 3a 37 7a 72 47 1b ec 32 73 e9 92 32 e2 49 59 f6
+ INFO: 5e 8b 4a 4a 46 d8 22 9a da 04 60 01 6e 53 45 43
INFO: 55 52 45 5f 52 54 5f 45 4c 33 00 02 58 20 f6 fb
INFO: 62 99 a5 0c df db 02 0b 72 5b 1c 0b 63 6e 94 ee
INFO: 66 50 56 3a 29 9c cb 38 f0 ec 59 99 d4 2e a4 05
- INFO: 58 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- INFO: 00 00 04 60 01 6a 48 57 5f 43 4f 4e 46 49 47 00
+ INFO: 58 20 b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec
+ INFO: 32 73 e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22
+ INFO: 9a da 04 60 01 6a 48 57 5f 43 4f 4e 46 49 47 00
INFO: 02 58 20 98 5d 87 21 84 06 33 9d c3 1f 91 f5 68
INFO: 8d a0 5a f0 d7 7e 20 51 ce 3b f2 a5 c3 05 2e 3c
INFO: 8b 52 31 19 01 09 78 1c 68 74 74 70 3a 2f 2f 61
@@ -559,31 +589,31 @@
"MEASUREMENT_VALUE": "b'B80165A7788BC659428D331085D1490ADC9EC3EEDF851BD2F073736A0C0711B8'"
},
{
- "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SIGNER_ID": "b'b0f382091297d83a377a72471bec3273e99232e24959f65e8b4a4a46d8229ada'",
"SW_COMPONENT_VERSION": "",
"SW_COMPONENT_TYPE": "FW_CONFIG\u0000",
"MEASUREMENT_VALUE": "b'219EA01382E6D7975A1113A35F453968B1D9A3EA6AAB84233B8C06169820BAB9'"
},
{
- "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SIGNER_ID": "b'b0f382091297d83a377a72471bec3273e99232e24959f65e8b4a4a46d8229ada'",
"SW_COMPONENT_VERSION": "",
"SW_COMPONENT_TYPE": "TB_FW_CONFIG\u0000",
"MEASUREMENT_VALUE": "b'4139F6C2108453C517AE9AE5BEC1207BCC2424F39D20A8FBC7B310E3EEAF1B05'"
},
{
- "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SIGNER_ID": "b'b0f382091297d83a377a72471bec3273e99232e24959f65e8b4a4a46d8229ada'",
"SW_COMPONENT_VERSION": "",
"SW_COMPONENT_TYPE": "BL_2\u0000",
"MEASUREMENT_VALUE": "b'5C9620E1E33B0F2CEBC18E1A02A66586DD3497A74C9813BF7414452D302805C3'"
},
{
- "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SIGNER_ID": "b'b0f382091297d83a377a72471bec3273e99232e24959f65e8b4a4a46d8229ada'",
"SW_COMPONENT_VERSION": "",
"SW_COMPONENT_TYPE": "SECURE_RT_EL3\u0000",
"MEASUREMENT_VALUE": "b'F6FB6299A50CDFDB020B725B1C0B636E94EE6650563A299CCB38F0EC5999D42E'"
},
{
- "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SIGNER_ID": "b'b0f382091297d83a377a72471bec3273e99232e24959f65e8b4a4a46d8229ada'",
"SW_COMPONENT_VERSION": "",
"SW_COMPONENT_TYPE": "HW_CONFIG\u0000",
"MEASUREMENT_VALUE": "b'985D87218406339DC31F91F5688DA05AF0D77E2051CE3BF2A5C3052E3C8B5231'"
diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c
index 7a9cca8..105dc05 100644
--- a/drivers/auth/auth_mod.c
+++ b/drivers/auth/auth_mod.c
@@ -20,6 +20,8 @@
#include <lib/fconf/fconf_tbbr_getter.h>
#include <plat/common/platform.h>
+#include <tools_share/zero_oid.h>
+
/* ASN.1 tags */
#define ASN1_INTEGER 0x02
@@ -148,7 +150,7 @@
const auth_img_desc_t *img_desc,
void *img, unsigned int img_len)
{
- void *data_ptr, *pk_ptr, *pk_plat_ptr, *sig_ptr, *sig_alg_ptr;
+ void *data_ptr, *pk_ptr, *pk_plat_ptr, *sig_ptr, *sig_alg_ptr, *pk_oid;
unsigned int data_len, pk_len, pk_plat_len, sig_len, sig_alg_len;
unsigned int flags = 0;
int rc = 0;
@@ -226,6 +228,25 @@
return -1;
}
}
+
+ /*
+ * Set Zero-OID for ROTPK(subject key) as a the certificate
+ * does not hold Key-OID information for ROTPK.
+ */
+ if (param->pk->cookie != NULL) {
+ pk_oid = param->pk->cookie;
+ } else {
+ pk_oid = ZERO_OID;
+ }
+
+ /*
+ * Public key is verified at this stage, notify platform
+ * to measure and publish it.
+ */
+ rc = plat_mboot_measure_key(pk_oid, pk_ptr, pk_len);
+ if (rc != 0) {
+ WARN("Public Key measurement failure = %d\n", rc);
+ }
}
/* Ask the crypto module to verify the signature */
@@ -381,6 +402,7 @@
unsigned int img_len)
{
const auth_img_desc_t *img_desc = NULL;
+ const auth_param_type_desc_t *type_desc = NULL;
const auth_method_desc_t *auth_method = NULL;
void *param_ptr;
unsigned int param_len;
@@ -462,6 +484,21 @@
/* Copy the parameter for later use */
memcpy((void *)img_desc->authenticated_data[i].data.ptr,
(void *)param_ptr, param_len);
+
+ /*
+ * If this is a public key then measure and publicise
+ * it.
+ */
+ type_desc = img_desc->authenticated_data[i].type_desc;
+ if (type_desc->type == AUTH_PARAM_PUB_KEY) {
+ rc = plat_mboot_measure_key(type_desc->cookie,
+ param_ptr,
+ param_len);
+ if (rc != 0) {
+ WARN("Public Key measurement "
+ "failure = %d\n", rc);
+ }
+ }
}
}
diff --git a/drivers/measured_boot/rss/rss_measured_boot.c b/drivers/measured_boot/rss/rss_measured_boot.c
index 1b2f177..258aa8d 100644
--- a/drivers/measured_boot/rss/rss_measured_boot.c
+++ b/drivers/measured_boot/rss/rss_measured_boot.c
@@ -32,6 +32,19 @@
# error Invalid Measured Boot algorithm.
#endif /* MBOOT_ALG_ID */
+#if ENABLE_ASSERTIONS
+static bool null_arr(const uint8_t *signer_id, size_t signer_id_size)
+{
+ for (size_t i = 0U; i < signer_id_size; i++) {
+ if (signer_id[i] != 0U) {
+ return false;
+ }
+ }
+
+ return true;
+}
+#endif /* ENABLE_ASSERTIONS */
+
/* Functions' declarations */
void rss_measured_boot_init(struct rss_mboot_metadata *metadata_ptr)
{
@@ -39,6 +52,7 @@
/* Init the non-const members of the metadata structure */
while (metadata_ptr->id != RSS_MBOOT_INVALID_ID) {
+ assert(null_arr(metadata_ptr->signer_id, MBOOT_DIGEST_SIZE));
metadata_ptr->sw_type_size =
strlen((const char *)&metadata_ptr->sw_type) + 1;
metadata_ptr++;
@@ -93,36 +107,53 @@
}
int rss_mboot_set_signer_id(struct rss_mboot_metadata *metadata_ptr,
- unsigned int img_id,
+ const void *pk_oid,
const void *pk_ptr,
size_t pk_len)
{
unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
int rc;
+ bool hash_calc_done = false;
assert(metadata_ptr != NULL);
- /* Get the metadata associated with this image. */
- while ((metadata_ptr->id != RSS_MBOOT_INVALID_ID) &&
- (metadata_ptr->id != img_id)) {
- metadata_ptr++;
- }
+ /*
+ * Do an exhaustive search over the platform metadata to find
+ * all images whose key OID matches the one passed in argument.
+ *
+ * Note that it is not an error if do not get any matches.
+ * The platform may decide not to measure all of the images
+ * in the system.
+ */
+ while (metadata_ptr->id != RSS_MBOOT_INVALID_ID) {
+ /* Get the metadata associated with this key-oid */
+ if (metadata_ptr->pk_oid == pk_oid) {
+ if (!hash_calc_done) {
+ /* Calculate public key hash */
+ rc = crypto_mod_calc_hash(CRYPTO_MD_ID,
+ (void *)pk_ptr,
+ pk_len, hash_data);
+ if (rc != 0) {
+ return rc;
+ }
- /* If image is not present in metadata array then skip */
- if (metadata_ptr->id == RSS_MBOOT_INVALID_ID) {
- return 0;
- }
+ hash_calc_done = true;
+ }
- /* Calculate public key hash */
- rc = crypto_mod_calc_hash(CRYPTO_MD_ID, (void *)pk_ptr,
- pk_len, hash_data);
- if (rc != 0) {
- return rc;
- }
+ /*
+ * Fill the signer-ID field with the newly/already
+ * computed hash of the public key and update its
+ * signer ID size field with compile-time decided
+ * digest size.
+ */
+ (void)memcpy(metadata_ptr->signer_id,
+ hash_data,
+ MBOOT_DIGEST_SIZE);
+ metadata_ptr->signer_id_size = MBOOT_DIGEST_SIZE;
+ }
- /* Update metadata struct with the received signer_id */
- (void)memcpy(metadata_ptr->signer_id, hash_data, MBOOT_DIGEST_SIZE);
- metadata_ptr->signer_id_size = MBOOT_DIGEST_SIZE;
+ metadata_ptr++;
+ }
return 0;
}
diff --git a/include/drivers/measured_boot/rss/rss_measured_boot.h b/include/drivers/measured_boot/rss/rss_measured_boot.h
index 76affd8..7ab517c 100644
--- a/include/drivers/measured_boot/rss/rss_measured_boot.h
+++ b/include/drivers/measured_boot/rss/rss_measured_boot.h
@@ -40,6 +40,7 @@
size_t version_size;
uint8_t sw_type[SW_TYPE_MAX_SIZE];
size_t sw_type_size;
+ void *pk_oid;
bool lock_measurement;
};
@@ -49,9 +50,8 @@
uintptr_t data_base, uint32_t data_size,
uint32_t data_id);
-/* TODO: These metadata are currently not available during TF-A boot */
int rss_mboot_set_signer_id(struct rss_mboot_metadata *metadata_ptr,
- unsigned int img_id, const void *pk_ptr,
+ const void *pk_oid, const void *pk_ptr,
size_t pk_len);
#endif /* RSS_MEASURED_BOOT_H */
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index d146a29..e024d91 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -146,6 +146,8 @@
int plat_mboot_measure_critical_data(unsigned int critical_data_id,
const void *base,
size_t size);
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len);
#else
static inline int plat_mboot_measure_image(unsigned int image_id __unused,
image_info_t *image_data __unused)
@@ -159,6 +161,12 @@
{
return 0;
}
+static inline int plat_mboot_measure_key(const void *pk_oid __unused,
+ const void *pk_ptr __unused,
+ size_t pk_len __unused)
+{
+ return 0;
+}
#endif /* MEASURED_BOOT */
/*******************************************************************************
diff --git a/include/tools_share/cca_oid.h b/include/tools_share/cca_oid.h
index 2ca12c9..8c53ef9 100644
--- a/include/tools_share/cca_oid.h
+++ b/include/tools_share/cca_oid.h
@@ -28,4 +28,17 @@
/* CCAFirmwareNVCounter - Non-volatile counter extension */
#define CCA_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.3"
+/*
+ * First undef previous definitions from tbbr_oid.h.
+ * CCA ROTPK authenticates BL31 and its configuration image in
+ * CCA CoT.
+ **/
+#undef BL31_IMAGE_KEY_OID
+#undef SOC_FW_CONFIG_KEY_OID
+#undef HW_CONFIG_KEY_OID
+#define BL31_IMAGE_KEY_OID ZERO_OID
+#define SOC_FW_CONFIG_KEY_OID ZERO_OID
+#define HW_CONFIG_KEY_OID ZERO_OID
+#define RMM_IMAGE_KEY_OID ZERO_OID
+
#endif /* CCA_OID_H */
diff --git a/include/tools_share/dualroot_oid.h b/include/tools_share/dualroot_oid.h
index 3e88a6d..3762c79 100644
--- a/include/tools_share/dualroot_oid.h
+++ b/include/tools_share/dualroot_oid.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/include/tools_share/tbbr_oid.h b/include/tools_share/tbbr_oid.h
index 52b43ab..9881d1a 100644
--- a/include/tools_share/tbbr_oid.h
+++ b/include/tools_share/tbbr_oid.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,8 @@
#ifndef TBBR_OID_H
#define TBBR_OID_H
+#include "zero_oid.h"
+
#define MAX_OID_NAME_LEN 30
/*
@@ -160,6 +162,14 @@
#define SP_PKG7_HASH_OID "1.3.6.1.4.1.4128.2100.1307"
#define SP_PKG8_HASH_OID "1.3.6.1.4.1.4128.2100.1308"
+/*
+ * Public Keys present in SOC FW content certificates authenticate BL31 and
+ * its configuration.
+ */
+#define BL31_IMAGE_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
+#define SOC_FW_CONFIG_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
+#define HW_CONFIG_KEY_OID ZERO_OID
+
#ifdef PLAT_DEF_OID
#include <platform_oid.h>
#endif
diff --git a/include/tools_share/zero_oid.h b/include/tools_share/zero_oid.h
new file mode 100644
index 0000000..9b83094
--- /dev/null
+++ b/include/tools_share/zero_oid.h
@@ -0,0 +1,12 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ZERO_OID_H
+#define ZERO_OID_H
+
+#define ZERO_OID "0.0.0.0.0.0.0.0.0"
+
+#endif /* ZERO_OID_H */
diff --git a/plat/arm/board/fvp/fvp_bl1_measured_boot.c b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
index b8431c5..dc95ba1 100644
--- a/plat/arm/board/fvp/fvp_bl1_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
@@ -9,6 +9,7 @@
#include <drivers/measured_boot/event_log/event_log.h>
#include <drivers/measured_boot/rss/rss_measured_boot.h>
#include <plat/arm/common/plat_arm.h>
+#include <tools_share/zero_oid.h>
/* Event Log data */
static uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
@@ -31,18 +32,21 @@
.slot = U(6),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_FW_CONFIG_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
.id = TB_FW_CONFIG_ID,
.slot = U(7),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_TB_FW_CONFIG_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
.id = BL2_IMAGE_ID,
.slot = U(8),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_BL2_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
index 564118e..349e064 100644
--- a/plat/arm/board/fvp/fvp_bl2_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -9,7 +9,11 @@
#include <common/tbbr/tbbr_img_def.h>
#include <drivers/measured_boot/event_log/event_log.h>
#include <drivers/measured_boot/rss/rss_measured_boot.h>
+#if defined(ARM_COT_cca)
+#include <tools_share/cca_oid.h>
+#else
#include <tools_share/tbbr_oid.h>
+#endif /* ARM_COT_cca */
#include <fvp_critical_data.h>
#include <plat/arm/common/plat_arm.h>
@@ -62,25 +66,31 @@
.slot = U(9),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_BL31_STRING,
+ .pk_oid = BL31_IMAGE_KEY_OID,
.lock_measurement = true },
{
.id = HW_CONFIG_ID,
.slot = U(10),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_HW_CONFIG_STRING,
+ .pk_oid = HW_CONFIG_KEY_OID,
.lock_measurement = true },
{
.id = SOC_FW_CONFIG_ID,
.slot = U(11),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_SOC_FW_CONFIG_STRING,
+ .pk_oid = SOC_FW_CONFIG_KEY_OID,
.lock_measurement = true },
+#if ENABLE_RME
{
.id = RMM_IMAGE_ID,
.slot = U(12),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_RMM_STRING,
+ .pk_oid = RMM_IMAGE_KEY_OID,
.lock_measurement = true },
+#endif /* ENABLE_RME */
{
.id = RSS_MBOOT_INVALID_ID }
};
diff --git a/plat/arm/board/fvp/fvp_common_measured_boot.c b/plat/arm/board/fvp/fvp_common_measured_boot.c
index 7419e5e..0c1d5e7 100644
--- a/plat/arm/board/fvp/fvp_common_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_common_measured_boot.c
@@ -45,3 +45,10 @@
return rc;
}
+
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len)
+{
+ return rss_mboot_set_signer_id(fvp_rss_mboot_metadata, pk_oid, pk_ptr,
+ pk_len);
+}
diff --git a/plat/arm/board/tc/tc_bl1_measured_boot.c b/plat/arm/board/tc/tc_bl1_measured_boot.c
index 6d4bb07..6821a6a 100644
--- a/plat/arm/board/tc/tc_bl1_measured_boot.c
+++ b/plat/arm/board/tc/tc_bl1_measured_boot.c
@@ -9,6 +9,7 @@
#include <drivers/arm/rss_comms.h>
#include <drivers/measured_boot/rss/rss_measured_boot.h>
#include <lib/psa/measured_boot.h>
+#include <tools_share/zero_oid.h>
#include <plat/arm/common/plat_arm.h>
#include <platform_def.h>
@@ -22,18 +23,21 @@
.slot = U(6),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_FW_CONFIG_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
.id = TB_FW_CONFIG_ID,
.slot = U(7),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_TB_FW_CONFIG_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
.id = BL2_IMAGE_ID,
.slot = U(8),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_BL2_STRING,
+ .pk_oid = ZERO_OID,
.lock_measurement = true },
{
diff --git a/plat/arm/board/tc/tc_bl2_measured_boot.c b/plat/arm/board/tc/tc_bl2_measured_boot.c
index 9039853..4b79170 100644
--- a/plat/arm/board/tc/tc_bl2_measured_boot.c
+++ b/plat/arm/board/tc/tc_bl2_measured_boot.c
@@ -9,6 +9,7 @@
#include <drivers/arm/rss_comms.h>
#include <drivers/measured_boot/rss/rss_measured_boot.h>
#include <lib/psa/measured_boot.h>
+#include <tools_share/tbbr_oid.h>
#include <plat/common/common_def.h>
#include <platform_def.h>
@@ -22,18 +23,21 @@
.slot = U(9),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_BL31_STRING,
+ .pk_oid = BL31_IMAGE_KEY_OID,
.lock_measurement = true },
{
.id = HW_CONFIG_ID,
.slot = U(10),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_HW_CONFIG_STRING,
+ .pk_oid = HW_CONFIG_KEY_OID,
.lock_measurement = true },
{
.id = SOC_FW_CONFIG_ID,
.slot = U(11),
.signer_id_size = SIGNER_ID_MIN_SIZE,
.sw_type = RSS_MBOOT_SOC_FW_CONFIG_STRING,
+ .pk_oid = SOC_FW_CONFIG_KEY_OID,
.lock_measurement = true },
{
.id = RSS_MBOOT_INVALID_ID }
diff --git a/plat/arm/board/tc/tc_common_measured_boot.c b/plat/arm/board/tc/tc_common_measured_boot.c
index eddcc81..925a411 100644
--- a/plat/arm/board/tc/tc_common_measured_boot.c
+++ b/plat/arm/board/tc/tc_common_measured_boot.c
@@ -28,3 +28,9 @@
return err;
}
+
+int plat_mboot_measure_key(void *pk_oid, void *pk_ptr, unsigned int pk_len)
+{
+ return rss_mboot_set_signer_id(tc_rss_mboot_metadata, pk_oid, pk_ptr,
+ pk_len);
+}
diff --git a/plat/imx/imx8m/imx8m_measured_boot.c b/plat/imx/imx8m/imx8m_measured_boot.c
index e9ea2d8..bfcd6ce 100644
--- a/plat/imx/imx8m/imx8m_measured_boot.c
+++ b/plat/imx/imx8m/imx8m_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
* Copyright (c) 2022, Linaro.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -79,3 +79,9 @@
dump_event_log((uint8_t *)event_log, event_log_cur_size);
}
+
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len)
+{
+ return 0;
+}
diff --git a/plat/qemu/qemu/qemu_measured_boot.c b/plat/qemu/qemu/qemu_measured_boot.c
index 122bb23..077f7a4 100644
--- a/plat/qemu/qemu/qemu_measured_boot.c
+++ b/plat/qemu/qemu/qemu_measured_boot.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Arm Limited. All rights reserved.
- * Copyright (c) 2022, Linaro.
+ * Copyright (c) 2022-2023, Linaro.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -118,3 +118,9 @@
return 0;
}
+
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len)
+{
+ return 0;
+}