Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 7fcf6e69ef060133f3da72d00e1e8254434f49d9 / . / lib / psa / measured_boot.c
blob: ff1f45dbc03281dce4354f4c7e25b6fcc86e1b89 [file] [log] [blame]
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]1/*
Tamas Banc96425b2024-02-23 10:41:05 +0100[diff] [blame]2 * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include <string.h>
9
10#include <common/debug.h>
Tamas Banc96425b2024-02-23 10:41:05 +0100[diff] [blame]11#include <drivers/measured_boot/metadata.h>
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]12#include <measured_boot.h>
13#include <psa/client.h>
14#include <psa_manifest/sid.h>
15
16#include "measured_boot_private.h"
17
Sandrine Bailleux03d0ad32022-06-15 14:21:17 +0200[diff] [blame]18static void print_byte_array(const uint8_t *array __unused, size_t len __unused)
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]19{
Sandrine Bailleux03d0ad32022-06-15 14:21:17 +0200[diff] [blame]20#if LOG_LEVEL >= LOG_LEVEL_INFO
David Vinczeffaf5582022-05-18 16:02:37 +0200[diff] [blame]21 size_t i;
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]22
23 if (array == NULL || len == 0U) {
24 (void)printf("\n");
David Vinczeffaf5582022-05-18 16:02:37 +0200[diff] [blame]25 } else {
26 for (i = 0U; i < len; ++i) {
27 (void)printf(" %02x", array[i]);
28 if ((i & U(0xF)) == U(0xF)) {
29 (void)printf("\n");
30 if (i < (len - 1U)) {
31 INFO("\t\t:");
32 }
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]33 }
34 }
35 }
Sandrine Bailleux03d0ad32022-06-15 14:21:17 +0200[diff] [blame]36#endif
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]37}
38
39static void log_measurement(uint8_t index,
40 const uint8_t *signer_id,
41 size_t signer_id_size,
42 const uint8_t *version, /* string */
Tamas Ban4ebcd582022-10-05 13:22:23 +0200[diff] [blame]43 size_t version_size,
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]44 const uint8_t *sw_type, /* string */
Tamas Ban4ebcd582022-10-05 13:22:23 +0200[diff] [blame]45 size_t sw_type_size,
46 uint32_t measurement_algo,
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]47 const uint8_t *measurement_value,
48 size_t measurement_value_size,
49 bool lock_measurement)
50{
51 INFO("Measured boot extend measurement:\n");
52 INFO(" - slot : %u\n", index);
53 INFO(" - signer_id :");
54 print_byte_array(signer_id, signer_id_size);
Tamas Ban4ebcd582022-10-05 13:22:23 +0200[diff] [blame]55 INFO(" - version : %s\n", version);
56 INFO(" - version_size: %zu\n", version_size);
57 INFO(" - sw_type : %s\n", sw_type);
58 INFO(" - sw_type_size: %zu\n", sw_type_size);
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]59 INFO(" - algorithm : %x\n", measurement_algo);
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]60 INFO(" - measurement :");
61 print_byte_array(measurement_value, measurement_value_size);
62 INFO(" - locking : %s\n", lock_measurement ? "true" : "false");
63}
64
65psa_status_t
66rss_measured_boot_extend_measurement(uint8_t index,
67 const uint8_t *signer_id,
68 size_t signer_id_size,
69 const uint8_t *version,
70 size_t version_size,
71 uint32_t measurement_algo,
72 const uint8_t *sw_type,
73 size_t sw_type_size,
74 const uint8_t *measurement_value,
75 size_t measurement_value_size,
76 bool lock_measurement)
77{
78 struct measured_boot_extend_iovec_t extend_iov = {
79 .index = index,
80 .lock_measurement = lock_measurement,
81 .measurement_algo = measurement_algo,
82 .sw_type = {0},
Jimmy Brisson0100a612023-03-20 09:00:30 -0500[diff] [blame]83 .sw_type_size = sw_type_size,
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]84 };
85
Jimmy Brisson0100a612023-03-20 09:00:30 -0500[diff] [blame]86 if (version_size > VERSION_MAX_SIZE) {
87 return PSA_ERROR_INVALID_ARGUMENT;
88 }
89
90
91 if (version_size > 0 && version[version_size - 1] == '\0') {
92 version_size--;
93 }
94
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]95 psa_invec in_vec[] = {
96 {.base = &extend_iov,
97 .len = sizeof(struct measured_boot_extend_iovec_t)},
98 {.base = signer_id, .len = signer_id_size},
Jimmy Brisson0100a612023-03-20 09:00:30 -0500[diff] [blame]99 {.base = version, .len = version_size },
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]100 {.base = measurement_value, .len = measurement_value_size}
101 };
102
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]103 if (sw_type != NULL) {
David Vincze28572702022-11-04 18:28:12 +0100[diff] [blame]104 if (extend_iov.sw_type_size > SW_TYPE_MAX_SIZE) {
Tamas Banfc6ba272022-10-03 13:06:53 +0200[diff] [blame]105 return PSA_ERROR_INVALID_ARGUMENT;
106 }
Jimmy Brisson0100a612023-03-20 09:00:30 -0500[diff] [blame]107 if (sw_type_size > 0 && sw_type[sw_type_size - 1] == '\0') {
108 extend_iov.sw_type_size--;
109 }
David Vincze28572702022-11-04 18:28:12 +0100[diff] [blame]110 memcpy(extend_iov.sw_type, sw_type, extend_iov.sw_type_size);
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]111 }
112
113 log_measurement(index, signer_id, signer_id_size,
Tamas Ban4ebcd582022-10-05 13:22:23 +0200[diff] [blame]114 version, version_size, sw_type, sw_type_size,
115 measurement_algo, measurement_value,
116 measurement_value_size, lock_measurement);
Tamas Banf5492752022-01-18 16:19:17 +0100[diff] [blame]117
118 return psa_call(RSS_MEASURED_BOOT_HANDLE,
119 RSS_MEASURED_BOOT_EXTEND,
120 in_vec, IOVEC_LEN(in_vec),
121 NULL, 0);
122}
Tamas Banc9ccc272022-01-18 16:20:47 +0100[diff] [blame]123
Mate Toth-Pal445ee112022-10-24 15:15:10 +0200[diff] [blame]124psa_status_t rss_measured_boot_read_measurement(uint8_t index,
125 uint8_t *signer_id,
126 size_t signer_id_size,
127 size_t *signer_id_len,
128 uint8_t *version,
129 size_t version_size,
130 size_t *version_len,
131 uint32_t *measurement_algo,
132 uint8_t *sw_type,
133 size_t sw_type_size,
134 size_t *sw_type_len,
135 uint8_t *measurement_value,
136 size_t measurement_value_size,
137 size_t *measurement_value_len,
138 bool *is_locked)
139{
140 psa_status_t status;
141 struct measured_boot_read_iovec_in_t read_iov_in = {
142 .index = index,
143 .sw_type_size = sw_type_size,
144 .version_size = version_size,
145 };
146
147 struct measured_boot_read_iovec_out_t read_iov_out;
148
149 psa_invec in_vec[] = {
150 {.base = &read_iov_in,
151 .len = sizeof(struct measured_boot_read_iovec_in_t)},
152 };
153
154 psa_outvec out_vec[] = {
155 {.base = &read_iov_out,
156 .len = sizeof(struct measured_boot_read_iovec_out_t)},
157 {.base = signer_id, .len = signer_id_size},
158 {.base = measurement_value, .len = measurement_value_size}
159 };
160
161 status = psa_call(RSS_MEASURED_BOOT_HANDLE, RSS_MEASURED_BOOT_READ,
162 in_vec, IOVEC_LEN(in_vec),
163 out_vec, IOVEC_LEN(out_vec));
164
165 if (status == PSA_SUCCESS) {
166 *is_locked = read_iov_out.is_locked;
167 *measurement_algo = read_iov_out.measurement_algo;
168 *sw_type_len = read_iov_out.sw_type_len;
169 *version_len = read_iov_out.version_len;
170 memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len);
171 memcpy(version, read_iov_out.version, read_iov_out.version_len);
172 *signer_id_len = out_vec[1].len;
173 *measurement_value_len = out_vec[2].len;
174 }
175
176 return status;
177}