refactor(measured boot): move BL2 measurement to platform layer

Right now, event_log_init() does 2 things:
1) It writes all the necessary TCG data structures in the event log buffer.
2) It writes the first measurement (BL2's).

Step 2) introduces in the TCG event log driver an assumption on what
is getting measured and in what order. Ideally, the driver should only
be concerned about generic operations, such as initializing the event
log or recording a measurement in it. As much as possible, we should
design the driver such that it could be reused in another project that
has a different measure boot flow.

For these reasons, move step 2) up to the caller, plat_mboot_init() in
this case. Make event_log_record() a public function for this purpose.

This refactoring will also help when we make BL1 record BL2's
measurement into the event log (instead of BL2). Both BL1 and BL2 will
need to call the driver's init function but only BL1 will need
recording BL2's measurement. We can handle this through different
implementations of plat_mboot_init() for BL1 and BL2, leaving the TCG
event log driver unchanged.

Change-Id: I358e097c1eedb54f82b866548dfc6bcade83d519
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

drivers/measured_boot/event_log/event_log.c

@@ -87,13 +87,14 @@ static const event2_header_t locality_event_header = {
  *
  * There must be room for storing this new event into the event log buffer.
  */
-static void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
+void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
 {
 	void *ptr = log_ptr;
 	uint32_t name_len;
 
 	assert(image_ptr != NULL);
 	assert(image_ptr->name != NULL);
+	assert(hash != NULL);
 
 	name_len = (uint32_t)strlen(image_ptr->name) + 1U;
 
@@ -126,13 +127,8 @@ static void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
 	/* TCG_PCR_EVENT2.Digests[].Digest[] */
 	ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
 
-	if (hash == NULL) {
-		/* Get BL2 hash from DTB */
-		bl2_plat_get_hash(ptr);
-	} else {
-		/* Copy digest */
-		(void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
-	}
+	/* Copy digest */
+	(void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
 
 	/* TCG_PCR_EVENT2.EventSize */
 	ptr = (uint8_t *)((uintptr_t)ptr + TCG_DIGEST_SIZE);
@@ -220,9 +216,6 @@ void event_log_init(void)
 	ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
 
 	log_ptr = (uint8_t *)ptr;
-
-	/* Add BL2 event */
-	event_log_record(NULL, plat_data_ptr->images_data);
 }
 
 /*

include/drivers/measured_boot/event_log/event_log.h

@@ -94,4 +94,6 @@ void dump_event_log(uint8_t *log_addr, size_t log_size);
 const measured_boot_data_t *plat_get_measured_boot_data(void);
 int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
 				 uint32_t data_id);
+void event_log_record(const uint8_t *hash, const image_data_t *image_ptr);
+
 #endif /* EVENT_LOG_H */

plat/arm/board/fvp/fvp_measured_boot.c

@@ -11,6 +11,7 @@
 #include <drivers/measured_boot/event_log/event_log.h>
 
 #include <plat/arm/common/plat_arm.h>
+#include <plat/common/platform.h>
 
 /* FVP table with platform specific image IDs, names and PCRs */
 static const image_data_t fvp_images_data[] = {
@@ -44,7 +45,16 @@ const measured_boot_data_t *plat_get_measured_boot_data(void)
 
 void bl2_plat_mboot_init(void)
 {
+	uint8_t bl2_hash[TCG_DIGEST_SIZE];
+
 	event_log_init();
+
+	/* Get BL2 hash from DTB */
+	/* TODO: Avoid the extra copy of the hash buffer */
+	bl2_plat_get_hash(bl2_hash);
+
+	/* Add BL2 event */
+	event_log_record(bl2_hash, &fvp_images_data[0]);
 }
 
 void bl2_plat_mboot_finish(void)