andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

refactor(measured boot): remove platform calls from Event Log driver 

Currently, the Event Log driver does platform layer work by invoking
a few platform functions in the 'event_log_finalise' call. Doing
platform work does not seem to be the driver's responsibility, hence
moved 'event_log_finalise' function's implementation to the platform
layer.

Alongside, introduced few Event Log driver functions and done
some cosmetic changes.

Change-Id: I486160e17e5b0677c734fd202af7ccd85476a551
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This commit is contained in:
Manish V Badarkhe 2021-09-14 22:41:46 +01:00
parent eab78e9ba4
commit efa6521878
7 changed files with 133 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
drivers/measured_boot/event_log/event_log.c
View File

@ -17,22 +17,14 @@
#include <plat/common/platform.h>
/* Event Log data */
static uint8_t event_log[EVENT_LOG_SIZE];
/* Running Event Log Pointer */
static uint8_t *log_ptr;
/* End of Event Log */
#define EVENT_LOG_END ((uintptr_t)event_log + sizeof(event_log) - 1U)
/* Pointer to the first byte past end of the Event Log buffer */
static uintptr_t log_end;
CASSERT(sizeof(event_log) >= LOG_MIN_SIZE, assert_event_log_size);
/* Pointer in event_log[] */
static uint8_t *log_ptr = event_log;
/* Pointer to measured_boot_data_t */
const static measured_boot_data_t *plat_data_ptr;
static uintptr_t tos_fw_config_base;
static uintptr_t nt_fw_config_base;
/* Pointer to event_log_metadata_t */
static const event_log_metadata_t *plat_metadata_ptr;
/* TCG_EfiSpecIdEvent */
static const id_event_headers_t id_event_header = {
@ -82,25 +74,28 @@ static const event2_header_t locality_event_header = {
/*
* Record a measurement as a TCG_PCR_EVENT2 event
*
* @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
* @param[in] image_ptr Pointer to image_data_t structure
* @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
* @param[in] metadata_ptr Pointer to event_log_metadata_t structure
*
* There must be room for storing this new event into the event log buffer.
*/
void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
static void event_log_record(const uint8_t *hash,
const event_log_metadata_t *metadata_ptr)
{
void *ptr = log_ptr;
uint32_t name_len;
assert(image_ptr != NULL);
assert(image_ptr->name != NULL);
assert(hash != NULL);
assert(metadata_ptr != NULL);
assert(metadata_ptr->name != NULL);
/* event_log_init() must have been called prior to this. */
assert(log_ptr != NULL);
name_len = (uint32_t)strlen(image_ptr->name) + 1U;
name_len = (uint32_t)strlen(metadata_ptr->name) + 1U;
/* Check for space in Event Log buffer */
assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <=
EVENT_LOG_END);
assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <
log_end);
/*
* As per TCG specifications, firmware components that are measured
@ -108,7 +103,7 @@ void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
* EV_POST_CODE.
*/
/* TCG_PCR_EVENT2.PCRIndex */
((event2_header_t *)ptr)->pcr_index = image_ptr->pcr;
((event2_header_t *)ptr)->pcr_index = metadata_ptr->pcr;
/* TCG_PCR_EVENT2.EventType */
((event2_header_t *)ptr)->event_type = EV_POST_CODE;
@ -136,7 +131,7 @@ void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
/* Copy event data to TCG_PCR_EVENT2.Event */
(void)memcpy((void *)(((event2_data_t *)ptr)->event),
(const void *)image_ptr->name, name_len);
(const void *)metadata_ptr->name, name_len);
/* End of event data */
log_ptr = (uint8_t *)((uintptr_t)ptr +
@ -144,18 +139,38 @@ void event_log_record(const uint8_t *hash, const image_data_t *image_ptr)
}
/*
* Init Event Log
* Initialise Event Log global variables, used during the recording
* of various payload measurements into the Event Log buffer
*
* Initialises Event Log by writing Specification ID and
* Startup Locality events.
* @param[in] event_log_start Base address of Event Log buffer
* @param[in] event_log_finish End address of Event Log buffer,
* it is a first byte past end of the
* buffer
*/
void event_log_init(void)
void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
{
assert(event_log_start != NULL);
assert(event_log_finish > event_log_start);
log_ptr = event_log_start;
log_end = (uintptr_t)event_log_finish;
/* Get pointer to platform's event_log_metadata_t structure */
plat_metadata_ptr = plat_event_log_get_metadata();
assert(plat_metadata_ptr != NULL);
}
/*
* Initialises Event Log by writing Specification ID and
* Startup Locality events
*/
void event_log_write_header(void)
{
const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
void *ptr = event_log;
void *ptr = log_ptr;
/* Get pointer to platform's measured_boot_data_t structure */
plat_data_ptr = plat_get_measured_boot_data();
/* event_log_init() must have been called prior to this. */
assert(log_ptr != NULL);
/*
* Add Specification ID Event first
@ -213,9 +228,7 @@ void event_log_init(void)
* the platform's boot firmware
*/
((startup_locality_event_t *)ptr)->startup_locality = 0U;
ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
log_ptr = (uint8_t *)ptr;
log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
}
/*
@ -232,23 +245,16 @@ void event_log_init(void)
int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
uint32_t data_id)
{
const image_data_t *data_ptr = plat_data_ptr->images_data;
unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
int rc;
const event_log_metadata_t *metadata_ptr = plat_metadata_ptr;
/* Get the metadata associated with this image. */
while ((data_ptr->id != INVALID_ID) && (data_ptr->id != data_id)) {
data_ptr++;
}
assert(data_ptr->id != INVALID_ID);
if (data_id == TOS_FW_CONFIG_ID) {
tos_fw_config_base = data_base;
} else if (data_id == NT_FW_CONFIG_ID) {
nt_fw_config_base = data_base;
} else {
/* No action */
while ((metadata_ptr->id != INVALID_ID) &&
(metadata_ptr->id != data_id)) {
metadata_ptr++;
}
assert(metadata_ptr->id != INVALID_ID);
/* Calculate hash */
rc = crypto_mod_calc_hash((unsigned int)MBEDTLS_MD_ID,
@ -257,97 +263,22 @@ int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
return rc;
}
event_log_record(hash_data, data_ptr);
event_log_record(hash_data, metadata_ptr);
return 0;
}
/*
* Finalise Event Log
* Get current Event Log buffer size i.e. used space of Event Log buffer
*
* @param[out] log_addr Pointer to return Event Log address
* @param[out] log_size Pointer to return Event Log size
* @return:
* 0 = success
* < 0 = error code
* @param[in] event_log_start Base Pointer to Event Log buffer
*
* @return: current Size of Event Log buffer
*/
int event_log_finalise(uint8_t **log_addr, size_t *log_size)
size_t event_log_get_cur_size(uint8_t *event_log_start)
{
/* Event Log size */
size_t num_bytes = (uintptr_t)log_ptr - (uintptr_t)event_log;
int rc;
assert(event_log_start != NULL);
assert(log_ptr >= event_log_start);
assert(log_addr != NULL);
assert(log_size != NULL);
if (nt_fw_config_base == 0UL) {
ERROR("%s(): %s_FW_CONFIG not loaded\n", __func__, "NT");
return -ENOENT;
}
/*
* Set Event Log data in NT_FW_CONFIG and
* get Event Log address in Non-Secure memory
*/
if (plat_data_ptr->set_nt_fw_info != NULL) {
/* Event Log address in Non-Secure memory */
uintptr_t ns_log_addr;
rc = plat_data_ptr->set_nt_fw_info(
nt_fw_config_base,
#ifdef SPD_opteed
(uintptr_t)event_log,
#endif
num_bytes, &ns_log_addr);
if (rc != 0) {
ERROR("%s(): Unable to update %s_FW_CONFIG\n",
__func__, "NT");
return rc;
}
/* Copy Event Log to Non-secure memory */
(void)memcpy((void *)ns_log_addr, (const void *)event_log,
num_bytes);
/* Ensure that the Event Log is visible in Non-secure memory */
flush_dcache_range(ns_log_addr, num_bytes);
/* Return Event Log address in Non-Secure memory */
*log_addr = (uint8_t *)ns_log_addr;
} else {
INFO("%s(): set_%s_fw_info not set\n", __func__, "nt");
/* Return Event Log address in Secure memory */
*log_addr = event_log;
}
if (tos_fw_config_base != 0UL) {
if (plat_data_ptr->set_tos_fw_info != NULL) {
/* Set Event Log data in TOS_FW_CONFIG */
rc = plat_data_ptr->set_tos_fw_info(
tos_fw_config_base,
(uintptr_t)event_log,
num_bytes);
if (rc != 0) {
ERROR("%s(): Unable to update %s_FW_CONFIG\n",
__func__, "TOS");
return rc;
}
} else {
INFO("%s(): set_%s_fw_info not set\n", __func__, "tos");
}
} else {
INFO("%s(): %s_FW_CONFIG not loaded\n", __func__, "TOS");
}
/* Ensure that the Event Log is visible in Secure memory */
flush_dcache_range((uintptr_t)event_log, num_bytes);
/* Return Event Log size */
*log_size = num_bytes;
return 0;
return (size_t)((uintptr_t)log_ptr - (uintptr_t)event_log_start);
}

3
drivers/measured_boot/event_log/event_log.mk
View File

@ -25,8 +25,6 @@ else
TCG_DIGEST_SIZE := 32U
endif
# Event Log length in bytes
EVENT_LOG_SIZE := 1024
# Set definitions for mbed TLS library and Measured Boot driver
$(eval $(call add_defines,\
@ -34,7 +32,6 @@ $(eval $(call add_defines,\
MBEDTLS_MD_ID \
TPM_ALG_ID \
TCG_DIGEST_SIZE \
EVENT_LOG_SIZE \
EVENT_LOG_LEVEL \
)))

22
include/drivers/measured_boot/event_log/event_log.h
View File

@ -10,6 +10,7 @@
#include <stdint.h>
#include <common/debug.h>
#include <common/tbbr/tbbr_img_def.h>
#include <drivers/measured_boot/event_log/tcg.h>
/*
@ -59,18 +60,7 @@ typedef struct {
unsigned int id;
const char *name;
unsigned int pcr;
} image_data_t;
typedef struct {
const image_data_t *images_data;
int (*set_nt_fw_info)(uintptr_t config_base,
#ifdef SPD_opteed
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr);
int (*set_tos_fw_info)(uintptr_t config_base, uintptr_t log_addr,
size_t log_size);
} measured_boot_data_t;
} event_log_metadata_t;
#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
(sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
@ -88,12 +78,12 @@ typedef struct {
sizeof(event2_data_t))
/* Functions' declarations */
void event_log_init(void);
int event_log_finalise(uint8_t **log_addr, size_t *log_size);
void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish);
void event_log_write_header(void);
void dump_event_log(uint8_t *log_addr, size_t log_size);
const measured_boot_data_t *plat_get_measured_boot_data(void);
const event_log_metadata_t *plat_event_log_get_metadata(void);
int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
uint32_t data_id);
void event_log_record(const uint8_t *hash, const image_data_t *image_ptr);
size_t event_log_get_cur_size(uint8_t *event_log_start);
#endif /* EVENT_LOG_H */

5
include/plat/arm/common/plat_arm.h
View File

@ -250,9 +250,8 @@ void arm_bl1_set_mbedtls_heap(void);
int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
#if MEASURED_BOOT
int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
size_t log_size);
int arm_set_nt_fw_info(uintptr_t config_base,
int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size);
int arm_set_nt_fw_info(
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this option should be removed when feature is supported.

70
plat/arm/board/fvp/fvp_measured_boot.c
View File

@ -1,21 +1,19 @@
/*
* Copyright (c) 2020-2021, Arm Limited. All rights reserved.
* Copyright (c) 2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <assert.h>
#include <stdint.h>
#include <common/desc_image_load.h>
#include <drivers/measured_boot/event_log/event_log.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
/* Event Log data */
static uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
/* FVP table with platform specific image IDs, names and PCRs */
static const image_data_t fvp_images_data[] = {
{ BL2_IMAGE_ID, BL2_STRING, PCR_0 }, /* Reserved for BL2 */
const event_log_metadata_t fvp_event_log_metadata[] = {
{ BL31_IMAGE_ID, BL31_STRING, PCR_0 },
{ BL32_IMAGE_ID, BL32_STRING, PCR_0 },
{ BL32_EXTRA1_IMAGE_ID, BL32_EXTRA1_IMAGE_STRING, PCR_0 },
@ -29,42 +27,66 @@ static const image_data_t fvp_images_data[] = {
{ INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
};
static const measured_boot_data_t fvp_measured_boot_data = {
fvp_images_data,
arm_set_nt_fw_info,
arm_set_tos_fw_info
};
/*
* Function retuns pointer to FVP plat_measured_boot_data_t structure
*/
const measured_boot_data_t *plat_get_measured_boot_data(void)
const event_log_metadata_t *plat_event_log_get_metadata(void)
{
return &fvp_measured_boot_data;
return fvp_event_log_metadata;
}
void bl2_plat_mboot_init(void)
{
event_log_init();
event_log_init(event_log, event_log + sizeof(event_log));
event_log_write_header();
}
void bl2_plat_mboot_finish(void)
{
uint8_t *log_addr;
size_t log_size;
int rc;
rc = event_log_finalise(&log_addr, &log_size);
/* Event Log address in Non-Secure memory */
uintptr_t ns_log_addr;
/* Event Log filled size */
size_t event_log_cur_size;
event_log_cur_size = event_log_get_cur_size(event_log);
rc = arm_set_nt_fw_info(
#ifdef SPD_opteed
(uintptr_t)event_log,
#endif
event_log_cur_size, &ns_log_addr);
if (rc != 0) {
ERROR("%s(): Unable to update %s_FW_CONFIG\n",
__func__, "NT");
/*
* It is a fatal error because on FVP secure world software
* assumes that a valid event log exists and will use it to
* record the measurements into the fTPM
* record the measurements into the fTPM.
* Note: In FVP platform, OP-TEE uses nt_fw_config to get the
* secure Event Log buffer address.
*/
panic();
}
dump_event_log(log_addr, log_size);
/* Copy Event Log to Non-secure memory */
(void)memcpy((void *)ns_log_addr, (const void *)event_log,
event_log_cur_size);
/* Ensure that the Event Log is visible in Non-secure memory */
flush_dcache_range(ns_log_addr, event_log_cur_size);
#if defined(SPD_tspd) || defined(SPD_spmd)
/* Set Event Log data in TOS_FW_CONFIG */
rc = arm_set_tos_fw_info((uintptr_t)event_log,
event_log_cur_size);
if (rc != 0) {
ERROR("%s(): Unable to update %s_FW_CONFIG\n",
__func__, "TOS");
panic();
}
#endif
dump_event_log(event_log, event_log_cur_size);
}
int plat_mboot_measure_image(unsigned int image_id)

5
plat/arm/board/fvp/include/platform_def.h
View File

@ -341,4 +341,9 @@
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
#endif
/*
* Maximum size of Event Log buffer used in Measured Boot Event Log driver
*/
#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x400)
#endif /* PLATFORM_DEF_H */

18
plat/arm/common/arm_dyn_cfg_helpers.c
View File

@ -205,14 +205,20 @@ static int arm_set_event_log_info(uintptr_t config_base,
* 0 = success
* < 0 = error
*/
int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
size_t log_size)
int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size)
{
uintptr_t config_base;
const bl_mem_params_node_t *cfg_mem_params;
int err;
assert(config_base != 0UL);
assert(log_addr != 0UL);
/* Get the config load address and size of TOS_FW_CONFIG */
cfg_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID);
assert(cfg_mem_params != NULL);
config_base = cfg_mem_params->image_info.image_base;
/* Write the Event Log address and its size in the DTB */
err = arm_set_event_log_info(config_base,
#ifdef SPD_opteed
@ -237,23 +243,25 @@ int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
* 0 = success
* < 0 = error
*/
int arm_set_nt_fw_info(uintptr_t config_base,
int arm_set_nt_fw_info(
#ifdef SPD_opteed
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr)
{
uintptr_t config_base;
uintptr_t ns_addr;
const bl_mem_params_node_t *cfg_mem_params;
int err;
assert(config_base != 0UL);
assert(ns_log_addr != NULL);
/* Get the config load address and size from NT_FW_CONFIG */
cfg_mem_params = get_bl_mem_params_node(NT_FW_CONFIG_ID);
assert(cfg_mem_params != NULL);
config_base = cfg_mem_params->image_info.image_base;
/* Calculate Event Log address in Non-secure memory */
ns_addr = cfg_mem_params->image_info.image_base +
cfg_mem_params->image_info.image_max_size;