Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-26 23:04:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(measured boot): move image measurement to generic layer

Browse source 
Right now, the assumption is that the platform post-load hook takes
care of measuring the image that just got loaded. This is how it's
implemented on FVP.

This patch moves the measurement into the generic code
instead. load_auth_image() now calls plat_mboot_measure_image(),
which is a new platform interface introduced in this patch to measure
an image. This is called just after authenticating the image.

Implement plat_mboot_measure_image() for the Arm FVP platform. The code
is copied straight from the post-load hook.

As a result, the FVP specific implementation of
arm_bl2_plat_handle_post_image_load() is no longer needed. We can go
back to using the Arm generic implementation of it.

Change-Id: I7b4b8d28941a865e10af9d0eadaf2e4850942090
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This commit is contained in:
Manish V Badarkhe 2021-09-20 09:06:02 +01:00
parent d89bec83dc
commit 140d9cb3e7
4 changed files with 53 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
common/bl_common.c
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
@ -202,12 +202,27 @@ static int load_auth_image_recursive(unsigned int image_id,
return -EAUTH; return -EAUTH;
} }
/*
* Flush the image to main memory so that it can be executed later by
* any CPU, regardless of cache and MMU state. This is only needed for
* child images, not for the parents (certificates).
*/
if (is_parent_image == 0) { if (is_parent_image == 0) {
#if IMAGE_BL2
/*
* Measure the image.
* We do not measure its parents because these only play a role
* in authentication, which is orthogonal to measured boot.
*
* TODO: Change this code if we change our minds about measuring
* certificates.
*/
rc = plat_mboot_measure_image(image_id);
if (rc != 0) {
return rc;
}
#endif
/*
* Flush the image to main memory so that it can be executed
* later by any CPU, regardless of cache and MMU state. This
* is only needed for child images, not for the parents
* (certificates).
*/
flush_dcache_range(image_data->image_base, flush_dcache_range(image_data->image_base,
image_data->image_size); image_data->image_size);
} }

5
include/plat/common/platform.h
View file

@ -213,6 +213,7 @@ void bl2_plat_get_hash(void *data);
void bl2_plat_mboot_init(void); void bl2_plat_mboot_init(void);
void bl2_plat_mboot_finish(void); void bl2_plat_mboot_finish(void);
int plat_mboot_measure_image(unsigned int image_id);
#else #else
static inline void bl2_plat_mboot_init(void) static inline void bl2_plat_mboot_init(void)
{ {
@ -220,6 +221,10 @@ static inline void bl2_plat_mboot_init(void)
static inline void bl2_plat_mboot_finish(void) static inline void bl2_plat_mboot_finish(void)
{ {
} }
static inline int plat_mboot_measure_image(unsigned int image_id __unused)
{
return 0;
}
#endif /* MEASURED_BOOT */ #endif /* MEASURED_BOOT */
/******************************************************************************* /*******************************************************************************

42
plat/arm/board/fvp/fvp_bl2_setup.c
View file

@ -70,45 +70,3 @@ struct bl_params *plat_get_next_bl_params(void)
return arm_bl_params; return arm_bl_params;
} }
#if MEASURED_BOOT
static int fvp_bl2_plat_handle_post_image_load(unsigned int image_id)
{
const bl_mem_params_node_t *bl_mem_params =
get_bl_mem_params_node(image_id);
assert(bl_mem_params != NULL);
image_info_t info = bl_mem_params->image_info;
int err;
if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
/* Calculate image hash and record data in Event Log */
err = event_log_measure_and_record(info.image_base,
info.image_size, image_id);
if (err != 0) {
ERROR("%s%s image id %u (%i)\n",
"BL2: Failed to ", "record", image_id, err);
return err;
}
}
err = arm_bl2_handle_post_image_load(image_id);
if (err != 0) {
ERROR("%s%s image id %u (%i)\n",
"BL2: Failed to ", "handle", image_id, err);
}
return err;
}
int arm_bl2_plat_handle_post_image_load(unsigned int image_id)
{
int err = fvp_bl2_plat_handle_post_image_load(image_id);
if (err != 0) {
ERROR("%s() returns %i\n", __func__, err);
}
return err;
}
#endif /* MEASURED_BOOT */

27
plat/arm/board/fvp/fvp_measured_boot.c
View file

@ -4,9 +4,12 @@
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
#include <assert.h>
#include <stdint.h> #include <stdint.h>
#include <common/desc_image_load.h>
#include <drivers/measured_boot/event_log/event_log.h> #include <drivers/measured_boot/event_log/event_log.h>
#include <plat/arm/common/plat_arm.h> #include <plat/arm/common/plat_arm.h>
/* FVP table with platform specific image IDs, names and PCRs */ /* FVP table with platform specific image IDs, names and PCRs */
@ -62,3 +65,27 @@ void bl2_plat_mboot_finish(void)
dump_event_log(log_addr, log_size); dump_event_log(log_addr, log_size);
} }
int plat_mboot_measure_image(unsigned int image_id)
{
const bl_mem_params_node_t *bl_mem_params =
get_bl_mem_params_node(image_id);
assert(bl_mem_params != NULL);
image_info_t info = bl_mem_params->image_info;
int err;
if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
/* Calculate image hash and record data in Event Log */
err = event_log_measure_record(info.image_base,
info.image_size, image_id);
if (err != 0) {
ERROR("%s%s image id %u (%i)\n",
"BL2: Failed to ", "record", image_id, err);
return err;
}
}
return 0;
}