feat(measured boot): move init and teardown functions to platform layer

Right now, the measured boot driver is strongly coupled with the TCG
event log driver. It would not be possible to push the measurements
somewhere else, for instance to a physical TPM.

To enable this latter use case, turn the driver's init and teardown
functions into platform hooks. Call them bl2_plat_mboot_init()/finish().
This allows each platform to implement them appropriately, depending on
the type of measured boot backend they use. For example, on a platform
with a physical TPM, the plat_mboot_init() hook would startup the TPM
and setup it underlying bus (e.g. SPI).

Move the current implementation of the init and teardown function to the
FVP platform layer.

Finally move the conditional compilation logic (#if MEASURED_BOOT) out
of bl2_main() to improve its readability. Provide a dummy implementation
in the case measured boot is not included in the build.

Change-Id: Ib6474cb5a9c1e3d4a30c7f228431b22d1a6e85e3
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

bl2/bl2_main.c

@@ -15,9 +15,6 @@
 #include <drivers/auth/auth_mod.h>
 #include <drivers/console.h>
 #include <drivers/fwu/fwu.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
 #include <lib/extensions/pauth.h>
 #include <plat/common/platform.h>
 
@@ -95,24 +92,19 @@ void bl2_main(void)
 #if TRUSTED_BOARD_BOOT
 	/* Initialize authentication module */
 	auth_mod_init();
-
-#if MEASURED_BOOT
-	/* Initialize measured boot module */
-	measured_boot_init();
-
-#endif /* MEASURED_BOOT */
 #endif /* TRUSTED_BOARD_BOOT */
 
+	/* Initialize the Measured Boot backend */
+	bl2_plat_mboot_init();
+
 	/* Initialize boot source */
 	bl2_plat_preload_setup();
 
 	/* Load the subsequent bootloader images. */
 	next_bl_ep_info = bl2_load_images();
 
-#if MEASURED_BOOT
-	/* Finalize measured boot */
-	measured_boot_finish();
-#endif /* MEASURED_BOOT */
+	/* Teardown the Measured Boot backend */
+	bl2_plat_mboot_finish();
 
 #if !BL2_AT_EL3 && !ENABLE_RME
 #ifndef __aarch64__

drivers/measured_boot/measured_boot.c

@@ -1,39 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <common/debug.h>
-#include <drivers/measured_boot/measured_boot.h>
-
-/*
- * Init Measured Boot driver
- *
- * Initialises Event Log.
- */
-void measured_boot_init(void)
-{
-	event_log_init();
-}
-
-/*
- * Finish Measured Boot driver
- *
- * Finalises Event Log and dumps the records to the debug console.
- */
-void measured_boot_finish(void)
-{
-	uint8_t *log_addr;
-	size_t log_size;
-	int rc;
-
-	rc = event_log_finalise(&log_addr, &log_size);
-	if (rc != 0) {
-		panic();
-	}
-
-	dump_event_log(log_addr, log_size);
-}

drivers/measured_boot/measured_boot.mk

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -45,8 +45,7 @@ endif
 
 MEASURED_BOOT_SRC_DIR	:= drivers/measured_boot/
 
-MEASURED_BOOT_SOURCES	:= ${MEASURED_BOOT_SRC_DIR}measured_boot.c	\
-    			   ${MEASURED_BOOT_SRC_DIR}event_log.c		\
-    			   ${MEASURED_BOOT_SRC_DIR}event_print.c
+MEASURED_BOOT_SOURCES	:= ${MEASURED_BOOT_SRC_DIR}event_log.c		\
+			   ${MEASURED_BOOT_SRC_DIR}event_print.c
 
 BL2_SOURCES		+= ${MEASURED_BOOT_SOURCES}

include/drivers/measured_boot/measured_boot.h

@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef MEASURED_BOOT_H
-#define MEASURED_BOOT_H
-
-#include <stdint.h>
-
-#include <drivers/measured_boot/event_log.h>
-
-/* Functions' declarations */
-void measured_boot_init(void);
-void measured_boot_finish(void);
-
-#endif /* MEASURED_BOOT_H */

include/plat/common/platform.h

@@ -210,7 +210,17 @@ int bl2_plat_handle_post_image_load(unsigned int image_id);
 #if MEASURED_BOOT
 /* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
 void bl2_plat_get_hash(void *data);
-#endif
+
+void bl2_plat_mboot_init(void);
+void bl2_plat_mboot_finish(void);
+#else
+static inline void bl2_plat_mboot_init(void)
+{
+}
+static inline void bl2_plat_mboot_finish(void)
+{
+}
+#endif /* MEASURED_BOOT */
 
 /*******************************************************************************
  * Mandatory BL2 at EL3 functions: Must be implemented if BL2_AT_EL3 image is

plat/arm/board/fvp/fvp_bl2_setup.c

@@ -9,9 +9,6 @@
 #include <common/debug.h>
 #include <common/desc_image_load.h>
 #include <drivers/arm/sp804_delay_timer.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
 #include <lib/fconf/fconf.h>
 #include <lib/fconf/fconf_dyn_cfg_getter.h>
 

plat/arm/board/fvp/fvp_measured_boot.c

@@ -1,9 +1,11 @@
 /*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 
+#include <stdint.h>
+
 #include <drivers/measured_boot/event_log.h>
 #include <plat/arm/common/plat_arm.h>
 
@@ -36,3 +38,27 @@ const measured_boot_data_t *plat_get_measured_boot_data(void)
 {
 	return &fvp_measured_boot_data;
 }
+
+void bl2_plat_mboot_init(void)
+{
+	event_log_init();
+}
+
+void bl2_plat_mboot_finish(void)
+{
+	uint8_t *log_addr;
+	size_t log_size;
+	int rc;
+
+	rc = event_log_finalise(&log_addr, &log_size);
+	if (rc != 0) {
+		/*
+		 * It is a fatal error because on FVP secure world software
+		 * assumes that a valid event log exists and will use it to
+		 * record the measurements into the fTPM
+		 */
+		panic();
+	}
+
+	dump_event_log(log_addr, log_size);
+}