From 60753a63290e255d6c4d34d0145ac00e8d69c9cf Mon Sep 17 00:00:00 2001 From: laurenw-arm Date: Tue, 2 May 2023 14:28:38 -0500 Subject: [PATCH 1/4] feat(cert-create): add new option for CCA NV ctr Extends cert_create tool with a new option for CCA NV counter: ccafw_nvctr. And changes the non-volatile counter used to protect the CCA Content Certificate from the Trusted FW NV counter to the CCA FW NV counter in the CCA CoT description. Change-Id: I27f3ab2e25809f0dcc56fa05e5c3a25a2e861ef6 Signed-off-by: Lauren Wehrmeister --- include/tools_share/cca_oid.h | 5 ++++- tools/cert_create/include/cca/cca_cot.h | 3 ++- tools/cert_create/include/ext.h | 5 +++-- tools/cert_create/src/cca/cot.c | 15 +++++++++++++-- 4 files changed, 22 insertions(+), 6 deletions(-) diff --git a/include/tools_share/cca_oid.h b/include/tools_share/cca_oid.h index e586b8c64..2ca12c9cf 100644 --- a/include/tools_share/cca_oid.h +++ b/include/tools_share/cca_oid.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, Arm Limited. All rights reserved. + * Copyright (c) 2022-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -25,4 +25,7 @@ /* Realm Monitor Manager (RMM) Hash */ #define RMM_HASH_OID "1.3.6.1.4.1.4128.2100.1106" +/* CCAFirmwareNVCounter - Non-volatile counter extension */ +#define CCA_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.3" + #endif /* CCA_OID_H */ diff --git a/tools/cert_create/include/cca/cca_cot.h b/tools/cert_create/include/cca/cca_cot.h index 56585fbf1..152cb71b6 100644 --- a/tools/cert_create/include/cca/cca_cot.h +++ b/tools/cert_create/include/cca/cca_cot.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, Arm Limited. All rights reserved. + * Copyright (c) 2022-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -24,6 +24,7 @@ enum { /* Certificate extensions. */ enum { /* Extensions used in certificates owned by the silicon provider. */ + CCA_FW_NVCOUNTER_EXT, TRUSTED_FW_NVCOUNTER_EXT, TRUSTED_BOOT_FW_HASH_EXT, TRUSTED_BOOT_FW_CONFIG_HASH_EXT, diff --git a/tools/cert_create/include/ext.h b/tools/cert_create/include/ext.h index 0e7f3be94..1d55486fd 100644 --- a/tools/cert_create/include/ext.h +++ b/tools/cert_create/include/ext.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -20,7 +20,8 @@ enum ext_type_e { /* NV-Counter types */ enum nvctr_type_e { NVCTR_TYPE_TFW, - NVCTR_TYPE_NTFW + NVCTR_TYPE_NTFW, + NVCTR_TYPE_CCAFW }; /* diff --git a/tools/cert_create/src/cca/cot.c b/tools/cert_create/src/cca/cot.c index 5a35ff606..e39b036e4 100644 --- a/tools/cert_create/src/cca/cot.c +++ b/tools/cert_create/src/cca/cot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, Arm Limited. All rights reserved. + * Copyright (c) 2022-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -27,7 +27,7 @@ static cert_t cot_certs[] = { .key = ROT_KEY, .issuer = CCA_CONTENT_CERT, .ext = { - TRUSTED_FW_NVCOUNTER_EXT, + CCA_FW_NVCOUNTER_EXT, SOC_AP_FW_HASH_EXT, SOC_FW_CONFIG_HASH_EXT, RMM_HASH_EXT, @@ -139,6 +139,17 @@ REGISTER_COT(cot_certs); /* Certificate extensions. */ static ext_t cot_ext[] = { + [CCA_FW_NVCOUNTER_EXT] = { + .oid = CCA_FW_NVCOUNTER_OID, + .opt = "ccafw-nvctr", + .help_msg = "CCA Firmware Non-Volatile counter value", + .sn = "CCANVCounter", + .ln = "CCA Non-Volatile counter", + .asn1_type = V_ASN1_INTEGER, + .type = EXT_TYPE_NVCOUNTER, + .attr.nvctr_type = NVCTR_TYPE_CCAFW + }, + [TRUSTED_FW_NVCOUNTER_EXT] = { .oid = TRUSTED_FW_NVCOUNTER_OID, .opt = "tfw-nvctr", From 0f19b7aada428e0ca69d27ab016928b8fbc64a79 Mon Sep 17 00:00:00 2001 From: laurenw-arm Date: Tue, 2 May 2023 14:31:01 -0500 Subject: [PATCH 2/4] feat(build): pass CCA NV ctr option to cert_create Modifying build system to pass the new CCA NV counter options ccafw_nvctr to cert_create tool in context of CCA COT Change-Id: I9de2cdc041d96bc19180c3189628ed23e68a992b Signed-off-by: Lauren Wehrmeister --- make_helpers/tbbr/tbbr_tools.mk | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk index 8605baef0..a3351eb41 100644 --- a/make_helpers/tbbr/tbbr_tools.mk +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -43,10 +43,14 @@ FWU_CERT := ${BUILD_PLAT}/fwu_cert.crt # Default non-volatile counter values (overridable by the platform) TFW_NVCTR_VAL ?= 0 NTFW_NVCTR_VAL ?= 0 +CCAFW_NVCTR_VAL ?= 0 # Pass the non-volatile counters to the cert_create tool $(eval $(call CERT_ADD_CMD_OPT,${TFW_NVCTR_VAL},--tfw-nvctr)) $(eval $(call CERT_ADD_CMD_OPT,${NTFW_NVCTR_VAL},--ntfw-nvctr)) +ifeq (${COT},cca) +$(eval $(call CERT_ADD_CMD_OPT,${CCAFW_NVCTR_VAL},--ccafw-nvctr)) +endif # Add Trusted Key certificate to the fiptool and cert_create command line options ifneq (${COT},cca) From e3b1cc0c51c7b0bae6abd81e15e4c2a00442c5db Mon Sep 17 00:00:00 2001 From: laurenw-arm Date: Tue, 2 May 2023 14:40:15 -0500 Subject: [PATCH 3/4] feat(auth): add CCA NV ctr to CCA CoT Modifying the CCA CoT description to put the CCA content certificate under the new CCA NV counter. Change-Id: Ib962cef5eaa15bb9ccce86012f21327d29d4adad Signed-off-by: Lauren Wehrmeister --- drivers/auth/cca/cot.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/auth/cca/cot.c b/drivers/auth/cca/cot.c index e8f4d9cae..2a0360455 100644 --- a/drivers/auth/cca/cot.c +++ b/drivers/auth/cca/cot.c @@ -42,8 +42,8 @@ static unsigned char plat_pk_buf[PK_DER_LEN]; /* * Parameter type descriptors. */ -static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( - AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID); +static auth_param_type_desc_t cca_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, CCA_FW_NVCOUNTER_OID); static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC( AUTH_PARAM_PUB_KEY, 0); static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC( @@ -69,6 +69,8 @@ static auth_param_type_desc_t rmm_hash = AUTH_PARAM_TYPE_DESC( AUTH_PARAM_HASH, RMM_HASH_OID); #ifdef IMAGE_BL2 +static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID); static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID); @@ -127,8 +129,8 @@ static const auth_img_desc_t cca_content_cert = { [1] = { .type = AUTH_METHOD_NV_CTR, .param.nv_ctr = { - .cert_nv_ctr = &trusted_nv_ctr, - .plat_nv_ctr = &trusted_nv_ctr + .cert_nv_ctr = &cca_nv_ctr, + .plat_nv_ctr = &cca_nv_ctr } } }, From 02552d45e526766e000f3e3ae91ef381d402dab1 Mon Sep 17 00:00:00 2001 From: laurenw-arm Date: Tue, 2 May 2023 14:42:48 -0500 Subject: [PATCH 4/4] feat(fvp): mock support for CCA NV ctr AEM FVP does not have a third CCA NV counter so the implementation will fake it by returning the Trusted NV counter value when the caller requests the CCA NV counter. This allows us to use the CCA CoT on AEM FVP nonetheless. The FVP platform port now gets its own version of plat_get_nv_ctr() as it now need to diverge from the common implementation provided at the Arm development platforms level. Change-Id: I3258f837249a539d943d6d783406ba222bd4554e Signed-off-by: Lauren Wehrmeister --- plat/arm/board/common/board_common.mk | 7 ++++- plat/arm/board/fvp/fvp_trusted_boot.c | 42 +++++++++++++++++++++++++-- 2 files changed, 46 insertions(+), 3 deletions(-) diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk index d73c2e3a3..777784d9a 100644 --- a/plat/arm/board/common/board_common.mk +++ b/plat/arm/board/common/board_common.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -67,11 +67,16 @@ endif # ARM development platforms TFW_NVCTR_VAL ?= 31 NTFW_NVCTR_VAL ?= 223 +# The CCA Non-Volatile Counter only exists on some Arm development platforms. +# On others, we mock it by aliasing it to the Trusted Firmware Non-Volatile counter, +# hence we set both counters to the same default value. +CCAFW_NVCTR_VAL ?= 31 else # Certificate NV-Counters when CryptoCell is integrated. For development # platforms we set the counter to first valid value. TFW_NVCTR_VAL ?= 0 NTFW_NVCTR_VAL ?= 0 +CCAFW_NVCTR_VAL ?= 0 endif BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \ ${ARM_ROTPK_S} diff --git a/plat/arm/board/fvp/fvp_trusted_boot.c b/plat/arm/board/fvp/fvp_trusted_boot.c index 1ea37f7a3..8e5952953 100644 --- a/plat/arm/board/fvp/fvp_trusted_boot.c +++ b/plat/arm/board/fvp/fvp_trusted_boot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,7 +14,7 @@ #include #include #include -#include +#include /* * Return the ROTPK hash in the following ASN.1 structure in DER format: @@ -57,6 +57,10 @@ int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr, NON_TRUSTED_NV_CTR_ID); + } else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) { + /* FVP does not support the CCA NV Counter so use the Trusted NV */ + nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr, + TRUSTED_NV_CTR_ID); } else { return 1; } @@ -69,3 +73,37 @@ int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) */ return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1; } + +/* + * Return the non-volatile counter value stored in the platform. The cookie + * will contain the OID of the counter in the certificate. + * + * Return: 0 = success, Otherwise = error + */ +int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr) +{ + const char *oid; + uint32_t *nv_ctr_addr; + + assert(cookie != NULL); + assert(nv_ctr != NULL); + + oid = (const char *)cookie; + if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) { + nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, + TRUSTED_NV_CTR_ID); + } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { + nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, + NON_TRUSTED_NV_CTR_ID); + } else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) { + /* FVP does not support the CCA NV Counter so use the Trusted NV */ + nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, + TRUSTED_NV_CTR_ID); + } else { + return 1; + } + + *nv_ctr = (unsigned int)(*nv_ctr_addr); + + return 0; +}