feat(drtm): retrieve DLME image authentication features

Retrieve DLME image authentication features and report them back to the DCE preamble. Currently, this value is always set to 0, as no platform supports DLME authentication. Additionally, the default schema is always used instead of the DLME PCR schema since DLME authentication is not currently supported. This change primarily upgrades the DRTM parameters version to V2, aligning with DRTM spec v1.1 [1]. [1]: https://developer.arm.com/documentation/den0113/c/?lang=en Change-Id: Ie2ceb0d2ff49465643597e8725710a93d89e74a2 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2025-04-08 05:43:53 +00:00 · 2025-02-25 18:24:47 +00:00 · 2025-02-25 18:24:47 +00:00 · 94127ae299
commit 94127ae299
parent 2ec44880d0
3 changed files with 32 additions and 3 deletions
--- a/include/services/drtm_svc.h
+++ b/include/services/drtm_svc.h
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025 Arm Limited. All rights reserved.
 *
 * SPDX-License-Identifier:    BSD-3-Clause
 *
@ -49,6 +49,7 @@
 #define ARM_DRTM_FEATURES_DMA_PROT	U(0x3)
 #define ARM_DRTM_FEATURES_BOOT_PE_ID	U(0x4)
 #define ARM_DRTM_FEATURES_TCB_HASHES	U(0x5)
+#define ARM_DRTM_FEATURES_DLME_IMG_AUTH	U(0x6)

 #define is_drtm_fid(_fid) \
 	(((_fid) >= ARM_DRTM_SVC_VERSION) && ((_fid) <= ARM_DRTM_SVC_LOCK_TCB_HASH))
@ -109,6 +110,9 @@
 #define ARM_DRTM_TCB_HASH_FEATURES_MAX_NUM_HASHES_SHIFT	U(0)
 #define ARM_DRTM_TCB_HASH_FEATURES_MAX_NUM_HASHES_MASK	ULL(0xFF)

+#define ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_SHIFT	U(0)
+#define ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_MASK	ULL(0x1)
+
 #define ARM_DRTM_TPM_FEATURES_SET_PCR_SCHEMA(reg, val)			\
 	do {								\
 		reg = (((reg) & ~(ARM_DRTM_TPM_FEATURES_PCR_SCHEMA_MASK \
@ -178,6 +182,16 @@
 		ARM_DRTM_TCB_HASH_FEATURES_MAX_NUM_HASHES_SHIFT));	\
 	} while (false)

+#define ARM_DRTM_DLME_IMG_AUTH_SUPPORT(reg, val)		\
+	do {								\
+		reg = (((reg) &						\
+		~(ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_MASK <<	\
+		ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_SHIFT)) |	\
+		(((val) &						\
+		ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_MASK) <<	\
+		ARM_DRTM_DLME_IMAGE_AUTH_SUPPORT_SHIFT));	\
+	} while (false)
+
 /* Definitions for DRTM address map */
 #define ARM_DRTM_REGION_SIZE_TYPE_CACHEABILITY_SHIFT	U(55)
 #define ARM_DRTM_REGION_SIZE_TYPE_CACHEABILITY_MASK	ULL(0x3)
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@ -134,6 +134,8 @@ int drtm_setup(void)
 		plat_dma_prot_feat->dma_protection_support);
 	ARM_DRTM_TCB_HASH_FEATURES_SET_MAX_NUM_HASHES(plat_drtm_features.tcb_hash_features,
 		plat_drtm_get_tcb_hash_features());
+	ARM_DRTM_DLME_IMG_AUTH_SUPPORT(plat_drtm_features.dlme_image_auth_features,
+		plat_drtm_get_dlme_img_auth_features());

 	return 0;
 }
@ -175,6 +177,12 @@ static inline uint64_t drtm_features_tcb_hashes(void *ctx)
 		 plat_drtm_features.tcb_hash_features);
 }

+static inline uint64_t drtm_features_dlme_img_auth_features(void *ctx)
+{
+	SMC_RET2(ctx, 1ULL, /* DLME Image auth is supported */
+		 plat_drtm_features.dlme_image_auth_features);
+}
+
 static enum drtm_retc drtm_dl_check_caller_el(void *ctx)
 {
 	uint64_t spsr_el3 = read_ctx_reg(get_el3state_ctx(ctx), CTX_SPSR_EL3);
@ -789,6 +797,12 @@ uint64_t drtm_smc_handler(uint32_t smc_fid,
 				return drtm_features_tcb_hashes(handle);
 				break;	/* not reached */

+			case ARM_DRTM_FEATURES_DLME_IMG_AUTH:
+				INFO("++ DRTM service handler: "
+				     "DLME Image authentication features\n");
+				return drtm_features_dlme_img_auth_features(handle);
+				break;	/* not reached */
+
 			default:
 				ERROR("Unknown ARM DRTM service feature\n");
 				SMC_RET1(handle, NOT_SUPPORTED);
--- a/services/std_svc/drtm/drtm_main.h
+++ b/services/std_svc/drtm/drtm_main.h
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2024 Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025 Arm Limited. All rights reserved.
 *
 * SPDX-License-Identifier:    BSD-3-Clause
 *
@ -45,7 +45,7 @@
 * Range(Min/Max) of DRTM parameter structure versions supported
 */
 #define ARM_DRTM_PARAMS_MIN_VERSION	U(1)
-#define ARM_DRTM_PARAMS_MAX_VERSION	U(1)
+#define ARM_DRTM_PARAMS_MAX_VERSION	U(2)

 enum drtm_dlme_el {
 	DLME_AT_EL1 = MODE_EL1,
@ -74,6 +74,7 @@ typedef struct {
 	uint64_t dma_prot_features;
 	uint64_t boot_pe_id;
 	uint64_t tcb_hash_features;
+	uint64_t dlme_image_auth_features;
 } drtm_features_t;

 struct __packed drtm_dl_args_v1 {