Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-30 07:39:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge changes from topic "handoff_tpm_event_log" into integration

Browse source 
* changes:
  feat(qemu): hand off TPM event log via TL
  feat(handoff): common API for TPM event log handoff
  feat(handoff): transfer entry ID for TPM event log
  fix(qemu): fix register convention in BL31 for qemu
  fix(handoff): fix register convention in opteed
This commit is contained in:
Govindraj Raja 2025-01-09 20:20:41 +01:00 committed by TrustedFirmware Code Review
commit ea7bffdb85
6 changed files with 69 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/lib/transfer_list.h
View file

@ -56,6 +56,7 @@ enum transfer_list_tag_id {
TL_TAG_HOB_BLOCK = 2, TL_TAG_HOB_BLOCK = 2,
TL_TAG_HOB_LIST = 3, TL_TAG_HOB_LIST = 3,
TL_TAG_ACPI_TABLE_AGGREGATE = 4, TL_TAG_ACPI_TABLE_AGGREGATE = 4,
TL_TAG_TPM_EVLOG = 5,
TL_TAG_OPTEE_PAGABLE_PART = 0x100, TL_TAG_OPTEE_PAGABLE_PART = 0x100,
TL_TAG_DT_SPMC_MANIFEST = 0x101, TL_TAG_DT_SPMC_MANIFEST = 0x101,
TL_TAG_EXEC_EP_INFO64 = 0x102, TL_TAG_EXEC_EP_INFO64 = 0x102,

10
include/plat/common/platform.h
View file

@ -299,6 +299,16 @@ int bl2_plat_handle_post_image_load(unsigned int image_id);
#if (MEASURED_BOOT || DICE_PROTECTION_ENVIRONMENT) #if (MEASURED_BOOT || DICE_PROTECTION_ENVIRONMENT)
void bl2_plat_mboot_init(void); void bl2_plat_mboot_init(void);
void bl2_plat_mboot_finish(void); void bl2_plat_mboot_finish(void);
#if TRANSFER_LIST
int plat_handoff_mboot(const void *data, uint32_t data_size, void *tl_base);
#else
static inline int
plat_handoff_mboot(__unused const void *data, __unused uint32_t data_size,
__unused void *tl_base)
{
return -1;
}
#endif
#else #else
static inline void bl2_plat_mboot_init(void) static inline void bl2_plat_mboot_init(void)
{ {

11
plat/common/plat_bl_common.c
View file

@ -9,6 +9,7 @@
#include <arch_helpers.h> #include <arch_helpers.h>
#include <common/bl_common.h> #include <common/bl_common.h>
#include <common/debug.h> #include <common/debug.h>
#include <lib/transfer_list.h>
#include <lib/xlat_tables/xlat_tables_compat.h> #include <lib/xlat_tables/xlat_tables_compat.h>
#include <plat/common/platform.h> #include <plat/common/platform.h>
#include <services/arm_arch_svc.h> #include <services/arm_arch_svc.h>
@ -129,3 +130,13 @@ void __init setup_page_tables(const mmap_region_t *bl_regions,
/* Create the page tables to reflect the above mappings */ /* Create the page tables to reflect the above mappings */
init_xlat_tables(); init_xlat_tables();
} }
#if ((MEASURED_BOOT || DICE_PROTECTION_ENVIRONMENT) && TRANSFER_LIST)
int plat_handoff_mboot(const void *data, uint32_t data_size, void *tl_base)
{
if (!transfer_list_add(tl_base, TL_TAG_TPM_EVLOG, data_size, data))
return -1;
return 0;
}
#endif

30
plat/qemu/common/qemu_bl31_setup.c
View file

@ -68,6 +68,9 @@ static struct transfer_list_header *bl31_tl;
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3) u_register_t arg2, u_register_t arg3)
{ {
bool is64 = false;
uint64_t hval;
/* Initialize the console to provide early debug support */ /* Initialize the console to provide early debug support */
qemu_console_init(); qemu_console_init();
@ -92,6 +95,11 @@ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
* They are stored in Secure RAM, in BL2's address space. * They are stored in Secure RAM, in BL2's address space.
*/ */
while (bl_params) { while (bl_params) {
#ifdef __aarch64__
if (bl_params->image_id == BL31_IMAGE_ID &&
GET_RW(bl_params->ep_info->spsr) == MODE_RW_64)
is64 = true;
#endif
if (bl_params->image_id == BL32_IMAGE_ID) if (bl_params->image_id == BL32_IMAGE_ID)
bl32_image_ep_info = *bl_params->ep_info; bl32_image_ep_info = *bl_params->ep_info;
@ -113,11 +121,19 @@ void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
panic(); panic();
#endif #endif
if (TRANSFER_LIST && arg1 == (TRANSFER_LIST_SIGNATURE | if (!TRANSFER_LIST ||
REGISTER_CONVENTION_VERSION_MASK) && !transfer_list_check_header((void *)arg3))
transfer_list_check_header((void *)arg3) != TL_OPS_NON) { return;
if (is64)
hval = TRANSFER_LIST_HANDOFF_X1_VALUE(REGISTER_CONVENTION_VERSION);
else
hval = TRANSFER_LIST_HANDOFF_R1_VALUE(REGISTER_CONVENTION_VERSION);
if (arg1 != hval)
return;
bl31_tl = (void *)arg3; /* saved TL address from BL2 */ bl31_tl = (void *)arg3; /* saved TL address from BL2 */
}
} }
#if ENABLE_RME #if ENABLE_RME
@ -309,10 +325,12 @@ void bl31_plat_runtime_setup(void)
#if TRANSFER_LIST #if TRANSFER_LIST
if (bl31_tl) { if (bl31_tl) {
/* /*
* update the TL from S to NS memory before jump to BL33 * Relocate the TL from S to NS memory before EL3 exit
* to reflect all changes in TL done by BL32 * to reflect all changes in TL done by BL32
*/ */
memcpy((void *)FW_NS_HANDOFF_BASE, bl31_tl, bl31_tl->max_size); if (!transfer_list_relocate(bl31_tl, (void *)FW_NS_HANDOFF_BASE,
bl31_tl->max_size))
ERROR("Relocate TL to NS memory failed\n");
} }
#endif #endif

9
plat/qemu/qemu/qemu_measured_boot.c
View file

@ -65,6 +65,14 @@ void bl2_plat_mboot_finish(void)
event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base); event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
#if TRANSFER_LIST
if (!plat_handoff_mboot((void *)event_log_base, event_log_cur_size,
(void *)(uintptr_t)FW_HANDOFF_BASE))
return;
#endif
rc = qemu_set_nt_fw_info( rc = qemu_set_nt_fw_info(
#ifdef SPD_opteed #ifdef SPD_opteed
(uintptr_t)event_log_base, (uintptr_t)event_log_base,
@ -101,7 +109,6 @@ void bl2_plat_mboot_finish(void)
} }
#endif /* defined(SPD_tspd) || defined(SPD_spmd) */ #endif /* defined(SPD_tspd) || defined(SPD_spmd) */
dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
} }
int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data) int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)

22
services/spd/opteed/opteed_main.c
View file

@ -190,24 +190,28 @@ static int32_t opteed_setup(void)
if (!optee_ep_info->pc) if (!optee_ep_info->pc)
return 1; return 1;
if (TRANSFER_LIST &&
optee_ep_info->args.arg1 == (TRANSFER_LIST_SIGNATURE |
REGISTER_CONVENTION_VERSION_MASK)) {
tl = (void *)optee_ep_info->args.arg3; tl = (void *)optee_ep_info->args.arg3;
if (transfer_list_check_header(tl) == TL_OPS_NON) { if (TRANSFER_LIST && transfer_list_check_header(tl)) {
return 1;
}
opteed_rw = GET_RW(optee_ep_info->spsr);
te = transfer_list_find(tl, TL_TAG_FDT); te = transfer_list_find(tl, TL_TAG_FDT);
dt = transfer_list_entry_data(te); dt = transfer_list_entry_data(te);
opteed_rw = GET_RW(optee_ep_info->spsr);
if (opteed_rw == OPTEE_AARCH64) { if (opteed_rw == OPTEE_AARCH64) {
if (optee_ep_info->args.arg1 !=
TRANSFER_LIST_HANDOFF_X1_VALUE(
REGISTER_CONVENTION_VERSION))
return 1;
arg0 = (uint64_t)dt; arg0 = (uint64_t)dt;
arg2 = 0; arg2 = 0;
} else { } else {
arg2 = (uint64_t)dt; if (optee_ep_info->args.arg1 !=
TRANSFER_LIST_HANDOFF_R1_VALUE(
REGISTER_CONVENTION_VERSION))
return 1;
arg0 = 0; arg0 = 0;
arg2 = (uint64_t)dt;
} }
arg1 = optee_ep_info->args.arg1; arg1 = optee_ep_info->args.arg1;