Print all the params of
rss_measured_boot_extend_measurement() to
the console to check parameter healthiness.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I072fe5fef72c67e615ab64e06a9e1f6add5e9cfc
Without setting the correct size of sw_type the metadata won't
be propagated to RSS through rss_measured_boot_extend_measurement()
API.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I4066d4762689c96ac2ac8e8b8db5d2b1f108b550
The measured boot API is available in the tf-m-extras
repo:
partitions/measured_boot/interface/src/measured_boot_api.c
This change make the API behavior align with
the original implementation.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie4af38b859f942b2ef090e92da64d75811b5b49b
Clear the MHU message buffer to remove assets from memory.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I730e7b044eaf0bf517532a12146e4f542949544e
Measurements taken during boot are stored in RSS.
These measurements are included in the platform
attestation token.
Change-Id: Iac3356f813fb417315681c718839319832a76191
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
The maximum size of BL1/BL2/BL31 is increased due to
the added new functionalities, such as RSS based
measured boot on TC2.
Change-Id: I939c7c3da6bf870db46b32cd2836c6737de278bb
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
The attestation key derivation and platform attestation token
creation functionality is provided by the Delegated Attestation
partition in RSS.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2d8c0e6589d11e7c81c698adf75ee2a993e3a0c6
Platform must define the maximum size of the message
over MHU.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I91a6c132c946f4465178910b8ea83544f562e837
Adding PLAT_* prefix to indicate that the
platform needs to provide this definition.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I0bd02be405fd8b1e625bd2b82647ebb2b58265fc
Define the RSS_COMMS_PAYLOAD_MAX_SIZE macro. Its value is platform
specific and gives the largest message size which are exchanged
on the TC2 platform between RSS and AP.
Change-Id: Id831c282dc9a39755b82befead1a81767e217215
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Delegated attestation is a service provided by RSS to:
- Derive a delegated attestation key: Realm Attestation Key
- Query the platform attestation token
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I3edf09fcbef24bca7c8a000ffac8c1ab64dfb812
Remove an assert, which checks whether output buffer is
provided, because in measured boot there is no output.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I08db9c2eea1da2d7120c9872ffbf8d8ee45c8e08
* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache before DLME launch
feat(drtm): invalidate icache before DLME launch
feat(drtm): ensure that passed region lies within Non-Secure region of DRAM
feat(fvp): add plat API to validate that passed region is non-secure
feat(drtm): ensure that no SDEI event registered during dynamic launch
feat(drtm): prepare EL state during dynamic launch
feat(drtm): prepare DLME data for DLME launch
feat(drtm): take DRTM components measurements before DLME launch
feat(drtm): add a few DRTM DMA protection APIs
feat(drtm): add remediation driver support in DRTM
feat(fvp): add plat API to set and get the DRTM error
feat(drtm): add Event Log driver support for DRTM
feat(drtm): check drtm arguments during dynamic launch
feat(drtm): introduce drtm dynamic launch function
refactor(measured-boot): split out a few Event Log driver functions
feat(drtm): retrieve DRTM features
feat(drtm): add platform functions for DRTM
feat(sdei): add a function to return total number of events registered
feat(drtm): add PCR entries for DRTM
feat(drtm): update drtm setup function
refactor(crypto): change CRYPTO_SUPPORT flag to numeric
feat(mbedtls): update mbedTLS driver for DRTM support
feat(fvp): add crypto support in BL31
feat(crypto): update crypto module for DRTM support
build(changelog): add new scope for mbedTLS and Crypto module
feat(drtm): add standard DRTM service
build(changelog): add new scope for DRTM service
feat(fvp): increase MAX_XLAT_TABLES entries for DRTM support
feat(fvp): increase BL31's stack size for DRTM support
feat(fvp): add platform hooks for DRTM DMA protection
Documented steps to run DRTM implementation.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I30dd8c1088a54a8906389c2584d922862610dae0
Flush the data cache range before DLME launch to ensure that data
passed by DCE preamble is committed.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I9946fd3420a17b86d9f1483e8b2cd5880033454e
As per DRTM beta0 spec table #28, Before the DLME is called the DCE
must invalidate all instruction caches.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I7efbb03d1d13346a8d898882fdbd7bbe8f1d49b2
Adding SECURE rm flag to support INTR_EL3_VALID_RM1 routing model.
Signed-off-by: Muhammad Arsath K F <quic_mkf@quicinc.com>
Change-Id: Ie72d62148e81d3cf7fb05f46124f846cc45d9d41
Ensured DLME data region and DRTM parameters are lies within Non-Secure
region of DRAM by calling platform function 'plat_drtm_validate_ns_region'.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I93ead775f45ca7748193631f8f9eec4326fcf20a
Added a platform function to check passed region is within
the Non-Secure region of DRAM.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie5808fa6a1b6e6bc99f4185fa8acc52af0d5f14d
Ensured no SDEI event are registered during dynamic launch.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ied3b2d389aa3d9a96ace9078581d5e691f0b38a7
Taken measurement of various DRTM components in the Event Log
buffer to pass it to DLME.
Change-Id: Ic56620161f42596d22bf40d5c83c041cbce0b618
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added DRTM DMA protections APIs, and called them during
the DLME launch and DRTM SMC handling.
Change-Id: I29e7238c04e2ca9f26600276c5c05bff5387789e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added remediation driver for DRTM to set/get the error
from non-volatile memory
Change-Id: I8f0873dcef4936693e0f39a3c95096cb689c04b7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Added a platform function to set and get DRTM error.
Also, added a platform function to reset the system.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I471f2387f8c78b21a06af063a6fa02cda3646557
Added Event Log driver support for DRTM. This driver
is responsible for the doing the hash measurement of
various DRTM components as per [1], and putting these
measurements in the Event Log buffer.
[1]: https://developer.arm.com/documentation/den0113/a, section 3.16
Change-Id: I9892c313cf6640b82e261738116fe00f7975ee12
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This function is placeholder for checking all the necessary conditions
before doing drtm dynamic launch.
In this patch following conditions are checked (based on Table 31 of
DRTM spec beta0), rest of the conditions will be added in later
patches.
- Only boot PE is online
- Caller execution state is AArch64
- Caller exception level is NS-EL2 or NS-EL1
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I622b946bc191bb39f828831336ceafbc10834c19
Reorganized a few Event Log functions into multiple functions so that
they can be used for the upcoming DRTM feature. This change mainly
implements below new functions -
1. event_log_buf_init - called by 'event_log_init' to initialise Event
Log buffer
2. event_log_write_specid_event - called by 'event_log_fixed_header' to
write specification id event to Event Log buffer
3. event_log_measure and event_log_record - called by
'event_log_measure_and_record' to measure and record the measurement
to the Event Log buffer
Change-Id: I1aabb57f79bead726fcf36d59839702cd6a3521d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added platform hooks to retrieve DRTM features and
address map.
Additionally, implemented these hooks for the FVP platform.
Signed-off-by: John Powell <john.powell@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I5621cc9807ffff8139ae8876250147f7b2c76759
This patch adds a public API to return the total number of registered
events. The purpose of this is primarily for DRTM to ensure that no
SDEI event can interfere with a dynamic launch.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I1d1cba2da7d5566cc340620ee1ce7d7844740b86
Added PCR entries for the measurement performed by the
DCE and D-CRTM in DRTM implementation
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: Ib9bfafe7fa2efa1cc36d7ff138468d648235dcf1
Updated DRTM setup functionality that mainly does below 2 things
1. Initialise the DRTM DMA protection, this function assumes the
platform must support complete DMA protection.
2. Initialise the Crypto module that will be useful to calculate
the hash of various DRTM element involved.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I3d6e4d534686d391fa7626094d2b2535dac74e00
Updated mbedTLS driver to include mbedTLS functions necessary for a
DRTM supported build.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: If0120374a971519cf84f93e0c59e1a320a72cd97
DRTM implementation needs crypto support in BL31 to calculate
hash of various DRTM components
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I659ce8e54550946db253d23f150cca8b2fa7b880
Updated crypto module to include crypto calls necessary for a
DRTM supported build.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I4f945997824393f46864b7fb7fd380308a025452
Added new scope for mbedTLS and Crypto module.
Change-Id: I127e7e32f103210e0a1c4c3072afa7249a24a7db
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added a dummy DRTM setup function and also, introduced DRTM SMCs
handling as per DRTM spec [1]. Few basic SMCs are handled in this
change such as ARM_DRTM_SVC_VERSION and ARM_DRTM_SVC_FEATURES
that returns DRTM version and functions ids supported respectively,
and others are dummy for now.
[1]: https://developer.arm.com/documentation/den0113/latest
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I8c7afe920c78e064cbab2298f59e6837c70ba8ff
DRTM implementation maps the DLME data region provided by the
DCE-preamble in BL31, hence increased MAX_XLAT_TABLES entries
count.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I5f0ac69e009c4f81d3590fdb1f4c0a7f73c5c99d
The stack size of BL31 has been increased to accommodate the
introduction of mbedTLS support for DRTM.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: Id0beacf4df553af4ecbe714af20e71604ccfed59
