mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 17:44:19 +00:00
02552d45e5
AEM FVP does not have a third CCA NV counter so the implementation will fake it by returning the Trusted NV counter value when the caller requests the CCA NV counter. This allows us to use the CCA CoT on AEM FVP nonetheless. The FVP platform port now gets its own version of plat_get_nv_ctr() as it now need to diverge from the common implementation provided at the Arm development platforms level. Change-Id: I3258f837249a539d943d6d783406ba222bd4554e Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
109 lines
2.9 KiB
C
109 lines
2.9 KiB
C
/*
|
|
* Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#include <assert.h>
|
|
#include <stdint.h>
|
|
#include <string.h>
|
|
|
|
#include <lib/mmio.h>
|
|
#include <lib/fconf/fconf.h>
|
|
#include <plat/arm/common/plat_arm.h>
|
|
#include <plat/arm/common/fconf_nv_cntr_getter.h>
|
|
#include <plat/common/platform.h>
|
|
#include <platform_def.h>
|
|
#include <tools_share/cca_oid.h>
|
|
|
|
/*
|
|
* Return the ROTPK hash in the following ASN.1 structure in DER format:
|
|
*
|
|
* AlgorithmIdentifier ::= SEQUENCE {
|
|
* algorithm OBJECT IDENTIFIER,
|
|
* parameters ANY DEFINED BY algorithm OPTIONAL
|
|
* }
|
|
*
|
|
* DigestInfo ::= SEQUENCE {
|
|
* digestAlgorithm AlgorithmIdentifier,
|
|
* digest OCTET STRING
|
|
* }
|
|
*/
|
|
int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
|
|
unsigned int *flags)
|
|
{
|
|
return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
|
|
}
|
|
|
|
/*
|
|
* Store a new non-volatile counter value.
|
|
*
|
|
* On some FVP versions, the non-volatile counters are read-only so this
|
|
* function will always fail.
|
|
*
|
|
* Return: 0 = success, Otherwise = error
|
|
*/
|
|
int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
|
|
{
|
|
const char *oid;
|
|
uintptr_t nv_ctr_addr;
|
|
|
|
assert(cookie != NULL);
|
|
|
|
oid = (const char *)cookie;
|
|
if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
|
|
nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
TRUSTED_NV_CTR_ID);
|
|
} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
|
|
nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
NON_TRUSTED_NV_CTR_ID);
|
|
} else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
|
|
/* FVP does not support the CCA NV Counter so use the Trusted NV */
|
|
nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
TRUSTED_NV_CTR_ID);
|
|
} else {
|
|
return 1;
|
|
}
|
|
|
|
mmio_write_32(nv_ctr_addr, nv_ctr);
|
|
|
|
/*
|
|
* If the FVP models a locked counter then its value cannot be updated
|
|
* and the above write operation has been silently ignored.
|
|
*/
|
|
return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1;
|
|
}
|
|
|
|
/*
|
|
* Return the non-volatile counter value stored in the platform. The cookie
|
|
* will contain the OID of the counter in the certificate.
|
|
*
|
|
* Return: 0 = success, Otherwise = error
|
|
*/
|
|
int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
|
|
{
|
|
const char *oid;
|
|
uint32_t *nv_ctr_addr;
|
|
|
|
assert(cookie != NULL);
|
|
assert(nv_ctr != NULL);
|
|
|
|
oid = (const char *)cookie;
|
|
if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
|
|
nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
TRUSTED_NV_CTR_ID);
|
|
} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
|
|
nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
NON_TRUSTED_NV_CTR_ID);
|
|
} else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
|
|
/* FVP does not support the CCA NV Counter so use the Trusted NV */
|
|
nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
|
|
TRUSTED_NV_CTR_ID);
|
|
} else {
|
|
return 1;
|
|
}
|
|
|
|
*nv_ctr = (unsigned int)(*nv_ctr_addr);
|
|
|
|
return 0;
|
|
}
|