1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
/*
* Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <assert.h>
#include <stdint.h>
#include <string.h>
#include <lib/mmio.h>
#include <lib/fconf/fconf.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/arm/common/fconf_nv_cntr_getter.h>
#include <plat/common/platform.h>
#include <platform_def.h>
#include <tools_share/cca_oid.h>
/*
* Return the ROTPK hash in the following ASN.1 structure in DER format:
*
* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL
* }
*
* DigestInfo ::= SEQUENCE {
* digestAlgorithm AlgorithmIdentifier,
* digest OCTET STRING
* }
*/
int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
unsigned int *flags)
{
return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
}
/*
* Return the non-volatile counter address stored in the platform. The cookie
* will contain the OID of the counter in the certificate.
*
* Return: 0 = success, Otherwise = error
*/
static int plat_get_nv_ctr_addr(void *cookie, uintptr_t *nv_ctr_addr)
{
const char *oid = (const char *)cookie;
if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
*nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
TRUSTED_NV_CTR_ID);
} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
*nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
NON_TRUSTED_NV_CTR_ID);
} else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
/* FVP does not support the CCA NV Counter so use the Trusted NV */
*nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
TRUSTED_NV_CTR_ID);
} else {
return 1;
}
return 0;
}
/*
* Store a new non-volatile counter value.
*
* On some FVP versions, the non-volatile counters are read-only so this
* function will always fail.
*
* Return: 0 = success, Otherwise = error
*/
int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
{
uintptr_t nv_ctr_addr;
int rc;
assert(cookie != NULL);
rc = plat_get_nv_ctr_addr(cookie, &nv_ctr_addr);
if (rc != 0) {
return rc;
}
mmio_write_32(nv_ctr_addr, nv_ctr);
/*
* If the FVP models a locked counter then its value cannot be updated
* and the above write operation has been silently ignored.
*/
return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1;
}
/*
* Return the non-volatile counter value stored in the platform. The cookie
* will contain the OID of the counter in the certificate.
*
* Return: 0 = success, Otherwise = error
*/
int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
{
uintptr_t nv_ctr_addr;
int rc;
assert(cookie != NULL);
assert(nv_ctr != NULL);
rc = plat_get_nv_ctr_addr(cookie, &nv_ctr_addr);
if (rc != 0) {
return rc;
}
*nv_ctr = *((unsigned int *)nv_ctr_addr);
return 0;
}
|
