1 /*
2 * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <stdint.h>
9 #include <string.h>
10
11 #include <lib/mmio.h>
12 #include <lib/fconf/fconf.h>
13 #include <plat/arm/common/plat_arm.h>
14 #include <plat/arm/common/fconf_nv_cntr_getter.h>
15 #include <plat/common/platform.h>
16 #include <platform_def.h>
17 #include <tools_share/cca_oid.h>
18
19 /*
20 * Return the ROTPK hash in the following ASN.1 structure in DER format:
21 *
22 * AlgorithmIdentifier ::= SEQUENCE {
23 * algorithm OBJECT IDENTIFIER,
24 * parameters ANY DEFINED BY algorithm OPTIONAL
25 * }
26 *
27 * DigestInfo ::= SEQUENCE {
28 * digestAlgorithm AlgorithmIdentifier,
29 * digest OCTET STRING
30 * }
31 */
plat_get_rotpk_info(void * cookie,void ** key_ptr,unsigned int * key_len,unsigned int * flags)32 int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
33 unsigned int *flags)
34 {
35 return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
36 }
37
38 /*
39 * Return the non-volatile counter address stored in the platform. The cookie
40 * will contain the OID of the counter in the certificate.
41 *
42 * Return: 0 = success, Otherwise = error
43 */
plat_get_nv_ctr_addr(void * cookie,uintptr_t * nv_ctr_addr)44 static int plat_get_nv_ctr_addr(void *cookie, uintptr_t *nv_ctr_addr)
45 {
46 const char *oid = (const char *)cookie;
47
48 if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
49 *nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
50 TRUSTED_NV_CTR_ID);
51 } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
52 *nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
53 NON_TRUSTED_NV_CTR_ID);
54 } else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
55 /* FVP does not support the CCA NV Counter so use the Trusted NV */
56 *nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
57 TRUSTED_NV_CTR_ID);
58 } else {
59 return 1;
60 }
61
62 return 0;
63 }
64
65 /*
66 * Store a new non-volatile counter value.
67 *
68 * On some FVP versions, the non-volatile counters are read-only so this
69 * function will always fail.
70 *
71 * Return: 0 = success, Otherwise = error
72 */
plat_set_nv_ctr(void * cookie,unsigned int nv_ctr)73 int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
74 {
75 uintptr_t nv_ctr_addr;
76 int rc;
77
78 assert(cookie != NULL);
79
80 rc = plat_get_nv_ctr_addr(cookie, &nv_ctr_addr);
81 if (rc != 0) {
82 return rc;
83 }
84
85 mmio_write_32(nv_ctr_addr, nv_ctr);
86
87 /*
88 * If the FVP models a locked counter then its value cannot be updated
89 * and the above write operation has been silently ignored.
90 */
91 return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1;
92 }
93
94 /*
95 * Return the non-volatile counter value stored in the platform. The cookie
96 * will contain the OID of the counter in the certificate.
97 *
98 * Return: 0 = success, Otherwise = error
99 */
plat_get_nv_ctr(void * cookie,unsigned int * nv_ctr)100 int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
101 {
102 uintptr_t nv_ctr_addr;
103 int rc;
104
105 assert(cookie != NULL);
106 assert(nv_ctr != NULL);
107
108 rc = plat_get_nv_ctr_addr(cookie, &nv_ctr_addr);
109 if (rc != 0) {
110 return rc;
111 }
112
113 *nv_ctr = *((unsigned int *)nv_ctr_addr);
114
115 return 0;
116 }
117
