[trusted-firmware-m]: Updated to 0101fd37

Author: Oren Cohen

components/TARGET_PSA/TARGET_TFM/COMPONENT_NSPE/interface/src/tfm_ns_lock_rtx.c

@@ -1,14 +1,12 @@
 /*
- * Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2017-2019, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  *
  */
 #include <stdint.h>
 #include <stdbool.h>
 
-#include "cmsis.h"
-#include "rtx_os.h"
 #include "cmsis_os2.h"
 
 #include "tfm_api.h"
@@ -31,14 +29,9 @@ static struct ns_lock_state ns_lock = {.init=false, .id=NULL};
 /**
  * \brief Mutex properties, NS lock
  */
-
-static osRtxMutex_t ns_lock_cb = { 0 };
-
 static const osMutexAttr_t ns_lock_attrib = {
     .name = "ns_lock",
-    .attr_bits = osMutexPrioInherit,
-    .cb_mem = &ns_lock_cb,
-    .cb_size = sizeof(ns_lock_cb)
+    .attr_bits = osMutexPrioInherit
 };
 
 /**

components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/boot_record.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  *
@@ -11,6 +11,8 @@
 #include <stdint.h>
 #include <stddef.h>
 #include <limits.h>
+#include "../ext/mcuboot/bootutil/include/bootutil/image.h"
+#include "../ext/mcuboot/include/flash_map/flash_map.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -30,6 +32,16 @@ enum shared_memory_err_t {
     TLV_TYPE_MAX = INT_MAX
 };
 
+/*!
+ * \enum boot_status_err_t
+ *
+ * \brief Return values for saving boot status information to shared memory are
+ */
+enum boot_status_err_t {
+    BOOT_STATUS_OK,
+    BOOT_STATUS_ERROR,
+};
+
 /*!
  * \brief Add a data item to the shared data area between bootloader and
  *        runtime SW
@@ -43,10 +55,25 @@ enum shared_memory_err_t {
  */
 enum shared_memory_err_t
 boot_add_data_to_shared_area(uint8_t        major_type,
-                             uint8_t        minor_type,
+                             uint16_t       minor_type,
                              size_t         size,
                              const uint8_t *data);
 
+/*!
+ * \brief Add an image's all boot status information to the shared data area
+ *        between bootloader and runtime SW
+ *
+ * \param[in]  sw_module  Identifier of the SW component
+ * \param[in]  hdr        Pointer to the image header stored in RAM
+ * \param[in]  fap        Pointer to the flash area where image is stored
+ *
+ * \return Returns error code as specified in \ref boot_status_err_t
+ */
+enum boot_status_err_t
+boot_save_boot_status(uint8_t sw_module,
+                      const struct image_header *hdr,
+                      const struct flash_area *fap);
+
 #ifdef __cplusplus
 }
 #endif

components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/bl2/include/tfm_boot_status.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  *
@@ -16,43 +16,165 @@
 extern "C" {
 #endif
 
-/* Major numbers to identify the consumer of shared data in runtime SW */
-#define TLV_MAJOR_CORE  0x0
-#define TLV_MAJOR_IAS   0x1
-
-/* PSA Root of Trust */
-#define TLV_MINOR_IAS_PRoT_SHA256     0x00
-#define TLV_MINOR_IAS_PRoT_SW_VERSION 0x01
-#define TLV_MINOR_IAS_PRoT_EPOCH      0x02
-
-/* Application Root of Trust */
-#define TLV_MINOR_IAS_ARoT_SHA256     0x03
-#define TLV_MINOR_IAS_ARoT_SW_VERSION 0x04
-#define TLV_MINOR_IAS_ARoT_EPOCH      0x05
-
-/* Non-secure processing environment: single non-secure image */
-#define TLV_MINOR_IAS_NSPE_SHA256     0x06
-#define TLV_MINOR_IAS_NSPE_SW_VERSION 0x07
-#define TLV_MINOR_IAS_NSPE_EPOCH      0x08
-
-/* ARoT + PRoT:  single secure image */
-#define TLV_MINOR_IAS_S_SHA256        0x09
-#define TLV_MINOR_IAS_S_SW_VERSION    0x0a
-#define TLV_MINOR_IAS_S_EPOCH         0x0b
+/* Major numbers (4 bit) to identify
+ * the consumer of shared data in runtime SW
+ */
+#define TLV_MAJOR_CORE     0x0
+#define TLV_MAJOR_IAS      0x1
 
-/* S + NS: combined secure and non-secure image */
-#define TLV_MINOR_IAS_S_NS_SHA256     0x0c
-#define TLV_MINOR_IAS_S_NS_SW_VERSION 0x0d
-#define TLV_MINOR_IAS_S_NS_EPOCH      0x0e
+/**
+ * The shared data between boot loader and runtime SW is TLV encoded. The
+ * shared data is stored in a well known location in secure memory and this is
+ * a contract between boot loader and runtime SW.
+ *
+ * The structure of shared data must be the following:
+ *  - At the beginning there must be a header: struct shared_data_tlv_header
+ *    This contains a magic number and a size field which covers the entire
+ *    size of the shared data area including this header.
+ *  - After the header there come the entries which are composed from an entry
+ *    header structure: struct shared_data_tlv_entry and the data. In the entry
+ *    header is a type field (tly_type) which identify the consumer of the
+ *    entry in the runtime SW and specify the subtype of that data item. There
+ *    is a size field (tlv_len) which covers the size of the entry header and
+ *    the data. After this structure comes the actual data.
+ *  - Arbitrary number and size of data entry can be in the shared memory area.
+ *
+ * This table gives of overview about the tlv_type field in the entry header.
+ * The tlv_type always composed from a major and minor number. Major number
+ * identifies the addressee in runtime SW, who should process the data entry.
+ * Minor number used to encode more info about the data entry. The actual
+ * definition of minor number could change per major number. In case of boot
+ * status data, which is going to be processed by initial attestation service
+ * the minor number is split further to two part: sw_module and claim. The
+ * sw_module identifies the SW component in the system which the data item
+ * belongs to and the claim part identifies the exact type of the data.
+ *
+ * |---------------------------------------|
+ * |            tlv_type (16)              |
+ * |---------------------------------------|
+ * | tlv_major(4)|      tlv_minor(12)      |
+ * |---------------------------------------|
+ * | MAJOR_IAS   | sw_module(6) | claim(6) |
+ * |---------------------------------------|
+ * | MAJOR_CORE  |          TBD            |
+ * |---------------------------------------|
+ */
 
+/* Initial attestation: SW components / SW modules
+ * This list is intended to be adjusted per device. It contains more SW
+ * components than currently available in TF-M project. It serves as an example,
+ * what kind of SW components might be available.
+ */
+#define SW_GENERAL     0x00
+#define SW_BL2         0x01
+#define SW_PROT        0x02
+#define SW_AROT        0x03
+#define SW_SPE         0x04
+#define SW_NSPE        0x05
+#define SW_S_NS        0x06
+#define SW_MAX         0x07
+
+/* Initial attestation: Claim per SW components / SW modules */
+/* Bits: 0-2 */
+#define SW_VERSION       0x00
+#define SW_SIGNER_ID     0x01
+#define SW_EPOCH         0x02
+#define SW_TYPE          0x03
+/* Bits: 3-5 */
+#define SW_MEASURE_VALUE 0x08
+#define SW_MEASURE_TYPE  0x09
+
+/* Initial attestation: General claim does not belong any particular SW
+ * component. But they might be part of the boot status.
+ */
+#define BOOT_SEED          0x00
+#define HW_VERSION         0x01
+#define SECURITY_LIFECYCLE 0x02
+
+/* Minor numbers (12 bit) to identify attestation service related data */
+#define TLV_MINOR_IAS_BOOT_SEED       ((SW_GENERAL << 6) | BOOT_SEED)
+#define TLV_MINOR_IAS_HW_VERSION      ((SW_GENERAL << 6) | HW_VERSION)
+#define TLV_MINOR_IAS_SLC             ((SW_GENERAL << 6) | SECURITY_LIFECYCLE)
+
+/* Bootloader - It can be more stage */
+#define TLV_MINOR_IAS_BL2_MEASURE_VALUE  ((SW_BL2  << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_BL2_MEASURE_TYPE   ((SW_BL2  << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_BL2_VERSION        ((SW_BL2  << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_BL2_SIGNER_ID      ((SW_BL2  << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_BL2_EPOCH          ((SW_BL2  << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_BL2_TYPE           ((SW_BL2  << 6) | SW_TYPE)
+
+/* PROT: PSA Root of Trust */
+#define TLV_MINOR_IAS_PROT_MEASURE_VALUE ((SW_PROT << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_PROT_MEASURE_TYPE  ((SW_PROT << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_PROT_VERSION       ((SW_PROT << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_PROT_SIGNER_ID     ((SW_PROT << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_PROT_EPOCH         ((SW_PROT << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_PROT_TYPE          ((SW_PROT << 6) | SW_TYPE)
+
+/* AROT: Application Root of Trust */
+#define TLV_MINOR_IAS_AROT_MEASURE_VALUE ((SW_AROT << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_AROT_MEASURE_TYPE  ((SW_AROT << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_AROT_VERSION       ((SW_AROT << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_AROT_SIGNER_ID     ((SW_AROT << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_AROT_EPOCH         ((SW_AROT << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_AROT_TYPE          ((SW_AROT << 6) | SW_TYPE)
+
+/* Non-secure processing environment - single non-secure image */
+#define TLV_MINOR_IAS_NSPE_MEASURE_VALUE ((SW_NSPE << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_NSPE_MEASURE_TYPE  ((SW_NSPE << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_NSPE_VERSION       ((SW_NSPE << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_NSPE_SIGNER_ID     ((SW_NSPE << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_NSPE_EPOCH         ((SW_NSPE << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_NSPE_TYPE          ((SW_NSPE << 6) | SW_TYPE)
+
+/* Secure processing environment (ARoT + PRoT) - single secure image */
+#define TLV_MINOR_IAS_SPE_MEASURE_VALUE  ((SW_SPE  << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_SPE_MEASURE_TYPE   ((SW_SPE  << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_SPE_VERSION        ((SW_SPE  << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_SPE_SIGNER_ID      ((SW_SPE  << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_SPE_EPOCH          ((SW_SPE  << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_SPE_TYPE           ((SW_SPE  << 6) | SW_TYPE)
+
+/* SPE + NSPE - combined secure and non-secure image */
+#define TLV_MINOR_IAS_S_NS_MEASURE_VALUE ((SW_S_NS << 6) | SW_MEASURE_VALUE)
+#define TLV_MINOR_IAS_S_NS_MEASURE_TYPE  ((SW_S_NS << 6) | SW_MEASURE_TYPE)
+#define TLV_MINOR_IAS_S_NS_VERSION       ((SW_S_NS << 6) | SW_VERSION)
+#define TLV_MINOR_IAS_S_NS_SIGNER_ID     ((SW_S_NS << 6) | SW_SIGNER_ID)
+#define TLV_MINOR_IAS_S_NS_EPOCH         ((SW_S_NS << 6) | SW_EPOCH)
+#define TLV_MINOR_IAS_S_NS_TYPE          ((SW_S_NS << 6) | SW_TYPE)
+
+/* General macros to handle TLV type */
+#define MAJOR_MASK 0xF     /* 4  bit */
+#define MAJOR_POS  12      /* 12 bit */
+#define MINOR_MASK 0xFFF   /* 12 bit */
+
+#define SET_TLV_TYPE(major, minor) \
+        ((((major) & MAJOR_MASK) << MAJOR_POS) | ((minor) & MINOR_MASK))
+#define GET_MAJOR(tlv_type) ((tlv_type) >> MAJOR_POS)
+#define GET_MINOR(tlv_type) ((tlv_type) &  MINOR_MASK)
+
+/* Initial attestation specific macros */
+#define MODULE_POS 6               /* 6 bit */
+#define CLAIM_MASK 0x3F            /* 6 bit */
+#define MEASUREMENT_CLAIM_POS 3    /* 3 bit */
+
+#define GET_IAS_MODULE(tlv_type) (GET_MINOR(tlv_type) >> MODULE_POS)
+#define GET_IAS_CLAIM(tlv_type)  (GET_MINOR(tlv_type)  & CLAIM_MASK)
+#define SET_IAS_MINOR(sw_module, claim) (((sw_module) << 6) | (claim))
+
+#define GET_IAS_MEASUREMENT_CLAIM(ias_claim) ((ias_claim) >> \
+                                              MEASUREMENT_CLAIM_POS)
+
+/* Magic value which marks the beginning of shared data area in memory */
 #define SHARED_DATA_TLV_INFO_MAGIC    0x2016
 
 /**
  * Shared data TLV header.  All fields in little endian.
  *
- *    ---------------------------
- *    | tlv_magic | tlv_tot_len |
- *    ---------------------------
+ *    -----------------------------------
+ *    | tlv_magic(16) | tlv_tot_len(16) |
+ *    -----------------------------------
  */
 struct shared_data_tlv_header {
     uint16_t tlv_magic;
@@ -64,15 +186,14 @@ struct shared_data_tlv_header {
 /**
  * Shared data TLV entry header format. All fields in little endian.
  *
- *    ---------------------------------------------
- *    | tlv_major_type | tlv_minor_type | tlv_len |
- *    ---------------------------------------------
- *    |                    Raw data               |
- *    ---------------------------------------------
+ *    -------------------------------
+ *    | tlv_type(16) |  tlv_len(16) |
+ *    -------------------------------
+ *    |         Raw data            |
+ *    -------------------------------
  */
 struct shared_data_tlv_entry {
-    uint8_t  tlv_major_type;
-    uint8_t  tlv_minor_type;
+    uint16_t tlv_type;
     uint16_t tlv_len; /* size of single TLV entry (including this header). */
 };
 

components/TARGET_PSA/TARGET_TFM/COMPONENT_SPE/secure_fw/core/CMakeLists.inc

@@ -0,0 +1,71 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2017-2018, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+#Definitions to compile the "core" module.
+#This file assumes it will be included from a project specific cmakefile, and
+#will not create a library or executable.
+#Inputs:
+#	TFM_ROOT_DIR - directory where secure FW sourec is located.
+#
+#Outputs:
+#	Will modify include directories to make the source compile.
+#	ALL_SRC_C: C source files to be compiled will be added to this list.
+#	  This shall be added to your add_executable or add_library command.
+#	ALL_SRC_CXX: C++ source files to be compiled will be added to this list.
+#	  This shall be added to your add_executable or add_library command.
+#	ALL_SRC_ASM: assembly source files to be compiled will be added to this
+#	  list. This shall be added to your add_executable or add_library
+#	  command.
+#	Include directories will be modified by using the include_directories()
+#	  commands as needed.
+
+#Get the current directory where this file is located.
+set(SS_CORE_DIR ${CMAKE_CURRENT_LIST_DIR})
+if(NOT DEFINED TFM_ROOT_DIR)
+	message(FATAL_ERROR
+		"Please set TFM_ROOT_DIR before including this file.")
+endif()
+
+set (SS_CORE_C_SRC
+		"${SS_CORE_DIR}/tfm_core.c"
+		"${SS_CORE_DIR}/tfm_handler.c"
+		"${SS_CORE_DIR}/tfm_secure_api.c"
+		"${SS_CORE_DIR}/tfm_spm_services.c"
+		"${SS_CORE_DIR}/tfm_nspm.c"
+		"${SS_CORE_DIR}/tfm_boot_data.c"
+	)
+
+#Append all our source files to global lists.
+list(APPEND ALL_SRC_C ${SS_CORE_C_SRC})
+unset(SS_CORE_C_SRC)
+
+#Setting include directories
+embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/spm ABSOLUTE)
+embedded_include_directories(PATH ${TFM_ROOT_DIR}/secure_fw/core ABSOLUTE)
+
+set(BUILD_CMSIS_CORE Off)
+set(BUILD_RETARGET Off)
+set(BUILD_NATIVE_DRIVERS Off)
+set(BUILD_STARTUP Off)
+set(BUILD_TARGET_CFG Off)
+set(BUILD_TARGET_HARDWARE_KEYS Off)
+set(BUILD_TARGET_NV_COUNTERS Off)
+set(BUILD_CMSIS_DRIVERS Off)
+set(BUILD_TIME Off)
+set(BUILD_UART_STDOUT Off)
+set(BUILD_FLASH Off)
+set(BUILD_BOOT_SEED Off)
+set(BUILD_DEVICE_ID Off)
+if(NOT DEFINED PLATFORM_CMAKE_FILE)
+	message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.")
+elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE})
+	message (FATAL_ERROR "Platform specific CMake \"${PLATFORM_CMAKE_FILE}\" file does not exist. Please fix value of PLATFORM_CMAKE_FILE.")
+else()
+	include(${PLATFORM_CMAKE_FILE})
+endif()