Mistake on this page?
Report an issue in GitHub or email us
tfm_boot_status.h
1 /*
2  * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef __TFM_BOOT_STATUS_H__
9 #define __TFM_BOOT_STATUS_H__
10 
11 #include <stdint.h>
12 #include <stddef.h>
13 
14 
15 #ifdef __cplusplus
16 extern "C" {
17 #endif
18 
19 /* Major numbers (4 bit) to identify
20  * the consumer of shared data in runtime SW
21  */
22 #define TLV_MAJOR_CORE 0x0
23 #define TLV_MAJOR_IAS 0x1
24 
25 /**
26  * The shared data between boot loader and runtime SW is TLV encoded. The
27  * shared data is stored in a well known location in secure memory and this is
28  * a contract between boot loader and runtime SW.
29  *
30  * The structure of shared data must be the following:
31  * - At the beginning there must be a header: struct shared_data_tlv_header
32  * This contains a magic number and a size field which covers the entire
33  * size of the shared data area including this header.
34  * - After the header there come the entries which are composed from an entry
35  * header structure: struct shared_data_tlv_entry and the data. In the entry
36  * header is a type field (tly_type) which identify the consumer of the
37  * entry in the runtime SW and specify the subtype of that data item. There
38  * is a size field (tlv_len) which covers the size of the entry header and
39  * the data. After this structure comes the actual data.
40  * - Arbitrary number and size of data entry can be in the shared memory area.
41  *
42  * This table gives of overview about the tlv_type field in the entry header.
43  * The tlv_type always composed from a major and minor number. Major number
44  * identifies the addressee in runtime SW, who should process the data entry.
45  * Minor number used to encode more info about the data entry. The actual
46  * definition of minor number could change per major number. In case of boot
47  * status data, which is going to be processed by initial attestation service
48  * the minor number is split further to two part: sw_module and claim. The
49  * sw_module identifies the SW component in the system which the data item
50  * belongs to and the claim part identifies the exact type of the data.
51  *
52  * |---------------------------------------|
53  * | tlv_type (16) |
54  * |---------------------------------------|
55  * | tlv_major(4)| tlv_minor(12) |
56  * |---------------------------------------|
57  * | MAJOR_IAS | sw_module(6) | claim(6) |
58  * |---------------------------------------|
59  * | MAJOR_CORE | TBD |
60  * |---------------------------------------|
61  */
62 
63 /* Initial attestation: SW components / SW modules
64  * This list is intended to be adjusted per device. It contains more SW
65  * components than currently available in TF-M project. It serves as an example,
66  * what kind of SW components might be available.
67  */
68 #define SW_GENERAL 0x00
69 #define SW_BL2 0x01
70 #define SW_PROT 0x02
71 #define SW_AROT 0x03
72 #define SW_SPE 0x04
73 #define SW_NSPE 0x05
74 #define SW_S_NS 0x06
75 #define SW_MAX 0x07
76 
77 /* Initial attestation: Claim per SW components / SW modules */
78 /* Bits: 0-2 */
79 #define SW_VERSION 0x00
80 #define SW_SIGNER_ID 0x01
81 #define SW_EPOCH 0x02
82 #define SW_TYPE 0x03
83 /* Bits: 3-5 */
84 #define SW_MEASURE_VALUE 0x08
85 #define SW_MEASURE_TYPE 0x09
86 
87 /* Initial attestation: General claim does not belong any particular SW
88  * component. But they might be part of the boot status.
89  */
90 #define BOOT_SEED 0x00
91 #define HW_VERSION 0x01
92 #define SECURITY_LIFECYCLE 0x02
93 
94 /* Minor numbers (12 bit) to identify attestation service related data */
95 #define TLV_MINOR_IAS_BOOT_SEED ((SW_GENERAL << 6) | BOOT_SEED)
96 #define TLV_MINOR_IAS_HW_VERSION ((SW_GENERAL << 6) | HW_VERSION)
97 #define TLV_MINOR_IAS_SLC ((SW_GENERAL << 6) | SECURITY_LIFECYCLE)
98 
99 /* Bootloader - It can be more stage */
100 #define TLV_MINOR_IAS_BL2_MEASURE_VALUE ((SW_BL2 << 6) | SW_MEASURE_VALUE)
101 #define TLV_MINOR_IAS_BL2_MEASURE_TYPE ((SW_BL2 << 6) | SW_MEASURE_TYPE)
102 #define TLV_MINOR_IAS_BL2_VERSION ((SW_BL2 << 6) | SW_VERSION)
103 #define TLV_MINOR_IAS_BL2_SIGNER_ID ((SW_BL2 << 6) | SW_SIGNER_ID)
104 #define TLV_MINOR_IAS_BL2_EPOCH ((SW_BL2 << 6) | SW_EPOCH)
105 #define TLV_MINOR_IAS_BL2_TYPE ((SW_BL2 << 6) | SW_TYPE)
106 
107 /* PROT: PSA Root of Trust */
108 #define TLV_MINOR_IAS_PROT_MEASURE_VALUE ((SW_PROT << 6) | SW_MEASURE_VALUE)
109 #define TLV_MINOR_IAS_PROT_MEASURE_TYPE ((SW_PROT << 6) | SW_MEASURE_TYPE)
110 #define TLV_MINOR_IAS_PROT_VERSION ((SW_PROT << 6) | SW_VERSION)
111 #define TLV_MINOR_IAS_PROT_SIGNER_ID ((SW_PROT << 6) | SW_SIGNER_ID)
112 #define TLV_MINOR_IAS_PROT_EPOCH ((SW_PROT << 6) | SW_EPOCH)
113 #define TLV_MINOR_IAS_PROT_TYPE ((SW_PROT << 6) | SW_TYPE)
114 
115 /* AROT: Application Root of Trust */
116 #define TLV_MINOR_IAS_AROT_MEASURE_VALUE ((SW_AROT << 6) | SW_MEASURE_VALUE)
117 #define TLV_MINOR_IAS_AROT_MEASURE_TYPE ((SW_AROT << 6) | SW_MEASURE_TYPE)
118 #define TLV_MINOR_IAS_AROT_VERSION ((SW_AROT << 6) | SW_VERSION)
119 #define TLV_MINOR_IAS_AROT_SIGNER_ID ((SW_AROT << 6) | SW_SIGNER_ID)
120 #define TLV_MINOR_IAS_AROT_EPOCH ((SW_AROT << 6) | SW_EPOCH)
121 #define TLV_MINOR_IAS_AROT_TYPE ((SW_AROT << 6) | SW_TYPE)
122 
123 /* Non-secure processing environment - single non-secure image */
124 #define TLV_MINOR_IAS_NSPE_MEASURE_VALUE ((SW_NSPE << 6) | SW_MEASURE_VALUE)
125 #define TLV_MINOR_IAS_NSPE_MEASURE_TYPE ((SW_NSPE << 6) | SW_MEASURE_TYPE)
126 #define TLV_MINOR_IAS_NSPE_VERSION ((SW_NSPE << 6) | SW_VERSION)
127 #define TLV_MINOR_IAS_NSPE_SIGNER_ID ((SW_NSPE << 6) | SW_SIGNER_ID)
128 #define TLV_MINOR_IAS_NSPE_EPOCH ((SW_NSPE << 6) | SW_EPOCH)
129 #define TLV_MINOR_IAS_NSPE_TYPE ((SW_NSPE << 6) | SW_TYPE)
130 
131 /* Secure processing environment (ARoT + PRoT) - single secure image */
132 #define TLV_MINOR_IAS_SPE_MEASURE_VALUE ((SW_SPE << 6) | SW_MEASURE_VALUE)
133 #define TLV_MINOR_IAS_SPE_MEASURE_TYPE ((SW_SPE << 6) | SW_MEASURE_TYPE)
134 #define TLV_MINOR_IAS_SPE_VERSION ((SW_SPE << 6) | SW_VERSION)
135 #define TLV_MINOR_IAS_SPE_SIGNER_ID ((SW_SPE << 6) | SW_SIGNER_ID)
136 #define TLV_MINOR_IAS_SPE_EPOCH ((SW_SPE << 6) | SW_EPOCH)
137 #define TLV_MINOR_IAS_SPE_TYPE ((SW_SPE << 6) | SW_TYPE)
138 
139 /* SPE + NSPE - combined secure and non-secure image */
140 #define TLV_MINOR_IAS_S_NS_MEASURE_VALUE ((SW_S_NS << 6) | SW_MEASURE_VALUE)
141 #define TLV_MINOR_IAS_S_NS_MEASURE_TYPE ((SW_S_NS << 6) | SW_MEASURE_TYPE)
142 #define TLV_MINOR_IAS_S_NS_VERSION ((SW_S_NS << 6) | SW_VERSION)
143 #define TLV_MINOR_IAS_S_NS_SIGNER_ID ((SW_S_NS << 6) | SW_SIGNER_ID)
144 #define TLV_MINOR_IAS_S_NS_EPOCH ((SW_S_NS << 6) | SW_EPOCH)
145 #define TLV_MINOR_IAS_S_NS_TYPE ((SW_S_NS << 6) | SW_TYPE)
146 
147 /* General macros to handle TLV type */
148 #define MAJOR_MASK 0xF /* 4 bit */
149 #define MAJOR_POS 12 /* 12 bit */
150 #define MINOR_MASK 0xFFF /* 12 bit */
151 
152 #define SET_TLV_TYPE(major, minor) \
153  ((((major) & MAJOR_MASK) << MAJOR_POS) | ((minor) & MINOR_MASK))
154 #define GET_MAJOR(tlv_type) ((tlv_type) >> MAJOR_POS)
155 #define GET_MINOR(tlv_type) ((tlv_type) & MINOR_MASK)
156 
157 /* Initial attestation specific macros */
158 #define MODULE_POS 6 /* 6 bit */
159 #define CLAIM_MASK 0x3F /* 6 bit */
160 #define MEASUREMENT_CLAIM_POS 3 /* 3 bit */
161 
162 #define GET_IAS_MODULE(tlv_type) (GET_MINOR(tlv_type) >> MODULE_POS)
163 #define GET_IAS_CLAIM(tlv_type) (GET_MINOR(tlv_type) & CLAIM_MASK)
164 #define SET_IAS_MINOR(sw_module, claim) (((sw_module) << 6) | (claim))
165 
166 #define GET_IAS_MEASUREMENT_CLAIM(ias_claim) ((ias_claim) >> \
167  MEASUREMENT_CLAIM_POS)
168 
169 /* Magic value which marks the beginning of shared data area in memory */
170 #define SHARED_DATA_TLV_INFO_MAGIC 0x2016
171 
172 /**
173  * Shared data TLV header. All fields in little endian.
174  *
175  * -----------------------------------
176  * | tlv_magic(16) | tlv_tot_len(16) |
177  * -----------------------------------
178  */
180  uint16_t tlv_magic;
181  uint16_t tlv_tot_len; /* size of whole TLV area (including this header) */
182 };
183 
184 #define SHARED_DATA_HEADER_SIZE sizeof(struct shared_data_tlv_header)
185 
186 /**
187  * Shared data TLV entry header format. All fields in little endian.
188  *
189  * -------------------------------
190  * | tlv_type(16) | tlv_len(16) |
191  * -------------------------------
192  * | Raw data |
193  * -------------------------------
194  */
196  uint16_t tlv_type;
197  uint16_t tlv_len; /* size of single TLV entry (including this header). */
198 };
199 
200 #define SHARED_DATA_ENTRY_HEADER_SIZE sizeof(struct shared_data_tlv_entry)
201 #define SHARED_DATA_ENTRY_SIZE(size) (size + SHARED_DATA_ENTRY_HEADER_SIZE)
202 
203 #ifdef __cplusplus
204 }
205 #endif
206 
207 #endif /* __TFM_BOOT_STATUS_H__ */
Shared data TLV entry header format.
Shared data TLV header.
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.