boot: Define interface for data sharing with runtime
Define interface for sharing boot status (certain attributes of the
authenticated images) and adding arbitrary data in TLV encoded format
to a shared data area between the bootloader and runtime SW.
The boot_record.h file was copied (with minor modifications) from the
Trusted Firmware-M project (https://www.trustedfirmware.org/about/).
Hash of the source commit: 08d5572b4bcee306d8cf709c2200359a22d5b72c.
Change-Id: Ia25bac27e9f1ce7faa5043c5a0455c804a24701e
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/boot/bootutil/include/bootutil/boot_record.h b/boot/bootutil/include/bootutil/boot_record.h
new file mode 100644
index 0000000..a2932ea
--- /dev/null
+++ b/boot/bootutil/include/bootutil/boot_record.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2018-2020 Arm Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __BOOT_RECORD_H__
+#define __BOOT_RECORD_H__
+
+#include <stdint.h>
+#include "bootutil/image.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Add an image's all boot status information to the shared memory area
+ * between the bootloader and runtime SW.
+ *
+ * @param[in] sw_module Identifier of the SW component.
+ * @param[in] hdr Pointer to the image header stored in RAM.
+ * @param[in] fap Pointer to the flash area where image is stored.
+ *
+ * @return 0 on success; nonzero on failure.
+ */
+int boot_save_boot_status(uint8_t sw_module,
+ const struct image_header *hdr,
+ const struct flash_area *fap);
+
+/**
+ * Add application specific data to the shared memory area between the
+ * bootloader and runtime SW.
+ *
+ * @param[in] hdr Pointer to the image header stored in RAM.
+ * @param[in] fap Pointer to the flash area where image is stored.
+ *
+ * @return 0 on success; nonzero on failure.
+ */
+int boot_save_shared_data(const struct image_header *hdr,
+ const struct flash_area *fap);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __BOOT_RECORD_H__ */
diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h
index 5f68fa8..4a9fedc 100644
--- a/boot/bootutil/include/bootutil/image.h
+++ b/boot/bootutil/include/bootutil/image.h
@@ -85,6 +85,7 @@
#define IMAGE_TLV_ENC_EC256 0x32 /* Key encrypted with ECIES-EC256 */
#define IMAGE_TLV_DEPENDENCY 0x40 /* Image depends on other image */
#define IMAGE_TLV_SEC_CNT 0x50 /* security counter */
+#define IMAGE_TLV_BOOT_RECORD 0x60 /* measured boot record */
#define IMAGE_TLV_ANY 0xffff /* Used to iterate over all TLV */
struct image_version {
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
index cf20ecd..fccd83d 100644
--- a/boot/bootutil/src/loader.c
+++ b/boot/bootutil/src/loader.c
@@ -39,6 +39,7 @@
#include "swap_priv.h"
#include "bootutil/bootutil_log.h"
#include "bootutil/security_cnt.h"
+#include "bootutil/boot_record.h"
#ifdef MCUBOOT_ENC_IMAGES
#include "bootutil/enc_key.h"
@@ -1788,6 +1789,24 @@
}
}
#endif /* MCUBOOT_HW_ROLLBACK_PROT */
+
+#ifdef MCUBOOT_MEASURED_BOOT
+ rc = boot_save_boot_status(BOOT_CURR_IMG(state),
+ boot_img_hdr(state, BOOT_PRIMARY_SLOT),
+ BOOT_IMG_AREA(state, BOOT_PRIMARY_SLOT));
+ if (rc != 0) {
+ BOOT_LOG_ERR("Failed to add Image %u data to shared memory area",
+ BOOT_CURR_IMG(state));
+ }
+#endif /* MCUBOOT_MEASURED_BOOT */
+
+#ifdef MCUBOOT_DATA_SHARING
+ rc = boot_save_shared_data(boot_img_hdr(state, BOOT_PRIMARY_SLOT),
+ BOOT_IMG_AREA(state, BOOT_PRIMARY_SLOT));
+ if (rc != 0) {
+ BOOT_LOG_ERR("Failed to add data to shared memory area.");
+ }
+#endif /* MCUBOOT_DATA_SHARING */
}
#if (BOOT_IMAGE_NUMBER > 1)
diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig
index 8402fc1..591a43b 100644
--- a/boot/zephyr/Kconfig
+++ b/boot/zephyr/Kconfig
@@ -217,6 +217,18 @@
on some hardware that has long erase times, to prevent long wait
times at the beginning of the DFU process.
+config MEASURED_BOOT
+ bool "Store the boot state/measurements in shared memory"
+ default n
+ help
+ If enabled, the bootloader will store certain boot measurements such as
+ the hash of the firmware image in a shared memory area. This data can
+ be used later by runtime services (e.g. by a device attestation service).
+
+config BOOT_SHARE_DATA
+ bool "Save application specific data in shared memory area"
+ default n
+
config BOOT_WAIT_FOR_USB_DFU
bool "Wait for a prescribed duration to see if USB DFU is invoked"
default n
diff --git a/boot/zephyr/include/mcuboot_config/mcuboot_config.h b/boot/zephyr/include/mcuboot_config/mcuboot_config.h
index 2b998b5..c0584f3 100644
--- a/boot/zephyr/include/mcuboot_config/mcuboot_config.h
+++ b/boot/zephyr/include/mcuboot_config/mcuboot_config.h
@@ -97,6 +97,14 @@
#define MCUBOOT_HW_ROLLBACK_PROT
#endif
+#ifdef CONFIG_MEASURED_BOOT
+#define MCUBOOT_MEASURED_BOOT
+#endif
+
+#ifdef CONFIG_BOOT_SHARE_DATA
+#define MCUBOOT_DATA_SHARING
+#endif
+
/*
* Enabling this option uses newer flash map APIs. This saves RAM and
* avoids deprecated API usage.