• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <string.h>
9 
10 #include <drivers/auth/auth_mod.h>
11 #include <plat/common/platform.h>
12 #if USE_TBBR_DEFS
13 #include <tools_share/tbbr_oid.h>
14 #else
15 #include <platform_oid.h>
16 #endif
17 
18 /*
19  * Store a new non-volatile counter value. This implementation
20  * only allows updating of the platform's Trusted NV counter when a
21  * certificate protected by the Trusted NV counter is signed with
22  * the ROT key. This avoids a compromised secondary certificate from
23  * updating the platform's Trusted NV counter, which could lead to the
24  * platform becoming unusable. The function is suitable for all TBBR
25  * compliant platforms.
26  *
27  * Return: 0 = success, Otherwise = error
28  */
plat_set_nv_ctr2(void * cookie,const auth_img_desc_t * img_desc,unsigned int nv_ctr)29 int plat_set_nv_ctr2(void *cookie, const auth_img_desc_t *img_desc,
30 		unsigned int nv_ctr)
31 {
32 	int trusted_nv_ctr;
33 
34 	assert(cookie != NULL);
35 	assert(img_desc != NULL);
36 
37 	trusted_nv_ctr = strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0;
38 
39 	/*
40 	 * Only update the Trusted NV Counter if the certificate
41 	 * has been signed with the ROT key. Non Trusted NV counter
42 	 * updates are unconditional.
43 	 */
44 	if (!trusted_nv_ctr || img_desc->parent == NULL)
45 		return plat_set_nv_ctr(cookie, nv_ctr);
46 
47 	/*
48 	 * Trusted certificates not signed with the ROT key are not
49 	 * allowed to update the Trusted NV Counter.
50 	 */
51 	return 1;
52 }
53