From ee415651bc17d249076b752c95e28d523826131b Mon Sep 17 00:00:00 2001 From: Vishal Mhatre Date: Wed, 6 Nov 2024 00:05:10 +0530 Subject: [PATCH 1/2] [update] Update auth manifest metadata limit to 128 --- api/src/mailbox.rs | 2 +- auth-manifest/app/src/config.rs | 6 ++-- auth-manifest/gen/src/generator.rs | 6 ++-- auth-manifest/types/src/lib.rs | 30 +++++++++---------- drivers/src/lib.rs | 2 +- drivers/src/memory_layout.rs | 6 ++-- drivers/src/persistent.rs | 17 +++++------ runtime/README.md | 4 +-- runtime/src/authorize_and_stash.rs | 4 +-- runtime/src/packet.rs | 2 +- runtime/src/set_auth_manifest.rs | 14 ++++----- .../test_set_auth_manifest.rs | 6 ++-- 12 files changed, 44 insertions(+), 55 deletions(-) diff --git a/api/src/mailbox.rs b/api/src/mailbox.rs index ed666ea4e0..c0d941132e 100644 --- a/api/src/mailbox.rs +++ b/api/src/mailbox.rs @@ -948,7 +948,7 @@ pub struct SetAuthManifestReq { pub manifest: [u8; SetAuthManifestReq::MAX_MAN_SIZE], } impl SetAuthManifestReq { - pub const MAX_MAN_SIZE: usize = 8192; + pub const MAX_MAN_SIZE: usize = 14 * 1024; pub fn as_bytes_partial(&self) -> CaliptraResult<&[u8]> { if self.manifest_size as usize > Self::MAX_MAN_SIZE { diff --git a/auth-manifest/app/src/config.rs b/auth-manifest/app/src/config.rs index 1ee33df7c6..a94f966b00 100644 --- a/auth-manifest/app/src/config.rs +++ b/auth-manifest/app/src/config.rs @@ -38,7 +38,7 @@ pub(crate) struct AuthManifestKeyConfigFromFile { } #[derive(Serialize, Deserialize)] -pub struct ImageMetadata { +pub struct ImageMetadataConfigFromFile { digest: String, source: u32, } @@ -54,7 +54,7 @@ pub(crate) struct AuthManifestConfigFromFile { pub owner_man_key_config: Option, - pub image_metadata_list: Vec, + pub image_metadata_list: Vec, } /// Load Authorization Manifest Key Configuration from file @@ -116,7 +116,7 @@ pub(crate) fn owner_config_from_file( } pub(crate) fn image_metadata_config_from_file( - config: &Vec, + config: &Vec, ) -> anyhow::Result> { let mut image_metadata_list = Vec::new(); diff --git a/auth-manifest/gen/src/generator.rs b/auth-manifest/gen/src/generator.rs index 09f0e7a04c..d9d487f8af 100644 --- a/auth-manifest/gen/src/generator.rs +++ b/auth-manifest/gen/src/generator.rs @@ -47,9 +47,7 @@ impl AuthManifestGenerator { let slice = config.image_metadata_list.as_slice(); auth_manifest.image_metadata_col.image_metadata_list[..slice.len()].copy_from_slice(slice); - auth_manifest.image_metadata_col.header.entry_count = - config.image_metadata_list.len() as u32; - auth_manifest.image_metadata_col.header.revision = 0; // [TODO] Need to update this. + auth_manifest.image_metadata_col.entry_count = config.image_metadata_list.len() as u32; // Generate the preamble. auth_manifest.preamble.marker = AUTH_MANIFEST_MARKER; @@ -118,7 +116,7 @@ impl AuthManifestGenerator { // Sign the IMC with the vendor manifest public keys if indicated in the flags. if config .flags - .contains(AuthManifestFlags::VENDOR_SIGNATURE_REQURIED) + .contains(AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED) { if let Some(vendor_man_priv_keys) = config.vendor_man_key_info.priv_keys { let sig = self.crypto.ecdsa384_sign( diff --git a/auth-manifest/types/src/lib.rs b/auth-manifest/types/src/lib.rs index 004e9c0b50..a6aa13e67b 100644 --- a/auth-manifest/types/src/lib.rs +++ b/auth-manifest/types/src/lib.rs @@ -23,12 +23,12 @@ use zerocopy::{AsBytes, FromBytes}; use zeroize::Zeroize; pub const AUTH_MANIFEST_MARKER: u32 = 0x4154_4D4E; -pub const AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT: usize = 16; +pub const AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT: usize = 128; bitflags::bitflags! { #[derive(Default, Copy, Clone, Debug)] pub struct AuthManifestFlags : u32 { - const VENDOR_SIGNATURE_REQURIED = 0b1; + const VENDOR_SIGNATURE_REQUIRED = 0b1; } } @@ -139,18 +139,6 @@ pub struct AuthManifestImageMetadata { pub image_source: u32, } -/// Caliptra Authorization Manifest Image Metadata Collection Header -#[repr(C)] -#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)] -#[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))] -pub struct AuthManifestImageMetadataCollectionHeader { - pub revision: u32, - - pub reserved: [u8; 12], - - pub entry_count: u32, -} - impl Default for AuthManifestImageMetadata { fn default() -> Self { AuthManifestImageMetadata { @@ -162,14 +150,24 @@ impl Default for AuthManifestImageMetadata { /// Caliptra Authorization Manifest Image Metadata Collection #[repr(C)] -#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)] +#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize)] #[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))] pub struct AuthManifestImageMetadataCollection { - pub header: AuthManifestImageMetadataCollectionHeader, + pub entry_count: u32, pub image_metadata_list: [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT], } +impl Default for AuthManifestImageMetadataCollection { + fn default() -> Self { + AuthManifestImageMetadataCollection { + entry_count: 0, + image_metadata_list: [AuthManifestImageMetadata::default(); + AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT], + } + } +} + /// Caliptra Image Authorization Manifest #[repr(C)] #[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)] diff --git a/drivers/src/lib.rs b/drivers/src/lib.rs index 23ccd648cd..65297b794e 100644 --- a/drivers/src/lib.rs +++ b/drivers/src/lib.rs @@ -87,7 +87,7 @@ pub use okref::okref; pub use pcr_bank::{PcrBank, PcrId}; pub use pcr_reset::PcrResetCounter; #[cfg(feature = "runtime")] -pub use persistent::{AuthManifestImageMetadataList, AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT}; +pub use persistent::AuthManifestImageMetadataList; pub use persistent::{ FuseLogArray, PcrLogArray, PersistentData, PersistentDataAccessor, StashMeasurementArray, FUSE_LOG_MAX_COUNT, MEASUREMENT_MAX_COUNT, PCR_LOG_MAX_COUNT, diff --git a/drivers/src/memory_layout.rs b/drivers/src/memory_layout.rs index 0d4ec9c0c4..10a6f30634 100644 --- a/drivers/src/memory_layout.rs +++ b/drivers/src/memory_layout.rs @@ -40,7 +40,7 @@ pub const FUSE_LOG_ORG: u32 = 0x50005000; pub const DPE_ORG: u32 = 0x50005400; pub const PCR_RESET_COUNTER_ORG: u32 = 0x50006800; pub const AUTH_MAN_IMAGE_METADATA_LIST_ORG: u32 = 0x50006C00; -pub const DATA_ORG: u32 = 0x50007000; +pub const DATA_ORG: u32 = 0x50008800; pub const STACK_ORG: u32 = 0x5001A000; pub const ROM_STACK_ORG: u32 = 0x5001C000; @@ -71,8 +71,8 @@ pub const MEASUREMENT_LOG_SIZE: u32 = 1024; pub const FUSE_LOG_SIZE: u32 = 1024; pub const DPE_SIZE: u32 = 5 * 1024; pub const PCR_RESET_COUNTER_SIZE: u32 = 1024; -pub const AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE: u32 = 1024; -pub const DATA_SIZE: u32 = 76 * 1024; +pub const AUTH_MAN_IMAGE_METADATA_MAX_SIZE: u32 = 7 * 1024; +pub const DATA_SIZE: u32 = 70 * 1024; pub const STACK_SIZE: u32 = 22 * 1024; pub const ROM_STACK_SIZE: u32 = 14 * 1024; pub const ESTACK_SIZE: u32 = 1024; diff --git a/drivers/src/persistent.rs b/drivers/src/persistent.rs index b4b0ee0d57..b728e236d3 100644 --- a/drivers/src/persistent.rs +++ b/drivers/src/persistent.rs @@ -3,9 +3,10 @@ use core::{marker::PhantomData, mem::size_of, ptr::addr_of}; #[cfg(feature = "runtime")] -use caliptra_auth_man_types::AuthManifestImageMetadata; -#[cfg(feature = "runtime")] -use caliptra_auth_man_types::AuthManifestImageMetadataCollection; +use caliptra_auth_man_types::{ + AuthManifestImageMetadata, AuthManifestImageMetadataCollection, + AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT, +}; use caliptra_image_types::ImageManifest; #[cfg(feature = "runtime")] use dpe::{DpeInstance, U8Bool, MAX_HANDLES}; @@ -25,8 +26,6 @@ use crate::pcr_reset::PcrResetCounter; pub const PCR_LOG_MAX_COUNT: usize = 17; pub const FUSE_LOG_MAX_COUNT: usize = 62; pub const MEASUREMENT_MAX_COUNT: usize = 8; -#[cfg(feature = "runtime")] -pub const AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT: usize = 8; #[cfg(feature = "runtime")] const DPE_DCCM_STORAGE: usize = size_of::() @@ -42,7 +41,7 @@ pub type FuseLogArray = [FuseLogEntry; FUSE_LOG_MAX_COUNT]; pub type StashMeasurementArray = [MeasurementLogEntry; MEASUREMENT_MAX_COUNT]; #[cfg(feature = "runtime")] pub type AuthManifestImageMetadataList = - [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT]; + [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT]; #[derive(FromBytes, AsBytes, Zeroize)] #[repr(C)] @@ -95,12 +94,12 @@ pub struct PersistentData { #[cfg(feature = "runtime")] pub auth_manifest_image_metadata_col: AuthManifestImageMetadataCollection, #[cfg(feature = "runtime")] - reserved9: [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE as usize + reserved9: [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE as usize - size_of::()], #[cfg(not(feature = "runtime"))] pub auth_manifest_image_metadata_col: - [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE as usize], + [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE as usize], } impl PersistentData { pub fn assert_matches_layout() { @@ -131,7 +130,7 @@ impl PersistentData { assert_eq!( P.add(1) as u32, memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_ORG - + memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE + + memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE ); } } diff --git a/runtime/README.md b/runtime/README.md index d2bf0419e6..bf10c2955b 100644 --- a/runtime/README.md +++ b/runtime/README.md @@ -738,10 +738,8 @@ Command Code: `0x4154_4D4E` ("ATMN") | metadata\_vendor\_LMS\_sig | u32[1344] | Metadata Vendor LMOTS-SHA192-W4 signature | | metadata\_owner\_ecc384\_sig | u32[24] | Metadata Owner ECC384 signature | | metadata\_owner\_LMS\_sig | u32[1344] | Metadata Owner LMOTS-SHA192-W4 signature | -| metadata\_header\_revision | u32 | Revision of the metadata header | -| metadata\_header\_reserved | u32[3] | Reserved | | metadata\_entry\_entry\_count | u32 | number of metadata entries | -| metadata\_entries | MetaData[16] | The max number of metadata is 16 but less can be used | +| metadata\_entries | MetaData[128] | The max number of metadata is 16 but less can be used | *Table: `AUTH_MANIFEST_FLAGS` input flags* diff --git a/runtime/src/authorize_and_stash.rs b/runtime/src/authorize_and_stash.rs index 2eb7eb4e2e..9f74db5ba8 100644 --- a/runtime/src/authorize_and_stash.rs +++ b/runtime/src/authorize_and_stash.rs @@ -17,8 +17,7 @@ use core::mem::size_of; use crate::{dpe_crypto::DpeCrypto, CptraDpeTypes, DpePlatform, Drivers, StashMeasurementCmd}; use caliptra_auth_man_types::{ - AuthManifestImageMetadataCollection, AuthManifestImageMetadataCollectionHeader, - AuthManifestPreamble, AUTH_MANIFEST_MARKER, + AuthManifestImageMetadataCollection, AuthManifestPreamble, AUTH_MANIFEST_MARKER, }; use caliptra_cfi_derive_git::cfi_impl_fn; use caliptra_cfi_lib_git::cfi_launder; @@ -30,7 +29,6 @@ use caliptra_drivers::{ pcr_log::PCR_ID_STASH_MEASUREMENT, Array4x12, Array4xN, AuthManifestImageMetadataList, CaliptraError, CaliptraResult, Ecc384, Ecc384PubKey, Ecc384Signature, HashValue, Lms, PersistentData, RomVerifyConfig, Sha256, Sha384, SocIfc, - AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT, }; use caliptra_image_types::{ ImageDigest, ImageEccPubKey, ImageEccSignature, ImageLmsPublicKey, ImageLmsSignature, diff --git a/runtime/src/packet.rs b/runtime/src/packet.rs index 3072e2e673..1a925fb32b 100644 --- a/runtime/src/packet.rs +++ b/runtime/src/packet.rs @@ -25,7 +25,7 @@ pub struct Packet { pub len: usize, // Length in bytes } -const MAX_PAYLOAD_SIZE: usize = 2050; // in dwords +const MAX_PAYLOAD_SIZE: usize = 3586; // in dwords impl Default for Packet { fn default() -> Self { diff --git a/runtime/src/set_auth_manifest.rs b/runtime/src/set_auth_manifest.rs index cf5146fad8..21a1592af4 100644 --- a/runtime/src/set_auth_manifest.rs +++ b/runtime/src/set_auth_manifest.rs @@ -18,8 +18,8 @@ use core::mem::size_of; use crate::verify; use crate::{dpe_crypto::DpeCrypto, CptraDpeTypes, DpePlatform, Drivers}; use caliptra_auth_man_types::{ - AuthManifestFlags, AuthManifestImageMetadataCollection, - AuthManifestImageMetadataCollectionHeader, AuthManifestPreamble, AUTH_MANIFEST_MARKER, + AuthManifestFlags, AuthManifestImageMetadataCollection, AuthManifestPreamble, + AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT, AUTH_MANIFEST_MARKER, }; use caliptra_cfi_derive_git::cfi_impl_fn; use caliptra_cfi_lib_git::cfi_launder; @@ -30,7 +30,6 @@ use caliptra_drivers::{ pcr_log::PCR_ID_STASH_MEASUREMENT, Array4x12, Array4xN, AuthManifestImageMetadataList, CaliptraError, CaliptraResult, Ecc384, Ecc384PubKey, Ecc384Signature, HashValue, Lms, PersistentData, RomVerifyConfig, Sha256, Sha384, SocIfc, - AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT, }; use caliptra_image_types::{ ImageDigest, ImageEccPubKey, ImageEccSignature, ImageLmsPublicKey, ImageLmsSignature, @@ -239,7 +238,7 @@ impl SetAuthManifestCmd { soc_ifc: &SocIfc, ) -> CaliptraResult<()> { let flags = AuthManifestFlags::from(auth_manifest_preamble.flags); - if !flags.contains(AuthManifestFlags::VENDOR_SIGNATURE_REQURIED) { + if !flags.contains(AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED) { return Ok(()); } // Verify the vendor ECC signature over the image metadata collection. @@ -362,7 +361,7 @@ impl SetAuthManifestCmd { sha256: &mut Sha256, soc_ifc: &SocIfc, ) -> CaliptraResult<()> { - if cmd_buf.len() < size_of::() { + if cmd_buf.len() < size_of::() { Err(CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_SIZE)?; } @@ -376,9 +375,8 @@ impl SetAuthManifestCmd { image_metadata_col.as_bytes_mut()[..col_size].copy_from_slice(buf); - if image_metadata_col.header.entry_count == 0 - || image_metadata_col.header.entry_count - > AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT as u32 + if image_metadata_col.entry_count == 0 + || image_metadata_col.entry_count > AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT as u32 { Err(CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_ENTRY_COUNT)?; } diff --git a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs index 22d7392124..1284190624 100644 --- a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs +++ b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs @@ -97,7 +97,7 @@ fn test_auth_manifest() -> AuthorizationManifest { owner_man_key_info, image_metadata_list, version: 1, - flags: AuthManifestFlags::VENDOR_SIGNATURE_REQURIED, + flags: AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED, }; let gen = AuthManifestGenerator::new(Crypto::default()); @@ -134,7 +134,7 @@ fn test_set_auth_manifest_cmd() { } #[test] -fn test_set_auth_manifest_cmd_invalid_len() { +fn test_set_auth_manifest_cum_invalid_len() { let mut model = run_rt_test_lms(None, None, None, true); model.step_until(|m| { @@ -273,7 +273,7 @@ fn test_set_auth_manifest_invalid_owner_lms_sig() { #[test] fn test_set_auth_manifest_invalid_metadata_list_count() { let mut auth_manifest = test_auth_manifest(); - auth_manifest.image_metadata_col.header.entry_count = 0; + auth_manifest.image_metadata_col.entry_count = 0; test_manifest_expect_err( auth_manifest, CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_ENTRY_COUNT, From 3f419cf57e02aaa6dd931a48f884a9168749140c Mon Sep 17 00:00:00 2001 From: Vishal Mhatre Date: Wed, 6 Nov 2024 06:38:03 +0530 Subject: [PATCH 2/2] Addressing PR feedback: Iteration 1 --- runtime/README.md | 2 +- .../tests/runtime_integration_tests/test_set_auth_manifest.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/runtime/README.md b/runtime/README.md index bf10c2955b..403f71ee2c 100644 --- a/runtime/README.md +++ b/runtime/README.md @@ -739,7 +739,7 @@ Command Code: `0x4154_4D4E` ("ATMN") | metadata\_owner\_ecc384\_sig | u32[24] | Metadata Owner ECC384 signature | | metadata\_owner\_LMS\_sig | u32[1344] | Metadata Owner LMOTS-SHA192-W4 signature | | metadata\_entry\_entry\_count | u32 | number of metadata entries | -| metadata\_entries | MetaData[128] | The max number of metadata is 16 but less can be used | +| metadata\_entries | MetaData[128] | The max number of metadata entries is 128 but less can be used | *Table: `AUTH_MANIFEST_FLAGS` input flags* diff --git a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs index 1284190624..0232dd4e29 100644 --- a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs +++ b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs @@ -134,7 +134,7 @@ fn test_set_auth_manifest_cmd() { } #[test] -fn test_set_auth_manifest_cum_invalid_len() { +fn test_set_auth_manifest_cmd_invalid_len() { let mut model = run_rt_test_lms(None, None, None, true); model.step_until(|m| {