Add support for sending device MAC addresses as part of Device MfgInfo (

#287) * Added support for sending device MAC addresses as part of Device Mfg Info * Fix CSE build * Update CSE code to send empty MAC address as part of DeviceMfgInfo * Fix invalid blob entry for CSE build Signed-off-by: Shrikant Temburwar <[email protected]>
fido-device-onboard · Jun 14, 2024 · 745f8d3 · 745f8d3 · vikashmishra07 · Jul 1, 2024
1 parent a8633b0
commit 745f8d3
Show file tree

Hide file tree

Showing 6 changed files with 85 additions and 16 deletions.
diff --git a/cmake/blob_path.cmake b/cmake/blob_path.cmake
@@ -32,6 +32,12 @@ if(TARGET_OS MATCHES linux)
     )
     endif()
 
+  if (${BUILD_MFG_TOOLKIT} MATCHES true)
+    client_sdk_compile_definitions(
+      -DMAC_ADDRESSES=\"${BLOB_PATH}/data/mac_addresses.bin\"
+    )
+    endif()
+
   if (${DA} MATCHES tpm)
     client_sdk_compile_definitions(
        -DDEVICE_TPM20_ENABLED

diff --git a/cmake/cli_input.cmake b/cmake/cli_input.cmake
@@ -33,6 +33,9 @@ set (MTLS false)
 set (GET_DEV_SERIAL false)
 set (LOCK_TPM true)
 
+#Mfg toolkit specific
+set (BUILD_MFG_TOOLKIT false)
+
 #for CSE
 set (CSE_SHUTDOWN true)
 set (CSE_CLEAR false)
@@ -911,4 +914,30 @@ if (${DA} MATCHES tpm)
 
   set(CACHED_LOCK_TPM ${LOCK_TPM} CACHE STRING "Selected LOCK_TPM")
   message("Selected LOCK_TPM ${LOCK_TPM}")
-endif()
+endif()
+###########################################
+# FOR BUILD MFG TOOLKIT
+get_property(cached_build_mfg_toolkit_value CACHE BUILD_MFG_TOOLKIT PROPERTY VALUE)
+set(build_mfg_toolkit_cli_arg ${cached_build_mfg_toolkit_value})
+if(build_mfg_toolkit_cli_arg STREQUAL CACHED_BUILD_MFG_TOOLKIT)
+  unset(build_mfg_toolkit_cli_arg)
+endif()
+
+set(build_mfg_toolkit_app_cmake_lists ${BUILD_MFG_TOOLKIT})
+if(cached_build_mfg_toolkit_value STREQUAL BUILD_MFG_TOOLKIT)
+  unset(build_mfg_toolkit_app_cmake_lists)
+endif()
+
+if(DEFINED CACHED_BUILD_MFG_TOOLKIT)
+  if ((DEFINED build_mfg_toolkit_cli_arg) AND (NOT(CACHED_BUILD_MFG_TOOLKIT STREQUAL build_mfg_toolkit_cli_arg)))
+    message(WARNING "Need to do make pristine before cmake args can change.")
+  endif()
+  set(BUILD_MFG_TOOLKIT ${CACHED_BUILD_MFG_TOOLKIT})
+elseif(DEFINED build_mfg_toolkit_cli_arg)
+  set(BUILD_MFG_TOOLKIT ${build_mfg_toolkit_cli_arg})
+elseif(DEFINED build_mfg_toolkit_app_cmake_lists)
+  set(BUILD_MFG_TOOLKIT ${build_mfg_toolkit_app_cmake_lists})
+endif()
+
+set(CACHED_BUILD_MFG_TOOLKIT ${BUILD_MFG_TOOLKIT} CACHE STRING "Selected BUILD_MFG_TOOLKIT")
+message("Selected BUILD_MFG_TOOLKIT ${BUILD_MFG_TOOLKIT}")
diff --git a/cmake/extension.cmake b/cmake/extension.cmake
@@ -283,4 +283,8 @@ endif()
 if(${LOCK_TPM} STREQUAL true)
   client_sdk_compile_definitions(-DLOCK_TPM)
 endif()
+
+if(${BUILD_MFG_TOOLKIT} STREQUAL true)
+  client_sdk_compile_definitions(-DBUILD_MFG_TOOLKIT)
+endif()
 ############################################################
diff --git a/cse/clear_cse.c b/cse/clear_cse.c
@@ -10,9 +10,8 @@
 #include <stdlib.h>
 #include <string.h>
 
-#define MEI_FDO                                                                \
-	UUID_LE(0x125405E0, 0xFCA9, 0x4110, 0x8F, 0x88, 0xB4, 0xDB, 0xCD,      \
-		0xCB, 0x87, 0x6F)
+DEFINE_GUID(MEI_FDO, 0x125405E0, 0xFCA9, 0x4110, 0x8F, 0x88, 0xB4, 0xDB, 0xCD,
+	    0xCB, 0x87, 0x6F);
 
 /**
  * Initialize HECI

diff --git a/cse/cse_utils.c b/cse/cse_utils.c
@@ -11,9 +11,8 @@
 #include <linux/mei.h>
 #include <metee.h>
 
-#define MEI_FDO                                                                \
-	UUID_LE(0x125405E0, 0xFCA9, 0x4110, 0x8F, 0x88, 0xB4, 0xDB, 0xCD,      \
-		0xCB, 0x87, 0x6F)
+DEFINE_GUID(MEI_FDO, 0x125405E0, 0xFCA9, 0x4110, 0x8F, 0x88, 0xB4, 0xDB, 0xCD,
+	    0xCB, 0x87, 0x6F);
 
 /**
  * Initialize HECI

diff --git a/lib/m-string.c b/lib/m-string.c
@@ -51,9 +51,9 @@
 
 /* All below sizes are excluding NULL termination */
 #if defined(DEVICE_CSE_ENABLED)
-#define DEVICE_MFG_STRING_ARRAY_SZ 8
+#define DEVICE_MFG_STRING_ARRAY_SZ 9
 #else
-#define DEVICE_MFG_STRING_ARRAY_SZ 5
+#define DEVICE_MFG_STRING_ARRAY_SZ 6
 #endif
 
 #define MAX_DEV_SERIAL_SZ 255
@@ -232,6 +232,8 @@ int ps_get_m_string(fdo_prot_t *ps)
 	fdo_byte_array_t *csr = NULL;
 	fdow_t temp_fdow = {0};
 	size_t enc_device_mfginfo = 0;
+	fdo_byte_array_t *mac_addresses = NULL;
+	size_t mac_addresses_sz = 0;
 
 #if defined(DEVICE_CSE_ENABLED)
 	fdo_byte_array_t *cse_cert = NULL;
@@ -349,6 +351,30 @@ int ps_get_m_string(fdo_prot_t *ps)
 		LOG(LOG_ERROR, "Unable to get device CSR\n");
 		goto err;
 	}
+#endif
+#if defined(BUILD_MFG_TOOLKIT)
+	mac_addresses_sz = get_file_size(MAC_ADDRESSES);
+
+	mac_addresses = fdo_byte_array_alloc(mac_addresses_sz);
+	if (!mac_addresses) {
+		LOG(LOG_ERROR,
+		    "Failed to allocate memory for MAC ADDRESSES.\n");
+		goto err;
+	}
+
+	ret = read_buffer_from_file(MAC_ADDRESSES, mac_addresses->bytes,
+				    mac_addresses->byte_sz);
+	if (0 != ret) {
+		LOG(LOG_ERROR, "Failed to read %s file!\n", MAC_ADDRESSES);
+		goto err;
+	}
+#else
+	mac_addresses = fdo_byte_array_alloc(mac_addresses_sz);
+	if (!mac_addresses) {
+		LOG(LOG_ERROR,
+		    "Failed to allocate memory for MAC ADDRESSES.\n");
+		goto err;
+	}
 #endif
 	// use this temporary FDOW to write DeviceMfgInfo array
 	// 4K bytes is probably sufficient, extend if required
@@ -382,13 +408,18 @@ int ps_get_m_string(fdo_prot_t *ps)
 		goto err;
 	}
 
-#if defined(DEVICE_CSE_ENABLED)
-
 	if (!fdow_byte_string(&temp_fdow, csr->bytes, csr->byte_sz)) {
 		LOG(LOG_ERROR, "DeviceMfgInfo: Failed to write CSR\n");
 		goto err;
 	}
 
+	if (!fdow_byte_string(&temp_fdow, mac_addresses->bytes,
+			      mac_addresses->byte_sz)) {
+		LOG(LOG_ERROR,
+		    "DeviceMfgInfo: Failed to write mac_addresses\n");
+		goto err;
+	}
+#if defined(DEVICE_CSE_ENABLED)
 	if (!fdow_byte_string(&temp_fdow, cse_cert->bytes, cse_cert->byte_sz)) {
 		LOG(LOG_ERROR,
 		    "DeviceMfgInfo: Failed to write CSE cert data\n");
@@ -409,11 +440,6 @@ int ps_get_m_string(fdo_prot_t *ps)
 		goto err;
 	}
 	ret = 0;
-#else
-	if (!fdow_byte_string(&temp_fdow, csr->bytes, csr->byte_sz)) {
-		LOG(LOG_ERROR, "DeviceMfgInfo: Failed to write CSR\n");
-		goto err;
-	}
 #endif
 	if (!fdow_end_array(&temp_fdow)) {
 		LOG(LOG_ERROR, "DeviceMfgInfo: Failed to end array\n");
@@ -438,6 +464,12 @@ int ps_get_m_string(fdo_prot_t *ps)
 	if (csr) {
 		fdo_byte_array_free(csr);
 	}
+
+	if (mac_addresses) {
+		fdo_byte_array_free(mac_addresses);
+		mac_addresses_sz = 0;
+	}
+
 #if defined(DEVICE_CSE_ENABLED)
 	if (cose_sig_structure) {
 		fdo_byte_array_free(cose_sig_structure);