[U-Boot] rpi: Do not use dtb loaded by firmware

Message ID 1541666195-18256-1-git-send-email-jun.nie@linaro.org
State New
Delegated to: Alexander Graf
Headers show
Series
  • [U-Boot] rpi: Do not use dtb loaded by firmware
Related show

Commit Message

Jun Nie Nov. 8, 2018, 8:36 a.m.
Do not use dtb loaded by firmware if fit image signature is enabled.
So that u-boot.dtb can be used. The u-boot.dtb contains the pulibc key
that is to verify Linux kernel FIT image blob.

The u-boot.dtb can be loaded by Arm Trusted Firmware(ATF) together
with u-boot.bin to make sure the key is protected by ATF.

Signed-off-by: Jun Nie <jun.nie@linaro.org>
---
 board/raspberrypi/rpi/rpi.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Alexander Graf Nov. 8, 2018, 8:59 a.m. | #1
On 11/08/2018 09:36 AM, Jun Nie wrote:
> Do not use dtb loaded by firmware if fit image signature is enabled.
> So that u-boot.dtb can be used. The u-boot.dtb contains the pulibc key
> that is to verify Linux kernel FIT image blob.
>
> The u-boot.dtb can be loaded by Arm Trusted Firmware(ATF) together
> with u-boot.bin to make sure the key is protected by ATF.

I don't think I fully understand what you're trying to do here. If ATF 
loads U-Boot as well as the DT, ATF can pass the DT to U-Boot which then 
ends up as $fdtaddr. If you enable CONFIG_OF_BOARD, it even becomes the 
input DT for U-Boot.

Hiding the fdtfile variable name doesn't sound like it solves anything 
to me?


Alex

>
> Signed-off-by: Jun Nie <jun.nie@linaro.org>
> ---
>   board/raspberrypi/rpi/rpi.c | 6 ++++++
>   1 file changed, 6 insertions(+)
>
> diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c
> index 649127c..f7041e3 100644
> --- a/board/raspberrypi/rpi/rpi.c
> +++ b/board/raspberrypi/rpi/rpi.c
> @@ -283,6 +283,7 @@ int dram_init(void)
>   	return 0;
>   }
>   
> +#ifndef CONFIG_FIT_SIGNATURE
>   static void set_fdtfile(void)
>   {
>   	const char *fdtfile;
> @@ -318,6 +319,7 @@ unsigned long board_get_usable_ram_top(unsigned long total_size)
>   		return gd->ram_top;
>   	return fw_dtb_pointer & ~0xffff;
>   }
> +#endif
>   
>   static void set_usbethaddr(void)
>   {
> @@ -390,8 +392,10 @@ static void set_serial_number(void)
>   
>   int misc_init_r(void)
>   {
> +#ifndef CONFIG_FIT_SIGNATURE
>   	set_fdt_addr();
>   	set_fdtfile();
> +#endif
>   	set_usbethaddr();
>   #ifdef CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
>   	set_board_info();
> @@ -467,6 +471,7 @@ int board_init(void)
>   	return bcm2835_power_on_module(BCM2835_MBOX_POWER_DEVID_USB_HCD);
>   }
>   
> +#ifndef CONFIG_FIT_SIGNATURE
>   /*
>    * If the firmware passed a device tree use it for U-Boot.
>    */
> @@ -476,6 +481,7 @@ void *board_fdt_blob_setup(void)
>   		return NULL;
>   	return (void *)fw_dtb_pointer;
>   }
> +#endif
>   
>   int ft_board_setup(void *blob, bd_t *bd)
>   {
Jun Nie Nov. 8, 2018, 9:05 a.m. | #2
Alexander Graf <agraf@suse.de> 于2018年11月8日周四 下午4:59写道:
>
> On 11/08/2018 09:36 AM, Jun Nie wrote:
> > Do not use dtb loaded by firmware if fit image signature is enabled.
> > So that u-boot.dtb can be used. The u-boot.dtb contains the pulibc key
> > that is to verify Linux kernel FIT image blob.
> >
> > The u-boot.dtb can be loaded by Arm Trusted Firmware(ATF) together
> > with u-boot.bin to make sure the key is protected by ATF.
>
> I don't think I fully understand what you're trying to do here. If ATF
> loads U-Boot as well as the DT, ATF can pass the DT to U-Boot which then
> ends up as $fdtaddr. If you enable CONFIG_OF_BOARD, it even becomes the
> input DT for U-Boot.

Current usage is that pack u-boot.dtb to u-boot-nodtb.bin so that
u-boot can find
device tree in the end if u-boot binary. This saves separate signing
to u-boot.dtb in
ATF. Do you see any benefit to load u-boot.dtb separately and feed
$fdtaddr to u-boot?

Jun

>
> Hiding the fdtfile variable name doesn't sound like it solves anything
> to me?
>
>
> Alex
>
> >
> > Signed-off-by: Jun Nie <jun.nie@linaro.org>
> > ---
> >   board/raspberrypi/rpi/rpi.c | 6 ++++++
> >   1 file changed, 6 insertions(+)
> >
> > diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c
> > index 649127c..f7041e3 100644
> > --- a/board/raspberrypi/rpi/rpi.c
> > +++ b/board/raspberrypi/rpi/rpi.c
> > @@ -283,6 +283,7 @@ int dram_init(void)
> >       return 0;
> >   }
> >
> > +#ifndef CONFIG_FIT_SIGNATURE
> >   static void set_fdtfile(void)
> >   {
> >       const char *fdtfile;
> > @@ -318,6 +319,7 @@ unsigned long board_get_usable_ram_top(unsigned long total_size)
> >               return gd->ram_top;
> >       return fw_dtb_pointer & ~0xffff;
> >   }
> > +#endif
> >
> >   static void set_usbethaddr(void)
> >   {
> > @@ -390,8 +392,10 @@ static void set_serial_number(void)
> >
> >   int misc_init_r(void)
> >   {
> > +#ifndef CONFIG_FIT_SIGNATURE
> >       set_fdt_addr();
> >       set_fdtfile();
> > +#endif
> >       set_usbethaddr();
> >   #ifdef CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
> >       set_board_info();
> > @@ -467,6 +471,7 @@ int board_init(void)
> >       return bcm2835_power_on_module(BCM2835_MBOX_POWER_DEVID_USB_HCD);
> >   }
> >
> > +#ifndef CONFIG_FIT_SIGNATURE
> >   /*
> >    * If the firmware passed a device tree use it for U-Boot.
> >    */
> > @@ -476,6 +481,7 @@ void *board_fdt_blob_setup(void)
> >               return NULL;
> >       return (void *)fw_dtb_pointer;
> >   }
> > +#endif
> >
> >   int ft_board_setup(void *blob, bd_t *bd)
> >   {
>
>

Patch

diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c
index 649127c..f7041e3 100644
--- a/board/raspberrypi/rpi/rpi.c
+++ b/board/raspberrypi/rpi/rpi.c
@@ -283,6 +283,7 @@  int dram_init(void)
 	return 0;
 }
 
+#ifndef CONFIG_FIT_SIGNATURE
 static void set_fdtfile(void)
 {
 	const char *fdtfile;
@@ -318,6 +319,7 @@  unsigned long board_get_usable_ram_top(unsigned long total_size)
 		return gd->ram_top;
 	return fw_dtb_pointer & ~0xffff;
 }
+#endif
 
 static void set_usbethaddr(void)
 {
@@ -390,8 +392,10 @@  static void set_serial_number(void)
 
 int misc_init_r(void)
 {
+#ifndef CONFIG_FIT_SIGNATURE
 	set_fdt_addr();
 	set_fdtfile();
+#endif
 	set_usbethaddr();
 #ifdef CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
 	set_board_info();
@@ -467,6 +471,7 @@  int board_init(void)
 	return bcm2835_power_on_module(BCM2835_MBOX_POWER_DEVID_USB_HCD);
 }
 
+#ifndef CONFIG_FIT_SIGNATURE
 /*
  * If the firmware passed a device tree use it for U-Boot.
  */
@@ -476,6 +481,7 @@  void *board_fdt_blob_setup(void)
 		return NULL;
 	return (void *)fw_dtb_pointer;
 }
+#endif
 
 int ft_board_setup(void *blob, bd_t *bd)
 {