| Message ID | 1449564255-13596-5-git-send-email-aneesh.bansal@freescale.com |
|---|---|
| State | Accepted |
| Commit | b055a0fd867b11e40944b3414026d37ea00e0840 |
| Delegated to: | York Sun |
| Headers | show |
> -----Original Message----- > From: Aneesh Bansal > Sent: Tuesday, December 08, 2015 2:14 PM > To: u-boot@lists.denx.de > Cc: Yusong Sun <yorksun@freescale.com>; Ruchika Gupta > <ruchika.gupta@freescale.com>; Prabhakar Kushwaha > <prabhakar@freescale.com>; Aneesh Bansal > <aneesh.bansal@freescale.com>; Saksham Jain <saksham@freescale.com> > Subject: [PATCH 4/4] SECURE BOOT: support for validation of dynamic image > > Some images to be validated are relocated to a dynamic address at run time. > So, these addresses cannot be known befor hand while signing the images > and creating the header offline. > So, support is required to pass the image address to the validate function as > an argument. > If an address is provided to the function, the address field in Header is not > read and is treated as a reserved field. > > Signed-off-by: Saksham Jain <saksham@freescale.com> > Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> > --- > board/freescale/common/cmd_esbc_validate.c | 10 ++++++--- > board/freescale/common/fsl_validate.c | 33 ++++++++++++++++++--------- > --- > include/fsl_validate.h | 7 +++++-- > 3 files changed, 32 insertions(+), 18 deletions(-) > > diff --git a/board/freescale/common/cmd_esbc_validate.c > b/board/freescale/common/cmd_esbc_validate.c > index ae6a9af..ca7c737 100644 > --- a/board/freescale/common/cmd_esbc_validate.c > +++ b/board/freescale/common/cmd_esbc_validate.c > @@ -22,7 +22,7 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, > int argc, > char * const argv[]) > { > char *hash_str = NULL; > - ulong haddr; > + uintptr_t haddr; > int ret; > > if (argc < 2) > @@ -32,9 +32,13 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, > int argc, > hash_str = argv[2]; > > /* First argument - header address -32/64bit */ > - haddr = simple_strtoul(argv[1], NULL, 16); > + haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); > > - ret = fsl_secboot_validate(haddr, hash_str); > + /* With esbc_validate command, Image address must be > + * part of header. So, the function is called > + * by passing this argument as 0. > + */ > + ret = fsl_secboot_validate(haddr, hash_str, 0); > if (ret) > return 1; > > diff --git a/board/freescale/common/fsl_validate.c > b/board/freescale/common/fsl_validate.c > index 08a2f79..de40081 100644 > --- a/board/freescale/common/fsl_validate.c > +++ b/board/freescale/common/fsl_validate.c > @@ -536,13 +536,8 @@ static int calc_esbchdr_esbc_hash(struct > fsl_secboot_img_priv *img) > return ret; > > /* Update hash for actual Image */ > -#ifdef CONFIG_ESBC_ADDR_64BIT > ret = algo->hash_update(algo, ctx, > - (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1); > -#else > - ret = algo->hash_update(algo, ctx, > - (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1); > -#endif > + (u8 *)img->img_addr, img->img_size, 1); > if (ret) > return ret; > > @@ -632,16 +627,25 @@ static int read_validate_esbc_client_header(struct > fsl_secboot_img_priv *img) > if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) > return ERROR_ESBC_CLIENT_HEADER_BARKER; > > -#ifdef CONFIG_ESBC_ADDR_64BIT > - sprintf(buf, "%llx", hdr->pimg64); > -#else > - sprintf(buf, "%x", hdr->pimg); > -#endif > + /* If Image Address is not passed as argument to function, > + * then Address and Size must be read from the Header. > + */ > + if (img->img_addr == 0) { > + #ifdef CONFIG_ESBC_ADDR_64BIT > + img->img_addr = hdr->pimg64; > + #else > + img->img_addr = hdr->pimg; > + #endif > + } > + > + sprintf(buf, "%lx", img->img_addr); > setenv("img_addr", buf); > > if (!hdr->img_size) > return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; > > + img->img_size = hdr->img_size; > + > /* Key checking*/ > #ifdef CONFIG_KEY_REVOCATION > if (check_srk(img)) { > @@ -774,7 +778,8 @@ static int calculate_cmp_img_sig(struct > fsl_secboot_img_priv *img) > return 0; > } > > -int fsl_secboot_validate(ulong haddr, char *arg_hash_str) > +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, > + uintptr_t img_addr) > { > struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); > ulong hash[SHA256_BYTES/sizeof(ulong)]; @@ -824,9 +829,11 @@ > int fsl_secboot_validate(ulong haddr, char *arg_hash_str) > > memset(img, 0, sizeof(struct fsl_secboot_img_priv)); > > + /* Update the information in Private Struct */ > hdr = &img->hdr; > img->ehdrloc = haddr; > - esbc = (u8 *)(uintptr_t)img->ehdrloc; > + img->img_addr = img_addr; > + esbc = (u8 *)img->ehdrloc; > > memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); > > diff --git a/include/fsl_validate.h b/include/fsl_validate.h index > bda802f..ad14867 100644 > --- a/include/fsl_validate.h > +++ b/include/fsl_validate.h > @@ -193,10 +193,13 @@ struct fsl_secboot_img_priv { > */ > > struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ > - ulong ehdrloc; /* ESBC client location */ > + uintptr_t ehdrloc; /* ESBC Header location */ > + uintptr_t img_addr; /* ESBC Image Location */ > + uint32_t img_size; /* ESBC Image Size */ > }; > > -int fsl_secboot_validate(ulong haddr, char *arg_hash_str); > +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, > + uintptr_t img_loc); > int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, > char * const argv[]); > int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, > -- > 1.8.1.4 Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
On 12/08/2015 12:45 AM, Aneesh Bansal wrote: > Some images to be validated are relocated to a dynamic > address at run time. So, these addresses cannot be known > befor hand while signing the images and creating the header > offline. > So, support is required to pass the image address to the > validate function as an argument. > If an address is provided to the function, the address > field in Header is not read and is treated as a reserved > field. > > Signed-off-by: Saksham Jain <saksham@freescale.com> > Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> > --- > board/freescale/common/cmd_esbc_validate.c | 10 ++++++--- > board/freescale/common/fsl_validate.c | 33 ++++++++++++++++++------------ > include/fsl_validate.h | 7 +++++-- > 3 files changed, 32 insertions(+), 18 deletions(-) Applied to u-boot-fsl-qoriq master. Awaiting upstream. Thanks. York
diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c index ae6a9af..ca7c737 100644 --- a/board/freescale/common/cmd_esbc_validate.c +++ b/board/freescale/common/cmd_esbc_validate.c @@ -22,7 +22,7 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { char *hash_str = NULL; - ulong haddr; + uintptr_t haddr; int ret; if (argc < 2) @@ -32,9 +32,13 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, hash_str = argv[2]; /* First argument - header address -32/64bit */ - haddr = simple_strtoul(argv[1], NULL, 16); + haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); - ret = fsl_secboot_validate(haddr, hash_str); + /* With esbc_validate command, Image address must be + * part of header. So, the function is called + * by passing this argument as 0. + */ + ret = fsl_secboot_validate(haddr, hash_str, 0); if (ret) return 1; diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c index 08a2f79..de40081 100644 --- a/board/freescale/common/fsl_validate.c +++ b/board/freescale/common/fsl_validate.c @@ -536,13 +536,8 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img) return ret; /* Update hash for actual Image */ -#ifdef CONFIG_ESBC_ADDR_64BIT ret = algo->hash_update(algo, ctx, - (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1); -#else - ret = algo->hash_update(algo, ctx, - (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1); -#endif + (u8 *)img->img_addr, img->img_size, 1); if (ret) return ret; @@ -632,16 +627,25 @@ static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) return ERROR_ESBC_CLIENT_HEADER_BARKER; -#ifdef CONFIG_ESBC_ADDR_64BIT - sprintf(buf, "%llx", hdr->pimg64); -#else - sprintf(buf, "%x", hdr->pimg); -#endif + /* If Image Address is not passed as argument to function, + * then Address and Size must be read from the Header. + */ + if (img->img_addr == 0) { + #ifdef CONFIG_ESBC_ADDR_64BIT + img->img_addr = hdr->pimg64; + #else + img->img_addr = hdr->pimg; + #endif + } + + sprintf(buf, "%lx", img->img_addr); setenv("img_addr", buf); if (!hdr->img_size) return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; + img->img_size = hdr->img_size; + /* Key checking*/ #ifdef CONFIG_KEY_REVOCATION if (check_srk(img)) { @@ -774,7 +778,8 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img) return 0; } -int fsl_secboot_validate(ulong haddr, char *arg_hash_str) +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, + uintptr_t img_addr) { struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); ulong hash[SHA256_BYTES/sizeof(ulong)]; @@ -824,9 +829,11 @@ int fsl_secboot_validate(ulong haddr, char *arg_hash_str) memset(img, 0, sizeof(struct fsl_secboot_img_priv)); + /* Update the information in Private Struct */ hdr = &img->hdr; img->ehdrloc = haddr; - esbc = (u8 *)(uintptr_t)img->ehdrloc; + img->img_addr = img_addr; + esbc = (u8 *)img->ehdrloc; memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); diff --git a/include/fsl_validate.h b/include/fsl_validate.h index bda802f..ad14867 100644 --- a/include/fsl_validate.h +++ b/include/fsl_validate.h @@ -193,10 +193,13 @@ struct fsl_secboot_img_priv { */ struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ - ulong ehdrloc; /* ESBC client location */ + uintptr_t ehdrloc; /* ESBC Header location */ + uintptr_t img_addr; /* ESBC Image Location */ + uint32_t img_size; /* ESBC Image Size */ }; -int fsl_secboot_validate(ulong haddr, char *arg_hash_str); +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, + uintptr_t img_loc); int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,