From patchwork Mon Apr 23 21:53:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sumit Garg X-Patchwork-Id: 902864 X-Patchwork-Delegate: yorksun@freescale.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="bzmX47sS"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40V2XN0LyDz9rx7 for ; Mon, 23 Apr 2018 20:20:18 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id A852BC21DA6; Mon, 23 Apr 2018 10:20:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAD_ENC_HEADER, DATE_IN_FUTURE_06_12, RCVD_IN_DNSWL_BLOCKED, SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0FD82C21C8B; Mon, 23 Apr 2018 10:20:04 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D54A1C21C93; Mon, 23 Apr 2018 10:20:01 +0000 (UTC) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50085.outbound.protection.outlook.com [40.107.5.85]) by lists.denx.de (Postfix) with ESMTPS id 62808C21C6A for ; Mon, 23 Apr 2018 10:20:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xQ0wj7LkqXPl1ZKvA2Hntb8NDQmtnIvUk39hfeOjxfM=; b=bzmX47sSMLxu0nLptaNKpymSXelO56XV7v+kDI7gwhRvONLU6GrDcD46ek6PBASuhv6bvESHNnz6Ahaohst5uUnRCDdllgELRksSr7QhRzKlWGYf6z6a9UndXpjIXYpw2y+20RkA9mUv+rT41KqxBCRVlh2L+XFnS9EcIZBI65U= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=sumit.garg@nxp.com; Received: from b49020-OptiPlex-790.ap.freescale.net (14.142.187.166) by DB5PR04MB1446.eurprd04.prod.outlook.com (2a01:111:e400:58db::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.696.15; Mon, 23 Apr 2018 10:19:56 +0000 From: Sumit Garg To: u-boot@lists.denx.de Date: Tue, 24 Apr 2018 03:23:28 +0530 Message-Id: <1524520408-14810-1-git-send-email-sumit.garg@nxp.com> X-Mailer: git-send-email 1.9.1 MIME-Version: 1.0 X-Originating-IP: [14.142.187.166] X-ClientProxiedBy: BMXPR01CA0014.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00:d::24) To DB5PR04MB1446.eurprd04.prod.outlook.com (2a01:111:e400:58db::12) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(7168020)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DB5PR04MB1446; X-Microsoft-Exchange-Diagnostics: 1; DB5PR04MB1446; 3:faXy/Tse9sJlKgw4gxWgeJk3OPqHVhEypO8Qk4SxoLVBTNvK/mwXnHuvGZMglvmI2YFK6D4/J5If1jaGFj7zrDeG0BM8D795oCHaboCLhhnwekMcM7IxyN3qQOOwDmjUrsXKKD/B6JQ9DpgW77wQU+mG9gQCyKjasXd0LrdIBNz7imhnbaUXytF03Q+/6z2TMoY/TtRJKGUpBu8UStw714zAIjXJJhQad6ZHqt07v+A0yaa30GU8t5Bjy/htGWEm; 25:UWDEv5eFgCxyc1wBtQA6a/8120Rdsn2YsdvcL1FZhtC89shhQiyJmNbwdToiHqDx6tyZ5dMh1CztKQpy8SaUexBZpQugNlpXEsRZHY9p51Rmpf35Lv+IxA423UZD2EfC+yQj8NeEdDpj/GppCMKfpu2B3JaQ0WH9eu6+Tg+GlaA1j1XGI73rqIYgqLKR1gOqsaLiWc+kTE1KSQCrwFnFZEkdp01nIHoSVnrnj7a5Q1g0IK6TtDHw/L89uc6Nu9wnX25KtSSMs//6KLXguc5gqkQR1NAw5r7nAQuO6UAPVtch53nGJm6SvzdrfhEFDih4Vg/mIxctqcx9Ptfjd5GLtQ==; 31:EhBTu5uXn19sILZs9wP2nspGXedCuxQyM0HlUKdfo52yUhuCKKiYY2+0FaFwFrjXWxarFzEEQAbuWMNztpoNz1eacEJefBi5l0tYGr8USgO/G6FV+jmjLckC6qmKg99Lzv4Jab0Pgwnd7/l56eKl1zDnMMd+3HzYSRf9ArsUEX40k+74Qk86Q3sveSMsi3XpmwCIjlWu+Aunbg3pUA19/96RnQ9yBvsVQTRb32G+KHI= X-MS-TrafficTypeDiagnostic: DB5PR04MB1446: X-Microsoft-Exchange-Diagnostics: 1; DB5PR04MB1446; 20:j2wZzXKMU8wdExp39MSWtSATW9bMoiED/gfwlkv37AUSCpjx8vav0P4y86LJdSAPOaPW8Gutss7AFw1ks48bKMgacPGG6dqjy/Bm8a2L03izoMZkxA8cWh7MXaaP8rcJuHLQNFEhwMQykGbhjYTHP+H8VTM84n2kd0+w2jIqWKupFCiWmCWHa4OlNF5LBRsPABQw38/qVW6o1w6T4OOCvIFqQWBE8eM/KJyvwW4HCEBEa1a0qMbdszH29frXdd9JIxqdnwB48VrFB1mPeIMkEUUlU/gQQpemv9SaNNsSZwhYdY9S7l/c/7FdznkselDN26vrUChp+8tdIn5nW2xOUgDcKXyVwz84lqsFmB4zK7SSc22k9PMcD0OiSS+jyJ2EB+jeTmDHhs217lx3HuhTKDYROleuVFLNhLFCfskvOqLs3LgQcSjddSP9DmZzcHdeaS5GEjJYC6VngGXDLrIAh6yc/xYiAKna0QyK+1G8HutS95nvYTZpkL9PqhY9qISX; 4:hudT5qjSYr7UTJ2SPNhsWmkZJ206B+EXxTiWuf8/uI/Z3OHgFVhAL4zFtE1b7s6l8mqZn8h6auVs4MEmF8d0XGivf3CmZzi8rsJP4E/4MNa+letSUo5GoO+PQ0siv6vdtx3I9vcHyixkA8YbrdVYnPkdsQ1Yw3k9bbtk1zH3lNSzOVWnHztW/uoBjUAQRfOQ20Cj1DrZgBDmCHr66juBpMs/bruNICRKa0yZmieBziRtXnS6tKqhlx7y9QLr1tJCBDUEpg5vVZfzCrSsV87MDTxsmfX/xoGYVOw4/abq7k9UoHC1wD3DezgcfWw1d/DS X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(185117386973197); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231232)(944501410)(52105095)(6055026)(6041310)(20161123562045)(20161123564045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:DB5PR04MB1446; BCL:0; PCL:0; RULEID:; SRVR:DB5PR04MB1446; X-Forefront-PRVS: 06515DA04B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39380400002)(346002)(39860400002)(396003)(376002)(366004)(50466002)(53936002)(2906002)(4326008)(2616005)(44832011)(6916009)(6666003)(6506007)(386003)(52116002)(59450400001)(5009440100003)(86362001)(2361001)(16526019)(186003)(8676002)(81166006)(6512007)(36756003)(5660300001)(26005)(956004)(66066001)(8936002)(7736002)(305945005)(47776003)(50226002)(25786009)(48376002)(316002)(16586007)(55236004)(476003)(3846002)(6116002)(478600001)(51416003)(6486002)(2351001)(110426005); DIR:OUT; SFP:1101; SCL:1; SRVR:DB5PR04MB1446; H:b49020-OptiPlex-790.ap.freescale.net; FPR:; SPF:None; LANG:en; MLV:nov; PTR:InfoNoRecords; Received-SPF: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DB5PR04MB1446; 23:Kq0N1lvy3PxBN0eXgjeQNrJTyUjktCojUSn6ZUvkk?= 6K8iOZ0MBjd6LvV6WeBMazNRN9G64VDnh34DrjqXGFRIgto2ktmtvCmpI64OB6EbgBxTvmZ8LDxy7ebZqjTEyjjL8RulD/fIbH4KvNJE7J1W5dVAM5x2oaH2mCwkqH05gnAwxlleP8SclJIbRxtOiObJcL7hoI6IWtmz4LoFJTv+7Z/f4MFKEq/muGmzl4yvwawkls6vBqY4sTkN5jb7xLMwCMl2di8IDBA31sWekSmHlExGMU6CdDlwqo8334A0/XKoYvXId5P+tq2gHIMlPGQIHm2Qm3+dc5Tuu97dgE1hmfZIthpAvYseDdkfESTkMGKhjhRRbsfWIl2VD2CqIhmokHnwiltXrLq/wCPfixsCN41JgrEqpe0Cnb3bghTkjy1rpLJiegUWWZzqrWOr+gBkCJpNzaAd4VfKbjOPEO4RW0upyEBVpsfwMeLz+B9K1ZkuQ+QOTNcyz/XtWvRXwksHI2ASlGraBcSxmG5U2niPMnwY+w14jumRjrNZdGNtaRKYTfXJeymPVW4HN1QUOFDmpMiXaf81EpQFfYFA+wVedicnAxbu8y7rIcwz41mAtfDWHOkLdBQx9Tu9KbXbwHPHU39MsFPOwC0VK5KzHya4qADCbYXK3ax2343ptLlfwPUZtKd1e3qaGhZIHeZvxhsUSbAEK1X7WZ/WxhHwiJfvpgZnokTfl5c1fGxm9dkHrS3QAAI/JckWkqnZ4HUzX06g5VWYhn4YfDhH6umcvR7Fr4IQPEfmzCLAF6yicQIWLd9odatup2XjXHOwjQ9Fc1RLoKfVXKiY19vbSmr580wM6NNOwHmv6VCNyljQAtWhAmY2eK/nszLLUizklSIsAr/O29VZ4a5rGNFe6Zbi7m2ypPCGtgFi4hfsqZBAJLrQF7MzoiWK4PGEEm+U15PDOWkwvQa+eKiyyw/8ikeMMa/mqCH09U0VPGUiEmMGS946i1rqS3f1djWeVxaxhUqAPNde/CJMjkt/O3tSkfbMa1Qo6QNiyxjAmX76zGEBJ+pqA8m5fG0NuqHFUFp+unWI2vXYiGr5edTs6kGTjshkI+mYNffbBORmo9KZ3Cr4V73quo= X-Microsoft-Antispam-Message-Info: 6b3I8d/yWUTZ9GAnF6wo/tdJd7Ki9+onXogquiw39z9T83mNTC/yo07KHRzEXf2yC16s9lLkKoLyWEc99LaW++dl2tqIWvKFTJCnRXOj3rhUaWduCpGH0yD8OC+YdJe8hUzmO88FvmluReosL48g2jvK4SZkEw4LNo9npu7m2Cg/UnMQ3BX2epNmmZ+BvlWR X-Microsoft-Exchange-Diagnostics: 1; DB5PR04MB1446; 6:39tYNP5yZXEX/JM1XMlw3XWgD6RQK+55Td2PEgHhSo3jSBPmYgi6EJDYJi60cBn10bsh7uGdU3Z4GfSNa0UdNDcD3oTlraW7qSU2Vz3uOUxu0GYp+LJgKlumpMymHrazKxRJ5EUO4KVfXpB230w2kqV5oisw2U9US54mZH2GE/F0xJiYryqyEHdpJvQ3aiVx8MoTBMFUVcrazcBPH3aK5GfaCOhh23/f6M/w17KzA+EZ/lKOz7GFEWnbZDBXllEtx/F25ZWE4TIVEELCPtWAtlFaJ57a9mVmbpRoKSuqgpmBbVCKZr590S4wLixIsqG/bUupn0rhwpfEI87Zp48rBETcDZH/FHTbxE6OP8FlfUvPudlclBAcc8MWvisglKxFANjS6JEdvRbIpVpx6wsgeK6K29oHS8C57o7JW3cm7LbcSVrii5LDw+W6FMu9tgz+l7sPOFln5cJKqnL/AX10Dg==; 5:15JFs725pMJ8h9dT+kdp09Rn4lgCStCqIrF6eJG1WINH6pRKhW0c/skRigbTHKswYV+xkTRPhurRa/eDQaZc3yV6GeldGpXtZuuWn4XqC+5RFmXZqQ0P/0zoOovvlLxQctz17YMOZPCqEH4GPf0P8fuzVWi1PU3MXlLvk/T+iOw=; 24:kxYLffQCYN/hdSC7Z8POi2s2Ul6M0oPjyP+LU4EGh6Rz8iDkE8ma34TMaImPNIKBnYSFVbJM2xhSIrG0StsLjj2lTNgtWEkCv6eqSpD3VEQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DB5PR04MB1446; 7:Oh3wq06H58AN3jOOYfI0eotjvAsf9wAPu80/NRssvnu9xkcHIwApyVHgo22D6BmNWGNqsBKN++4hDpP+b2qXJmexd0fEM1H3FC8GjCqmzOcV49aikHNhhE9KjOv0NDM4NSG7cLzeEZPo12QwVHjNnTXJiULm5qAcVPczEHmATDad6vccSszXhlfmusWygt7Sfy0JkASXkiRpOKkWOqow/i6e1DiVvc6jaalcXLCXGWQIag6TnETmLcgxlJnk+zJ8 X-MS-Office365-Filtering-Correlation-Id: 9eec8c48-d093-4008-e083-08d5a903c3f7 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2018 10:19:56.7778 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9eec8c48-d093-4008-e083-08d5a903c3f7 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR04MB1446 Cc: ruchika.gupta@nxp.com Subject: [U-Boot] [PATCH v2] armv8: sec_firmware: Add support for multiple loadables X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Enable support for multiple loadable images in SEC firmware FIT image. Also add example "sec_firmware_ppa.its" file. Signed-off-by: Sumit Garg --- Changes in v2: Added example "sec_firmware_ppa.its" file. Also added printf instead of debug in case of error scenario. arch/arm/cpu/armv8/sec_firmware.c | 53 +++++++++++++++++++++++++++++-------- doc/uImage.FIT/sec_firmware_ppa.its | 49 ++++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+), 11 deletions(-) create mode 100644 doc/uImage.FIT/sec_firmware_ppa.its diff --git a/arch/arm/cpu/armv8/sec_firmware.c b/arch/arm/cpu/armv8/sec_firmware.c index b56ea78..040bf88 100644 --- a/arch/arm/cpu/armv8/sec_firmware.c +++ b/arch/arm/cpu/armv8/sec_firmware.c @@ -116,25 +116,48 @@ static int sec_firmware_check_copy_loadable(const void *sec_firmware_img, u32 *loadable_l, u32 *loadable_h) { phys_addr_t sec_firmware_loadable_addr = 0; - int conf_node_off, ld_node_off; + int conf_node_off, ld_node_off, images; char *conf_node_name = NULL; const void *data; size_t size; ulong load; + const char *name, *str, *type; + int len; conf_node_name = SEC_FIRMEWARE_FIT_CNF_NAME; conf_node_off = fit_conf_get_node(sec_firmware_img, conf_node_name); if (conf_node_off < 0) { printf("SEC Firmware: %s: no such config\n", conf_node_name); - return -ENOENT; + return -ENOENT; + } + + /* find the node holding the images information */ + images = fdt_path_offset(sec_firmware_img, FIT_IMAGES_PATH); + if (images < 0) { + printf("%s: Cannot find /images node: %d\n", __func__, images); + return -1; + } + + type = FIT_LOADABLE_PROP; + + name = fdt_getprop(sec_firmware_img, conf_node_off, type, &len); + if (!name) { + /* Loadables not present */ + return 0; } - ld_node_off = fit_conf_get_prop_node(sec_firmware_img, conf_node_off, - FIT_LOADABLE_PROP); - if (ld_node_off >= 0) { - printf("SEC Firmware: '%s' present in config\n", - FIT_LOADABLE_PROP); + printf("SEC Firmware: '%s' present in config\n", type); + + for (str = name; str && ((str - name) < len); + str = strchr(str, '\0') + 1) { + printf("%s: '%s'\n", type, str); + ld_node_off = fdt_subnode_offset(sec_firmware_img, images, str); + if (ld_node_off < 0) { + printf("cannot find image node '%s': %d\n", str, + ld_node_off); + return -EINVAL; + } /* Verify secure firmware image */ if (!(fit_image_verify(sec_firmware_img, ld_node_off))) { @@ -164,11 +187,19 @@ static int sec_firmware_check_copy_loadable(const void *sec_firmware_img, memcpy((void *)sec_firmware_loadable_addr, data, size); flush_dcache_range(sec_firmware_loadable_addr, sec_firmware_loadable_addr + size); - } - /* Populate address ptrs for loadable image with loadbale addr */ - out_le32(loadable_l, (sec_firmware_loadable_addr & WORD_MASK)); - out_le32(loadable_h, (sec_firmware_loadable_addr >> WORD_SHIFT)); + /* Populate loadable address only for Trusted OS */ + if (!strcmp(str, "trustedOS@1")) { + /* + * Populate address ptrs for loadable image with + * loadbale addr + */ + out_le32(loadable_l, (sec_firmware_loadable_addr & + WORD_MASK)); + out_le32(loadable_h, (sec_firmware_loadable_addr >> + WORD_SHIFT)); + } + } return 0; } diff --git a/doc/uImage.FIT/sec_firmware_ppa.its b/doc/uImage.FIT/sec_firmware_ppa.its new file mode 100644 index 0000000..a7acde1 --- /dev/null +++ b/doc/uImage.FIT/sec_firmware_ppa.its @@ -0,0 +1,49 @@ +/dts-v1/; + +/* + * Example FIT image description file demonstrating the usage + * of SEC Firmware and multiple loadable images loaded by the u-boot. + * For booting PPA (SEC Firmware), "firmware" is searched and loaded. + * + * Multiple binaries will be loaded as "loadables" (if present) at their + * respective load offsets from firmware image address. + */ + +/{ + description = "PPA Firmware"; + #address-cells = <1>; + images { + firmware@1 { + description = "PPA Firmware: "; + data = /incbin/("../obj/monitor.bin"); + type = "firmware"; + arch = "arm64"; + compression = "none"; + }; + trustedOS@1 { + description = "Trusted OS"; + data = /incbin/("../../tee.bin"); + type = "OS"; + arch = "arm64"; + compression = "none"; + load = <0x00200000>; + }; + fuse_scr { + description = "Fuse Script"; + data = /incbin/("../../fuse_scr.bin"); + type = "firmware"; + arch = "arm64"; + compression = "none"; + load = <0x00180000>; + }; + }; + + configurations { + default = "config-1"; + config-1 { + description = "PPA Secure firmware"; + firmware = "firmware@1"; + loadables = "trustedOS@1", "fuse_scr"; + }; + }; +};