From patchwork Tue Nov 29 22:33:23 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Davis X-Patchwork-Id: 700748 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 3tSyzG1CCfz9t1Q for ; Wed, 30 Nov 2016 09:34:50 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 568FFB38CF; Tue, 29 Nov 2016 23:34:24 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6YCksdbfmGgc; Tue, 29 Nov 2016 23:34:24 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id EA77BB389E; Tue, 29 Nov 2016 23:33:53 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id DCDE4A7635 for ; Tue, 29 Nov 2016 23:33:31 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oUkmKpIxoxx9 for ; Tue, 29 Nov 2016 23:33:31 +0100 (CET) Received: from fllnx209.ext.ti.com (fllnx209.ext.ti.com [198.47.19.16]) by theia.denx.de (Postfix) with ESMTPS id 30FF2A75CA for ; Tue, 29 Nov 2016 23:33:30 +0100 (CET) Received: from dflxv15.itg.ti.com ([128.247.5.124]) by fllnx209.ext.ti.com (8.15.1/8.15.1) with ESMTP id uATMXSFE009675; Tue, 29 Nov 2016 16:33:28 -0600 Received: from DFLE73.ent.ti.com (dfle73.ent.ti.com [128.247.5.110]) by dflxv15.itg.ti.com (8.14.3/8.13.8) with ESMTP id uATMXS5J010209; Tue, 29 Nov 2016 16:33:28 -0600 Received: from dlep32.itg.ti.com (157.170.170.100) by DFLE73.ent.ti.com (128.247.5.110) with Microsoft SMTP Server id 14.3.294.0; Tue, 29 Nov 2016 16:33:27 -0600 Received: from legion.dal.design.ti.com (legion.dal.design.ti.com [128.247.22.53]) by dlep32.itg.ti.com (8.14.3/8.13.8) with ESMTP id uATMXR4N022404; Tue, 29 Nov 2016 16:33:27 -0600 Received: from localhost (uda0226330.am.dhcp.ti.com [128.247.83.169]) by legion.dal.design.ti.com (8.11.7p1+Sun/8.11.7) with ESMTP id uATMXR311505; Tue, 29 Nov 2016 16:33:27 -0600 (CST) From: "Andrew F. Davis" To: Tom Rini , Simon Glass , Masahiro Yamada , Daniel Allred , Harinarayan Bhatta Date: Tue, 29 Nov 2016 16:33:23 -0600 Message-ID: <20161129223326.3115-5-afd@ti.com> X-Mailer: git-send-email 2.10.2 In-Reply-To: <20161129223326.3115-1-afd@ti.com> References: <20161129223326.3115-1-afd@ti.com> MIME-Version: 1.0 Cc: u-boot@lists.denx.de Subject: [U-Boot] [PATCH v3 4/7] arm: omap5: Add TEE loading support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.15 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" From: Harinarayan Bhatta secure_tee_install is used to install and initialize a secure TEE OS such as Linaro OP-TEE into the secure world. This function takes in the address where the signed TEE image is loaded as an argument. The signed TEE image consists of a header (struct tee_header), TEE code+data followed by the signature generated using image signing tool from TI security development package (SECDEV). Refer to README.ti-secure for more information. This function uses 2 new secure APIs. 1. PPA_SERV_HAL_TEE_LOAD_MASTER - Must be called on CPU Core 0. Protected memory for TEE must be reserved before calling this function. This API needs arguments filled into struct ppa_tee_load_info. The TEE image is authenticated and if there are no errors, the control passes to the TEE entry point. 2. PPA_SERV_HAL_TEE_LOAD_SLAVE - Called on other CPU cores only after a TEE_LOAD_MASTER call. Takes no arguments. Checks if TEE was successfully loaded (on core 0) and transfers control to the same TEE entry point. The code at TEE entry point is expected perform OS initialization steps and return back to non-secure world (U-Boot). Signed-off-by: Harinarayan Bhatta Signed-off-by: Andrew F. Davis Reviewed-by: Tom Rini --- arch/arm/include/asm/omap_sec_common.h | 6 ++ arch/arm/mach-omap2/omap5/sec-fxns.c | 108 +++++++++++++++++++++++++++++++++ include/tee/optee.h | 30 +++++++++ 3 files changed, 144 insertions(+) create mode 100644 include/tee/optee.h diff --git a/arch/arm/include/asm/omap_sec_common.h b/arch/arm/include/asm/omap_sec_common.h index 4bde93f..79f1fbd 100644 --- a/arch/arm/include/asm/omap_sec_common.h +++ b/arch/arm/include/asm/omap_sec_common.h @@ -51,4 +51,10 @@ int secure_emif_reserve(void); */ int secure_emif_firewall_lock(void); +/* + * Invoke a secure HAL API to authenticate and install a Trusted Execution + * Environment (TEE) image. + */ +int secure_tee_install(u32 tee_image); + #endif /* _OMAP_SEC_COMMON_H_ */ diff --git a/arch/arm/mach-omap2/omap5/sec-fxns.c b/arch/arm/mach-omap2/omap5/sec-fxns.c index 33d4ea4..7fab575 100644 --- a/arch/arm/mach-omap2/omap5/sec-fxns.c +++ b/arch/arm/mach-omap2/omap5/sec-fxns.c @@ -19,13 +19,30 @@ #include #include #include +#include +#include +#include /* Index for signature PPA-based TI HAL APIs */ #define PPA_HAL_SERVICES_START_INDEX (0x200) +#define PPA_SERV_HAL_TEE_LOAD_MASTER (PPA_HAL_SERVICES_START_INDEX + 23) +#define PPA_SERV_HAL_TEE_LOAD_SLAVE (PPA_HAL_SERVICES_START_INDEX + 24) #define PPA_SERV_HAL_SETUP_SEC_RESVD_REGION (PPA_HAL_SERVICES_START_INDEX + 25) #define PPA_SERV_HAL_SETUP_EMIF_FW_REGION (PPA_HAL_SERVICES_START_INDEX + 26) #define PPA_SERV_HAL_LOCK_EMIF_FW (PPA_HAL_SERVICES_START_INDEX + 27) +int tee_loaded = 0; + +/* Argument for PPA_SERV_HAL_TEE_LOAD_MASTER */ +struct ppa_tee_load_info { + u32 tee_sec_mem_start; /* Physical start address reserved for TEE */ + u32 tee_sec_mem_size; /* Size of the memory reserved for TEE */ + u32 tee_cert_start; /* Address where signed TEE binary is loaded */ + u32 tee_cert_size; /* Size of TEE certificate (signed binary) */ + u32 tee_jump_addr; /* Address to jump to start TEE execution */ + u32 tee_arg0; /* argument to TEE jump function, in r0 */ +}; + static u32 get_sec_mem_start(void) { u32 sec_mem_start = CONFIG_TI_SECURE_EMIF_REGION_START; @@ -124,3 +141,94 @@ int secure_emif_firewall_lock(void) return result; } + +static struct ppa_tee_load_info tee_info __aligned(ARCH_DMA_MINALIGN); + +int secure_tee_install(u32 addr) +{ + struct optee_header *hdr; + void *loadptr; + u32 tee_file_size; + u32 sec_mem_start = get_sec_mem_start(); + const u32 size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE; + u32 *smc_cpu1_params; + u32 ret; + + /* If there is no protected region, there is no place to put the TEE */ + if (size == 0) { + printf("Error loading TEE, no protected memory region available\n"); + return -ENOBUFS; + } + + hdr = (struct optee_header *)map_sysmem(addr, sizeof(struct optee_header)); + /* 280 bytes = size of signature */ + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header) + 280; + + if ((hdr->magic != OPTEE_MAGIC) || + (hdr->version != OPTEE_VERSION) || + (hdr->init_load_addr_hi != 0) || + (hdr->init_load_addr_lo < (sec_mem_start + sizeof(struct optee_header))) || + (tee_file_size > size) || + ((hdr->init_load_addr_lo + tee_file_size - 1) > + (sec_mem_start + size - 1))) { + printf("Error in TEE header. Check load address and sizes\n"); + unmap_sysmem(hdr); + return CMD_RET_FAILURE; + } + + tee_info.tee_sec_mem_start = sec_mem_start; + tee_info.tee_sec_mem_size = size; + tee_info.tee_jump_addr = hdr->init_load_addr_lo; + tee_info.tee_cert_start = addr; + tee_info.tee_cert_size = tee_file_size; + tee_info.tee_arg0 = hdr->init_size + tee_info.tee_jump_addr; + unmap_sysmem(hdr); + loadptr = map_sysmem(addr, tee_file_size); + + debug("tee_info.tee_sec_mem_start= %08X\n", tee_info.tee_sec_mem_start); + debug("tee_info.tee_sec_mem_size = %08X\n", tee_info.tee_sec_mem_size); + debug("tee_info.tee_jump_addr = %08X\n", tee_info.tee_jump_addr); + debug("tee_info.tee_cert_start = %08X\n", tee_info.tee_cert_start); + debug("tee_info.tee_cert_size = %08X\n", tee_info.tee_cert_size); + debug("tee_info.tee_arg0 = %08X\n", tee_info.tee_arg0); + debug("tee_file_size = %d\n", tee_file_size); + +#if !defined(CONFIG_SYS_DCACHE_OFF) + flush_dcache_range( + rounddown((u32)loadptr, ARCH_DMA_MINALIGN), + roundup((u32)loadptr + tee_file_size, ARCH_DMA_MINALIGN)); + + flush_dcache_range((u32)&tee_info, (u32)&tee_info + + roundup(sizeof(tee_info), ARCH_DMA_MINALIGN)); +#endif + unmap_sysmem(loadptr); + + ret = secure_rom_call(PPA_SERV_HAL_TEE_LOAD_MASTER, 0, 0, 1, &tee_info); + if (ret) { + printf("TEE_LOAD_MASTER Failed\n"); + return ret; + } + printf("TEE_LOAD_MASTER Done\n"); + + if (!is_dra72x()) { + /* Reuse the tee_info buffer for SMC params */ + smc_cpu1_params = (u32 *)&tee_info; + smc_cpu1_params[0] = 0; +#if !defined(CONFIG_SYS_DCACHE_OFF) + flush_dcache_range((u32)smc_cpu1_params, (u32)smc_cpu1_params + + roundup(sizeof(u32), ARCH_DMA_MINALIGN)); +#endif + ret = omap_smc_sec_cpu1(PPA_SERV_HAL_TEE_LOAD_SLAVE, 0, 0, + smc_cpu1_params); + if (ret) { + printf("TEE_LOAD_SLAVE Failed\n"); + return ret; + } + printf("TEE_LOAD_SLAVE Done\n"); + } + + tee_loaded = 1; + + return 0; +} diff --git a/include/tee/optee.h b/include/tee/optee.h new file mode 100644 index 0000000..9ab0d08 --- /dev/null +++ b/include/tee/optee.h @@ -0,0 +1,30 @@ +/* + * OP-TEE related definitions + * + * (C) Copyright 2016 Linaro Limited + * Andrew F. Davis + * + * SPDX-License-Identifier: BSD-2-Clause + */ + +#ifndef _OPTEE_H +#define _OPTEE_H + +#define OPTEE_MAGIC 0x4554504f +#define OPTEE_VERSION 1 +#define OPTEE_ARCH_ARM32 0 +#define OPTEE_ARCH_ARM64 1 + +struct optee_header { + uint32_t magic; + uint8_t version; + uint8_t arch; + uint16_t flags; + uint32_t init_size; + uint32_t init_load_addr_hi; + uint32_t init_load_addr_lo; + uint32_t init_mem_usage; + uint32_t paged_size; +}; + +#endif /* _OPTEE_H */