From patchwork Thu Feb 21 22:35:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Davis X-Patchwork-Id: 1046488 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=ti.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="PZGYiACh"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 4458Tt0wTPz9s6w for ; Fri, 22 Feb 2019 09:36:50 +1100 (AEDT) Received: by lists.denx.de (Postfix, from userid 105) id A09C4C21E02; Thu, 21 Feb 2019 22:36:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id F23ABC21EC5; Thu, 21 Feb 2019 22:35:23 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B4042C21C4A; Thu, 21 Feb 2019 22:35:20 +0000 (UTC) Received: from lelv0143.ext.ti.com (lelv0143.ext.ti.com [198.47.23.248]) by lists.denx.de (Postfix) with ESMTPS id 70D23C21C6A for ; Thu, 21 Feb 2019 22:35:19 +0000 (UTC) Received: from lelv0265.itg.ti.com ([10.180.67.224]) by lelv0143.ext.ti.com (8.15.2/8.15.2) with ESMTP id x1LMZIOU032957; Thu, 21 Feb 2019 16:35:18 -0600 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1550788518; bh=RlqHYNd9VJPq7qxbXtlroupE2DBVpXwNl3DDveB/nEc=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=PZGYiAChwg2UuaGneH5FuiHy4fl2T9J8IKbZRgRaHzuL+jfL+SgLA/lXbBB6NcBOK 8NOPT/sUMZvE7rNkqSJnuYGRia47IY0wBhdwApqZKa4/dAJihvbYeBkCGzxsIplLrI KLLMpCPRlIfwj+EFMM3Ol1jEacoOK/CKYUnKJrEs= Received: from DFLE113.ent.ti.com (dfle113.ent.ti.com [10.64.6.34]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id x1LMZHBt126430 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 21 Feb 2019 16:35:18 -0600 Received: from DFLE105.ent.ti.com (10.64.6.26) by DFLE113.ent.ti.com (10.64.6.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10; Thu, 21 Feb 2019 16:35:17 -0600 Received: from dflp32.itg.ti.com (10.64.6.15) by DFLE105.ent.ti.com (10.64.6.26) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1591.10 via Frontend Transport; Thu, 21 Feb 2019 16:35:17 -0600 Received: from legion.dal.desgin.ti.com (legion.dal.design.ti.com [128.247.22.53]) by dflp32.itg.ti.com (8.14.3/8.13.8) with ESMTP id x1LMZHkE015572; Thu, 21 Feb 2019 16:35:17 -0600 Received: from localhost (uda0226330.dhcp.ti.com [172.22.111.174]) by legion.dal.desgin.ti.com (8.11.7p1+Sun/8.11.7) with ESMTP id x1LMZGU08573; Thu, 21 Feb 2019 16:35:16 -0600 (CST) From: "Andrew F. Davis" To: Tom Rini , Lokesh Vutla , Andreas Dannenberg Date: Thu, 21 Feb 2019 16:35:09 -0600 Message-ID: <20190221223512.8310-5-afd@ti.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190221223512.8310-1-afd@ti.com> References: <20190221223512.8310-1-afd@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 Cc: u-boot@lists.denx.de Subject: [U-Boot] [PATCH v2 4/7] arm: mach-k3: Add secure device support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" K3 devices have High Security (HS) variants along with the non-HS already supported. Like the previous generation devices (OMAP/Keystone2) K3 supports boot chain-of-trust by authenticating and optionally decrypting images as they are unpacked from FIT images. Add support for this here. Signed-off-by: Andrew F. Davis Reviewed-by: Tom Rini Reviewed-by: Andreas Dannenberg --- MAINTAINERS | 1 + arch/arm/Kconfig | 2 +- arch/arm/mach-k3/Makefile | 1 + arch/arm/mach-k3/security.c | 63 +++++++++++++++++++++++++++++++++++++ 4 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 arch/arm/mach-k3/security.c diff --git a/MAINTAINERS b/MAINTAINERS index f1f8818d6b..5dd69562e0 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -716,6 +716,7 @@ S: Supported F: arch/arm/mach-omap2/omap5/sec_entry_cpu1.S F: arch/arm/mach-omap2/sec-common.c F: arch/arm/mach-omap2/config_secure.mk +F: arch/arm/mach-k3/security.c F: configs/am335x_hs_evm_defconfig F: configs/am335x_hs_evm_uart_defconfig F: configs/am43xx_hs_evm_defconfig diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 455f06cfee..da397097e5 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1417,7 +1417,7 @@ endchoice config TI_SECURE_DEVICE bool "HS Device Type Support" - depends on ARCH_KEYSTONE || ARCH_OMAP2PLUS + depends on ARCH_KEYSTONE || ARCH_OMAP2PLUS || ARCH_K3 help If a high secure (HS) device type is being used, this config must be set. This option impacts various aspects of the diff --git a/arch/arm/mach-k3/Makefile b/arch/arm/mach-k3/Makefile index bd4ab361b2..0c3a4f7db1 100644 --- a/arch/arm/mach-k3/Makefile +++ b/arch/arm/mach-k3/Makefile @@ -6,4 +6,5 @@ obj-$(CONFIG_SOC_K3_AM6) += am6_init.o obj-$(CONFIG_ARM64) += arm64-mmu.o obj-$(CONFIG_CPU_V7R) += r5_mpu.o lowlevel_init.o +obj-$(CONFIG_TI_SECURE_DEVICE) += security.o obj-y += common.o diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c new file mode 100644 index 0000000000..52f49bf01f --- /dev/null +++ b/arch/arm/mach-k3/security.c @@ -0,0 +1,63 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * K3: Security functions + * + * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com/ + * Andrew F. Davis + */ + +#include +#include +#include +#include +#include + +void board_fit_image_post_process(void **p_image, size_t *p_size) +{ + struct udevice *dev; + struct ti_sci_handle *ti_sci; + struct ti_sci_proc_ops *proc_ops; + u64 image_addr; + u32 image_size; + int ret; + + /* Get handle to Device Management and Security Controller (SYSFW) */ + ret = uclass_get_device_by_name(UCLASS_FIRMWARE, "dmsc", &dev); + if (ret) { + printf("Failed to get handle to SYSFW (%d)\n", ret); + hang(); + } + ti_sci = (struct ti_sci_handle *)(ti_sci_get_handle_from_sysfw(dev)); + proc_ops = &ti_sci->ops.proc_ops; + + image_addr = (uintptr_t)*p_image; + + debug("Authenticating image at address 0x%016llx\n", image_addr); + + /* Authenticate image */ + ret = proc_ops->proc_auth_boot_image(ti_sci, &image_addr, &image_size); + if (ret) { + printf("Authentication failed!\n"); + hang(); + } + + /* + * The image_size returned may be 0 when the authentication process has + * moved the image. When this happens no further processing on the + * image is needed or often even possible as it may have also been + * placed behind a firewall when moved. + */ + *p_size = image_size; + + /* + * Output notification of successful authentication to re-assure the + * user that the secure code is being processed as expected. However + * suppress any such log output in case of building for SPL and booting + * via YMODEM. This is done to avoid disturbing the YMODEM serial + * protocol transactions. + */ + if (!(IS_ENABLED(CONFIG_SPL_BUILD) && + IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) && + spl_boot_device() == BOOT_DEVICE_UART)) + printf("Authentication passed\n"); +}