Message ID | 20210205105212.16510-4-elly.siew.chin.lim@intel.com |
---|---|
State | Superseded |
Delegated to: | Simon Goldschmidt |
Headers | show |
Series | Add Vendor Authorized Boot (VAB) support | expand |
> -----Original Message----- > From: Lim, Elly Siew Chin <elly.siew.chin.lim@intel.com> > Sent: Friday, February 5, 2021 6:52 PM > To: u-boot@lists.denx.de > Cc: Marek Vasut <marex@denx.de>; Tan, Ley Foon > <ley.foon.tan@intel.com>; See, Chin Liang <chin.liang.see@intel.com>; > Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>; Chee, Tien Fong > <tien.fong.chee@intel.com>; Westergreen, Dalon > <dalon.westergreen@intel.com>; Simon Glass <sjg@chromium.org>; Gan, > Yau Wai <yau.wai.gan@intel.com>; Lim, Elly Siew Chin > <elly.siew.chin.lim@intel.com> > Subject: [v3 3/6] arm: socfpga: cmd: Support 'vab' command > > Support 'vab' command to perform vendor authentication. > > Command format: vab addr len > Authorize 'len' bytes starting at 'addr' via vendor public key > > Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com> > > --- > v3 > --- > - Remove the print in 'vab' command to avoid duplicated print out. > The 'socfpga_vendor_authntication' function in secure_vab.c will > print out the string if VAB success. > --- Reviewed-by: Ley Foon Tan <ley.foon.tan@intel.com>
diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-socfpga/Makefile index 1f1e21766d..9e63296b38 100644 --- a/arch/arm/mach-socfpga/Makefile +++ b/arch/arm/mach-socfpga/Makefile @@ -51,6 +51,7 @@ obj-y += reset_manager_s10.o obj-$(CONFIG_SOCFPGA_SECURE_VAB_AUTH) += secure_vab.o obj-y += system_manager_s10.o obj-y += timer_s10.o +obj-$(CONFIG_SOCFPGA_SECURE_VAB_AUTH) += vab.o obj-y += wrap_pinmux_config_s10.o obj-y += wrap_pll_config_s10.o endif diff --git a/arch/arm/mach-socfpga/vab.c b/arch/arm/mach-socfpga/vab.c new file mode 100644 index 0000000000..85b3f30211 --- /dev/null +++ b/arch/arm/mach-socfpga/vab.c @@ -0,0 +1,34 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2020 Intel Corporation <www.intel.com> + * + */ + +#include <asm/arch/secure_vab.h> +#include <command.h> +#include <common.h> +#include <linux/ctype.h> + +static int do_vab(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + unsigned long addr, len; + + if (argc < 3) + return CMD_RET_USAGE; + + addr = simple_strtoul(argv[1], NULL, 16); + len = simple_strtoul(argv[2], NULL, 16); + + if (socfpga_vendor_authentication((void *)&addr, (size_t *)&len) != 0) + return CMD_RET_FAILURE; + + return 0; +} + +U_BOOT_CMD( + vab, 3, 2, do_vab, + "perform vendor authorization", + "addr len - authorize 'len' bytes starting at\n" + " 'addr' via vendor public key" +);
Support 'vab' command to perform vendor authentication. Command format: vab addr len Authorize 'len' bytes starting at 'addr' via vendor public key Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com> --- v3 --- - Remove the print in 'vab' command to avoid duplicated print out. The 'socfpga_vendor_authntication' function in secure_vab.c will print out the string if VAB success. --- arch/arm/mach-socfpga/Makefile | 1 + arch/arm/mach-socfpga/vab.c | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 arch/arm/mach-socfpga/vab.c