From patchwork Tue May 21 10:56:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kumar, Udit" X-Patchwork-Id: 1937357 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=bygX7Jk8; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VkBGW3t2Gz20dK for ; Tue, 21 May 2024 20:57:23 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id CC4F68874F; Tue, 21 May 2024 12:57:20 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="bygX7Jk8"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 6F3478874F; Tue, 21 May 2024 12:57:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 662EA8875E for ; Tue, 21 May 2024 12:57:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-kumar1@ti.com Received: from lelv0265.itg.ti.com ([10.180.67.224]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 44LAv6Ri011507; Tue, 21 May 2024 05:57:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1716289026; bh=q3CEOC57Z8oUwXt58QLa9uxxBvev+38A2M6KMrGBpWY=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=bygX7Jk87abl8AcEogZHoWy7/TzEqcFQkZnVQFAxBm0gH85Gz3xy87aKd+AeOSmkR UIqCrtfxJuNVhfaphVKsVdLWKIgP3wuBiAG53rWS5cF7d1HhWLarJEI5Okc8HjZdSK B6W2BuZpBflP2o5yNAbObWrY2P+/+jaJrxMo0n/0= Received: from DFLE106.ent.ti.com (dfle106.ent.ti.com [10.64.6.27]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 44LAv63H013175 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 21 May 2024 05:57:06 -0500 Received: from DFLE106.ent.ti.com (10.64.6.27) by DFLE106.ent.ti.com (10.64.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Tue, 21 May 2024 05:57:05 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DFLE106.ent.ti.com (10.64.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Tue, 21 May 2024 05:57:05 -0500 Received: from udit-HP-Z2-Tower-G9-Workstation-Desktop-PC.dhcp.ti.com (udit-hp-z2-tower-g9-workstation-desktop-pc.dhcp.ti.com [172.24.227.18]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 44LAurAg047424; Tue, 21 May 2024 05:57:00 -0500 From: Udit Kumar To: , , CC: , , , , , , , , , , , , , , , , , Udit Kumar Subject: [PATCH 1/4] include: mach-k3: move k3 security functions to security.h Date: Tue, 21 May 2024 16:26:45 +0530 Message-ID: <20240521105648.3780072-2-u-kumar1@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240521105648.3780072-1-u-kumar1@ti.com> References: <20240521105648.3780072-1-u-kumar1@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Manorit Chawdhry ti_secure_image_post_process and ti_secure_image_check_binary is used for the authentication purposes in the current boot flow. Authentication of remoteproc firmware images require ti_secure_image_post_process to be available outside mach-k3. Signed-off-by: Manorit Chawdhry Signed-off-by: Udit Kumar --- arch/arm/mach-k3/common.h | 4 ++-- arch/arm/mach-k3/include/mach/security.h | 11 +++++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 arch/arm/mach-k3/include/mach/security.h diff --git a/arch/arm/mach-k3/common.h b/arch/arm/mach-k3/common.h index 53aa186b31..7bd72da1de 100644 --- a/arch/arm/mach-k3/common.h +++ b/arch/arm/mach-k3/common.h @@ -2,12 +2,13 @@ /* * K3: Architecture common definitions * - * Copyright (C) 2018 Texas Instruments Incorporated - https://www.ti.com/ + * Copyright (C) 2018-2024 Texas Instruments Incorporated - https://www.ti.com/ * Lokesh Vutla */ #include #include +#include #define K3_FIREWALL_BACKGROUND_BIT (8) @@ -41,7 +42,6 @@ void spl_enable_cache(void); void mmr_unlock(uintptr_t base, u32 partition); bool is_rom_loaded_sysfw(struct rom_extended_boot_data *data); enum k3_device_type get_device_type(void); -void ti_secure_image_post_process(void **p_image, size_t *p_size); struct ti_sci_handle *get_ti_sci_handle(void); void do_board_detect(void); void ti_secure_image_check_binary(void **p_image, size_t *p_size); diff --git a/arch/arm/mach-k3/include/mach/security.h b/arch/arm/mach-k3/include/mach/security.h new file mode 100644 index 0000000000..8502b57bd8 --- /dev/null +++ b/arch/arm/mach-k3/include/mach/security.h @@ -0,0 +1,11 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * K3: Security related definitions + * + * Copyright (C) 2024 Texas Instruments Incorporated - https://www.ti.com/ + * Manorit Chawdhry + */ + +#include + +void ti_secure_image_post_process(void **p_image, size_t *p_size); From patchwork Tue May 21 10:56:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kumar, Udit" X-Patchwork-Id: 1937358 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=c2DHDaOz; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VkBGj0t3Zz1ynR for ; Tue, 21 May 2024 20:57:33 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3BD3988749; Tue, 21 May 2024 12:57:23 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="c2DHDaOz"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8C7AE88749; Tue, 21 May 2024 12:57:21 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 7366E88753 for ; Tue, 21 May 2024 12:57:19 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-kumar1@ti.com Received: from lelv0265.itg.ti.com ([10.180.67.224]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 44LAvBTS011515; Tue, 21 May 2024 05:57:11 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1716289031; bh=czQJ1UvAoqDclV7Ii8KOPk2f+mNm1cgiBSVnw9LoAGw=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=c2DHDaOznBFAATzqSJ9UROSwlQ+ZKNe9NFIhqgm9yNSUZyabNoi1LONtnsW20nc8W K7sZg/ImkuKZu2DVBoDc6DsHR0awYOog9ZWKca/1Lctqd9Ze/NzYNdmEzck9pcQ9cY RVZFNRoQ6kTD2vRJ5l9u3YwdsFparjkk/qRuHlnY= Received: from DLEE103.ent.ti.com (dlee103.ent.ti.com [157.170.170.33]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 44LAvB38013219 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 21 May 2024 05:57:11 -0500 Received: from DLEE106.ent.ti.com (157.170.170.36) by DLEE103.ent.ti.com (157.170.170.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Tue, 21 May 2024 05:57:11 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DLEE106.ent.ti.com (157.170.170.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Tue, 21 May 2024 05:57:11 -0500 Received: from udit-HP-Z2-Tower-G9-Workstation-Desktop-PC.dhcp.ti.com (udit-hp-z2-tower-g9-workstation-desktop-pc.dhcp.ti.com [172.24.227.18]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 44LAurAh047424; Tue, 21 May 2024 05:57:06 -0500 From: Udit Kumar To: , , CC: , , , , , , , , , , , , , , , , Subject: [PATCH 2/4] drivers: remoteproc: ti_k3 : enable secure booting with firmware images Date: Tue, 21 May 2024 16:26:46 +0530 Message-ID: <20240521105648.3780072-3-u-kumar1@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240521105648.3780072-1-u-kumar1@ti.com> References: <20240521105648.3780072-1-u-kumar1@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Manorit Chawdhry Remoteproc firmware images aren't authenticated in the current boot flow. Authenticates remoteproc firmware images to complete the root of trust in secure booting. Signed-off-by: Manorit Chawdhry --- drivers/remoteproc/ti_k3_dsp_rproc.c | 4 ++++ drivers/remoteproc/ti_k3_r5f_rproc.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/drivers/remoteproc/ti_k3_dsp_rproc.c b/drivers/remoteproc/ti_k3_dsp_rproc.c index 57fe1037da..7617bbb986 100644 --- a/drivers/remoteproc/ti_k3_dsp_rproc.c +++ b/drivers/remoteproc/ti_k3_dsp_rproc.c @@ -21,6 +21,7 @@ #include #include #include "ti_sci_proc.h" +#include #define KEYSTONE_RPROC_LOCAL_ADDRESS_MASK (SZ_16M - 1) @@ -127,6 +128,7 @@ static int k3_dsp_load(struct udevice *dev, ulong addr, ulong size) struct k3_dsp_privdata *dsp = dev_get_priv(dev); struct k3_dsp_boot_data *data = dsp->data; u32 boot_vector; + void *image_addr = (void *)addr; int ret; if (dsp->in_use) { @@ -148,6 +150,8 @@ static int k3_dsp_load(struct udevice *dev, ulong addr, ulong size) goto proc_release; } + ti_secure_image_post_process(&image_addr, &size); + ret = rproc_elf_load_image(dev, addr, size); if (ret < 0) { dev_err(dev, "Loading elf failed %d\n", ret); diff --git a/drivers/remoteproc/ti_k3_r5f_rproc.c b/drivers/remoteproc/ti_k3_r5f_rproc.c index b55b1dc10d..b9c6549e18 100644 --- a/drivers/remoteproc/ti_k3_r5f_rproc.c +++ b/drivers/remoteproc/ti_k3_r5f_rproc.c @@ -20,6 +20,7 @@ #include #include #include "ti_sci_proc.h" +#include /* * R5F's view of this address can either be for ATCM or BTCM with the other @@ -301,6 +302,7 @@ static int k3_r5f_load(struct udevice *dev, ulong addr, ulong size) u64 boot_vector; u32 ctrl, sts, cfg = 0; bool mem_auto_init; + void *image_addr = (void *)addr; int ret; dev_dbg(dev, "%s addr = 0x%lx, size = 0x%lx\n", __func__, addr, size); @@ -328,6 +330,8 @@ static int k3_r5f_load(struct udevice *dev, ulong addr, ulong size) k3_r5f_init_tcm_memories(core, mem_auto_init); + ti_secure_image_post_process(&image_addr, &size); + ret = rproc_elf_load_image(dev, addr, size); if (ret < 0) { dev_err(dev, "Loading elf failedi %d\n", ret); From patchwork Tue May 21 10:56:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kumar, Udit" X-Patchwork-Id: 1937359 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=yoiMqojm; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VkBGv3fSZz1ynR for ; Tue, 21 May 2024 20:57:43 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 9636C8875E; Tue, 21 May 2024 12:57:31 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="yoiMqojm"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id AD5F18875D; Tue, 21 May 2024 12:57:30 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 7D8508876C for ; Tue, 21 May 2024 12:57:25 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-kumar1@ti.com Received: from lelv0266.itg.ti.com ([10.180.67.225]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 44LAvHa1011524; Tue, 21 May 2024 05:57:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1716289037; bh=YkpiQ7+dcyG6OT6bbG38+Wwox2fOaZR8VwDVgr3wPuk=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=yoiMqojmL4ir5xcWP0N7Rg0MhWpP7ATKDl2Ol9PQ8b+6Wv2llw+jp4a0fvvRuIkYB GM0MeVk/VcyH3/HsmmOW59rbBysO/xxU1Y0HLEqXOMkzsQtCpoTVgqEFH2Kd3+h4z7 67h3uIhlqVYgh7Pdlx1wNuB4m1fY4dldf9I6kMG8= Received: from DFLE106.ent.ti.com (dfle106.ent.ti.com [10.64.6.27]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 44LAvHQe032043 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 21 May 2024 05:57:17 -0500 Received: from DFLE103.ent.ti.com (10.64.6.24) by DFLE106.ent.ti.com (10.64.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Tue, 21 May 2024 05:57:17 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DFLE103.ent.ti.com (10.64.6.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Tue, 21 May 2024 05:57:17 -0500 Received: from udit-HP-Z2-Tower-G9-Workstation-Desktop-PC.dhcp.ti.com (udit-hp-z2-tower-g9-workstation-desktop-pc.dhcp.ti.com [172.24.227.18]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 44LAurAi047424; Tue, 21 May 2024 05:57:11 -0500 From: Udit Kumar To: , , CC: , , , , , , , , , , , , , , , , , Udit Kumar Subject: [PATCH 3/4] include: env: ti: Add support for secure firmwares Date: Tue, 21 May 2024 16:26:47 +0530 Message-ID: <20240521105648.3780072-4-u-kumar1@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240521105648.3780072-1-u-kumar1@ti.com> References: <20240521105648.3780072-1-u-kumar1@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Secure firmwares must be loaded if SOC is secure, currently rproc framework chooses non-secure firmware always. So adding support to load secure firmware, when SOC is secure Signed-off-by: Manorit Chawdhry Signed-off-by: Udit Kumar --- include/env/ti/k3_rproc.env | 6 +++++- include/env/ti/ti_common.env | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/include/env/ti/k3_rproc.env b/include/env/ti/k3_rproc.env index 87d9d76eba..d4f0f1708c 100644 --- a/include/env/ti/k3_rproc.env +++ b/include/env/ti/k3_rproc.env @@ -13,11 +13,15 @@ rproc_load_and_boot_one= boot_rprocs_mmc= env set rproc_id; env set rproc_fw; + env set secure_suffix; + if test ${secure_rprocs} -eq 1; then + env set secure_suffix -sec; + fi; for i in ${rproc_fw_binaries} ; do if test -z "${rproc_id}" ; then env set rproc_id $i; else - env set rproc_fw $i; + env set rproc_fw $i${secure_suffix}; run rproc_load_and_boot_one; env set rproc_id; env set rproc_fw; diff --git a/include/env/ti/ti_common.env b/include/env/ti/ti_common.env index 02b410c3ad..c5c3642177 100644 --- a/include/env/ti/ti_common.env +++ b/include/env/ti/ti_common.env @@ -12,6 +12,7 @@ bootm_size=0x10000000 boot_fdt=try boot_fit=0 +secure_rprocs=0 addr_fit=0x90000000 name_fit=fitImage update_to_fit=setenv loadaddr ${addr_fit}; setenv bootfile ${name_fit} From patchwork Tue May 21 10:56:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kumar, Udit" X-Patchwork-Id: 1937361 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=sjcYOu7a; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VkBH54MKPz20dK for ; Tue, 21 May 2024 20:57:53 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id F3D6B88761; Tue, 21 May 2024 12:57:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="sjcYOu7a"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7B00288765; Tue, 21 May 2024 12:57:33 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 608F58812B for ; Tue, 21 May 2024 12:57:31 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-kumar1@ti.com Received: from lelv0265.itg.ti.com ([10.180.67.224]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 44LAvN7s011549; Tue, 21 May 2024 05:57:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1716289043; bh=rEo3xFNJoDzkXwrSRCp8TutY+NyE2VCGurvXyYVNbTQ=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=sjcYOu7aqGvmeF4U9biHQckPOZovS2BWJT8qUkBhAMK+YAyuWOqN9zuslMiKXhJGU q9uXDfqNeX2gLhFDAI46ktRyliXTWc7KE2nOUJIsXR9P8gLoCVSDQ91h6Oovv2Wbbc ywb/A1xdYXUJ7YBXAvQZ9zXwbRaz94C2hsuPPm1U= Received: from DFLE115.ent.ti.com (dfle115.ent.ti.com [10.64.6.36]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 44LAvNb8013264 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 21 May 2024 05:57:23 -0500 Received: from DFLE105.ent.ti.com (10.64.6.26) by DFLE115.ent.ti.com (10.64.6.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Tue, 21 May 2024 05:57:23 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DFLE105.ent.ti.com (10.64.6.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Tue, 21 May 2024 05:57:23 -0500 Received: from udit-HP-Z2-Tower-G9-Workstation-Desktop-PC.dhcp.ti.com (udit-hp-z2-tower-g9-workstation-desktop-pc.dhcp.ti.com [172.24.227.18]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 44LAurAj047424; Tue, 21 May 2024 05:57:17 -0500 From: Udit Kumar To: , , CC: , , , , , , , , , , , , , , , , , Udit Kumar Subject: [PATCH 4/4] mach-k3: common.c: add a flag for booting authenticated rproc binaries Date: Tue, 21 May 2024 16:26:48 +0530 Message-ID: <20240521105648.3780072-5-u-kumar1@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240521105648.3780072-1-u-kumar1@ti.com> References: <20240521105648.3780072-1-u-kumar1@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Manorit Chawdhry The flag will be used for booting authenticated remote procs from hs-se devices which can optionally be used in hs-fs devices also. Signed-off-by: Manorit Chawdhry Signed-off-by: Udit Kumar --- arch/arm/mach-k3/common.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c index 1a269d6934..eaa7d36176 100644 --- a/arch/arm/mach-k3/common.c +++ b/arch/arm/mach-k3/common.c @@ -283,8 +283,10 @@ int misc_init_r(void) } /* Default FIT boot on HS-SE devices */ - if (get_device_type() == K3_DEVICE_TYPE_HS_SE) + if (get_device_type() == K3_DEVICE_TYPE_HS_SE) { env_set("boot_fit", "1"); + env_set("secure_rprocs", "1"); + } return 0; }