Currently, TEE binaries can only be loaded if CONFIG_BOOTM_FORCE_SIGNED_IMAGES is not set. No signature check is being performed on them.
Allow loading OP-TEE from FIT images. Therefore, now it's possible to ensure that only trusted OP-TEE binaries will be loaded by using signed FIT images. Signed-off-by: Albert Schwarzkopf <[email protected]> --- arch/arm/lib32/bootm.c | 44 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 5 deletions(-) diff --git a/arch/arm/lib32/bootm.c b/arch/arm/lib32/bootm.c index 971ebee8a..c33ecc2ad 100644 --- a/arch/arm/lib32/bootm.c +++ b/arch/arm/lib32/bootm.c @@ -20,7 +20,7 @@ #include <restart.h> #include <globalvar.h> #include <tee/optee.h> - +#include <image-fit.h> #include <asm/byteorder.h> #include <asm/setup.h> #include <asm/barebox-arm.h> @@ -166,6 +166,34 @@ static int optee_verify_header_request_region(struct image_data *data, struct op return ret; } +static int bootm_load_tee_from_fit(struct image_data *data) +{ + int ret = 0; + struct optee_header hdr; + + if (data->os_fit && + fit_has_image(data->os_fit, data->fit_config, "tee")) { + const void *tee; + unsigned long tee_size; + + ret = fit_open_image(data->os_fit, data->fit_config, "tee", + &tee, &tee_size); + if (ret) { + pr_err("Error opening tee fit image: %s\n", strerror(-ret)); + return ret; + } + memcpy(&hdr, tee, sizeof(hdr)); + if (optee_verify_header_request_region(data, &hdr) < 0) { + pr_err("%s", strerror(errno)); + ret = -errno; + goto out; + } + memcpy((void *)data->tee_res->start, tee + sizeof(hdr), hdr.init_size); + printf("Read optee image to %pa, size 0x%08x\n", (void *)data->tee_res->start, hdr.init_size); + } +out: + return ret; +} static int bootm_load_tee_from_file(struct image_data *data) { int fd, ret; @@ -262,10 +290,16 @@ static int __do_bootm_linux(struct image_data *data, unsigned long free_mem, return ret; } - if (IS_ENABLED(CONFIG_BOOTM_OPTEE) && data->tee_file) { - ret = bootm_load_tee_from_file(data); - if (ret) - return ret; + if (IS_ENABLED(CONFIG_BOOTM_OPTEE)) { + if (data->tee_file && !IS_ENABLED(CONFIG_BOOTM_FORCE_SIGNED_IMAGES)) { + ret = bootm_load_tee_from_file(data); + if (ret) + return ret; + } else if (IS_ENABLED(CONFIG_FITIMAGE)) { + ret = bootm_load_tee_from_fit(data); + if (ret) + return ret; + } } -- 2.17.1 _______________________________________________ barebox mailing list [email protected] http://lists.infradead.org/mailman/listinfo/barebox
