[PATCH v8 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
Tested-by: Ilias Apalodimas
---
v8:
Addressed issues reported by cppcheck
v7:
Addressed Heinrick's comments - Added missing parameter in function header
v6: Changed TPM2_DIGEST_LEN to TPM2_SHA512_DIGEST_SIZE
v5 : No change
v4 : No change
v3 :
Rebase changes on top of changes made in first patch series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 76 +++
1 file changed, 76 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index ce3e599c83..7d0ee8e1f1 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,44 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @pcr_index: PCR index
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1458,6 +1496,8 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1479,6 +1519,26 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
return ret;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 hash_buf[TPM2_SHA512_DIGEST_SIZE] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, hash_buf,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1486,6 +1546,22 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[PATCH v8 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v8: No change
v7: No change
v6: No change
v5: No change
v4: No change
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH v8 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
Tested-by: Ilias Apalodimas
---
v8:
Addressed issues reported by cppcheck and warning on 32 bit builds
v7:
Addressed Heinrich's comments
Changed functions not exported out of this file as static.
Corrected function decsriptions and added few.
Added declaration of weak function in header file
Moved offset check to parse functions
v6: No change
v5:
Shift the efi_init_event_log() to a different location in the file.
This help fixes compilation issue introduced by calling
efi_append_scrtm_version()
from it.
v4:
Add SCRTM version to log only if previous firmware doesn't pass the eventlog
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
include/efi_loader.h | 2 +
lib/efi_loader/efi_tcg2.c | 469 --
2 files changed, 402 insertions(+), 69 deletions(-)
diff --git a/include/efi_loader.h b/include/efi_loader.h
index d52e399841..67c40ca57a 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -988,4 +988,6 @@ efi_status_t efi_esrt_register(void);
*/
efi_status_t efi_esrt_populate(void);
efi_status_t efi_load_capsule_drivers(void);
+
+efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr, u32 *sz);
#endif /* _EFI_LOADER_H */
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..ce3e599c83 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,280 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the start of the eventlog
+ * @size: Size of the eventlog
+ * @pos: Return offset of the next event in buffer right
+ * after the event header i.e specID
+ *
+ * Return: status code
+ */
+static efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i])
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: [in] Offset of specID event in the eventlog buffer
+ * [ou
[PATCH v7 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
Tested-by: Ilias Apalodimas
---
v7:
Addressed Heinrick's comments - Added missing parameter in function header
v6: Changed TPM2_DIGEST_LEN to TPM2_SHA512_DIGEST_SIZE
v5 : No change
v4 : No change
v3 :
Rebase changes on top of changes made in first patch series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 76 +++
1 file changed, 76 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 5ded57fd29..d247179fbf 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,44 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @pcr_index: PCR index
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1461,6 +1499,8 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1482,6 +1522,26 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
return ret;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_SHA512_DIGEST_SIZE] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, buffer,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1489,6 +1549,22 @@ static efi_status_t tcg2_get_fw_eventlog(struct udevice
*dev, void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[v7 PATCH 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v7: No change
v6: No change
v5: No change
v4: No change
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH v7 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v7:
Addressed Heinrich's comments
Changed functions not exported out of this file as static.
Corrected function decsriptions and added few.
Added declaration of weak function in header file
Moved offset check to parse functions
v6: No change
v5:
Shift the efi_init_event_log() to a different location in the file.
This help fixes compilation issue introduced by calling
efi_append_scrtm_version()
from it.
v4:
Add SCRTM version to log only if previous firmware doesn't pass the eventlog
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
include/efi_loader.h | 2 +
lib/efi_loader/efi_tcg2.c | 472 --
2 files changed, 405 insertions(+), 69 deletions(-)
diff --git a/include/efi_loader.h b/include/efi_loader.h
index d52e399841..67c40ca57a 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -988,4 +988,6 @@ efi_status_t efi_esrt_register(void);
*/
efi_status_t efi_esrt_populate(void);
efi_status_t efi_load_capsule_drivers(void);
+
+efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr, u32 *sz);
#endif /* _EFI_LOADER_H */
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..5ded57fd29 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,283 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the start of the eventlog
+ * @size: Size of the eventlog
+ * @pos: Return offset of the next event in buffer right
+ * after the event header i.e specID
+ *
+ * Return: status code
+ */
+static efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i])
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: [in] Offset of specID event in the eventlog buffer
+ * [out] Return offset of the next event in the buffer
+ * after the specID
+ * @digest_list: list of digests in t
Re: [PATCH v6 1/3] efi_loader: Add check for event log passed from firmware
Hi Heinrich,
On Fri, 26 Nov 2021 at 13:01, Heinrich Schuchardt
wrote:
> On 11/26/21 06:00, Ruchika Gupta wrote:
> > Platforms may have support to measure their initial firmware components
> > and pass the event log to u-boot. The event log address can be passed
> > in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
> > Platforms may choose their own specific mechanism to do so. A weak
> > function is added to check if even log has been passed to u-boot
> > from earlier firmware components. If available, the eventlog is parsed
> > to check for its correctness and further event logs are appended to the
> > passed log.
> >
> > Signed-off-by: Ruchika Gupta
> > Tested-by: Ilias Apalodimas
> > Reviewed-by: Ilias Apalodimas
> > ---
> > v6: No change
> >
> > v5:
> > Shift the efi_init_event_log() to a different location in the file.
> > This help fixes compilation issue introduced by calling
> efi_append_scrtm_version()
> > from it.
> >
> > v4:
> > Add SCRTM version to log only if previous firmware doesn't pass the
> eventlog
> >
> > v3:
> > Return as soon as you detect error
> >
> > v2:
> > Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
> >
> > lib/efi_loader/efi_tcg2.c | 438 --
> > 1 file changed, 369 insertions(+), 69 deletions(-)
> >
> > diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> > index 8c1f22e337..a789c44660 100644
> > --- a/lib/efi_loader/efi_tcg2.c
> > +++ b/lib/efi_loader/efi_tcg2.c
> > @@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
> udevice **dev)
> > return EFI_NOT_FOUND;
> > }
> >
> > +/**
> > + * platform_get_eventlog() - retrieve the eventlog address and size
> > + *
> > + * This function retrieves the eventlog address and size if the
> underlying
> > + * firmware has done some measurements and passed them.
> > + *
> > + * This function may be overridden based on platform specific method of
> > + * passing the eventlog address and size.
> > + *
> > + * @dev: udevice
> > + * @addr:eventlog address
> > + * @sz: eventlog size
> > + * Return: status code
> > + */
> > +__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64
> *addr,
> > + u32 *sz)
>
> This function must be declared in a header to be overridden.
>
> > +{
> > + const u64 *basep;
> > + const u32 *sizep;
> > +
> > + basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
> > + if (!basep)
> > + return EFI_NOT_FOUND;
> > +
> > + *addr = be64_to_cpup((__force __be64 *)basep);
> > +
> > + sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
> > + if (!sizep)
> > + return EFI_NOT_FOUND;
> > +
> > + *sz = be32_to_cpup((__force __be32 *)sizep);
> > + if (*sz == 0) {
> > + log_debug("event log empty\n");
> > + return EFI_NOT_FOUND;
> > + }
> > +
> > + return EFI_SUCCESS;
> > +}
> > +
> > /**
> >* tpm2_get_max_command_size() - get the supported max command size
> >*
> > @@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol
> efi_tcg2_protocol = {
> > .get_result_of_set_active_pcr_banks =
> efi_tcg2_get_result_of_set_active_pcr_banks,
> > };
> >
> > +/**
> > + * parse_event_log_header() - Parse and verify the event log header
> fields
> > + *
> > + * @buffer: Pointer to the event header
> > + * @size:Size of the eventlog
> > + * @pos: Position in buffer after event log header
> > + *
> > + * Return: status code
> > + */
> > +efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
>
> This function should be declared in a header or be static.
>
> Should buffer have type struct tcg_pcr_event *?
>
Since buffer points to the complete eventlog, it would be probably better
to keep it as it is i.e void *.
I will correct the description of this parameter in the function
description to avoid confusion.
> > +{
> > + struct tcg_pcr_event *event_header = (struct tcg_pcr_event
> *)buffer;
> > + int i = 0;
> > +
> > + if (size < sizeof(*event_header))
> > + return EFI_COMPROMISED_DATA;
> > +
> > + if (get_unaligned_le32(_header-&
[PATCH v6 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
Tested-by: Ilias Apalodimas
---
v6: Changed TPM2_DIGEST_LEN to TPM2_SHA512_DIGEST_SIZE
v5 : No change
v4 : No change
v3 :
Rebase changes on top of changes made in first patch series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 75 +++
1 file changed, 75 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index a789c44660..295070f3d8 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1428,6 +1465,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1449,6 +1488,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_SHA512_DIGEST_SIZE] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, buffer,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1456,6 +1515,22 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[PATCH v6 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v6: No change
v5: No change
v4: No change
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH v6 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
Tested-by: Ilias Apalodimas
Reviewed-by: Ilias Apalodimas
---
v6: No change
v5:
Shift the efi_init_event_log() to a different location in the file.
This help fixes compilation issue introduced by calling
efi_append_scrtm_version()
from it.
v4:
Add SCRTM version to log only if previous firmware doesn't pass the eventlog
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 438 --
1 file changed, 369 insertions(+), 69 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..a789c44660 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Chec
[PATCH v5 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v5: No change
v4: No change
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH v5 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v5 : No change
v4 : No change
v3 :
Rebase changes on top of changes made in first patch of series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 75 +++
1 file changed, 75 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index a789c44660..b44eed0ec9 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1428,6 +1465,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1449,6 +1488,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, buffer,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1456,6 +1515,22 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[PATCH v5 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v5:
Shift the efi_init_event_log() to a different location in the file.
This help fixes compilation issue introduced by calling
efi_append_scrtm_version()
from it.
v4:
Add SCRTM version to log only if previous firmware doesn't pass the eventlog
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 438 --
1 file changed, 369 insertions(+), 69 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..a789c44660 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SP
[PATCH v4 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v4 : No change
v3 :
Rebase changes on top of changes made in first patch of series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 75 +++
1 file changed, 75 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 1713cfff70..08b02e9e1f 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1428,6 +1465,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1449,6 +1488,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, buffer,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1456,6 +1515,22 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[PATCH v4 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
Reviewed-by: Ilias Apalodimas
---
v4: No change
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH v4 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v4:
Add SCRTM version to log only if previous firmware doesn;t pass the eventlog
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 334 --
1 file changed, 317 insertions(+), 17 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..1713cfff70 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
+ sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) {
+ log_err("specID Event: Signature m
Re: [v2][PATCH 1/3] efi_loader: Add check for event log passed from firmware
Hi Kojima-san,
On Wed, 24 Nov 2021 at 13:08, Masahisa Kojima
wrote:
> Hi Ruchika, Ilias,
>
> On Tue, 23 Nov 2021 at 20:53, Ruchika Gupta
> wrote:
> >
> > Platforms may have support to measure their initial firmware components
> > and pass the event log to u-boot. The event log address can be passed
> > in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
> > Platforms may choose their own specific mechanism to do so. A weak
> > function is added to check if even log has been passed to u-boot
> > from earlier firmware components. If available, the eventlog is parsed
> > to check for its correctness and further event logs are appended to the
> > passed log.
>
> It implies that U-Boot is no longer s-crtm, so existing
> efi_append_scrtm_version()
> call shall be skipped in this case.
>
Thanks for bringing this up. Is this a required event ? I don't see the
TF-A appending this event to the log currently. I will need to go and check
the spec for this.
Regards,
Ruchika
>
> Thanks,
> Masahisa Kojima
>
> >
> > Signed-off-by: Ruchika Gupta
> > ---
> > v2:
> > Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
> >
> > lib/efi_loader/efi_tcg2.c | 322 --
> > 1 file changed, 308 insertions(+), 14 deletions(-)
> >
> > diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> > index 8c1f22e337..c3ebdf92f5 100644
> > --- a/lib/efi_loader/efi_tcg2.c
> > +++ b/lib/efi_loader/efi_tcg2.c
> > @@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
> udevice **dev)
> > return EFI_NOT_FOUND;
> > }
> >
> > +/**
> > + * platform_get_eventlog() - retrieve the eventlog address and size
> > + *
> > + * This function retrieves the eventlog address and size if the
> underlying
> > + * firmware has done some measurements and passed them.
> > + *
> > + * This function may be overridden based on platform specific method of
> > + * passing the eventlog address and size.
> > + *
> > + * @dev: udevice
> > + * @addr: eventlog address
> > + * @sz:eventlog size
> > + * Return: status code
> > + */
> > +__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64
> *addr,
> > + u32 *sz)
> > +{
> > + const u64 *basep;
> > + const u32 *sizep;
> > +
> > + basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
> > + if (!basep)
> > + return EFI_NOT_FOUND;
> > +
> > + *addr = be64_to_cpup((__force __be64 *)basep);
> > +
> > + sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
> > + if (!sizep)
> > + return EFI_NOT_FOUND;
> > +
> > + *sz = be32_to_cpup((__force __be32 *)sizep);
> > + if (*sz == 0) {
> > + log_debug("event log empty\n");
> > + return EFI_NOT_FOUND;
> > + }
> > +
> > + return EFI_SUCCESS;
> > +}
> > +
> > /**
> > * tpm2_get_max_command_size() - get the supported max command size
> > *
> > @@ -1181,6 +1220,249 @@ static const struct efi_tcg2_protocol
> efi_tcg2_protocol = {
> > .get_result_of_set_active_pcr_banks =
> efi_tcg2_get_result_of_set_active_pcr_banks,
> > };
> >
> > +/**
> > + * parse_event_log_header() - Parse and verify the event log header
> fields
> > + *
> > + * @buffer:Pointer to the event header
> > + * @size: Size of the eventlog
> > + * @pos: Position in buffer after event log header
> > + *
> > + * Return: status code
> > + */
> > +efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
> > +{
> > + struct tcg_pcr_event *event_header = (struct tcg_pcr_event
> *)buffer;
> > + int i = 0;
> > +
> > + if (size < sizeof(*event_header))
> > + return EFI_COMPROMISED_DATA;
> > +
> > + if (get_unaligned_le32(_header->pcr_index) != 0 ||
> > + get_unaligned_le32(_header->event_type) !=
> EV_NO_ACTION)
> > + return EFI_COMPROMISED_DATA;
> > +
> > + for (i = 0; i < sizeof(event_header->digest); i++) {
> > + if (event_header->digest[i] != 0)
> > + return EFI_COMPROMISED_DATA;
> > + }
> > +
> > +
Re: [v2][PATCH 1/3] efi_loader: Add check for event log passed from firmware
Hi Ilias,
On Wed, 24 Nov 2021 at 12:34, Ilias Apalodimas
wrote:
> Hi Ruchika,
> > +
>
> [...]
>
> > + ret = platform_get_eventlog(dev, , );
> > + if (ret == EFI_SUCCESS) {
>
> Can we invert the logic here?
> if (ret != EFI_SUCCESS)
> return ret;
>
> etc...
>
Change posted in v3.
> > + void *buffer = (void *)base;
> > +
> > + if (sz > TPM2_EVENT_LOG_SIZE)
> > + return EFI_VOLUME_FULL;
> > +
> > + pos = 0;
> > + /* Parse the eventlog to check for its validity */
> > + ret = parse_event_log_header(buffer, sz, );
> > + if (ret || pos > sz)
> > + return EFI_COMPROMISED_DATA;
> > +
> > + ret = parse_specid_event(dev, buffer, sz, ,
> _list);
> > + if (ret || pos > sz) {
> > + log_err("Error parsing SPEC ID Event\n");
> > + return EFI_COMPROMISED_DATA;
> > + }
> > +
> > + while (pos < sz) {
> > + ret = tcg2_parse_event(dev, buffer, sz, ,
> > +_list, );
> > + if (ret) {
> > + log_err("Error parsing event\n");
> > + return ret;
> > + }
> > + }
> > +
> > + memcpy(log_buffer, buffer, sz);
> > + *log_sz = sz;
> > + }
> > +
> > + return ret;
> > +}
> > +
> > /**
> > * create_specid_event() - Create the first event in the eventlog
> > *
> > @@ -1340,6 +1622,12 @@ static efi_status_t efi_init_event_log(void)
> >* last log entry
> >*/
> > memset(event_log.buffer, 0xff, TPM2_EVENT_LOG_SIZE);
> > +
> > + /*
> > + * The log header is defined to be in SHA1 event log entry format.
> > + * Setup event header
> > + */
> > + event_header = (struct tcg_pcr_event *)event_log.buffer;
> > event_log.pos = 0;
> > event_log.last_event_size = 0;
> > event_log.get_event_called = false;
> > @@ -1347,22 +1635,28 @@ static efi_status_t efi_init_event_log(void)
> > event_log.truncated = false;
> >
> > /*
> > - * The log header is defined to be in SHA1 event log entry format.
> > - * Setup event header
> > + * Check if earlier firmware have passed any eventlog. Different
> > + * platforms can use different ways to do so
> >*/
> > - event_header = (struct tcg_pcr_event *)event_log.buffer;
> > - put_unaligned_le32(0, _header->pcr_index);
> > - put_unaligned_le32(EV_NO_ACTION, _header->event_type);
> > - memset(_header->digest, 0, sizeof(event_header->digest));
> > - ret = create_specid_event(dev, (void
> *)((uintptr_t)event_log.buffer + sizeof(*event_header)),
> > - _event_size);
> > - if (ret != EFI_SUCCESS)
> > - goto free_pool;
> > - put_unaligned_le32(spec_event_size, _header->event_size);
> > - event_log.pos = spec_event_size + sizeof(*event_header);
> > - event_log.last_event_size = event_log.pos;
> > + ret = tcg2_get_fw_eventlog(dev, event_log.buffer, _log.pos);
> > + if (ret == EFI_NOT_FOUND) {
> > + put_unaligned_le32(0, _header->pcr_index);
> > + put_unaligned_le32(EV_NO_ACTION,
> _header->event_type);
> > + memset(_header->digest, 0,
> sizeof(event_header->digest));
> > + ret = create_specid_event(dev,
> > + (void
> *)((uintptr_t)event_log.buffer +
> > +sizeof(*event_header)),
> > + _event_size);
> > + if (ret != EFI_SUCCESS)
> > + goto free_pool;
> > + put_unaligned_le32(spec_event_size,
> _header->event_size);
> > + event_log.pos = spec_event_size + sizeof(*event_header);
> > + event_log.last_event_size = event_log.pos;
> > + }
> > +
> > + if (ret == EFI_SUCCESS)
> > + ret = create_final_event();
>
> Same here please. Check for != EFI_SUCCESS and exit before creating the
> final eventlog config table.
>
Changes done in v3
Regards,
Ruchika
> >
> > - ret = create_final_event();
> > if (ret != EFI_SUCCESS)
> > goto free_pool;
> >
> > --
> > 2.25.1
> >
>
> Thanks
> /lias
>
[v3] [PATCH 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
---
v3 :
Rebase changes on top of changes made in first patch of series
v2 :
Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 75 +++
1 file changed, 75 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index ebd7847957..b5343bf039 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1428,6 +1465,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret != EFI_SUCCESS)
@@ -1449,6 +1488,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest, buffer,
+ alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, , _list,
);
@@ -1456,6 +1515,22 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[v3][PATCH 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
---
v3: No change
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[v3][PATCH 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v3:
Return as soon as you detect error
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 322 --
1 file changed, 311 insertions(+), 11 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..ebd7847957 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
+ sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) {
+ log_err("specID Event: Signature mismatch\n");
+ return EFI_COMPROMISED
[v2] [PATCH 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
---
v2 : Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 77 +++
1 file changed, 77 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index c3ebdf92f5..133fe8291a 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1427,6 +1464,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret == EFI_SUCCESS) {
@@ -1447,6 +1486,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest,
+ buffer, alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, ,
_list, );
@@ -1454,6 +1513,24 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg =
+ digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[v2] [PATCH 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
---
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[v2][PATCH 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 322 --
1 file changed, 308 insertions(+), 14 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..c3ebdf92f5 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,249 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
+ sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) {
+ log_err("specID Event: Signature mismatch\n");
+ return EFI_COMPROMISED_DATA;
+ }
+
+ if (spec_event->spec_version_minor !=
+
[v2] [PATCH 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs.
Based on TCG spec, if previous firnware has extended PCR's, PCR0
would not be 0. So, read the PCR0 to determine if the PCR's need
to be extended as eventlog is parsed or not.
Signed-off-by: Ruchika Gupta
---
v2 : Removed check for PCR0 in eventlog
lib/efi_loader/efi_tcg2.c | 77 +++
1 file changed, 77 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index c3ebdf92f5..133fe8291a 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
@@ -1427,6 +1464,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
u32 pcr, pos;
u64 base;
u32 sz;
+ bool extend_pcr = false;
+ int i;
ret = platform_get_eventlog(dev, , );
if (ret == EFI_SUCCESS) {
@@ -1447,6 +1486,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
return EFI_COMPROMISED_DATA;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ return ret;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest,
+ buffer, alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, ,
_list, );
@@ -1454,6 +1513,24 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev,
void *log_buffer,
log_err("Error parsing event\n");
return ret;
}
+
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ return ret;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg =
+ digest_list.digests[i].hash_alg;
+ u8 *digest =
+ (u8 *)_list.digests[i].digest;
+
+ memset(digest, 0, alg_to_len(hash_alg));
+ }
+ }
}
memcpy(log_buffer, buffer, sz);
--
2.25.1
[v2] [PATCH 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
---
v2:
Change algorithm from u32 to u16
Add parameter description in function declaration
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 5 -
lib/tpm-v2.c | 12
3 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ceff7d245e..4e9dd52cb6 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @devTPM device
* @idxIndex of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @algorithm Algorithm used, defined in 'enum tpm2_algorithms'
* @data Output buffer for contents of the named PCR
+ * @digest_len len of the data
* @updatesOptional out parameter: number of updates for this PCR
*
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2e7b27bd6b..1bf627853a 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u16 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[v2][PATCH 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
v2:
Moved firmware eventlog code parsing to tcg2_get_fw_eventlog()
lib/efi_loader/efi_tcg2.c | 322 --
1 file changed, 308 insertions(+), 14 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e337..c3ebdf92f5 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1181,6 +1220,249 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
+ sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) {
+ log_err("specID Event: Signature mismatch\n");
+ return EFI_COMPROMISED_DATA;
+ }
+
+ if (spec_event->spec_version_minor !=
+
Re: [PATCH] efi_loader: fix FinalEvents table if an EFI uses GetEventLog
Please ignore this patch. Sent by mistake.
On Thu, 18 Nov 2021 at 11:48, Ruchika Gupta
wrote:
> ---
> lib/efi_loader/efi_tcg2.c | 90 ++-
> 1 file changed, 61 insertions(+), 29 deletions(-)
>
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 189e4a5ba5..215f4b2b04 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -34,6 +34,7 @@ struct event_log_buffer {
> size_t final_pos; /* final events config table position */
> size_t last_event_size;
> bool get_event_called;
> + bool ebs_called;
> bool truncated;
> };
>
> @@ -186,39 +187,29 @@ static efi_status_t tcg2_pcr_extend(struct udevice
> *dev, u32 pcr_index,
> return EFI_SUCCESS;
> }
>
> -/* tcg2_agile_log_append - Append an agile event to out eventlog
> +/* put_event - Append an agile event to an eventlog
> *
> * @pcr_index: PCR index
> * @event_type:type of event added
> * @digest_list: list of digest algorithms to add
> * @size: size of event
> * @event: event to add
> + * @log: log buffer to append the event
> *
> - * @Return: status code
> */
> -static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
> - struct tpml_digest_values
> *digest_list,
> - u32 size, u8 event[])
> +static void put_event(u32 pcr_index, u32 event_type,
> + struct tpml_digest_values *digest_list, u32 size,
> + u8 event[], void *log)
> {
> - void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
> size_t pos;
> size_t i;
> u32 event_size;
>
> - if (event_log.get_event_called)
> - log = (void *)((uintptr_t)event_log.final_buffer +
> - event_log.final_pos);
> -
> /*
> * size refers to the length of event[] only, we need to check
> against
> * the final tcg_pcr_event2 size
> */
> event_size = size + tcg_event_final_size(digest_list);
> - if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE ||
> - event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) {
> - event_log.truncated = true;
> - return EFI_VOLUME_FULL;
> - }
>
> put_unaligned_le32(pcr_index, log);
> pos = offsetof(struct tcg_pcr_event2, event_type);
> @@ -242,25 +233,64 @@ static efi_status_t tcg2_agile_log_append(u32
> pcr_index, u32 event_type,
> memcpy((void *)((uintptr_t)log + pos), event, size);
> pos += size;
>
> - /* make sure the calculated buffer is what we checked against */
> + /*
> +* make sure the calculated buffer is what we checked against
> +* This check should never fail. It checks the code above is
> +* calculating the right length for the event we are adding
> +* */
> if (pos != event_size)
> - return EFI_INVALID_PARAMETER;
> + log_err("Appending to the EventLog failed\n");
>
> - /* if GetEventLog hasn't been called update the normal log */
> - if (!event_log.get_event_called) {
> - event_log.pos += pos;
> - event_log.last_event_size = pos;
> - } else {
> - /* if GetEventLog has been called update config table log */
> - struct efi_tcg2_final_events_table *final_event;
> +}
>
> - final_event =
> - (struct efi_tcg2_final_events_table
> *)(event_log.final_buffer);
> - final_event->number_of_events++;
> - event_log.final_pos += pos;
> +/* tcg2_agile_log_append - Append an agile event to an eventlog
> + *
> + * @pcr_index: PCR index
> + * @event_type:type of event added
> + * @digest_list: list of digest algorithms to add
> + * @size: size of event
> + * @event: event to add
> + * @log: log buffer to append the event
> + *
> + * @Return: status code
> + */
> +static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
> + struct tpml_digest_values
> *digest_list,
> + u32 size, u8 event[])
> +{
> + void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
> + u32 event_size = size + tcg_event_final_size(digest_list);
> + struct efi_tcg2_final_events_table *final_event;
> + efi_status_t re
[PATCH 3/3] efi_loader: Extend PCR's for firmware measurements
Firmwares before U-Boot may be capable of doing tpm measurements
and passing them to U-Boot in the form of eventlog. However there
may be scenarios where the firmwares don't have TPM driver and
are not capable of extending the measurements in the PCRs. To
cater to such platforms, read the PCR0 to determine if the
previous firmwares have extended the PCR0. If not, then extend
the PCR's as the eventlog is parsed.
Signed-off-by: Ruchika Gupta
---
lib/efi_loader/efi_tcg2.c | 86 +++
1 file changed, 86 insertions(+)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index c97766eae3..cbd0c7d224 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -178,6 +178,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
+/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values
+ *
+ * @dev: device
+ * @digest_list: list of digest algorithms to extend
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
+ struct tpml_digest_values *digest_list)
+{
+ struct tpm_chip_priv *priv;
+ unsigned int updates, pcr_select_min;
+ u32 rc;
+ size_t i;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return EFI_DEVICE_ERROR;
+
+ pcr_select_min = priv->pcr_select_min;
+
+ for (i = 0; i < digest_list->count; i++) {
+ u16 hash_alg = digest_list->digests[i].hash_alg;
+ u8 *digest = (u8 *)_list->digests[i].digest;
+
+ rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min,
+ hash_alg, digest, alg_to_len(hash_alg),
+ );
+ if (rc) {
+ EFI_PRINT("Failed to read PCR\n");
+ return EFI_DEVICE_ERROR;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
/* tcg2_agile_log_append - Append an agile event to out eventlog
*
* @pcr_index: PCR index
@@ -1488,10 +1525,12 @@ static efi_status_t efi_init_event_log(struct udevice
*dev)
struct tcg_pcr_event *event_header = NULL;
struct tpml_digest_values digest_list;
size_t spec_event_size;
+ bool extend_pcr = false;
efi_status_t ret;
u32 pcr, pos;
u64 base;
u32 sz;
+ int i;
ret = platform_get_tpm2_device();
if (ret != EFI_SUCCESS)
@@ -1541,6 +1580,26 @@ static efi_status_t efi_init_event_log(struct udevice
*dev)
goto free_pool;
}
+ ret = tcg2_pcr_read(dev, 0, _list);
+ if (ret) {
+ log_err("Error reading PCR 0\n");
+ goto free_pool;
+ }
+
+ /*
+* If PCR0 is 0, previous firmware didn't have the capability
+* to extend the PCR. In this scenario, extend the PCR as
+* the eventlog is parsed.
+*/
+ for (i = 0; i < digest_list.count; i++) {
+ u8 buffer[TPM2_DIGEST_LEN] = { 0 };
+ u16 hash_alg = digest_list.digests[i].hash_alg;
+
+ if (!memcmp((u8 *)_list.digests[i].digest,
+ buffer, alg_to_len(hash_alg)))
+ extend_pcr = true;
+ }
+
while (pos < sz) {
ret = tcg2_parse_event(dev, buffer, sz, ,
_list, );
@@ -1548,6 +1607,33 @@ static efi_status_t efi_init_event_log(struct udevice
*dev)
log_err("Error parsing event\n");
goto free_pool;
}
+
+ if (pcr != 0) {
+ /*
+* Eventlog passed by firmware should extend
+* PCR0 only.
+*/
+ log_err("Invalid PCR\n");
+ goto free_pool;
+ }
+
+ if (extend_pcr) {
+ ret = tcg2_pcr_extend(dev, pcr, _list);
+ if (ret != EFI_SUCCESS) {
+ log_err("Error in extending PCR\n");
+ goto free_pool;
+ }
+
+ /* Clear the digest for next event */
+ for (i = 0; i < digest_list.count; i++) {
+ u16 hash_alg =
+ digest_li
[PATCH 2/3] tpm: use more algorithms than sha256 on pcr_read
The current tpm2_pcr_read is hardcoded using SHA256. Make the
actual command to TPM configurable to use wider range of algorithms.
The current command line is kept as is i.e limited to SHA-256 only.
Signed-off-by: Ruchika Gupta
---
cmd/tpm-v2.c | 3 ++-
include/tpm-v2.h | 3 ++-
lib/tpm-v2.c | 12
3 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index daae91100a..4ea5f9f094 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag,
int argc,
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, );
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256,
+ data, TPM2_DIGEST_LEN, );
if (!rc) {
printf("PCR #%u content (%u known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index e6b68769f3..07dfaa64fb 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -518,7 +518,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
* @return code of the operation
*/
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates);
+ u32 algorithm, void *data, u32 digest_len,
+ unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 235f8c20d4..9f86eab814 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index,
const void *data,
}
u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
- void *data, unsigned int *updates)
+ u32 algorithm, void *data, u32 digest_len,
+ unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
@@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
/* TPML_PCR_SELECTION */
tpm_u32(1), /* Number of selections */
- tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ tpm_u16(algorithm), /* Algorithm of the hash */
idx_array_sz, /* Array size for selection */
/* bitmap(idx) Selected PCR bitmap */
};
@@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned
int idx_min_sz,
if (ret)
return ret;
+ if (digest_len > response_len)
+ return TPM_LIB_ERROR;
+
if (unpack_byte_string(response, response_len, "ds",
10, ,
- response_len - TPM2_DIGEST_LEN, data,
- TPM2_DIGEST_LEN))
+ response_len - digest_len, data,
+ digest_len))
return TPM_LIB_ERROR;
if (updates)
--
2.25.1
[PATCH] efi_loader: fix FinalEvents table if an EFI uses GetEventLog
---
lib/efi_loader/efi_tcg2.c | 90 ++-
1 file changed, 61 insertions(+), 29 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 189e4a5ba5..215f4b2b04 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -34,6 +34,7 @@ struct event_log_buffer {
size_t final_pos; /* final events config table position */
size_t last_event_size;
bool get_event_called;
+ bool ebs_called;
bool truncated;
};
@@ -186,39 +187,29 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev,
u32 pcr_index,
return EFI_SUCCESS;
}
-/* tcg2_agile_log_append - Append an agile event to out eventlog
+/* put_event - Append an agile event to an eventlog
*
* @pcr_index: PCR index
* @event_type:type of event added
* @digest_list: list of digest algorithms to add
* @size: size of event
* @event: event to add
+ * @log: log buffer to append the event
*
- * @Return: status code
*/
-static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
- struct tpml_digest_values
*digest_list,
- u32 size, u8 event[])
+static void put_event(u32 pcr_index, u32 event_type,
+ struct tpml_digest_values *digest_list, u32 size,
+ u8 event[], void *log)
{
- void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
size_t pos;
size_t i;
u32 event_size;
- if (event_log.get_event_called)
- log = (void *)((uintptr_t)event_log.final_buffer +
- event_log.final_pos);
-
/*
* size refers to the length of event[] only, we need to check against
* the final tcg_pcr_event2 size
*/
event_size = size + tcg_event_final_size(digest_list);
- if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE ||
- event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) {
- event_log.truncated = true;
- return EFI_VOLUME_FULL;
- }
put_unaligned_le32(pcr_index, log);
pos = offsetof(struct tcg_pcr_event2, event_type);
@@ -242,25 +233,64 @@ static efi_status_t tcg2_agile_log_append(u32 pcr_index,
u32 event_type,
memcpy((void *)((uintptr_t)log + pos), event, size);
pos += size;
- /* make sure the calculated buffer is what we checked against */
+ /*
+* make sure the calculated buffer is what we checked against
+* This check should never fail. It checks the code above is
+* calculating the right length for the event we are adding
+* */
if (pos != event_size)
- return EFI_INVALID_PARAMETER;
+ log_err("Appending to the EventLog failed\n");
- /* if GetEventLog hasn't been called update the normal log */
- if (!event_log.get_event_called) {
- event_log.pos += pos;
- event_log.last_event_size = pos;
- } else {
- /* if GetEventLog has been called update config table log */
- struct efi_tcg2_final_events_table *final_event;
+}
- final_event =
- (struct efi_tcg2_final_events_table
*)(event_log.final_buffer);
- final_event->number_of_events++;
- event_log.final_pos += pos;
+/* tcg2_agile_log_append - Append an agile event to an eventlog
+ *
+ * @pcr_index: PCR index
+ * @event_type:type of event added
+ * @digest_list: list of digest algorithms to add
+ * @size: size of event
+ * @event: event to add
+ * @log: log buffer to append the event
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
+ struct tpml_digest_values
*digest_list,
+ u32 size, u8 event[])
+{
+ void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
+ u32 event_size = size + tcg_event_final_size(digest_list);
+ struct efi_tcg2_final_events_table *final_event;
+ efi_status_t ret = EFI_SUCCESS;
+
+ /* if ExitBootServices hasn't been called update the normal log */
+ if (!event_log.ebs_called) {
+ if (event_log.truncated ||
+ event_log.pos + event_size > TPM2_EVENT_LOG_SIZE) {
+ event_log.truncated = true;
+ return EFI_VOLUME_FULL;
+ }
+ put_event(pcr_index, event_type, digest_list, size, event, log);
+ event_log.pos += event_size;
+ event_log.last_event_size = event_size;
}
- return EFI_SUCCESS;
+ if (!event_log.get_event_called)
+ return ret;
+
+
[PATCH 1/3] efi_loader: Add check for event log passed from firmware
Platforms may have support to measure their initial firmware components
and pass the event log to u-boot. The event log address can be passed
in property tpm_event_log_addr and tpm_event_log_size of the tpm node.
Platforms may choose their own specific mechanism to do so. A weak
function is added to check if even log has been passed to u-boot
from earlier firmware components. If available, the eventlog is parsed
to check for its correctness and further event logs are appended to the
passed log.
Signed-off-by: Ruchika Gupta
---
lib/efi_loader/efi_tcg2.c | 312 --
1 file changed, 296 insertions(+), 16 deletions(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 74f0bef239..c97766eae3 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -276,6 +276,45 @@ __weak efi_status_t platform_get_tpm2_device(struct
udevice **dev)
return EFI_NOT_FOUND;
}
+/**
+ * platform_get_eventlog() - retrieve the eventlog address and size
+ *
+ * This function retrieves the eventlog address and size if the underlying
+ * firmware has done some measurements and passed them.
+ *
+ * This function may be overridden based on platform specific method of
+ * passing the eventlog address and size.
+ *
+ * @dev: udevice
+ * @addr: eventlog address
+ * @sz:eventlog size
+ * Return: status code
+ */
+__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr,
+ u32 *sz)
+{
+ const u64 *basep;
+ const u32 *sizep;
+
+ basep = dev_read_prop(dev, "tpm_event_log_addr", NULL);
+ if (!basep)
+ return EFI_NOT_FOUND;
+
+ *addr = be64_to_cpup((__force __be64 *)basep);
+
+ sizep = dev_read_prop(dev, "tpm_event_log_size", NULL);
+ if (!sizep)
+ return EFI_NOT_FOUND;
+
+ *sz = be32_to_cpup((__force __be32 *)sizep);
+ if (*sz == 0) {
+ log_debug("event log empty\n");
+ return EFI_NOT_FOUND;
+ }
+
+ return EFI_SUCCESS;
+}
+
/**
* tpm2_get_max_command_size() - get the supported max command size
*
@@ -1107,6 +1146,205 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol
= {
.get_result_of_set_active_pcr_banks =
efi_tcg2_get_result_of_set_active_pcr_banks,
};
+/**
+ * parse_event_log_header() - Parse and verify the event log header fields
+ *
+ * @buffer:Pointer to the event header
+ * @size: Size of the eventlog
+ * @pos: Position in buffer after event log header
+ *
+ * Return: status code
+ */
+efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos)
+{
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ int i = 0;
+
+ if (size < sizeof(*event_header))
+ return EFI_COMPROMISED_DATA;
+
+ if (get_unaligned_le32(_header->pcr_index) != 0 ||
+ get_unaligned_le32(_header->event_type) != EV_NO_ACTION)
+ return EFI_COMPROMISED_DATA;
+
+ for (i = 0; i < sizeof(event_header->digest); i++) {
+ if (event_header->digest[i] != 0)
+ return EFI_COMPROMISED_DATA;
+ }
+
+ *pos += sizeof(*event_header);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * parse_specid_event() - Parse and verify the specID Event in the eventlog
+ *
+ * @dev: udevice
+ * @buffer:Pointer to the start of the eventlog
+ * @log_size: Size of the eventlog
+ * @pos: Offset in the evenlog where specID event starts
+ *
+ * Return: status code
+ * @posOffset in the eventlog where the specID event
ends
+ * @digest_list: list of digests in the event
+ */
+efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32
log_size,
+ u32 *pos,
+ struct tpml_digest_values *digest_list)
+{
+ struct tcg_efi_spec_id_event *spec_event;
+ struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer;
+ size_t spec_event_size;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
+ u32 spec_active = 0;
+ u16 hash_alg, hash_sz;
+ u8 vendor_sz;
+ int err, i;
+
+ /* Check specID event data */
+ spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos);
+ /* Check for signature */
+ if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
+ sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) {
+ log_err("specID Event: Signature mismatch\n");
+ return EFI_COMPROMISED_DATA;
+ }
+
+ if (spec_event->spec_version_minor !=
+ TCG_EFI_SPEC_ID_EVENT_SPEC_
[PATCH] efi_loader: Fix spec ID event creation
TCG EFI Protocol Specification defines the number_of_algorithms
field in spec ID event to be equal to the number of active
algorithms supported by the TPM device. In current implementation,
this field is populated with the count of all algorithms supported
by the TPM which leads to incorrect spec ID event creation.
Similarly, the algorithm array in spec ID event should be a variable
length array with length being equal to the number_of_algorithms field.
In current implementation this is defined as a fixed length array
which has been fixed.
Signed-off-by: Ruchika Gupta
CC: Masahisa Kojima
CC: Ilias Apalodimas
CC: Heinrich Schuchardt
---
include/efi_tcg2.h| 7 +--
lib/efi_loader/efi_tcg2.c | 40 ++-
2 files changed, 24 insertions(+), 23 deletions(-)
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
index c99384fb00..6c9f448a26 100644
--- a/include/efi_tcg2.h
+++ b/include/efi_tcg2.h
@@ -165,8 +165,6 @@ struct tcg_efi_spec_id_event_algorithm_size {
* @digest_sizes: array of number_of_algorithms pairs
* 1st member defines the algorithm id
* 2nd member defines the algorithm size
- * @vendor_info_size: size in bytes for vendor specific info
- * @vendor_info: vendor specific info
*/
struct tcg_efi_spec_id_event {
u8 signature[16];
@@ -176,10 +174,7 @@ struct tcg_efi_spec_id_event {
u8 spec_errata;
u8 uintn_size;
u32 number_of_algorithms;
- struct tcg_efi_spec_id_event_algorithm_size
digest_sizes[TPM2_NUM_PCR_BANKS];
- u8 vendor_info_size;
- /* U-Boot does not provide any vendor info */
- u8 vendor_info[];
+ struct tcg_efi_spec_id_event_algorithm_size digest_sizes[];
} __packed;
/**
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index b268a02976..3fd6bc30a1 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -575,9 +575,10 @@ static efi_status_t tcg2_create_digest(const u8 *input,
u32 length,
EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
return EFI_INVALID_PARAMETER;
}
+ digest_list->digests[digest_list->count].hash_alg = hash_alg;
+ memcpy(_list->digests[digest_list->count].digest, final,
+ (u32)alg_to_len(hash_alg));
digest_list->count++;
- digest_list->digests[i].hash_alg = hash_alg;
- memcpy(_list->digests[i].digest, final,
(u32)alg_to_len(hash_alg));
}
return EFI_SUCCESS;
@@ -798,8 +799,9 @@ static efi_status_t tcg2_hash_pe_image(void *efi, u64
efi_size,
EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
return EFI_INVALID_PARAMETER;
}
- digest_list->digests[i].hash_alg = hash_alg;
- memcpy(_list->digests[i].digest, hash,
(u32)alg_to_len(hash_alg));
+ digest_list->digests[digest_list->count].hash_alg = hash_alg;
+ memcpy(_list->digests[digest_list->count].digest, hash,
+ (u32)alg_to_len(hash_alg));
digest_list->count++;
}
@@ -1123,7 +1125,7 @@ static efi_status_t create_specid_event(struct udevice
*dev, void *buffer,
struct tcg_efi_spec_id_event *spec_event;
size_t spec_event_size;
efi_status_t ret = EFI_DEVICE_ERROR;
- u32 active = 0, supported = 0;
+ u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0;
int err;
size_t i;
@@ -1145,25 +1147,29 @@ static efi_status_t create_specid_event(struct udevice
*dev, void *buffer,
TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2;
spec_event->uintn_size = sizeof(efi_uintn_t) / sizeof(u32);
- err = tpm2_get_pcr_info(dev, , ,
- _event->number_of_algorithms);
+ err = tpm2_get_pcr_info(dev, , , _count);
+
if (err)
goto out;
- if (spec_event->number_of_algorithms > MAX_HASH_COUNT ||
- spec_event->number_of_algorithms < 1)
- goto out;
- for (i = 0; i < spec_event->number_of_algorithms; i++) {
+ for (i = 0; i < pcr_count; i++) {
u16 hash_alg = hash_algo_list[i].hash_alg;
u16 hash_len = hash_algo_list[i].hash_len;
- if (active && alg_to_mask(hash_alg)) {
+ if (active & alg_to_mask(hash_alg)) {
put_unaligned_le16(hash_alg,
-
_event->digest_sizes[i].algorithm_id);
+
_event->digest_sizes[alg_count].algorithm_id);
put_unaligned_le16(hash_len,
-
[PATCH 3/3] configs: lx2160a: Enable OPTEE support
Enable support to compile OPTEE driver, access AVB TA and RPMB API's access via RPC from OPTEE for lx2160 Signed-off-by: Ruchika Gupta --- configs/lx2160ardb_tfa_defconfig | 5 + 1 file changed, 5 insertions(+) diff --git a/configs/lx2160ardb_tfa_defconfig b/configs/lx2160ardb_tfa_defconfig index c8582aa40d..930c88221f 100644 --- a/configs/lx2160ardb_tfa_defconfig +++ b/configs/lx2160ardb_tfa_defconfig @@ -73,3 +73,8 @@ CONFIG_USB_XHCI_HCD=y CONFIG_USB_XHCI_DWC3=y CONFIG_EFI_LOADER_BOUNCE_BUFFER=y CONFIG_GIC_V3_ITS=y +CONFIG_TEE=y +CONFIG_OPTEE=y +CONFIG_OPTEE_TA_AVB=y +CONFIG_SUPPORT_EMMC_RPMB=y +CONFIG_CMD_OPTEE_RPMB=y -- 2.17.1
[PATCH 2/3] arm64: lx2160a: dts: Add OPTEE node
Add OPTEE node in lx2 device tree to enable access of
OPTEE TA's from u-boot.
Signed-off-by: Ruchika Gupta
---
arch/arm/dts/fsl-lx2160a.dtsi | 7 +++
1 file changed, 7 insertions(+)
diff --git a/arch/arm/dts/fsl-lx2160a.dtsi b/arch/arm/dts/fsl-lx2160a.dtsi
index 42ce4379ec..f0306e9390 100644
--- a/arch/arm/dts/fsl-lx2160a.dtsi
+++ b/arch/arm/dts/fsl-lx2160a.dtsi
@@ -363,4 +363,11 @@
bus-range = <0x0 0xff>;
ranges = <0x8200 0x0 0x4000 0xa8 0x4000 0x0
0x4000>;
};
+
+ firmware {
+ optee {
+ compatible = "linaro,optee-tz";
+ method = "smc";
+ };
+ };
};
--
2.17.1
[PATCH 1/3] cmd: optee_rpmb command for read/write of rpmb from optee
Enable "optee_rpmb" command to write/read named persistent values
created on RPMB by opening session with OPTEE AVB TA.
This provides easy test for establishing a session with OPTEE
TA and storage of persistent data in MMC RPMB.
It includes following subcommands:
optee_rpmb read_pvalue - read persistent values on rpmb via OPTEE AVB TA
optee_rpmb write_pvalue - write persistent values on rpmb via OPTEE AVB TA
Signed-off-by: Ruchika Gupta
---
cmd/Kconfig | 16 +++
cmd/Makefile | 1 +
cmd/optee_rpmb.c | 269 +++
3 files changed, 286 insertions(+)
create mode 100644 cmd/optee_rpmb.c
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 6ce9e5521c..b5dc571e60 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -1088,6 +1088,14 @@ config CMD_MMC_SWRITE
endif
+config CMD_OPTEE_RPMB
+ bool "Enable read/write support on RPMB via OPTEE"
+ depends on SUPPORT_EMMC_RPMB && OPTEE
+ help
+ Enable the commands for reading, writing persistent named values
+ in the Replay Protection Memory Block partition in eMMC by
+ using Persistent Objects in OPTEE
+
config CMD_MTD
bool "mtd"
depends on MTD
@@ -1137,6 +1145,14 @@ config CMD_ONENAND
and erasing blocks. It allso provides a way to show and change
bad blocks, and test the device.
+config CMD_OPTEE_RPMB
+ bool "Enable read/write support on RPMB via OPTEE"
+ depends on SUPPORT_EMMC_RPMB && OPTEE
+ help
+ Enable the commands for reading, writing persistent named values
+ in the Replay Protection Memory Block partition in eMMC by
+ using Persistent Objects in OPTEE
+
config CMD_OSD
bool "osd"
help
diff --git a/cmd/Makefile b/cmd/Makefile
index 6692ed96c6..0159493a13 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_CMD_MII) += mii.o
obj-$(CONFIG_CMD_MDIO) += mdio.o
obj-$(CONFIG_CMD_MISC) += misc.o
obj-$(CONFIG_CMD_MMC) += mmc.o
+obj-$(CONFIG_CMD_OPTEE_RPMB) += optee_rpmb.o
obj-$(CONFIG_MP) += mp.o
obj-$(CONFIG_CMD_MTD) += mtd.o
obj-$(CONFIG_CMD_MTDPARTS) += mtdparts.o
diff --git a/cmd/optee_rpmb.c b/cmd/optee_rpmb.c
new file mode 100644
index 00..829d1268f7
--- /dev/null
+++ b/cmd/optee_rpmb.c
@@ -0,0 +1,269 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+struct udevice *tee;
+u32 session;
+
+static int avb_ta_open_session(void)
+{
+ const struct tee_optee_ta_uuid uuid = TA_AVB_UUID;
+ struct tee_open_session_arg arg;
+ int rc;
+
+ tee = tee_find_device(tee, NULL, NULL, NULL);
+ if (!tee)
+ return -ENODEV;
+
+ memset(, 0, sizeof(arg));
+ tee_optee_ta_uuid_to_octets(arg.uuid, );
+ rc = tee_open_session(tee, , 0, NULL);
+ if (!rc)
+ session = arg.session;
+
+ return 0;
+}
+
+static int invoke_func(u32 func, ulong num_param, struct tee_param *param)
+{
+ struct tee_invoke_arg arg;
+
+ if (!tee)
+ if (avb_ta_open_session())
+ return -ENODEV;
+
+ memset(, 0, sizeof(arg));
+ arg.func = func;
+ arg.session = session;
+
+ if (tee_invoke_func(tee, , num_param, param))
+ return -EFAULT;
+ switch (arg.ret) {
+ case TEE_SUCCESS:
+ return 0;
+ case TEE_ERROR_OUT_OF_MEMORY:
+ case TEE_ERROR_STORAGE_NO_SPACE:
+ return -ENOSPC;
+ case TEE_ERROR_ITEM_NOT_FOUND:
+ return -EIO;
+ case TEE_ERROR_TARGET_DEAD:
+ /*
+* The TA has paniced, close the session to reload the TA
+* for the next request.
+*/
+ tee_close_session(tee, session);
+ tee = NULL;
+ return -EIO;
+ default:
+ return -EIO;
+ }
+}
+
+static int read_persistent_value(const char *name,
+size_t buffer_size,
+u8 *out_buffer,
+size_t *out_num_bytes_read)
+{
+ int rc = 0;
+ struct tee_shm *shm_name;
+ struct tee_shm *shm_buf;
+ struct tee_param param[2];
+ size_t name_size = strlen(name) + 1;
+
+ if (!tee)
+ if (avb_ta_open_session())
+ return -ENODEV;
+
+ rc = tee_shm_alloc(tee, name_size,
+ TEE_SHM_ALLOC, _name);
+ if (rc)
+ return -ENOMEM;
+
+ rc = tee_shm_alloc(tee, buffer_size,
+ TEE_SHM_ALLOC, _buf);
+ if (rc) {
+ rc = -ENOMEM;
+ goto free_name;
+ }
+
+ memcpy(shm_name->addr, name, name_size);
+
+ memset(param, 0, sizeof(param));
+ param[0].attr = TEE_P
[U-Boot] [PATCH][v2] armv8: sec_firmware: Remove JR3 from device tree node in all cases
JR3 was getting removed from device tree only if random number generation
was successful. However, if SEC firmware is present,JR3 should be removed
from device tree node irrespective of the random seed generation as
SEC firmware reserves it for it's use. Not removing it in case of random
number generation failure causes the kernel to crash.
Random number generation was being called twice. This is not required.
If SEC firmware is running, SIP call can be made to the SEC firmware to
get the random number. This call itself would return failure if function
is not supported. Duplicate calling of random number generation function
has been removed
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1:
Removed unused variable rand from the sec_firmware_support_hwrng function
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 4 ++--
arch/arm/cpu/armv8/sec_firmware.c | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 99c5d13..955ef30 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -415,8 +415,8 @@ void ft_cpu_setup(void *blob, bd_t *bd)
ccsr_sec_t __iomem *sec;
#ifdef CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT
- if (fdt_fixup_kaslr(blob))
- fdt_fixup_remove_jr(blob);
+ fdt_fixup_remove_jr(blob);
+ fdt_fixup_kaslr(blob);
#endif
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index b56ea78..98d7be3 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -318,9 +318,7 @@ unsigned int sec_firmware_support_psci_version(void)
*/
bool sec_firmware_support_hwrng(void)
{
- uint8_t rand[8];
if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
- if (!sec_firmware_get_random(rand, 8))
return true;
}
@@ -429,8 +427,10 @@ int fdt_fixup_kaslr(void *fdt)
#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
/* Check if random seed generation is supported */
- if (sec_firmware_support_hwrng() == false)
+ if (sec_firmware_support_hwrng() == false) {
+ printf("WARNING: SEC firmware not running, no kaslr-seed\n");
return 0;
+ }
ret = sec_firmware_get_random(rand, 8);
if (ret < 0) {
--
2.7.4
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH] armv8: sec_firmware: Remove JR3 from device tree node in all cases
JR3 was getting removed from device tree only if random number generation
was successful. However, if SEC firmware is present,JR3 should be removed
from device tree node irrespective of the random seed generation as
SEC firmware reserves it for it's use. Not removing it in case of random
number generation failure causes the kernel to crash.
Random number generation was being called twice. This is not required.
If SEC firmware is running, SIP call can be made to the SEC firmware to
get the random number. This call itself would return failure if function
is not supported. Duplicate calling of random number generation function
has been removed
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 4 ++--
arch/arm/cpu/armv8/sec_firmware.c | 5 +++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 80af318..6a19f4d 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -415,8 +415,8 @@ void ft_cpu_setup(void *blob, bd_t *bd)
ccsr_sec_t __iomem *sec;
#ifdef CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT
- if (fdt_fixup_kaslr(blob))
- fdt_fixup_remove_jr(blob);
+ fdt_fixup_remove_jr(blob);
+ fdt_fixup_kaslr(blob);
#endif
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index b56ea78..ebf41b5 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -320,7 +320,6 @@ bool sec_firmware_support_hwrng(void)
{
uint8_t rand[8];
if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
- if (!sec_firmware_get_random(rand, 8))
return true;
}
@@ -429,8 +428,10 @@ int fdt_fixup_kaslr(void *fdt)
#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
/* Check if random seed generation is supported */
- if (sec_firmware_support_hwrng() == false)
+ if (sec_firmware_support_hwrng() == false) {
+ printf("WARNING: SEC firmware not running, no kaslr-seed\n");
return 0;
+ }
ret = sec_firmware_get_random(rand, 8);
if (ret < 0) {
--
2.7.4
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [RESEND PATCH v3 1/2] drivers/crypto/fsl: assign job-rings to non-TrustZone
>-Original Message- >From: Bryan O'Donoghue [mailto:bryan.odonog...@linaro.org] >Sent: Friday, January 26, 2018 5:55 PM >To: u-boot@lists.denx.de; tr...@konsulko.com >Cc: Peng Fan <peng@nxp.com>; Fabio Estevam <fabio.este...@nxp.com>; >lukas.a...@aisec.fraunhofer.de; Bryan O'Donoghue ><bryan.odonog...@linaro.org>; Alexandru Porosanu ><alexandru.poros...@nxp.com>; Ruchika Gupta <ruchika.gu...@nxp.com>; >Aneesh Bansal <aneesh.ban...@nxp.com> >Subject: [RESEND PATCH v3 1/2] drivers/crypto/fsl: assign job-rings to non- >TrustZone > >After enabling TrustZone various parts of the CAAM silicon become inaccessible >to non TrustZone contexts. The job-ring registers are designed to allow non >TrustZone contexts like Linux to still submit jobs to CAAM even after TrustZone >has been enabled. > >The default job-ring permissions after the BootROM look like this for job-ring >zero. > >ms=0x8001 ls=0x8001 > >The MS field is JRaMIDR_MS (job ring MID most significant). > >Referring to "Security Reference Manual for i.MX 7Dual and 7Solo Applications >Processors, Rev. 0, 03/2017" section 8.10.4 we see that JROWN_NS controls >whether or not a job-ring is accessible from non TrustZone. > >Bit 15 (TrustZone) is the logical inverse of bit 3 hence the above value of >0x8001 shows that JROWN_NS=0 and TrustZone=1. > >Clearly then as soon as TrustZone becomes active the job-ring registers are no >longer accessible from Linux, which is not what we want. > >This patch explicitly sets all job-ring registers to JROWN_NS=1 (non >TrustZone) by default and to the Non-Secure MID 001. Both settings are required >to successfully assign a job-ring to non-secure mode. If a piece of TrustZone >firmware requires ownership of job-ring registers it can unset the JROWN_NS bit >itself. > >This patch in conjunction with a modification of the Linux kernel to skip HWRNG >initialisation makes CAAM usable to Linux with TrustZone enabled. > >Signed-off-by: Bryan O'Donoghue <bryan.odonog...@linaro.org> >Cc: Fabio Estevam <fabio.este...@nxp.com> >Cc: Peng Fan <peng@nxp.com> >Cc: Alex Porosanu <alexandru.poros...@nxp.com> >Cc: Ruchika Gupta <ruchika.gu...@nxp.com> >Cc: Aneesh Bansal <aneesh.ban...@nxp.com> >Link: >https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.c >om%2FOP- >TEE%2Foptee_os%2Fissues%2F1408=02%7C01%7Cruchika.gupta%40nxp.c >om%7C1fe21d0a12d34d7722c008d564b7cb4d%7C686ea1d3bc2b4c6fa92cd99c5 >c301635%7C0%7C0%7C636525662918265016=Nt5Fu2LYXDq95Rlv7N5Ns >w45tO%2Fw3nDcbQF%2BOPRP7PI%3D=0 >Link: >https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftinyurl.c >om%2Fyam5gv9a=02%7C01%7Cruchika.gupta%40nxp.com%7C1fe21d0a12 >d34d7722c008d564b7cb4d%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C1 >%7C636525662918265016=BypstfduS%2FVyPaeEQCj1hyx5RRSF690SbLaxZ >j74KPo%3D=0 >Tested-by: Lukas Auer <lukas.a...@aisec.fraunhofer.de> Reviewed-by: Ruchika Gupta <ruchika.gu...@nxp.com> ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH][v4] ARMv8/sec_firmware : Update chosen/kaslr-seed with random number
kASLR support in kernel requires a random number to be passed via
chosen/kaslr-seed propert. sec_firmware generates this random seed
which can then be passed in the device tree node.
sec_firmware reserves JR3 for it's own usage. Node for JR3 is
removed from device-tree.
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v3:
fdt_fixup_kaslr function is valid only if secure firmare is enabled.
So the call to this function is done only if CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT
is enabled
Changes from v2:
fix-kaslr-seed moved to sec_firmware.c
Changes from v1
- Extra spaces removed from the patch
- Support added for LSCH3 devices in the patch
- of calls replaced with fdt calls to remove compilation error with
latest uboot
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 +++-
arch/arm/cpu/armv8/sec_firmware.c | 99 +++
arch/arm/include/asm/armv8/sec_firmware.h | 9 +++
3 files changed, 142 insertions(+), 3 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index f5f4840..c925275 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -345,11 +345,38 @@ static void fdt_fixup_msi(void *blob)
}
#endif
+#ifdef CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT
+/* Remove JR node used by SEC firmware */
+void fdt_fixup_remove_jr(void *blob)
+{
+ int jr_node, addr_cells, len;
+ int crypto_node = fdt_path_offset(blob, "crypto");
+ u64 jr_offset, used_jr;
+ fdt32_t *reg;
+
+ used_jr = sec_firmware_used_jobring_offset();
+ fdt_support_default_count_cells(blob, crypto_node, _cells, NULL);
+
+ jr_node = fdt_node_offset_by_compatible(blob, crypto_node,
+ "fsl,sec-v4.0-job-ring");
+
+ while (jr_node != -FDT_ERR_NOTFOUND) {
+ reg = (fdt32_t *)fdt_getprop(blob, jr_node, "reg", );
+ jr_offset = fdt_read_number(reg, addr_cells);
+ if (jr_offset == used_jr) {
+ fdt_del_node(blob, jr_node);
+ break;
+ }
+ jr_node = fdt_node_offset_by_compatible(blob, jr_node,
+
"fsl,sec-v4.0-job-ring");
+ }
+}
+#endif
+
void ft_cpu_setup(void *blob, bd_t *bd)
{
-#ifdef CONFIG_FSL_LSCH2
struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
- unsigned int svr = in_be32(>svr);
+ unsigned int svr = gur_in32(>svr);
/* delete crypto node if not on an E-processor */
if (!IS_E_PROCESSOR(svr))
@@ -358,11 +385,15 @@ void ft_cpu_setup(void *blob, bd_t *bd)
else {
ccsr_sec_t __iomem *sec;
+#ifdef CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT
+ if (fdt_fixup_kaslr(blob))
+ fdt_fixup_remove_jr(blob);
+#endif
+
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
fdt_fixup_crypto_node(blob, sec_in32(>secvid_ms));
}
#endif
-#endif
#ifdef CONFIG_MP
ft_fixup_cpu(blob);
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index fffce71..0e74834 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -232,6 +232,59 @@ unsigned int sec_firmware_support_psci_version(void)
#endif
/*
+ * Check with sec_firmware if it supports random number generation
+ * via HW RNG
+ *
+ * The return value will be true if it is supported
+ */
+bool sec_firmware_support_hwrng(void)
+{
+ uint8_t rand[8];
+ if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
+ if (!sec_firmware_get_random(rand, 8))
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * sec_firmware_get_random - Get a random number from SEC Firmware
+ * @rand: random number buffer to be filled
+ * @bytes: Number of bytes of random number to be supported
+ * @eret: -1 in case of error, 0 for success
+ */
+int sec_firmware_get_random(uint8_t *rand, int bytes)
+{
+ unsigned long long num;
+ struct pt_regs regs;
+ int param1;
+
+ if (!bytes || bytes > 8) {
+ printf("Max Random bytes genration supported is 8\n");
+ return -1;
+ }
+#define SIP_RNG_64 0xC200FF11
+ regs.regs[0] = SIP_RNG_64;
+
+ if (bytes <= 4)
+ param1 = 0;
+ else
+ param1 = 1;
+ regs.regs[1] = param1;
+
+ smc_call();
+
+ if (regs.regs[0])
+ return -1;
+
+ num = regs.regs[1];
+ memcpy(rand, , bytes);
+
+ return 0;
+}
+
+/*
* sec_firmware_init - Initialize the SEC Firmware
* @sec_firmware_img: the SEC Firmware image address
* @eret_hold_l: the address to hold exception return address low
@@ -278,3 +331,4
[U-Boot] [PATCH][v3] ARMv8/sec_firmware : Update chosen/kaslr-seed with random number
kASLR support in kernel requires a random number to be passed via
chosen/kaslr-seed propert. sec_firmware generates this random seed
which can then be passed in the device tree node.
sec_firmware reserves JR3 for it's own usage. Node for JR3 is
removed from device-tree.
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v2:
fix-kaslr-seed moved to sec_firmware.c
Changes from v1
- Extra spaces removed from the patch
- Support added for LSCH3 devices in the patch
- of calls replaced with fdt calls to remove compilation error with
latest uboot
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 33 ++-
arch/arm/cpu/armv8/sec_firmware.c | 99 +++
arch/arm/include/asm/armv8/sec_firmware.h | 9 +++
3 files changed, 138 insertions(+), 3 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index f5f4840..7f58dbb 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -345,11 +345,36 @@ static void fdt_fixup_msi(void *blob)
}
#endif
+/* Remove JR node used by SEC firmware */
+void fdt_fixup_remove_jr(void *blob)
+{
+ int jr_node, addr_cells, len;
+ int crypto_node = fdt_path_offset(blob, "crypto");
+ u64 jr_offset, used_jr;
+ fdt32_t *reg;
+
+ used_jr = sec_firmware_used_jobring_offset();
+ fdt_support_default_count_cells(blob, crypto_node, _cells, NULL);
+
+ jr_node = fdt_node_offset_by_compatible(blob, crypto_node,
+ "fsl,sec-v4.0-job-ring");
+
+ while (jr_node != -FDT_ERR_NOTFOUND) {
+ reg = (fdt32_t *)fdt_getprop(blob, jr_node, "reg", );
+ jr_offset = fdt_read_number(reg, addr_cells);
+ if (jr_offset == used_jr) {
+ fdt_del_node(blob, jr_node);
+ break;
+ }
+ jr_node = fdt_node_offset_by_compatible(blob, jr_node,
+
"fsl,sec-v4.0-job-ring");
+ }
+}
+
void ft_cpu_setup(void *blob, bd_t *bd)
{
-#ifdef CONFIG_FSL_LSCH2
struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
- unsigned int svr = in_be32(>svr);
+ unsigned int svr = gur_in32(>svr);
/* delete crypto node if not on an E-processor */
if (!IS_E_PROCESSOR(svr))
@@ -358,11 +383,13 @@ void ft_cpu_setup(void *blob, bd_t *bd)
else {
ccsr_sec_t __iomem *sec;
+ if (fdt_fixup_kaslr(blob))
+ fdt_fixup_remove_jr(blob);
+
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
fdt_fixup_crypto_node(blob, sec_in32(>secvid_ms));
}
#endif
-#endif
#ifdef CONFIG_MP
ft_fixup_cpu(blob);
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index fffce71..0e74834 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -232,6 +232,59 @@ unsigned int sec_firmware_support_psci_version(void)
#endif
/*
+ * Check with sec_firmware if it supports random number generation
+ * via HW RNG
+ *
+ * The return value will be true if it is supported
+ */
+bool sec_firmware_support_hwrng(void)
+{
+ uint8_t rand[8];
+ if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
+ if (!sec_firmware_get_random(rand, 8))
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * sec_firmware_get_random - Get a random number from SEC Firmware
+ * @rand: random number buffer to be filled
+ * @bytes: Number of bytes of random number to be supported
+ * @eret: -1 in case of error, 0 for success
+ */
+int sec_firmware_get_random(uint8_t *rand, int bytes)
+{
+ unsigned long long num;
+ struct pt_regs regs;
+ int param1;
+
+ if (!bytes || bytes > 8) {
+ printf("Max Random bytes genration supported is 8\n");
+ return -1;
+ }
+#define SIP_RNG_64 0xC200FF11
+ regs.regs[0] = SIP_RNG_64;
+
+ if (bytes <= 4)
+ param1 = 0;
+ else
+ param1 = 1;
+ regs.regs[1] = param1;
+
+ smc_call();
+
+ if (regs.regs[0])
+ return -1;
+
+ num = regs.regs[1];
+ memcpy(rand, , bytes);
+
+ return 0;
+}
+
+/*
* sec_firmware_init - Initialize the SEC Firmware
* @sec_firmware_img: the SEC Firmware image address
* @eret_hold_l: the address to hold exception return address low
@@ -278,3 +331,49 @@ int sec_firmware_init(const void *sec_firmware_img,
return 0;
}
+
+/*
+ * fdt_fix_kaslr - Add kalsr-seed node in Device tree
+ * @fdt: Device tree
+ * @eret: 0 in case of error, 1 for success
+ */
+int fdt_fixup_kaslr(void *
[U-Boot] [PATCH][v2] ARMv8/sec_firmware : Update chosen/kaslr-seed with random number
kASLR support in kernel requires a random number to be passed via
chosen/kaslr-seed propert. sec_firmware generates this random seed
which can then be passed in the device tree node.
sec_firmware reserves JR3 for it's own usage. Node for JR3 is
removed from device-tree.
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1
- Extra spaces removed from the patch
- Support added for LSCH3 devices in the patch
- of calls replaced with fdt calls to remove compilation error with latest uboot
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 75 +--
arch/arm/cpu/armv8/sec_firmware.c | 53 ++
arch/arm/include/asm/armv8/sec_firmware.h | 8
3 files changed, 133 insertions(+), 3 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index f5f4840..8a21583 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -345,11 +345,78 @@ static void fdt_fixup_msi(void *blob)
}
#endif
+int fdt_fixup_kaslr(void *fdt)
+{
+ int nodeoffset;
+ int err, ret = 0;
+ u8 rand[8];
+
+#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
+ /* Check if random seed generation is supported */
+ if (sec_firmware_support_hwrng() == false)
+ return 0;
+
+ ret = sec_firmware_get_random(rand, 8);
+ if (ret < 0) {
+ printf("WARNING: could not get random number to set"
+ "kaslr-seed\n");
+ return 0;
+ }
+
+ err = fdt_check_header(fdt);
+ if (err < 0) {
+ printf("fdt_chosen: %s\n", fdt_strerror(err));
+ return 0;
+ }
+
+ /* find or create "/chosen" node. */
+ nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
+ if (nodeoffset < 0)
+ return 0;
+
+ err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand,
+ sizeof(rand));
+ if (err < 0) {
+ printf("WARNING: could not set kaslr-seed %s.\n",
+ fdt_strerror(err));
+ return 0;
+ }
+ ret = 1;
+#endif
+
+ return ret;
+}
+
+/* Remove JR node used by SEC firmware */
+void fdt_fixup_remove_jr(void *blob)
+{
+ int jr_node, addr_cells, len;
+ int crypto_node = fdt_path_offset(blob, "crypto");
+ u64 jr_offset, used_jr;
+ fdt32_t *reg;
+
+ used_jr = sec_firmware_used_jobring_offset();
+ fdt_support_default_count_cells(blob, crypto_node, _cells, NULL);
+
+ jr_node = fdt_node_offset_by_compatible(blob, crypto_node,
+ "fsl,sec-v4.0-job-ring");
+
+ while (jr_node != -FDT_ERR_NOTFOUND) {
+ reg = (fdt32_t *)fdt_getprop(blob, jr_node, "reg", );
+ jr_offset = fdt_read_number(reg, addr_cells);
+ if (jr_offset == used_jr) {
+ fdt_del_node(blob, jr_node);
+ break;
+ }
+ jr_node = fdt_node_offset_by_compatible(blob, jr_node,
+
"fsl,sec-v4.0-job-ring");
+ }
+}
+
void ft_cpu_setup(void *blob, bd_t *bd)
{
-#ifdef CONFIG_FSL_LSCH2
struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
- unsigned int svr = in_be32(>svr);
+ unsigned int svr = gur_in32(>svr);
/* delete crypto node if not on an E-processor */
if (!IS_E_PROCESSOR(svr))
@@ -358,11 +425,13 @@ void ft_cpu_setup(void *blob, bd_t *bd)
else {
ccsr_sec_t __iomem *sec;
+ if (fdt_fixup_kaslr(blob))
+ fdt_fixup_remove_jr(blob);
+
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
fdt_fixup_crypto_node(blob, sec_in32(>secvid_ms));
}
#endif
-#endif
#ifdef CONFIG_MP
ft_fixup_cpu(blob);
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index fffce71..5481e04 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -232,6 +232,59 @@ unsigned int sec_firmware_support_psci_version(void)
#endif
/*
+ * Check with sec_firmware if it supports random number generation
+ * via HW RNG
+ *
+ * The return value will be true if it is supported
+ */
+bool sec_firmware_support_hwrng(void)
+{
+ uint8_t rand[8];
+ if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
+ if (!sec_firmware_get_random(rand, 8))
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * sec_firmware_get_random - Initialize the SEC Firmware
+ * @rand: random number buffer to be filled
+ * @bytes: Number of bytes of random number to be supported
+
Re: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-seed
> -Original Message-
> From: Poonam Aggrwal
> Sent: Monday, May 15, 2017 9:27 AM
> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de;
> sun.y...@nxp.com; Prabhakar Kushwaha <prabhakar.kushw...@nxp.com>
> Cc: Ruchika Gupta <ruchika.gu...@nxp.com>
> Subject: RE: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-
> seed
>
>
>
> -Original Message-
> From: U-Boot [mailto:u-boot-boun...@lists.denx.de] On Behalf Of Ruchika
> Gupta
> Sent: Saturday, May 13, 2017 5:37 AM
> To: u-boot@lists.denx.de; sun.y...@nxp.com; Prabhakar Kushwaha
> <prabhakar.kushw...@nxp.com>
> Cc: Ruchika Gupta <ruchika.gu...@nxp.com>
> Subject: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-seed
>
> kASLR support in kernel requires a random number to be passed via
> chosen/kaslr-seed propert. sec_firmware generates this random seed which
> can then be passed in the device tree node
>
> sec_firmware reserves JR3 for it's own usage. Node for JR3 is removed from
> device-tree.
>
> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
> ---
> arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 73
> +++
> arch/arm/cpu/armv8/sec_firmware.c | 53 ++
> arch/arm/include/asm/armv8/sec_firmware.h | 9
> 3 files changed, 135 insertions(+)
> >> Good to have some documentation of this feature in doc/README.XXX
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> index 05c4577..d4ca129 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> @@ -345,6 +345,75 @@ static void fdt_fixup_msi(void *blob) } #endif
>
> +
> +int fdt_fixup_kaslr(void *fdt)
> +{
> + int nodeoffset;
> + int err, ret = 0;
> + u8 rand[8];
> +
> +#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
> + /* Check if random seed generation is supported */
> + if (sec_firmware_support_hwrng() == false)
> + return 0;
> +
> + ret = sec_firmware_get_random(rand, 8);
> + if (ret < 0) {
> + printf("WARNING: could not get random number to set",
> +"kaslr-seed\n");
> + return 0;
> + }
> +
> + err = fdt_check_header(fdt);
> + if (err < 0) {
> + printf("fdt_chosen: %s\n", fdt_strerror(err));
> + return 0;
> + }
> +
> + /* find or create "/chosen" node. */
> + nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
> + if (nodeoffset < 0)
> + return 0;
> +
> + err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand,
> +
> >> Are the device-tree bindings approved for " kaslr-seed" in Linux?
> >> just thinking, how this feature will work, in kexec type of usecases, in
> >> that
> case probably this logic should go in the kexec logic of the kernel.
Linux - arch/arm64/Kconfig --> config_option RANDOMIZE_BASE requires the
bootloader to pass
random u64 value via chosen/kaslr-seed
>
Ruchika
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-seed
> -Original Message- > From: Peter Robinson [mailto:pbrobin...@gmail.com] > Sent: Monday, May 15, 2017 6:18 PM > To: Ruchika Gupta <ruchika.gu...@nxp.com> > Cc: u-boot@lists.denx.de; sun.y...@nxp.com; Prabhakar Kushwaha > <prabhakar.kushw...@nxp.com> > Subject: Re: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr- > seed > > On Sat, May 13, 2017 at 1:07 AM, Ruchika Gupta <ruchika.gu...@nxp.com> > wrote: > > kASLR support in kernel requires a random number to be passed via > > chosen/kaslr-seed propert. sec_firmware generates this random seed > > which can then be passed in the device tree node > > Is that functionality generic that it can be consumed by other devices? Sec firmware is proprietary firmware which provides this random seed using HW engine on NXP devices. Other devices would need to generate their own random seed to be passed as this property. Ruchika ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-seed
kASLR support in kernel requires a random number to be passed via
chosen/kaslr-seed propert. sec_firmware generates this random seed
which can then be passed in the device tree node
sec_firmware reserves JR3 for it's own usage. Node for JR3 is
removed from device-tree.
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 73 +++
arch/arm/cpu/armv8/sec_firmware.c | 53 ++
arch/arm/include/asm/armv8/sec_firmware.h | 9
3 files changed, 135 insertions(+)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 05c4577..d4ca129 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -345,6 +345,75 @@ static void fdt_fixup_msi(void *blob)
}
#endif
+
+int fdt_fixup_kaslr(void *fdt)
+{
+ int nodeoffset;
+ int err, ret = 0;
+ u8 rand[8];
+
+#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
+ /* Check if random seed generation is supported */
+ if (sec_firmware_support_hwrng() == false)
+ return 0;
+
+ ret = sec_firmware_get_random(rand, 8);
+ if (ret < 0) {
+ printf("WARNING: could not get random number to set",
+ "kaslr-seed\n");
+ return 0;
+ }
+
+ err = fdt_check_header(fdt);
+ if (err < 0) {
+ printf("fdt_chosen: %s\n", fdt_strerror(err));
+ return 0;
+ }
+
+ /* find or create "/chosen" node. */
+ nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
+ if (nodeoffset < 0)
+ return 0;
+
+ err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand,
+ sizeof(rand));
+ if (err < 0) {
+ printf("WARNING: could not set kaslr-seed %s.\n",
+ fdt_strerror(err));
+ return 0;
+ }
+ ret = 1;
+#endif
+
+ return ret;
+}
+
+/* Remove JR node used by SEC firmware */
+void fdt_fixup_remove_jr(void *blob)
+{
+ int jr_node, addr_cells, len;
+ int crypto_node = fdt_path_offset(blob, "crypto");
+ u64 jr_offset, used_jr;
+ fdt32_t *reg;
+
+ used_jr = sec_firmware_used_jobring_offset();
+ of_bus_default_count_cells(blob, crypto_node, _cells, NULL);
+
+ jr_node = fdt_node_offset_by_compatible(blob, crypto_node,
+ "fsl,sec-v4.0-job-ring");
+
+ while (jr_node != -FDT_ERR_NOTFOUND) {
+ reg = (fdt32_t *)fdt_getprop(blob, jr_node, "reg", );
+ jr_offset = of_read_number(reg, addr_cells);
+ if (jr_offset == used_jr) {
+ fdt_del_node(blob, jr_node);
+ break;
+ }
+ jr_node = fdt_node_offset_by_compatible(blob, jr_node,
+
"fsl,sec-v4.0-job-ring");
+ }
+}
+
void ft_cpu_setup(void *blob, bd_t *bd)
{
#ifdef CONFIG_FSL_LSCH2
@@ -358,6 +427,9 @@ void ft_cpu_setup(void *blob, bd_t *bd)
else {
ccsr_sec_t __iomem *sec;
+ if (fdt_fixup_kaslr(blob))
+ fdt_fixup_remove_jr(blob);
+
sec = (void __iomem *)CONFIG_SYS_FSL_SEC_ADDR;
fdt_fixup_crypto_node(blob, sec_in32(>secvid_ms));
}
@@ -396,4 +468,5 @@ void ft_cpu_setup(void *blob, bd_t *bd)
#ifdef CONFIG_HAS_FEATURE_ENHANCED_MSI
fdt_fixup_msi(blob);
#endif
+
}
diff --git a/arch/arm/cpu/armv8/sec_firmware.c
b/arch/arm/cpu/armv8/sec_firmware.c
index 4afa3ad..f460cca 100644
--- a/arch/arm/cpu/armv8/sec_firmware.c
+++ b/arch/arm/cpu/armv8/sec_firmware.c
@@ -232,6 +232,59 @@ unsigned int sec_firmware_support_psci_version(void)
#endif
/*
+ * Check with sec_firmware if it supports random number generation
+ * via HW RNG
+ *
+ * The return value will be true if it is supported
+ */
+bool sec_firmware_support_hwrng(void)
+{
+ uint8_t rand[8];
+ if (sec_firmware_addr & SEC_FIRMWARE_RUNNING) {
+ if (!sec_firmware_get_random(rand, 8))
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * sec_firmware_get_random - Initialize the SEC Firmware
+ * @rand: random number buffer to be filled
+ * @bytes: Number of bytes of random number to be supported
+ * @eret: -1 in case of error, 0 for success
+ */
+int sec_firmware_get_random(uint8_t *rand, int bytes)
+{
+ unsigned long long num;
+ struct pt_regs regs;
+ int param1;
+
+ if (!bytes || bytes > 8) {
+ printf("Max Random bytes genration supported is 8\n");
+ return -1;
+ }
+#define SIP_RNG_64 0xC200FF11
+
Re: [U-Boot] [PATCH 1/3][v3] arm: ls1043ardb: Add SD secure boot target
> -Original Message- > From: York Sun [mailto:york@nxp.com] > Sent: Wednesday, April 12, 2017 9:10 PM > To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de > Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg <sumit.g...@nxp.com> > Subject: Re: [PATCH 1/3][v3] arm: ls1043ardb: Add SD secure boot target > > On 04/04/2017 10:36 AM, Ruchika Gupta wrote: > > - Add SD secure boot target for ls1043ardb. > > - Implement FSL_LSCH2 specific spl_board_init() to setup CAAM stream ID and > > corresponding stream ID in SMMU. > > - Change the u-boot size defined by a macro for copying the main U-Boot by > SPL > > to also include the u-boot Secure Boot header size as header is appended > > to > > u-boot image. So header will also be copied from SD to DDR. > > - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) > where 32K > > are reserved for use by boot ROM and 6K for secure boto header > > - Error messages during SPL boot are limited to error code numbers instead > > of > strings > > to reduce the size of SPL image > > > > Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com> > > Signed-off-by: Sumit Garg <sumit.g...@nxp.com> > > Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> > > --- > > Changes in v3: > > Moved spl_board_init function to > > arch/arm/cpu/armv8/fsl-layerscape/spl.c > > > > Changes in v2: > > Rebased to latest dependent patches: - No change > > > > Dependent patch set: > > SECURE boot target addition for NOR on LS1043, LS1046 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742548%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=TREZk2QQagpnbnEhKaW3XRWqIkFUMZSpP7o%2FBRsZWzw%3D > = > > 0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742552%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=bBUdA%2FzXtcqmDujeuwzCBEttEsuiWRhX5Neliw7bCb8%3D > erved= > > 0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742549%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=jxL2qZrSQsz2ABZWXSoxBu9CRcE0to%2FVeUZhatcRIqw%3D > erved= > > 0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742551%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=RGdT6UfnwGmmTs%2Boq5hXQVpLKoMrySlEQnUV6moXeZo%3D > = > > 0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742550%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=RyfAhL%2Fx65BdUorLVM63Uq0TyL%2B9mhLD16npVY5ZvEw%3 > D > > d=0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742553%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=cpegSJ%2F6R5hooE%2BUfKxtaNRoi97BPvpsTXbQKY3vDsA%3D > eserve > > d=0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F742554%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=oHsnTFilBpdmpQ5rroTH5Rf8auUe4PzN6rQDPEhsGRM%3D > ved=0 > > > > and > > SPL size reduction patches > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F744755%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=HWmVUuGfRXsOt%2B6ld6NpzreZouBQETLOWFYNoZO3ri4%3D& > reserved= > > 0 > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpat > > > chwork.ozlabs.org%2Fpatch%2F744756%2F=01%7C01%7Cyork.sun%40nx > p.co > > > m%7Cf396ee2809844110a67208d47b811229%7C686ea1d3bc2b4c6fa92cd99c5 > c30163 > > > 5%7C0=e%2BlipO5SmoKq5dNc3%2FjlTqmLwwMvFCyFC3s40GLAvR0%3D > > > d=0 > &
[U-Boot] [PATCH 3/3][v5] arm: ls1046ardb: Add SD secure boot target
- Add SD secure boot target for ls1046ardb. - Change the u-boot size defined by a macro for copying the main U-Boot by SPL to also include the u-boot Secure Boot header size as header is appended to u-boot image. So header will also be copied from SD to DDR. - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K are reserved for use by boot ROM and 6K for the header - Reduce the size of CAAM driver for SPL Blobification functions and descriptors, that are not required at the time of SPL are disabled. Further error code conversion to strings is disabled for SPL build. Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com> Signed-off-by: Sumit Garg <sumit.g...@nxp.com> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- Changes in v5: Updated MAINTAINERS file Changes in v4: Removed spl_board_init from board specific file. Changes in v3: Resend Changes in v2: - Rebased patches to latest dependent patch set - With the dependent path set , spl imag size increased to 94K. So - additionally reduce the spl image size by removing the functions from - CAAM driver that are not required in SPL flow Dependent patch set: SECURE boot target addition for NOR on LS1043, LS1046 https://patchwork.ozlabs.org/patch/742548/ https://patchwork.ozlabs.org/patch/742552/ https://patchwork.ozlabs.org/patch/742549/ https://patchwork.ozlabs.org/patch/742551/ https://patchwork.ozlabs.org/patch/742550/ https://patchwork.ozlabs.org/patch/742553/ https://patchwork.ozlabs.org/patch/742554/ and SPL size reduction patches https://patchwork.ozlabs.org/patch/744755/ https://patchwork.ozlabs.org/patch/744756/ arch/arm/include/asm/fsl_secure_boot.h | 2 +- board/freescale/ls1046ardb/MAINTAINERS | 6 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 + drivers/crypto/fsl/jobdesc.c| 4 +-- drivers/crypto/fsl/jr.c | 19 ++- include/configs/ls1046a_common.h| 17 -- 6 files changed, 78 insertions(+), 15 deletions(-) create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h index 9ca7abe..97eab64 100644 --- a/arch/arm/include/asm/fsl_secure_boot.h +++ b/arch/arm/include/asm/fsl_secure_boot.h @@ -88,7 +88,7 @@ /* For SD boot address and size are assigned in terms of sector * offset and no. of sectors respectively. */ -#if defined(CONFIG_LS1043A) +#if defined(CONFIG_LS1043A) || defined(CONFIG_ARCH_LS1046A) #define CONFIG_BS_HDR_ADDR_DEVICE 0x0920 #else #define CONFIG_BS_HDR_ADDR_DEVICE 0x0900 diff --git a/board/freescale/ls1046ardb/MAINTAINERS b/board/freescale/ls1046ardb/MAINTAINERS index ff42bef..8148b90 100644 --- a/board/freescale/ls1046ardb/MAINTAINERS +++ b/board/freescale/ls1046ardb/MAINTAINERS @@ -7,3 +7,9 @@ F: include/configs/ls1046ardb.h F: configs/ls1046ardb_qspi_defconfig F: configs/ls1046ardb_sdcard_defconfig F: configs/ls1046ardb_emmc_defconfig + +LS1046A_SECURE_BOOT BOARD +M: Ruchika Gupta <ruchika.gu...@nxp.com> +S: Maintained +F: configs/ls1046ardb_SECURE_BOOT_defconfig +F: configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig new file mode 100644 index 000..a41ec80 --- /dev/null +++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig @@ -0,0 +1,45 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1046ARDB=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb" +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL" +CONFIG_SECURE_BOOT=y +CONFIG_SD_BOOT=y +CONFIG_BOOTDELAY=10 +CONFIG_SPL=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110 +CONFIG_HUSH_PARSER=y +# CONFIG_CMD_IMLS is not set +CONFIG_CMD_GPT=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +CONFIG_CMD_I2C=y +CONFIG_CMD_DHCP=y +CONFIG_CMD_MII=y +CONFIG_CMD_PING=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EXT2=y +CONFIG_CMD_FAT=y +# CONFIG_SPL_EFI_PARTITION is not set +CONFIG_OF_CONTROL=y +CONFIG_DM=y +CONFIG_SPL_DM=y +CONFIG_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_PCI=y +CONFIG_DM_PCI=y +CONFIG_DM_PCI_COMPAT=y +CONFIG_PCIE_LAYERSCAPE=y +CONFIG_SYS_NS16550=y +CONFIG_DM_SPI=y +CONFIG_FSL_QSPI=y +CONFIG_USB=y +CONFIG_DM_USB=y +CONFIG_RSA=y +CONFIG_SPL_RSA=y +CONFIG_SPL_CRYPTO_SUPPORT=y +CONFIG_SPL_HASH_SUPPORT=y diff --git a/drivers/crypto/fsl/jobdesc.c b/drivers/crypto/fsl/jobdesc.c index 6125bbb..375ff9d 100644 --- a/drivers/crypto/fsl/jobdesc.c +++ b/drivers/crypto/fsl/jobdesc.c @@ -204,7 +204,7 @@ void inline_cnstr_jobdesc_hash(uint32_t *desc, append_store(desc, dma_addr_out, storelen, LDST_CLASS_2_CCB | LDST_SRCDST_BYTE_CONTEXT); } - +#ifndef CONFIG_SPL_BUILD void inline_cnst
[U-Boot] [PATCH 2/3][v4] arm: ls1043ardb: Add NAND secure boot target
Add NAND secure boot target for ls1043ardb. - Change the u-boot size defined by a macro for copying the main U-Boot by SPL to also include the u-boot Secure Boot header size as header is appended to u-boot image. So header will also be copied from SD to DDR. - MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript from NAND to DDR. Offsets for Bootscript on NAND and DDR have been also defined. Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com> Signed-off-by: Sumit Garg <sumit.g...@nxp.com> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- Changes in v4: Updated Maintainers file Changes in v3: Removed changes to ls1043ardb.c Changes in v2: - Rebased this patch to the latest dependent patch-set. Dependent patch set: SECURE boot target addition for NOR on LS1043, LS1046 https://patchwork.ozlabs.org/patch/742548/ https://patchwork.ozlabs.org/patch/742552/ https://patchwork.ozlabs.org/patch/742549/ https://patchwork.ozlabs.org/patch/742551/ https://patchwork.ozlabs.org/patch/742550/ https://patchwork.ozlabs.org/patch/742553/ https://patchwork.ozlabs.org/patch/742554/ and SPL size reduction patches https://patchwork.ozlabs.org/patch/744755/ https://patchwork.ozlabs.org/patch/744756/ arch/arm/include/asm/fsl_secure_boot.h| 7 +++- board/freescale/ls1043ardb/MAINTAINERS| 1 + configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 57 +++ include/config_fsl_chain_trust.h | 9 +++-- include/configs/ls1043a_common.h | 18 - include/configs/ls1043ardb.h | 2 +- 6 files changed, 87 insertions(+), 7 deletions(-) create mode 100644 configs/ls1043ardb_nand_SECURE_BOOT_defconfig diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h index 56a6ba0..9ca7abe 100644 --- a/arch/arm/include/asm/fsl_secure_boot.h +++ b/arch/arm/include/asm/fsl_secure_boot.h @@ -70,7 +70,7 @@ /* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from * Non-XIP Memory (Nand/SD)*/ #if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \ - defined(CONFIG_SD_BOOT) + defined(CONFIG_SD_BOOT) || defined(CONFIG_NAND_BOOT) #define CONFIG_BOOTSCRIPT_COPY_RAM #endif /* The address needs to be modified according to NOR, NAND, SD and @@ -96,6 +96,11 @@ #define CONFIG_BS_ADDR_DEVICE 0x0940 #define CONFIG_BS_HDR_SIZE 0x0010 #define CONFIG_BS_SIZE 0x0008 +#elif defined(CONFIG_NAND_BOOT) +#define CONFIG_BS_HDR_ADDR_DEVICE 0x0080 +#define CONFIG_BS_ADDR_DEVICE 0x00802000 +#define CONFIG_BS_HDR_SIZE 0x2000 +#define CONFIG_BS_SIZE 0x1000 #elif defined(CONFIG_QSPI_BOOT) #ifdef CONFIG_ARCH_LS1046A #define CONFIG_BS_HDR_ADDR_DEVICE 0x4078 diff --git a/board/freescale/ls1043ardb/MAINTAINERS b/board/freescale/ls1043ardb/MAINTAINERS index 8b69892..87aa006 100644 --- a/board/freescale/ls1043ardb/MAINTAINERS +++ b/board/freescale/ls1043ardb/MAINTAINERS @@ -13,3 +13,4 @@ M:Ruchika Gupta <ruchika.gu...@nxp.com> S: Maintained F: configs/ls1043ardb_SECURE_BOOT_defconfig F: configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig +F: configs/ls1043ardb_nand_SECURE_BOOT_defconfig diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig new file mode 100644 index 000..66c89fa --- /dev/null +++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig @@ -0,0 +1,57 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1043ARDB=y +CONFIG_SPL_LIBCOMMON_SUPPORT=y +CONFIG_SPL_LIBGENERIC_SUPPORT=y +CONFIG_SPL_NAND_SUPPORT=y +CONFIG_SPL_SERIAL_SUPPORT=y +CONFIG_SPL_ENV_SUPPORT=y +CONFIG_SPL_DRIVERS_MISC_SUPPORT=y +CONFIG_SPL_WATCHDOG_SUPPORT=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb" +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,NAND_BOOT" +CONFIG_NAND_BOOT=y +CONFIG_SECURE_BOOT=y +CONFIG_BOOTDELAY=10 +CONFIG_SPL=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0 +CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y +CONFIG_HUSH_PARSER=y +CONFIG_CMD_GPT=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +CONFIG_CMD_I2C=y +CONFIG_CMD_USB=y +CONFIG_CMD_DHCP=y +CONFIG_CMD_PXE=y +CONFIG_CMD_MII=y +CONFIG_CMD_PING=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EXT2=y +CONFIG_CMD_FAT=y +# CONFIG_SPL_EFI_PARTITION is not set +CONFIG_OF_CONTROL=y +CONFIG_DM=y +CONFIG_SPL_DM=y +CONFIG_MTD_NOR_FLASH=y +CONFIG_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_PCI=y +CONFIG_DM_PCI=y +CONFIG_DM_PCI_COMPAT=y +CONFIG_PCIE_LAYERSCAPE=y +CONFIG_SYS_NS16550=y +CONFIG_DM_SPI=y +CONFIG_USB=y +CONFIG_DM_USB=y +CONFIG_USB_XHCI_HCD=y +CONFIG_USB_XHCI_DWC3=y +CONFIG_USB_STORAGE=y +CONFIG_RSA=y +CONFIG_SPL_RSA=y +CONFIG_SPL_CRYPTO_SUPPORT=y +CONFIG_SPL_HASH_SUPPORT=y diff --git a/include/config_fsl_chain_trust.h b/include/con
[U-Boot] [PATCH 1/3][v4] arm: ls1043ardb: Add SD secure boot target
- Add SD secure boot target for ls1043ardb.
- Implement FSL_LSCH2 specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for secure boto header
- Error messages during SPL boot are limited to error code numbers instead of
strings
to reduce the size of SPL image
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes in v4:
Updated Maintainers file
Changes in v3:
Moved spl_board_init function to arch/arm/cpu/armv8/fsl-layerscape/spl.c
Changes in v2:
Rebased to latest dependent patches: - No change
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/cpu/armv8/fsl-layerscape/spl.c | 18
arch/arm/include/asm/fsl_secure_boot.h | 9 +++-
board/freescale/common/fsl_validate.c | 4 ++
board/freescale/ls1043ardb/MAINTAINERS | 1 +
configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 57 +
include/configs/ls1043a_common.h| 16 ++-
6 files changed, 101 insertions(+), 4 deletions(-)
create mode 100644 configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/spl.c
b/arch/arm/cpu/armv8/fsl-layerscape/spl.c
index 73a8680..dfacf98 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/spl.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/spl.c
@@ -41,6 +41,24 @@ u32 spl_boot_mode(const u32 boot_device)
}
#ifdef CONFIG_SPL_BUILD
+
+void spl_board_init(void)
+{
+#if defined(CONFIG_SECURE_BOOT) && defined(CONFIG_FSL_LSCH2)
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+
void board_init_f(ulong dummy)
{
/* Clear global data */
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 423c2c4..56a6ba0 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -27,10 +27,11 @@
#define CONFIG_SPL_UBOOT_KEY_HASH NULL
#endif /* ifdef CONFIG_SPL_BUILD */
+#define CONFIG_KEY_REVOCATION
+
#ifndef CONFIG_SPL_BUILD
#define CONFIG_CMD_BLOB
#define CONFIG_CMD_HASH
-#define CONFIG_KEY_REVOCATION
#ifndef CONFIG_SYS_RAMBOOT
/* The key used for verification of next level images
* is picked up from an Extension Table which has
@@ -87,7 +88,11 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#if defined(CONFIG_LS1043A)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
+#else
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#endif
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
diff --git a/board/freescale/common/fsl_validate.c
b/board/freescale/common/fsl_validate.c
index 2b723a4..235c6ab 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -356,6 +356,7 @@ static void fsl_secboot_bootscript_parse_failure(void)
*/
void fsl_secboot_handle_error(int error)
{
+#ifndef CONFIG_SPL_BUILD
const struct fsl_secboot_errcode *e;
for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
@@ -363,6 +364,9 @@ void fsl_secboot_handle_error(int error)
if (e->errcode == error)
printf("ERROR :: %x :: %s\n", error, e->name);
}
+#else
+ printf("ERROR :: %x\n", error);
+#endif
/* If Boot Mode is secure, transition the SNVS state and issue
* reset based on type of failure and ITS setting.
diff --git a/board/freescale/ls1043ardb/MAIN
Re: [U-Boot] [PATCH 2/3][v3] arm: ls1043ardb: Add NAND secure boot target
> -Original Message- > From: York Sun [mailto:york@nxp.com] > Sent: Wednesday, April 12, 2017 9:00 PM > To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de > Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg <sumit.g...@nxp.com> > Subject: Re: [PATCH 2/3][v3] arm: ls1043ardb: Add NAND secure boot target > > On 04/04/2017 10:37 AM, Ruchika Gupta wrote: > > Add NAND secure boot target for ls1043ardb. > > > > - Change the u-boot size defined by a macro for copying the main > > U-Boot by SPL to also include the u-boot Secure Boot header size as > > header is appended to u-boot image. So header will also be copied from SD > to DDR. > > - MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript > from NAND to > > Please send another patch to move this macro to Kconfig. Shall we send this Kconfig addition as a separate patch? Ruchika > > York ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot target
> -Original Message-
> From: york sun
> Sent: Tuesday, April 04, 2017 9:29 PM
> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg <sumit.g...@nxp.com>
> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot
> target
>
> On 04/04/2017 12:06 AM, Ruchika Gupta wrote:
> >> -Original Message-
> >> From: york sun
> >> Sent: Monday, April 03, 2017 9:01 PM
> >> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> >> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg
> >> <sumit.g...@nxp.com>
> >> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure
> >> boot target
> >>
> >> On 04/03/2017 12:00 AM, Ruchika Gupta wrote:
> >>>
> >>>
> >>>> -Original Message-
> >>>> From: york sun
> >>>> Sent: Saturday, April 01, 2017 1:44 AM
> >>>> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> >>>> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg
> >>>> <sumit.g...@nxp.com>
> >>>> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD
> >>>> secure boot target
> >>>>
> >>>> On 03/29/2017 07:21 AM, Ruchika Gupta wrote:
> >>>>> From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
> >>>>>
> >>>>> - Add SD secure boot target for ls1046ardb.
> >>>>> - Implement board specific spl_board_init() to setup CAAM stream
> >>>>> ID
> >> and
> >>>>> corresponding stream ID in SMMU.
> >>>>> - Change the u-boot size defined by a macro for copying the main
> >>>>> U-Boot
> >>>> by SPL
> >>>>> to also include the u-boot Secure Boot header size as header is
> >>>>> appended
> >>>> to
> >>>>> u-boot image. So header will also be copied from SD to DDR.
> >>>>> - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM
> >>>>> (128K)
> >>>> where 32K
> >>>>> are reserved for use by boot ROM and 6K for the header
> >>>>> - Reduce the size of CAAM driver for SPL. Since the size of spl image
> >>>>> was about 94K, Blobification functions and descriptors, that are
> >>>>> not
> >>>> required
> >>>>> at the time of SPL are disabled. Further error code conversion to
> >>>>> strings
> >>>>> is disabled for SPL build. This reduces the spl image size to 92K.
> >>>>>
> >>>>> Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
> >>>>> Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
> >>>>> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
> >>>>> ---
> >>>>> Changes from v1:
> >>>>> - Rebased patches to latest dependent patch set
> >>>>> - With the dependent path set , spl imag size increased to 94K. So
> >>>>> - additionally reduce the spl image size by removing the
> >>>>> functions from
> >>>>> - CAAM driver that are not required in SPL flow
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>>> +#if defined(CONFIG_SPL_BUILD)
> >>>>> +void spl_board_init(void)
> >>>>> +{
> >>>>> +#ifdef CONFIG_SECURE_BOOT
> >>>>> + /*
> >>>>> +* In case of Secure Boot, the IBR configures the SMMU
> >>>>> +* to allow only Secure transactions.
> >>>>> +* SMMU must be reset in bypass mode.
> >>>>> +* Set the ClientPD bit and Clear the USFCFG Bit
> >>>>> + */
> >>>>> + u32 val;
> >>>>> + val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) &
> >>>> ~(SCR0_USFCFG_MASK);
> >>>>> + out_le32(SMMU_SCR0, val);
> >>>>> + val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) &
> >>>> ~(SCR0_USFCFG_MASK);
> >>>>> + out_le32(SMMU_NSCR0, val);
> >>>>> +#endif
> >>>>> +}
> >>>>
> >>>> Is this the same as LS1043A? Can we move this function to
> >>>> arch/arm/cpu/armv8/fsl-layerscape/spl.c?
> >>> This is true for LS1043, LS1046, however wouldn't hold good for
> >>> Chassis
> >> gen3 SoC's like LS2088 , LS1088 etc. Is this file
> >> arch/arm/cpu/armv8/fsl- layerscape/spl.c common for the Chassis Gen 3
> SoC's also ?
> >>>
> >>
> >> Yes, it is common for lsch3.
> >>
> > Since it is common for lsh3, please suggest if we should move this
> > configuration under if defined(CONGIF_LS1043) || defined(CONFIG_LS1046) in
> arch/arm/cpu/armv8/fsl-layerscape/spl.c or leave it in this file.
> >
>
> I prefer to have it in a common file. It is easier to maintain. Can we use
> CONFIG_FSL_LSCH2 to gate these code? If you have to use SoC name, please
> use CONFIG_ARCH_LS1043A and CONFIG_ARCH_LS1046A.
>
Next version of patch-set sent with this change. CONFIG_FSL_LSCH2 used to gate
this code.
Ruchika
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH 3/3][v4] arm: ls1046ardb: Add SD secure boot target
- Add SD secure boot target for ls1046ardb. - Change the u-boot size defined by a macro for copying the main U-Boot by SPL to also include the u-boot Secure Boot header size as header is appended to u-boot image. So header will also be copied from SD to DDR. - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K are reserved for use by boot ROM and 6K for the header - Reduce the size of CAAM driver for SPL Blobification functions and descriptors, that are not required at the time of SPL are disabled. Further error code conversion to strings is disabled for SPL build. Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com> Signed-off-by: Sumit Garg <sumit.g...@nxp.com> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- Changes in v4: Removed spl_board_init from board specific file. Changes in v3: Resend Changes in v2: - Rebased patches to latest dependent patch set - With the dependent path set , spl imag size increased to 94K. So - additionally reduce the spl image size by removing the functions from - CAAM driver that are not required in SPL flow Dependent patch set: SECURE boot target addition for NOR on LS1043, LS1046 https://patchwork.ozlabs.org/patch/742548/ https://patchwork.ozlabs.org/patch/742552/ https://patchwork.ozlabs.org/patch/742549/ https://patchwork.ozlabs.org/patch/742551/ https://patchwork.ozlabs.org/patch/742550/ https://patchwork.ozlabs.org/patch/742553/ https://patchwork.ozlabs.org/patch/742554/ and SPL size reduction patches https://patchwork.ozlabs.org/patch/744755/ https://patchwork.ozlabs.org/patch/744756/ arch/arm/include/asm/fsl_secure_boot.h | 2 +- configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 + drivers/crypto/fsl/jobdesc.c| 4 +-- drivers/crypto/fsl/jr.c | 19 ++- include/configs/ls1046a_common.h| 17 -- 5 files changed, 72 insertions(+), 15 deletions(-) create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h index 9ca7abe..97eab64 100644 --- a/arch/arm/include/asm/fsl_secure_boot.h +++ b/arch/arm/include/asm/fsl_secure_boot.h @@ -88,7 +88,7 @@ /* For SD boot address and size are assigned in terms of sector * offset and no. of sectors respectively. */ -#if defined(CONFIG_LS1043A) +#if defined(CONFIG_LS1043A) || defined(CONFIG_ARCH_LS1046A) #define CONFIG_BS_HDR_ADDR_DEVICE 0x0920 #else #define CONFIG_BS_HDR_ADDR_DEVICE 0x0900 diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig new file mode 100644 index 000..a41ec80 --- /dev/null +++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig @@ -0,0 +1,45 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1046ARDB=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb" +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL" +CONFIG_SECURE_BOOT=y +CONFIG_SD_BOOT=y +CONFIG_BOOTDELAY=10 +CONFIG_SPL=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110 +CONFIG_HUSH_PARSER=y +# CONFIG_CMD_IMLS is not set +CONFIG_CMD_GPT=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +CONFIG_CMD_I2C=y +CONFIG_CMD_DHCP=y +CONFIG_CMD_MII=y +CONFIG_CMD_PING=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EXT2=y +CONFIG_CMD_FAT=y +# CONFIG_SPL_EFI_PARTITION is not set +CONFIG_OF_CONTROL=y +CONFIG_DM=y +CONFIG_SPL_DM=y +CONFIG_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_PCI=y +CONFIG_DM_PCI=y +CONFIG_DM_PCI_COMPAT=y +CONFIG_PCIE_LAYERSCAPE=y +CONFIG_SYS_NS16550=y +CONFIG_DM_SPI=y +CONFIG_FSL_QSPI=y +CONFIG_USB=y +CONFIG_DM_USB=y +CONFIG_RSA=y +CONFIG_SPL_RSA=y +CONFIG_SPL_CRYPTO_SUPPORT=y +CONFIG_SPL_HASH_SUPPORT=y diff --git a/drivers/crypto/fsl/jobdesc.c b/drivers/crypto/fsl/jobdesc.c index 6125bbb..375ff9d 100644 --- a/drivers/crypto/fsl/jobdesc.c +++ b/drivers/crypto/fsl/jobdesc.c @@ -204,7 +204,7 @@ void inline_cnstr_jobdesc_hash(uint32_t *desc, append_store(desc, dma_addr_out, storelen, LDST_CLASS_2_CCB | LDST_SRCDST_BYTE_CONTEXT); } - +#ifndef CONFIG_SPL_BUILD void inline_cnstr_jobdesc_blob_encap(uint32_t *desc, uint8_t *key_idnfr, uint8_t *plain_txt, uint8_t *enc_blob, uint32_t in_sz) @@ -252,7 +252,7 @@ void inline_cnstr_jobdesc_blob_decap(uint32_t *desc, uint8_t *key_idnfr, append_operation(desc, OP_TYPE_DECAP_PROTOCOL | OP_PCLID_BLOB); } - +#endif /* * Descriptor to instantiate RNG State Handle 0 in normal mode and * load the JDKEK, TDKEK and TDSK registers diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index 1b88229..163e729 100644 --- a/drivers/crypto/fsl/jr.c +++ b/drivers/crypto/fsl/jr.c @@ -342,7 +342,9 @@ static void desc_done(uint32_t status, void *
[U-Boot] [PATCH 2/3][v3] arm: ls1043ardb: Add NAND secure boot target
Add NAND secure boot target for ls1043ardb. - Change the u-boot size defined by a macro for copying the main U-Boot by SPL to also include the u-boot Secure Boot header size as header is appended to u-boot image. So header will also be copied from SD to DDR. - MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript from NAND to DDR. Offsets for Bootscript on NAND and DDR have been also defined. Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com> Signed-off-by: Sumit Garg <sumit.g...@nxp.com> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- Changes in v3: Removed changes to ls1043ardb.c Changes in v2: - Rebased this patch to the latest dependent patch-set. Dependent patch set: SECURE boot target addition for NOR on LS1043, LS1046 https://patchwork.ozlabs.org/patch/742548/ https://patchwork.ozlabs.org/patch/742552/ https://patchwork.ozlabs.org/patch/742549/ https://patchwork.ozlabs.org/patch/742551/ https://patchwork.ozlabs.org/patch/742550/ https://patchwork.ozlabs.org/patch/742553/ https://patchwork.ozlabs.org/patch/742554/ and SPL size reduction patches https://patchwork.ozlabs.org/patch/744755/ https://patchwork.ozlabs.org/patch/744756/ arch/arm/include/asm/fsl_secure_boot.h| 7 +++- configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 57 +++ include/config_fsl_chain_trust.h | 9 +++-- include/configs/ls1043a_common.h | 18 - include/configs/ls1043ardb.h | 2 +- 5 files changed, 86 insertions(+), 7 deletions(-) create mode 100644 configs/ls1043ardb_nand_SECURE_BOOT_defconfig diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h index 56a6ba0..9ca7abe 100644 --- a/arch/arm/include/asm/fsl_secure_boot.h +++ b/arch/arm/include/asm/fsl_secure_boot.h @@ -70,7 +70,7 @@ /* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from * Non-XIP Memory (Nand/SD)*/ #if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \ - defined(CONFIG_SD_BOOT) + defined(CONFIG_SD_BOOT) || defined(CONFIG_NAND_BOOT) #define CONFIG_BOOTSCRIPT_COPY_RAM #endif /* The address needs to be modified according to NOR, NAND, SD and @@ -96,6 +96,11 @@ #define CONFIG_BS_ADDR_DEVICE 0x0940 #define CONFIG_BS_HDR_SIZE 0x0010 #define CONFIG_BS_SIZE 0x0008 +#elif defined(CONFIG_NAND_BOOT) +#define CONFIG_BS_HDR_ADDR_DEVICE 0x0080 +#define CONFIG_BS_ADDR_DEVICE 0x00802000 +#define CONFIG_BS_HDR_SIZE 0x2000 +#define CONFIG_BS_SIZE 0x1000 #elif defined(CONFIG_QSPI_BOOT) #ifdef CONFIG_ARCH_LS1046A #define CONFIG_BS_HDR_ADDR_DEVICE 0x4078 diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig new file mode 100644 index 000..66c89fa --- /dev/null +++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig @@ -0,0 +1,57 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1043ARDB=y +CONFIG_SPL_LIBCOMMON_SUPPORT=y +CONFIG_SPL_LIBGENERIC_SUPPORT=y +CONFIG_SPL_NAND_SUPPORT=y +CONFIG_SPL_SERIAL_SUPPORT=y +CONFIG_SPL_ENV_SUPPORT=y +CONFIG_SPL_DRIVERS_MISC_SUPPORT=y +CONFIG_SPL_WATCHDOG_SUPPORT=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb" +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,NAND_BOOT" +CONFIG_NAND_BOOT=y +CONFIG_SECURE_BOOT=y +CONFIG_BOOTDELAY=10 +CONFIG_SPL=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0 +CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y +CONFIG_HUSH_PARSER=y +CONFIG_CMD_GPT=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +CONFIG_CMD_I2C=y +CONFIG_CMD_USB=y +CONFIG_CMD_DHCP=y +CONFIG_CMD_PXE=y +CONFIG_CMD_MII=y +CONFIG_CMD_PING=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EXT2=y +CONFIG_CMD_FAT=y +# CONFIG_SPL_EFI_PARTITION is not set +CONFIG_OF_CONTROL=y +CONFIG_DM=y +CONFIG_SPL_DM=y +CONFIG_MTD_NOR_FLASH=y +CONFIG_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_PCI=y +CONFIG_DM_PCI=y +CONFIG_DM_PCI_COMPAT=y +CONFIG_PCIE_LAYERSCAPE=y +CONFIG_SYS_NS16550=y +CONFIG_DM_SPI=y +CONFIG_USB=y +CONFIG_DM_USB=y +CONFIG_USB_XHCI_HCD=y +CONFIG_USB_XHCI_DWC3=y +CONFIG_USB_STORAGE=y +CONFIG_RSA=y +CONFIG_SPL_RSA=y +CONFIG_SPL_CRYPTO_SUPPORT=y +CONFIG_SPL_HASH_SUPPORT=y diff --git a/include/config_fsl_chain_trust.h b/include/config_fsl_chain_trust.h index eb45e98..40d323e 100644 --- a/include/config_fsl_chain_trust.h +++ b/include/config_fsl_chain_trust.h @@ -81,17 +81,18 @@ "setenv bs_size " __stringify(CONFIG_BS_SIZE)";" /* For secure boot flow, default environment used will be used */ -#if defined(CONFIG_SYS_RAMBOOT) -#if defined(CONFIG_RAMBOOT_NAND) +#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_NAND_BOOT) || \ + defined(CONFIG_SD_BOOT) +#if defined(CONFIG_RAMBOOT_NAND) || defined(CONFIG_NAND_BOOT) #define CONFIG_BS_COPY_CMD \
[U-Boot] [PATCH 1/3][v3] arm: ls1043ardb: Add SD secure boot target
- Add SD secure boot target for ls1043ardb.
- Implement FSL_LSCH2 specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for secure boto header
- Error messages during SPL boot are limited to error code numbers instead of
strings
to reduce the size of SPL image
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes in v3:
Moved spl_board_init function to arch/arm/cpu/armv8/fsl-layerscape/spl.c
Changes in v2:
Rebased to latest dependent patches: - No change
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/cpu/armv8/fsl-layerscape/spl.c | 18
arch/arm/include/asm/fsl_secure_boot.h | 9 +++-
board/freescale/common/fsl_validate.c | 4 ++
configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 57 +
include/configs/ls1043a_common.h| 16 ++-
5 files changed, 100 insertions(+), 4 deletions(-)
create mode 100644 configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/spl.c
b/arch/arm/cpu/armv8/fsl-layerscape/spl.c
index 73a8680..dfacf98 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/spl.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/spl.c
@@ -41,6 +41,24 @@ u32 spl_boot_mode(const u32 boot_device)
}
#ifdef CONFIG_SPL_BUILD
+
+void spl_board_init(void)
+{
+#if defined(CONFIG_SECURE_BOOT) && defined(CONFIG_FSL_LSCH2)
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+
void board_init_f(ulong dummy)
{
/* Clear global data */
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 423c2c4..56a6ba0 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -27,10 +27,11 @@
#define CONFIG_SPL_UBOOT_KEY_HASH NULL
#endif /* ifdef CONFIG_SPL_BUILD */
+#define CONFIG_KEY_REVOCATION
+
#ifndef CONFIG_SPL_BUILD
#define CONFIG_CMD_BLOB
#define CONFIG_CMD_HASH
-#define CONFIG_KEY_REVOCATION
#ifndef CONFIG_SYS_RAMBOOT
/* The key used for verification of next level images
* is picked up from an Extension Table which has
@@ -87,7 +88,11 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#if defined(CONFIG_LS1043A)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
+#else
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#endif
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
diff --git a/board/freescale/common/fsl_validate.c
b/board/freescale/common/fsl_validate.c
index 2b723a4..235c6ab 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -356,6 +356,7 @@ static void fsl_secboot_bootscript_parse_failure(void)
*/
void fsl_secboot_handle_error(int error)
{
+#ifndef CONFIG_SPL_BUILD
const struct fsl_secboot_errcode *e;
for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
@@ -363,6 +364,9 @@ void fsl_secboot_handle_error(int error)
if (e->errcode == error)
printf("ERROR :: %x :: %s\n", error, e->name);
}
+#else
+ printf("ERROR :: %x\n", error);
+#endif
/* If Boot Mode is secure, transition the SNVS state and issue
* reset based on type of failure and ITS setting.
diff --git a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
new file
Re: [U-Boot] [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot target
> -Original Message-
> From: york sun
> Sent: Monday, April 03, 2017 9:01 PM
> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg <sumit.g...@nxp.com>
> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot
> target
>
> On 04/03/2017 12:00 AM, Ruchika Gupta wrote:
> >
> >
> >> -Original Message-
> >> From: york sun
> >> Sent: Saturday, April 01, 2017 1:44 AM
> >> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> >> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg
> >> <sumit.g...@nxp.com>
> >> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure
> >> boot target
> >>
> >> On 03/29/2017 07:21 AM, Ruchika Gupta wrote:
> >>> From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
> >>>
> >>> - Add SD secure boot target for ls1046ardb.
> >>> - Implement board specific spl_board_init() to setup CAAM stream ID
> and
> >>> corresponding stream ID in SMMU.
> >>> - Change the u-boot size defined by a macro for copying the main
> >>> U-Boot
> >> by SPL
> >>> to also include the u-boot Secure Boot header size as header is
> >>> appended
> >> to
> >>> u-boot image. So header will also be copied from SD to DDR.
> >>> - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM
> >>> (128K)
> >> where 32K
> >>> are reserved for use by boot ROM and 6K for the header
> >>> - Reduce the size of CAAM driver for SPL. Since the size of spl image
> >>> was about 94K, Blobification functions and descriptors, that are
> >>> not
> >> required
> >>> at the time of SPL are disabled. Further error code conversion to
> >>> strings
> >>> is disabled for SPL build. This reduces the spl image size to 92K.
> >>>
> >>> Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
> >>> Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
> >>> Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
> >>> ---
> >>> Changes from v1:
> >>> - Rebased patches to latest dependent patch set
> >>> - With the dependent path set , spl imag size increased to 94K. So
> >>> - additionally reduce the spl image size by removing the functions
> >>> from
> >>> - CAAM driver that are not required in SPL flow
> >>>
> >>
> >>
> >>
> >>> +#if defined(CONFIG_SPL_BUILD)
> >>> +void spl_board_init(void)
> >>> +{
> >>> +#ifdef CONFIG_SECURE_BOOT
> >>> + /*
> >>> + * In case of Secure Boot, the IBR configures the SMMU
> >>> + * to allow only Secure transactions.
> >>> + * SMMU must be reset in bypass mode.
> >>> + * Set the ClientPD bit and Clear the USFCFG Bit
> >>> + */
> >>> + u32 val;
> >>> + val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) &
> >> ~(SCR0_USFCFG_MASK);
> >>> + out_le32(SMMU_SCR0, val);
> >>> + val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) &
> >> ~(SCR0_USFCFG_MASK);
> >>> + out_le32(SMMU_NSCR0, val);
> >>> +#endif
> >>> +}
> >>
> >> Is this the same as LS1043A? Can we move this function to
> >> arch/arm/cpu/armv8/fsl-layerscape/spl.c?
> > This is true for LS1043, LS1046, however wouldn't hold good for Chassis
> gen3 SoC's like LS2088 , LS1088 etc. Is this file arch/arm/cpu/armv8/fsl-
> layerscape/spl.c common for the Chassis Gen 3 SoC's also ?
> >
>
> Yes, it is common for lsch3.
>
Since it is common for lsh3, please suggest if we should move this
configuration under
if defined(CONGIF_LS1043) || defined(CONFIG_LS1046) in
arch/arm/cpu/armv8/fsl-layerscape/spl.c or leave it in this file.
Ruchika
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot target
> -Original Message-
> From: york sun
> Sent: Saturday, April 01, 2017 1:44 AM
> To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de
> Cc: Vini Pillai <vinitha.pil...@nxp.com>; Sumit Garg <sumit.g...@nxp.com>
> Subject: Re: [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot
> target
>
> On 03/29/2017 07:21 AM, Ruchika Gupta wrote:
> > From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
> >
> > - Add SD secure boot target for ls1046ardb.
> > - Implement board specific spl_board_init() to setup CAAM stream ID and
> > corresponding stream ID in SMMU.
> > - Change the u-boot size defined by a macro for copying the main U-Boot
> by SPL
> > to also include the u-boot Secure Boot header size as header is appended
> to
> > u-boot image. So header will also be copied from SD to DDR.
> > - CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K)
> where 32K
> > are reserved for use by boot ROM and 6K for the header
> > - Reduce the size of CAAM driver for SPL. Since the size of spl image
> > was about 94K, Blobification functions and descriptors, that are not
> required
> > at the time of SPL are disabled. Further error code conversion to strings
> > is disabled for SPL build. This reduces the spl image size to 92K.
> >
> > Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
> > Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
> > Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
> > ---
> > Changes from v1:
> > - Rebased patches to latest dependent patch set
> > - With the dependent path set , spl imag size increased to 94K. So
> > - additionally reduce the spl image size by removing the functions
> > from
> > - CAAM driver that are not required in SPL flow
> >
>
>
>
> > +#if defined(CONFIG_SPL_BUILD)
> > +void spl_board_init(void)
> > +{
> > +#ifdef CONFIG_SECURE_BOOT
> > + /*
> > +* In case of Secure Boot, the IBR configures the SMMU
> > +* to allow only Secure transactions.
> > +* SMMU must be reset in bypass mode.
> > +* Set the ClientPD bit and Clear the USFCFG Bit
> > + */
> > + u32 val;
> > + val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) &
> ~(SCR0_USFCFG_MASK);
> > + out_le32(SMMU_SCR0, val);
> > + val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) &
> ~(SCR0_USFCFG_MASK);
> > + out_le32(SMMU_NSCR0, val);
> > +#endif
> > +}
>
> Is this the same as LS1043A? Can we move this function to
> arch/arm/cpu/armv8/fsl-layerscape/spl.c?
This is true for LS1043, LS1046, however wouldn't hold good for Chassis gen3
SoC's like LS2088 , LS1088 etc. Is this file
arch/arm/cpu/armv8/fsl-layerscape/spl.c common for the Chassis Gen 3 SoC's also
?
Ruchika
>
> York
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH 2/3][v2] arm: ls1043ardb: Add NAND secure boot target
From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Add NAND secure boot target for ls1043ardb.
- Change the u-boot size defined by a macro for copying the main
U-Boot by SPL to also include the u-boot Secure Boot header size as
header is appended to u-boot image. So header will also be copied from SD to
DDR.
- MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript from NAND
to
DDR. Offsets for Bootscript on NAND and DDR have been also defined.
Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1
- Rebased this patch to the latest dependent patch-set.
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/include/asm/fsl_secure_boot.h| 7 +++-
board/freescale/ls1043ardb/ls1043ardb.c | 1 +
configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 57 +++
include/config_fsl_chain_trust.h | 9 +++--
include/configs/ls1043a_common.h | 18 -
include/configs/ls1043ardb.h | 2 +-
6 files changed, 87 insertions(+), 7 deletions(-)
create mode 100644 configs/ls1043ardb_nand_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 266db4c..2cefd1f 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -70,7 +70,7 @@
/* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from
* Non-XIP Memory (Nand/SD)*/
#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \
- defined(CONFIG_SD_BOOT)
+ defined(CONFIG_SD_BOOT) || defined(CONFIG_NAND_BOOT)
#define CONFIG_BOOTSCRIPT_COPY_RAM
#endif
/* The address needs to be modified according to NOR, NAND, SD and
@@ -96,6 +96,11 @@
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
+#elif defined(CONFIG_NAND_BOOT)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0080
+#define CONFIG_BS_ADDR_DEVICE 0x00802000
+#define CONFIG_BS_HDR_SIZE 0x2000
+#define CONFIG_BS_SIZE 0x1000
#elif defined(CONFIG_QSPI_BOOT)
#ifdef CONFIG_ARCH_LS1046A
#define CONFIG_BS_HDR_ADDR_DEVICE 0x4078
diff --git a/board/freescale/ls1043ardb/ls1043ardb.c
b/board/freescale/ls1043ardb/ls1043ardb.c
index bd72e30..ff985de 100644
--- a/board/freescale/ls1043ardb/ls1043ardb.c
+++ b/board/freescale/ls1043ardb/ls1043ardb.c
@@ -51,6 +51,7 @@ void spl_board_init(void)
out_le32(SMMU_SCR0, val);
val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_NSCR0, val);
+ printf("Completed spl_board_init\n");
#endif
}
#endif
diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
new file mode 100644
index 000..66c89fa
--- /dev/null
+++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
@@ -0,0 +1,57 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1043ARDB=y
+CONFIG_SPL_LIBCOMMON_SUPPORT=y
+CONFIG_SPL_LIBGENERIC_SUPPORT=y
+CONFIG_SPL_NAND_SUPPORT=y
+CONFIG_SPL_SERIAL_SUPPORT=y
+CONFIG_SPL_ENV_SUPPORT=y
+CONFIG_SPL_DRIVERS_MISC_SUPPORT=y
+CONFIG_SPL_WATCHDOG_SUPPORT=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,NAND_BOOT"
+CONFIG_NAND_BOOT=y
+CONFIG_SECURE_BOOT=y
+CONFIG_BOOTDELAY=10
+CONFIG_SPL=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0
+CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y
+CONFIG_HUSH_PARSER=y
+CONFIG_CMD_GPT=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_SF=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_USB=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_PXE=y
+CONFIG_CMD_MII=y
+CONFIG_CMD_PING=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_FAT=y
+# CONFIG_SPL_EFI_PARTITION is not set
+CONFIG_OF_CONTROL=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_MTD_NOR_FLASH=y
+CONFIG_SPI_FLASH=y
+CONFIG_NETDEVICES=y
+CONFIG_E1000=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_DM_PCI_COMPAT=y
+CONFIG_PCIE_LAYERSCAPE=y
+CONFIG_SYS_NS16550=y
+CONFIG_DM_SPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_USB_XHCI_HCD=y
+CONFIG_USB_XHCI_DWC3=y
+CONFIG_USB_STORAGE=y
+CONFIG_RSA=y
+CONFIG_SPL_RSA=y
+CONFIG_SPL_CRYPTO_SUPPORT=y
+CONFIG_SPL_HASH_SUPPORT=y
diff --git a/include/config_fsl_chain_trust.h b/incl
[U-Boot] [PATCH 3/3][v3] [RESEND] arm: ls1046ardb: Add SD secure boot target
From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
- Add SD secure boot target for ls1046ardb.
- Implement board specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for the header
- Reduce the size of CAAM driver for SPL. Since the size of spl image
was about 94K, Blobification functions and descriptors, that are not required
at the time of SPL are disabled. Further error code conversion to strings
is disabled for SPL build. This reduces the spl image size to 92K.
Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1:
- Rebased patches to latest dependent patch set
- With the dependent path set , spl imag size increased to 94K. So
- additionally reduce the spl image size by removing the functions from
- CAAM driver that are not required in SPL flow
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/include/asm/fsl_secure_boot.h | 2 +-
board/freescale/ls1046ardb/ls1046ardb.c | 19 +++
configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 +
drivers/crypto/fsl/jobdesc.c| 4 +--
drivers/crypto/fsl/jr.c | 19 ++-
include/configs/ls1046a_common.h| 17 --
6 files changed, 91 insertions(+), 15 deletions(-)
create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 2cefd1f..9155e29 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -88,7 +88,7 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#if defined(CONFIG_LS1043A)
+#if defined(CONFIG_LS1043A) || defined(CONFIG_ARCH_LS1046A)
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
#else
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
diff --git a/board/freescale/ls1046ardb/ls1046ardb.c
b/board/freescale/ls1046ardb/ls1046ardb.c
index 1dd5e69..f050163 100644
--- a/board/freescale/ls1046ardb/ls1046ardb.c
+++ b/board/freescale/ls1046ardb/ls1046ardb.c
@@ -32,6 +32,25 @@ int board_early_init_f(void)
return 0;
}
+#if defined(CONFIG_SPL_BUILD)
+void spl_board_init(void)
+{
+#ifdef CONFIG_SECURE_BOOT
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+#endif
+
#ifndef CONFIG_SPL_BUILD
int checkboard(void)
{
diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
new file mode 100644
index 000..a41ec80
--- /dev/null
+++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
@@ -0,0 +1,45 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1046ARDB=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL"
+CONFIG_SECURE_BOOT=y
+CONFIG_SD_BOOT=y
+CONFIG_BOOTDELAY=10
+CONFIG_SPL=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110
+CONFIG_HUSH_PARSER=y
+# CONFIG_CMD_IMLS is not set
+CONFIG_CMD_GPT=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_SF=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_MII=y
+CONFIG_CMD_PING=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_FAT=y
+# CONFIG_SPL_EFI_PARTITION is not set
+CONFIG_OF_CONTROL=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_SPI_FLASH=y
+CONFIG_NETDEVICES=y
+CONFIG_E1000=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_DM_PCI_COMPAT=y
+CONFIG_PCIE_LAYERSCAPE=y
+CONFIG_SYS_NS16550=y
+CONFIG_DM_SPI=y
+CONFIG_FSL_QSPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_
[U-Boot] [PATCH 3/3] arm: ls1046ardb: Add SD secure boot target
From: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
- Add SD secure boot target for ls1046ardb.
- Implement board specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for the header
- Reduce the size of CAAM driver for SPL. Since the size of spl image
was about 94K, Blobification functions and descriptors, that are not required
at the time of SPL are disabled. Further error code conversion to strings
is disabled for SPL build. This reduces the spl image size to 92K.
Signed-off-by: Vinitha Pillai <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1:
- Rebased patches to latest dependent patch set
- With the dependent path set , spl imag size increased to 94K. So
- additionally reduce the spl image size by removing the functions from
- CAAM driver that are not required in SPL flow
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/include/asm/fsl_secure_boot.h | 2 +-
board/freescale/ls1046ardb/ls1046ardb.c | 19 +++
configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 +
drivers/crypto/fsl/jobdesc.c| 4 +--
drivers/crypto/fsl/jr.c | 19 ++-
include/configs/ls1046a_common.h| 17 --
6 files changed, 91 insertions(+), 15 deletions(-)
create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 2cefd1f..9155e29 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -88,7 +88,7 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#if defined(CONFIG_LS1043A)
+#if defined(CONFIG_LS1043A) || defined(CONFIG_ARCH_LS1046A)
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
#else
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
diff --git a/board/freescale/ls1046ardb/ls1046ardb.c
b/board/freescale/ls1046ardb/ls1046ardb.c
index 1dd5e69..f050163 100644
--- a/board/freescale/ls1046ardb/ls1046ardb.c
+++ b/board/freescale/ls1046ardb/ls1046ardb.c
@@ -32,6 +32,25 @@ int board_early_init_f(void)
return 0;
}
+#if defined(CONFIG_SPL_BUILD)
+void spl_board_init(void)
+{
+#ifdef CONFIG_SECURE_BOOT
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+#endif
+
#ifndef CONFIG_SPL_BUILD
int checkboard(void)
{
diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
new file mode 100644
index 000..a41ec80
--- /dev/null
+++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
@@ -0,0 +1,45 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1046ARDB=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL"
+CONFIG_SECURE_BOOT=y
+CONFIG_SD_BOOT=y
+CONFIG_BOOTDELAY=10
+CONFIG_SPL=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110
+CONFIG_HUSH_PARSER=y
+# CONFIG_CMD_IMLS is not set
+CONFIG_CMD_GPT=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_SF=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_MII=y
+CONFIG_CMD_PING=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_FAT=y
+# CONFIG_SPL_EFI_PARTITION is not set
+CONFIG_OF_CONTROL=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_SPI_FLASH=y
+CONFIG_NETDEVICES=y
+CONFIG_E1000=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_DM_PCI_COMPAT=y
+CONFIG_PCIE_LAYERSCAPE=y
+CONFIG_SYS_NS16550=y
+CONFIG_DM_SPI=y
+CONFIG_FSL_QSPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_
[U-Boot] [PATCH 1/3][v2] arm: ls1043ardb: Add SD secure boot target
- Add SD secure boot target for ls1043ardb.
- Implement board specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for secure boto header
- Error messages during SPL boot are limited to error code numbers instead of
strings
to reduce the size of SPL image
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
Changes from v1:
Rebased to latest dependent patches: - No change
Dependent patch set:
SECURE boot target addition for NOR on LS1043, LS1046
https://patchwork.ozlabs.org/patch/742548/
https://patchwork.ozlabs.org/patch/742552/
https://patchwork.ozlabs.org/patch/742549/
https://patchwork.ozlabs.org/patch/742551/
https://patchwork.ozlabs.org/patch/742550/
https://patchwork.ozlabs.org/patch/742553/
https://patchwork.ozlabs.org/patch/742554/
and
SPL size reduction patches
https://patchwork.ozlabs.org/patch/744755/
https://patchwork.ozlabs.org/patch/744756/
arch/arm/include/asm/fsl_secure_boot.h | 9 +++-
board/freescale/common/fsl_validate.c | 4 ++
board/freescale/ls1043ardb/ls1043ardb.c | 19 +
configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 57 +
include/configs/ls1043a_common.h| 16 ++-
5 files changed, 101 insertions(+), 4 deletions(-)
create mode 100644 configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 69cd35d..266db4c 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -27,10 +27,11 @@
#define CONFIG_SPL_UBOOT_KEY_HASH NULL
#endif /* ifdef CONFIG_SPL_BUILD */
+#define CONFIG_KEY_REVOCATION
+
#ifndef CONFIG_SPL_BUILD
#define CONFIG_CMD_BLOB
#define CONFIG_CMD_HASH
-#define CONFIG_KEY_REVOCATION
#ifndef CONFIG_SYS_RAMBOOT
/* The key used for verification of next level images
* is picked up from an Extension Table which has
@@ -87,7 +88,11 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#if defined(CONFIG_LS1043A)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
+#else
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#endif
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
diff --git a/board/freescale/common/fsl_validate.c
b/board/freescale/common/fsl_validate.c
index 2b723a4..235c6ab 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -356,6 +356,7 @@ static void fsl_secboot_bootscript_parse_failure(void)
*/
void fsl_secboot_handle_error(int error)
{
+#ifndef CONFIG_SPL_BUILD
const struct fsl_secboot_errcode *e;
for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
@@ -363,6 +364,9 @@ void fsl_secboot_handle_error(int error)
if (e->errcode == error)
printf("ERROR :: %x :: %s\n", error, e->name);
}
+#else
+ printf("ERROR :: %x\n", error);
+#endif
/* If Boot Mode is secure, transition the SNVS state and issue
* reset based on type of failure and ITS setting.
diff --git a/board/freescale/ls1043ardb/ls1043ardb.c
b/board/freescale/ls1043ardb/ls1043ardb.c
index 6de7f9a..bd72e30 100644
--- a/board/freescale/ls1043ardb/ls1043ardb.c
+++ b/board/freescale/ls1043ardb/ls1043ardb.c
@@ -36,6 +36,25 @@ int board_early_init_f(void)
return 0;
}
+#if defined(CONFIG_SPL_BUILD)
+void spl_board_init(void)
+{
+#ifdef CONFIG_SECURE_BOOT
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+#endif
+
#ifndef CONFIG_SPL_BUILD
int checkboard(void)
diff --git a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
new file mode 100644
index 000..3f35d64
--- /dev/null
+++ b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
@@ -0,0 +1,57 @@
+CONFIG_ARM=y
+CON
Re: [U-Boot] [PATCH] powerpc: e6500: Lock/unlock 1 cache instead of L1 as init_ram
> -Original Message- > From: york sun > Sent: Saturday, March 25, 2017 10:16 PM > To: Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de; > prabhakar.khushw...@nxp.com > Subject: Re: [U-Boot] [PATCH] powerpc: e6500: Lock/unlock 1 cache instead > of L1 as init_ram > > On 03/01/2017 07:37 PM, Ruchika Gupta wrote: > > Fir E6500 cores, L2 cache has been used as init_ram. L1 cache is a > > write through cache on E6500.If lines are not locked in both L1 and L2 > > caches, crashes are observed during secure boot. This patch > > locks/unlocks both L1 as well as L2 cache to prevent the crash. > > I didn't even know you could/should lock L1. Any reason why it would crash? > > York In secure boot scenarios, L2 cache is also locked by Rom for usage and then cleared before exiting ROM. Some castouts were being observed when only L2 cache lines were being locked in uboot hinting that lines were probably not getting locked. The e6500 core expert suggested to try locking in both the caches. This seems to resolve the crashed which we were observing. Ruchika ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH] powerpc: e6500: Lock/unlock 1 cache instead of L1 as init_ram
Fir E6500 cores, L2 cache has been used as init_ram. L1 cache is a write through cache on E6500.If lines are not locked in both L1 and L2 caches, crashes are observed during secure boot. This patch locks/unlocks both L1 as well as L2 cache to prevent the crash. Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- arch/powerpc/cpu/mpc85xx/start.S | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/cpu/mpc85xx/start.S b/arch/powerpc/cpu/mpc85xx/start.S index c3e1234..b9a4cb5 100644 --- a/arch/powerpc/cpu/mpc85xx/start.S +++ b/arch/powerpc/cpu/mpc85xx/start.S @@ -1145,8 +1145,9 @@ switch_as: li r0,0 1: dcbzr0,r3 -#ifdef CONFIG_E6500/* Lock/unlock L2 cache instead of L1 */ +#ifdef CONFIG_E6500/* Lock/unlock L2 cache long with L1 */ dcbtls 2, r0, r3 + dcbtls 0, r0, r3 #else dcbtls 0, r0, r3 #endif @@ -1790,8 +1791,9 @@ unlock_ram_in_cache: slwir4,r4,(10 - 1 - L1_CACHE_SHIFT) mtctr r4 1: dcbir0,r3 -#ifdef CONFIG_E6500/* lock/unlock L2 cache instead of L1 */ +#ifdef CONFIG_E6500/* lock/unlock L2 cache long with L1 */ dcblc 2, r0, r3 + dcblc 0, r0, r3 #else dcblc r0,r3 #endif -- 1.9.1 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH] powerpc: e6500: Lock/unlock 1 cache instead of L1 as init_ram
Fir E6500 cores, L2 cache has been used as init_ram. L1 cache is a write through cache on E6500.If lines are not locked in both L1 and L2 caches, crashes are observed during secure boot. This patch locks/unlocks both L1 as well as L2 cache to prevent the crash. Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com> --- arch/powerpc/cpu/mpc85xx/start.S | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/cpu/mpc85xx/start.S b/arch/powerpc/cpu/mpc85xx/start.S index c3e1234..b9a4cb5 100644 --- a/arch/powerpc/cpu/mpc85xx/start.S +++ b/arch/powerpc/cpu/mpc85xx/start.S @@ -1145,8 +1145,9 @@ switch_as: li r0,0 1: dcbzr0,r3 -#ifdef CONFIG_E6500/* Lock/unlock L2 cache instead of L1 */ +#ifdef CONFIG_E6500/* Lock/unlock L2 cache long with L1 */ dcbtls 2, r0, r3 + dcbtls 0, r0, r3 #else dcbtls 0, r0, r3 #endif @@ -1790,8 +1791,9 @@ unlock_ram_in_cache: slwir4,r4,(10 - 1 - L1_CACHE_SHIFT) mtctr r4 1: dcbir0,r3 -#ifdef CONFIG_E6500/* lock/unlock L2 cache instead of L1 */ +#ifdef CONFIG_E6500/* lock/unlock L2 cache long with L1 */ dcblc 2, r0, r3 + dcblc 0, r0, r3 #else dcblc r0,r3 #endif -- 1.9.1 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH 1/3] arm: ls1043ardb: Add SD secure boot target
- Add SD secure boot target for ls1043ardb.
- Implement board specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for secure boto header
- Error messages during SPL boot are limited to error code numbers instead of
strings
to reduce the size of SPL image
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
The patchset is dependent on the following patches:
https://patchwork.ozlabs.org/patch/717614/
http://patchwork.ozlabs.org/patch/724332/
http://patchwork.ozlabs.org/patch/729932/
http://patchwork.ozlabs.org/patch/729980/
arch/arm/include/asm/fsl_secure_boot.h | 9 +++-
board/freescale/common/fsl_validate.c | 4 ++
board/freescale/ls1043ardb/ls1043ardb.c | 19 +
configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 57 +
include/configs/ls1043a_common.h| 16 ++-
5 files changed, 101 insertions(+), 4 deletions(-)
create mode 100644 configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 8d9de45..a1474eb 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -32,10 +32,11 @@
#define CONFIG_SPL_UBOOT_KEY_HASH NULL
#endif /* ifdef CONFIG_SPL_BUILD */
+#define CONFIG_KEY_REVOCATION
+
#ifndef CONFIG_SPL_BUILD
#define CONFIG_CMD_BLOB
#define CONFIG_CMD_HASH
-#define CONFIG_KEY_REVOCATION
#ifndef CONFIG_SYS_RAMBOOT
/* The key used for verification of next level images
* is picked up from an Extension Table which has
@@ -91,7 +92,11 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#if defined(CONFIG_LS1043A)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
+#else
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
+#endif
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
diff --git a/board/freescale/common/fsl_validate.c
b/board/freescale/common/fsl_validate.c
index 2b723a4..235c6ab 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -356,6 +356,7 @@ static void fsl_secboot_bootscript_parse_failure(void)
*/
void fsl_secboot_handle_error(int error)
{
+#ifndef CONFIG_SPL_BUILD
const struct fsl_secboot_errcode *e;
for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
@@ -363,6 +364,9 @@ void fsl_secboot_handle_error(int error)
if (e->errcode == error)
printf("ERROR :: %x :: %s\n", error, e->name);
}
+#else
+ printf("ERROR :: %x\n", error);
+#endif
/* If Boot Mode is secure, transition the SNVS state and issue
* reset based on type of failure and ITS setting.
diff --git a/board/freescale/ls1043ardb/ls1043ardb.c
b/board/freescale/ls1043ardb/ls1043ardb.c
index 5a76742..0b3840d 100644
--- a/board/freescale/ls1043ardb/ls1043ardb.c
+++ b/board/freescale/ls1043ardb/ls1043ardb.c
@@ -43,6 +43,25 @@ int board_early_init_f(void)
return 0;
}
+#if defined(CONFIG_SPL_BUILD)
+void spl_board_init(void)
+{
+#ifdef CONFIG_SECURE_BOOT
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+#endif
+
#ifndef CONFIG_SPL_BUILD
int checkboard(void)
diff --git a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
new file mode 100644
index 000..3f35d64
--- /dev/null
+++ b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig
@@ -0,0 +1,57 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1043ARDB=y
+CONFIG_SPL_LIBCOMMON_SUPPORT=y
+CONFIG_SPL_LIBGENERIC_SUPPORT=y
+CONFIG_SPL_MMC_SUPPORT=y
+CONFIG_SPL_SERIAL_SUPPORT=y
+CONFIG_SPL_ENV_SUPPORT=y
+CONFIG_SPL_DRIVERS_MISC_SUPPORT=y
+CONFIG_SPL_WATCHDOG_SUPPORT=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_S
[U-Boot] [PATCH 3/3] arm: ls1046ardb: Add SD secure boot target
- Add SD secure boot target for ls1046ardb.
- Implement board specific spl_board_init() to setup CAAM stream ID and
corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main U-Boot by SPL
to also include the u-boot Secure Boot header size as header is appended to
u-boot image. So header will also be copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90K.SPL is copied to OCRAM (128K) where 32K
are reserved for use by boot ROM and 6K for the header
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
The patchset is dependent on the following patches:
https://patchwork.ozlabs.org/patch/717614/
http://patchwork.ozlabs.org/patch/724332/
http://patchwork.ozlabs.org/patch/729932/
http://patchwork.ozlabs.org/patch/729980/
arch/arm/include/asm/fsl_secure_boot.h | 2 +-
board/freescale/ls1046ardb/ls1046ardb.c | 19 +++
configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 +
include/configs/ls1046a_common.h| 17 --
include/configs/ls1046ardb.h| 1 -
5 files changed, 79 insertions(+), 5 deletions(-)
create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index 2f719c0..f612088 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -92,7 +92,7 @@
/* For SD boot address and size are assigned in terms of sector
* offset and no. of sectors respectively.
*/
-#if defined(CONFIG_LS1043A)
+#if defined(CONFIG_LS1043A) || defined(CONFIG_LS1046A)
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0920
#else
#define CONFIG_BS_HDR_ADDR_DEVICE 0x0900
diff --git a/board/freescale/ls1046ardb/ls1046ardb.c
b/board/freescale/ls1046ardb/ls1046ardb.c
index bb03479..0087c73 100644
--- a/board/freescale/ls1046ardb/ls1046ardb.c
+++ b/board/freescale/ls1046ardb/ls1046ardb.c
@@ -38,6 +38,25 @@ int board_early_init_f(void)
return 0;
}
+#if defined(CONFIG_SPL_BUILD)
+void spl_board_init(void)
+{
+#ifdef CONFIG_SECURE_BOOT
+ /*
+* In case of Secure Boot, the IBR configures the SMMU
+* to allow only Secure transactions.
+* SMMU must be reset in bypass mode.
+* Set the ClientPD bit and Clear the USFCFG Bit
+ */
+ u32 val;
+ val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_SCR0, val);
+ val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
+ out_le32(SMMU_NSCR0, val);
+#endif
+}
+#endif
+
#ifndef CONFIG_SPL_BUILD
int checkboard(void)
{
diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
new file mode 100644
index 000..a41ec80
--- /dev/null
+++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig
@@ -0,0 +1,45 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1046ARDB=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL"
+CONFIG_SECURE_BOOT=y
+CONFIG_SD_BOOT=y
+CONFIG_BOOTDELAY=10
+CONFIG_SPL=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110
+CONFIG_HUSH_PARSER=y
+# CONFIG_CMD_IMLS is not set
+CONFIG_CMD_GPT=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_SF=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_MII=y
+CONFIG_CMD_PING=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_FAT=y
+# CONFIG_SPL_EFI_PARTITION is not set
+CONFIG_OF_CONTROL=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_SPI_FLASH=y
+CONFIG_NETDEVICES=y
+CONFIG_E1000=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_DM_PCI_COMPAT=y
+CONFIG_PCIE_LAYERSCAPE=y
+CONFIG_SYS_NS16550=y
+CONFIG_DM_SPI=y
+CONFIG_FSL_QSPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_RSA=y
+CONFIG_SPL_RSA=y
+CONFIG_SPL_CRYPTO_SUPPORT=y
+CONFIG_SPL_HASH_SUPPORT=y
diff --git a/include/configs/ls1046a_common.h b/include/configs/ls1046a_common.h
index c884b95..241e679 100644
--- a/include/configs/ls1046a_common.h
+++ b/include/configs/ls1046a_common.h
@@ -13,7 +13,6 @@
#define CONFIG_GICV2
#include
-
/* Link Definitions */
#define CONFIG_SYS_INIT_SP_ADDR(CONFIG_SYS_FSL_OCRAM_BASE +
0xfff0)
@@ -68,7 +67,19 @@
#define CONFIG_SYS_SPL_MALLOC_START(CONFIG_SPL_BSS_START_ADDR + \
CONFIG_SPL_BSS_MAX_SIZE)
#define CONFIG_SYS_SPL_MALLOC_SIZE 0x10
-#define CONFIG_SYS_MONITOR_LEN 0xa
+
+#ifdef CONFIG_SECURE_BOOT
+#define CONFIG_U_BOOT_HDR_SIZE (16 << 10)
+/*
+ * HDR would be appended at end of image and copied to DDR along
+ * with U-Boot image. Here u-boot max. size is 512K. So if binary
+ * size increases then increase this s
[U-Boot] [PATCH 2/3] arm: ls1043ardb: Add NAND secure boot target
Add NAND secure boot target for ls1043ardb.
- Change the u-boot size defined by a macro for copying the main
U-Boot by SPL to also include the u-boot Secure Boot header size as
header is appended to u-boot image. So header will also be copied from SD to
DDR.
- MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript from NAND
to
DDR. Offsets for Bootscript on NAND and DDR have been also defined.
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pil...@nxp.com>
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
The patchset is dependent on the following patches:
https://patchwork.ozlabs.org/patch/717614/
http://patchwork.ozlabs.org/patch/724332/
http://patchwork.ozlabs.org/patch/729932/
http://patchwork.ozlabs.org/patch/729980/
arch/arm/include/asm/fsl_secure_boot.h| 7 +++-
board/freescale/ls1043ardb/ls1043ardb.c | 1 +
configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 57 +++
include/config_fsl_chain_trust.h | 9 +++--
include/configs/ls1043a_common.h | 18 -
include/configs/ls1043ardb.h | 2 +-
6 files changed, 87 insertions(+), 7 deletions(-)
create mode 100644 configs/ls1043ardb_nand_SECURE_BOOT_defconfig
diff --git a/arch/arm/include/asm/fsl_secure_boot.h
b/arch/arm/include/asm/fsl_secure_boot.h
index a1474eb..2f719c0 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -74,7 +74,7 @@
/* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from
* Non-XIP Memory (Nand/SD)*/
#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \
- defined(CONFIG_SD_BOOT)
+ defined(CONFIG_SD_BOOT) || defined(CONFIG_NAND_BOOT)
#define CONFIG_BOOTSCRIPT_COPY_RAM
#endif
/* The address needs to be modified according to NOR, NAND, SD and
@@ -100,6 +100,11 @@
#define CONFIG_BS_ADDR_DEVICE 0x0940
#define CONFIG_BS_HDR_SIZE 0x0010
#define CONFIG_BS_SIZE 0x0008
+#elif defined(CONFIG_NAND_BOOT)
+#define CONFIG_BS_HDR_ADDR_DEVICE 0x0080
+#define CONFIG_BS_ADDR_DEVICE 0x00802000
+#define CONFIG_BS_HDR_SIZE 0x2000
+#define CONFIG_BS_SIZE 0x1000
#else
#define CONFIG_BS_HDR_ADDR_DEVICE 0x600a
#define CONFIG_BS_ADDR_DEVICE 0x6006
diff --git a/board/freescale/ls1043ardb/ls1043ardb.c
b/board/freescale/ls1043ardb/ls1043ardb.c
index 0b3840d..62ab749 100644
--- a/board/freescale/ls1043ardb/ls1043ardb.c
+++ b/board/freescale/ls1043ardb/ls1043ardb.c
@@ -58,6 +58,7 @@ void spl_board_init(void)
out_le32(SMMU_SCR0, val);
val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_NSCR0, val);
+ printf("Completed spl_board_init\n");
#endif
}
#endif
diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
new file mode 100644
index 000..66c89fa
--- /dev/null
+++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig
@@ -0,0 +1,57 @@
+CONFIG_ARM=y
+CONFIG_TARGET_LS1043ARDB=y
+CONFIG_SPL_LIBCOMMON_SUPPORT=y
+CONFIG_SPL_LIBGENERIC_SUPPORT=y
+CONFIG_SPL_NAND_SUPPORT=y
+CONFIG_SPL_SERIAL_SUPPORT=y
+CONFIG_SPL_ENV_SUPPORT=y
+CONFIG_SPL_DRIVERS_MISC_SUPPORT=y
+CONFIG_SPL_WATCHDOG_SUPPORT=y
+CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb"
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_OF_BOARD_SETUP=y
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,NAND_BOOT"
+CONFIG_NAND_BOOT=y
+CONFIG_SECURE_BOOT=y
+CONFIG_BOOTDELAY=10
+CONFIG_SPL=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
+CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0
+CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y
+CONFIG_HUSH_PARSER=y
+CONFIG_CMD_GPT=y
+CONFIG_CMD_MMC=y
+CONFIG_CMD_SF=y
+CONFIG_CMD_I2C=y
+CONFIG_CMD_USB=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_PXE=y
+CONFIG_CMD_MII=y
+CONFIG_CMD_PING=y
+CONFIG_CMD_CACHE=y
+CONFIG_CMD_EXT2=y
+CONFIG_CMD_FAT=y
+# CONFIG_SPL_EFI_PARTITION is not set
+CONFIG_OF_CONTROL=y
+CONFIG_DM=y
+CONFIG_SPL_DM=y
+CONFIG_MTD_NOR_FLASH=y
+CONFIG_SPI_FLASH=y
+CONFIG_NETDEVICES=y
+CONFIG_E1000=y
+CONFIG_PCI=y
+CONFIG_DM_PCI=y
+CONFIG_DM_PCI_COMPAT=y
+CONFIG_PCIE_LAYERSCAPE=y
+CONFIG_SYS_NS16550=y
+CONFIG_DM_SPI=y
+CONFIG_USB=y
+CONFIG_DM_USB=y
+CONFIG_USB_XHCI_HCD=y
+CONFIG_USB_XHCI_DWC3=y
+CONFIG_USB_STORAGE=y
+CONFIG_RSA=y
+CONFIG_SPL_RSA=y
+CONFIG_SPL_CRYPTO_SUPPORT=y
+CONFIG_SPL_HASH_SUPPORT=y
diff --git a/include/config_fsl_chain_trust.h b/include/config_fsl_chain_trust.h
index eb45e98..40d323e 100644
--- a/include/config_fsl_chain_trust.h
+++ b/include/config_fsl_chain_trust.h
@@ -81,17 +81,18 @@
"setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
/* For secure boot flow, default environment used will be used */
-#if defined(CONFIG_SYS_RAMBOOT)
-#if defined(CONFIG_RAMBOOT_NAND)
+#if defined(CONFIG_SYS_R
[U-Boot] [PATCH 0/3] SECURE Boot targets for NAND and SD on LS1043, LS1046
Ruchika Gupta (3): arm: ls1043ardb: Add SD secure boot target arm: ls1043ardb: Add NAND secure boot target arm: ls1046ardb: Add SD secure boot target arch/arm/include/asm/fsl_secure_boot.h | 16 +-- board/freescale/common/fsl_validate.c | 4 ++ board/freescale/ls1043ardb/ls1043ardb.c | 20 + board/freescale/ls1046ardb/ls1046ardb.c | 19 + configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 57 + configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 57 + configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 45 +++ include/config_fsl_chain_trust.h| 9 ++-- include/configs/ls1043a_common.h| 34 +-- include/configs/ls1043ardb.h| 2 +- include/configs/ls1046a_common.h| 17 ++-- include/configs/ls1046ardb.h| 1 - 12 files changed, 266 insertions(+), 15 deletions(-) create mode 100644 configs/ls1043ardb_nand_SECURE_BOOT_defconfig create mode 100644 configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig create mode 100644 configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig -- The patchset is dependent on the following patches: https://patchwork.ozlabs.org/patch/717614/ http://patchwork.ozlabs.org/patch/724332/ http://patchwork.ozlabs.org/patch/729932/ http://patchwork.ozlabs.org/patch/729980/ 1.9.1 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH] armv8: ls1043a: Extend the size for SPL
Hi Qianyu, There are plans to enable secure boot on LS1043 soon and it would require the SPL flow. The patches for same are already available on LS1020. Additionally we would also have drivers for CAAM for validation of next level image. Approx 48K of area needs to be reserved for this. Out of this 48K , last 32K of space in OCRAM is reserved for use by Boot ROM and 16K needs to be reserved for header of uboot. Is DEBUG being enabled by default in SPL ? What is the reason for increasing the functionality in SPL. Ideally SPL's role should be limited to DDR Init and copying of image from the boot source. Regards, Ruchika -Original Message- From: Q.Y. Gong Sent: Thursday, September 08, 2016 12:32 PM To: Prabhakar Kushwaha <prabhakar.kushw...@nxp.com>; york sun <york@nxp.com>; Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de Cc: Vincent Hu <mingkai...@nxp.com> Subject: RE: [PATCH] armv8: ls1043a: Extend the size for SPL Hi Prabhakar, Does secure boot enable SPL on LS1043A? I only see secure boot for NOR boot. As there won't be enough space for SPL soon, I don't think it could support secure boot and SPL at the same time. Regards, Qianyu > -Original Message- > From: Prabhakar Kushwaha > Sent: Thursday, September 08, 2016 2:35 PM > To: Q.Y. Gong <qianyu.g...@nxp.com>; york sun <york@nxp.com>; > Ruchika Gupta <ruchika.gu...@nxp.com>; u-boot@lists.denx.de > Cc: Vincent Hu <mingkai...@nxp.com> > Subject: RE: [PATCH] armv8: ls1043a: Extend the size for SPL > > Hi Gong, > > You have increased SPL size to 124KB. It is very high. > As per my understanding 40K has been reserved for headers to be used > during secure boot. > > Have you consider the secure boot case? > > Regards, > Prabhakar > > > -Original Message- > > From: Q.Y. Gong > > Sent: Thursday, September 08, 2016 8:04 AM > > To: york sun <york@nxp.com>; u-boot@lists.denx.de > > Cc: Prabhakar Kushwaha <prabhakar.kushw...@nxp.com>; Vincent Hu > > <mingkai...@nxp.com> > > Subject: RE: [PATCH] armv8: ls1043a: Extend the size for SPL > > > > Hi York, > > > > > -Original Message- > > > From: york sun > > > Sent: Wednesday, September 07, 2016 11:36 PM > > > To: Q.Y. Gong <qianyu.g...@nxp.com>; u-boot@lists.denx.de > > > Cc: Prabhakar Kushwaha <prabhakar.kushw...@nxp.com>; Vincent Hu > > > <mingkai...@nxp.com> > > > Subject: Re: [PATCH] armv8: ls1043a: Extend the size for SPL > > > > > > On 09/07/2016 03:33 AM, Gong Qianyu wrote: > > > > The SPL images are growing much bigger especially when DEBUG is ON. > > > > So need to fix the values for them. > > > > > > > > Signed-off-by: Gong Qianyu <qianyu.g...@nxp.com> > > > > --- > > > > include/configs/ls1043a_common.h | 25 - > > > > 1 file changed, 16 insertions(+), 9 deletions(-) > > > > > > > > diff --git a/include/configs/ls1043a_common.h > > > > b/include/configs/ls1043a_common.h > > > > index e55fcb2..fa20e6d 100644 > > > > --- a/include/configs/ls1043a_common.h > > > > +++ b/include/configs/ls1043a_common.h > > > > @@ -69,16 +69,22 @@ > > > > #define CONFIG_SPL_SERIAL_SUPPORT #define > > > > CONFIG_SPL_DRIVERS_MISC_SUPPORT #define > CONFIG_SPL_MMC_SUPPORT > > > > -#define CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR > > > 0xf0 > > > > +#define CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR > > > 0x110 > > > > #define CONFIG_SYS_U_BOOT_MAX_SIZE_SECTORS 0x500 > > > > > > > > #define CONFIG_SPL_TEXT_BASE 0x1000 > > > > -#define CONFIG_SPL_MAX_SIZE0x1d000 > > > > -#define CONFIG_SPL_STACK 0x1001e000 > > > > -#define CONFIG_SPL_PAD_TO 0x1d000 > > > > +/* > > > > + * CONFIG_SPL_MAX_SIZE is limited by OCRAM memory size(128 KiB) > > > > +and > > > > + * a reserved stack size(4 KiB). > > > > + * So notice that even if DEBUG is ON, the SPL > > > > +image(spl/u-boot-spl.bin) > > > > + * should not be > 124 KiB. > > > > + */ > > > > > > Qianyu, > > > > > > It is good to see comment here. However, I am concerned about your > > calculation. > > > Beside the image and stack, the early MMU tables are at the > > > beginning of > > OCRAM. > > > Did you count them? > > > > > > York > > > > No. We don't set up MMU tables in SPL stage on LS1043A/LS1046A. > > Seems so far only LS2080A has done that in SPL. > > > > > > Regards, > > Qianyu ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH v3] imx: imx7 Support for Manufacturing Protection
> diff --git a/drivers/crypto/fsl/Makefile b/drivers/crypto/fsl/Makefile index
> fd736cf..6d6903b 100644
> --- a/drivers/crypto/fsl/Makefile
> +++ b/drivers/crypto/fsl/Makefile
> @@ -8,3 +8,7 @@ obj-y += sec.o
> obj-$(CONFIG_FSL_CAAM) += jr.o fsl_hash.o jobdesc.o error.o
> obj-$(CONFIG_CMD_BLOB)$(CONFIG_CMD_DEKBLOB) += fsl_blob.o
> obj-$(CONFIG_RSA_FREESCALE_EXP) += fsl_rsa.o
> +
> +ifdef CONFIG_MX7
> +obj-$(CONFIG_CMD_MFGPROT) += fsl_mfgprot.o endif
> diff --git a/drivers/crypto/fsl/fsl_mfgprot.c
> b/drivers/crypto/fsl/fsl_mfgprot.c
> new file mode 100644
> index 000..fe89be7
> --- /dev/null
> +++ b/drivers/crypto/fsl/fsl_mfgprot.c
> @@ -0,0 +1,236 @@
> +/*
> + * Copyright 2014 Freescale Semiconductor, Inc.
> + *
> + * SPDX-License-Identifier: GPL-2.0+
> + *
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include "jobdesc.h"
> +#include "desc.h"
> +#include "jr.h"
> +
> +#define HAB_MASK(LBL)\
> + uint32_t)1 << (LBL##_WIDTH)) - 1) << (LBL##_SHIFT))
Please use generic names like FSL_CAAM_* instead of HAB_ throughout
The same mfg protection is also available in some other FSL SoC's also and use
of HAB should be avoided here.
> +
> +#define HAB_INSERT_BITS(val, LBL)\
> + (((uint32_t)(val) << LBL##_SHIFT) & HAB_MASK(LBL))
> +
> +/* Size of MFG descriptor */
> +#define MFG_PUBK_DSC_WORDS 4
> +#define MFG_SIGN_DSC_WORDS 8
> +
> +/* Size of MFG protocol data block */
> +#define MFG_PUBK_PDB_WORDS 2
> +#define MFG_SIGN_PDB_WORDS 6
> +
> +void mfg_build_sign_dsc(u32 *dsc_ptr, const u8 *m, int size,
> + u8 *dgst, u8 *c, u8 *d)
> +{
> + u32 *dsc = dsc_ptr;
> + *dsc++ = (HAB_ENG_CAAM_CMD_JOBHDR
> + | HAB_INSERT_BITS(
> + MFG_SIGN_PDB_WORDS + 1,
> + HAB_ENG_CAAM_CMD_JOBHDR_START)
> + | MFG_SIGN_DSC_WORDS);
The construction of descriptor should be using constructs in desc_constr.h. The
approach below has limitation for hard-coded descriptor sizes. Pdb size can
vary depending on PS bit in MCFGR. Based on it, you may have dma addr ptr as 32
bit or 64 bit.
We have recently submitted patches for adding constructs for pdb support.
Please refer to the patchwork link below
http://patchwork.ozlabs.org/patch/582789/
http://patchwork.ozlabs.org/patch/582790/
Example of adding a pdb descriptor :
(Example for ecdsa verify descriptor given below. You can use the same
reference to develop the mfg protection descriptor)
struct pdb_ecdsa_verify *pdb;
init_job_desc_pdb(desc, 0, sizeof(struct pdb_ecdsa_verify));
pdb = (struct pdb_ecdsa_verify *)desc_pdb(desc);
/* Populate the field of pdb. Reference pdb structs for pdb_mp_pub_k,
pdb_mp_sign available in desc.h in above patch-set*/
pdb->pdb_hdr = (0x20 << PDB_ECDSA_L_SHIFT) |
(0x20 << PDB_ECDSA_N_SHIFT);
pdb_add_ptr(>dma_q, virt_to_phys((void *)q_curve));
pdb_add_ptr(>dma_r, virt_to_phys((void *)r_curve));
pdb->img_size = (uint32_t)img_size;
append_operation(desc, OP_TYPE_UNI_PROTOCOL | OP_PCLID_DSA_VERIFY |
OP_PROTINFO_ECC_DL);
You can convert the hardcoded protocol below using append_operation
#define HAB_ENG_CAAM_CMD_PROTOCOL_MPPUBK0x8614UL
#define HAB_ENG_CAAM_CMD_PROTOCOL_MPSIGN0x8615UL
> +
> + /*** MFG PubK PDB ***/
> + /* Curve */
> + *dsc++ = HAB_INSERT_BITS(HAB_ENG_CAAM_MPPUBK_CSEL_P256,
> + HAB_ENG_CAAM_MPPUBK_CSEL);
> + /* Message Pointer */
> + *dsc++ = (dma_addr_t)m;
> +
> + /* mes-resp Pointer */
> + *dsc++ = (dma_addr_t)dgst;
> +
> + /* C Pointer */
> + *dsc++ = (dma_addr_t)c;
> +
> + /* d Pointer */
> + *dsc++ = (dma_addr_t)d;
> +
> + /* Message Size */
> + *dsc++ = size;
> +
> + /* MP PubK generate key command */
> + *dsc = HAB_ENG_CAAM_CMD_PROTOCOL_MPSIGN; }
> +
> +void mfg_build_pubk_dsc(u32 *dsc_ptr, u8 *dst) {
> + u32 *dsc = dsc_ptr;
> + *dsc++ = (HAB_ENG_CAAM_CMD_JOBHDR
> + | HAB_INSERT_BITS(
> + MFG_PUBK_PDB_WORDS + 1,
> + HAB_ENG_CAAM_CMD_JOBHDR_START)
> + | MFG_PUBK_DSC_WORDS);
> +
> + /*** MFG PubK PDB ***/
> + /* Curve */
> + *dsc++ = HAB_INSERT_BITS(HAB_ENG_CAAM_MPPUBK_CSEL_P256,
> + HAB_ENG_CAAM_MPPUBK_CSEL);
> + /* Message Pointer */
> + *dsc++ = (dma_addr_t)dst;
> +
> + /* MP PubK generate key command */
> + *dsc = HAB_ENG_CAAM_CMD_PROTOCOL_MPPUBK; }
> +
> +int gen_mppubk(void)
> +{
> + int ret;
> + int size, i;
> +
> + u32 *dsc;
> + uint32_t dst_addr;
> + u8 *dst;
> +
> +
> /
>
> + * Allocation & Initialization
> +
>
> /
> + ret = 0;
> +
> + /* Memory addresses for output */
> +
Re: [U-Boot] [PATCH v3 5/7] enable chain of trust for ARM platforms
> -Original Message-
> From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com]
> Sent: Friday, January 22, 2016 4:37 PM
> To: u-boot@lists.denx.de
> Cc: york sun <york@nxp.com>; Ruchika Gupta
> <ruchika.gu...@nxp.com>; Prabhakar Kushwaha
> <prabhakar.kushw...@nxp.com>; Aneesh Bansal
> <aneesh.ban...@nxp.com>
> Subject: [PATCH v3 5/7] enable chain of trust for ARM platforms
>
> Chain of Trust is enabled for ARM platforms (LS1021 and LS1043).
> In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform
> the following:
> - If boot mode is non-secure, return (No Change)
> - If boot mode is secure, set the following environmet variables:
>bootdelay = 0 (To disable Boot Prompt)
>bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com>
> ---
> Changes in v3:
> Protect the inclusion of file fsl_validate.h with macro
> CONFIG_CHAIN_OF_TRUST
>
> Changes in v2:
> Defconfigs for Secure Boot Target are not removed.
>
> arch/arm/cpu/armv8/fsl-layerscape/soc.c | 6 ++
> board/freescale/common/Makefile | 1 +
> board/freescale/common/fsl_chain_of_trust.c | 17 +
> board/freescale/ls1021aqds/ls1021aqds.c | 4
> board/freescale/ls1021atwr/ls1021atwr.c | 4
> include/fsl_validate.h | 2 ++
> 6 files changed, 34 insertions(+)
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/soc.c
> b/arch/arm/cpu/armv8/fsl-layerscape/soc.c
> index 23d6b73..d97a445 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/soc.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/soc.c
> @@ -12,6 +12,9 @@
> #include
> #include
> #include
> +#ifdef CONFIG_CHAIN_OF_TRUST
> +#include
> +#endif
>
> DECLARE_GLOBAL_DATA_PTR;
>
> @@ -241,6 +244,9 @@ int board_late_init(void) #ifdef
> CONFIG_SCSI_AHCI_PLAT
> sata_init();
> #endif
> +#ifdef CONFIG_CHAIN_OF_TRUST
> + fsl_setenv_chain_of_trust();
> +#endif
>
> return 0;
> }
> diff --git a/board/freescale/common/Makefile
> b/board/freescale/common/Makefile index 51d2814..be114ce 100644
> --- a/board/freescale/common/Makefile
> +++ b/board/freescale/common/Makefile
> @@ -76,5 +76,6 @@ obj-$(CONFIG_LAYERSCAPE_NS_ACCESS) +=
> ns_access.o
> ifdef CONFIG_SECURE_BOOT
> obj-$(CONFIG_CMD_ESBC_VALIDATE) += fsl_validate.o cmd_esbc_validate.o
> endif
> +obj-$(CONFIG_CHAIN_OF_TRUST) += fsl_chain_of_trust.o
>
> endif
> diff --git a/board/freescale/common/fsl_chain_of_trust.c
> b/board/freescale/common/fsl_chain_of_trust.c
> index ff67bd7..ecfcc82 100644
> --- a/board/freescale/common/fsl_chain_of_trust.c
> +++ b/board/freescale/common/fsl_chain_of_trust.c
> @@ -51,3 +51,20 @@ int fsl_check_boot_mode_secure(void) #endif
> return 0;
> }
> +
> +int fsl_setenv_chain_of_trust(void)
> +{
> + /* Check Boot Mode
> + * If Boot Mode is Non-Secure, no changes are required
> + */
> + if (fsl_check_boot_mode_secure() == 0)
> + return 0;
> +
> + /* If Boot mode is Secure, set the environment variables
> + * bootdelay = 0 (To disable Boot Prompt)
> + * bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute
> Boot script)
> + */
> + setenv("bootdelay", "0");
> + setenv("bootcmd", CONFIG_CHAIN_BOOT_CMD);
> + return 0;
> +}
> diff --git a/board/freescale/ls1021aqds/ls1021aqds.c
> b/board/freescale/ls1021aqds/ls1021aqds.c
> index ca1ea61..6e82232 100644
> --- a/board/freescale/ls1021aqds/ls1021aqds.c
> +++ b/board/freescale/ls1021aqds/ls1021aqds.c
> @@ -22,6 +22,7 @@
> #include
> #include
> #include
> +#include
>
> #include "../common/sleep.h"
> #include "../common/qixis.h"
> @@ -369,6 +370,9 @@ int board_late_init(void) #ifdef
> CONFIG_SCSI_AHCI_PLAT
> ls1021a_sata_init();
> #endif
> +#ifdef CONFIG_CHAIN_OF_TRUST
> + fsl_setenv_chain_of_trust();
> +#endif
>
> return 0;
> }
> diff --git a/board/freescale/ls1021atwr/ls1021atwr.c
> b/board/freescale/ls1021atwr/ls1021atwr.c
> index ae62bca..054cc3d 100644
> --- a/board/freescale/ls1021atwr/ls1021atwr.c
> +++ b/board/freescale/ls1021atwr/ls1021atwr.c
> @@ -30,6 +30,7 @@
> #ifdef CONFIG_U_QE
> #include "../../../drivers/qe/qe.h"
> #endif
> +#include
>
>
> DECLARE_GLOBAL_DATA_PTR;
> @@ -553,6 +554,9 @@ int board_late_init(void) #ifdef
> CONFIG_SCSI_AHCI_PLAT
> ls1021a_sata_init();
> #endif
> +#ifdef CONFIG_CHAIN_OF_TRUST
> + fsl_setenv_chain_of_trust();
> +#endif
&
Re: [U-Boot] [PATCH v3 1/7] include/configs: make secure boot header file include uniform
> -Original Message- > From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com] > Sent: Friday, January 22, 2016 4:37 PM > To: u-boot@lists.denx.de > Cc: york sun <york@nxp.com>; Ruchika Gupta > <ruchika.gu...@nxp.com>; Prabhakar Kushwaha > <prabhakar.kushw...@nxp.com>; Aneesh Bansal > <aneesh.ban...@nxp.com> > Subject: [PATCH v3 1/7] include/configs: make secure boot header file > include uniform > > The file fsl_secure_boot.h must be included in config file for Secure Boot. > This is not required to be protected by any macro. > CONFIG_FSL_CAAM must be defined and CONFIG_CMD_HASH should be > turned on. > The above was missing in some config files and all files have been made > uniform in this respect. > > Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com> > --- > Changes in v3: > None > > Changes in v2: > None (Changed the Sign-Off with New E-Mail ID) > > arch/arm/include/asm/fsl_secure_boot.h | 5 + > include/configs/C29XPCIE.h | 4 > include/configs/T102xQDS.h | 12 +++- > include/configs/T102xRDB.h | 12 +++- > include/configs/T1040QDS.h | 3 ++- > include/configs/T104xRDB.h | 3 ++- > include/configs/T208xQDS.h | 3 ++- > include/configs/T208xRDB.h | 3 ++- > include/configs/ls1021aqds.h | 5 - > include/configs/ls1021atwr.h | 5 - > include/configs/ls1043a_common.h | 8 > include/configs/ls1043aqds.h | 2 ++ > include/configs/ls1043ardb.h | 8 > 13 files changed, 57 insertions(+), 16 deletions(-) > > diff --git a/arch/arm/include/asm/fsl_secure_boot.h > b/arch/arm/include/asm/fsl_secure_boot.h > index 806302b..b29e71c 100644 > --- a/arch/arm/include/asm/fsl_secure_boot.h > +++ b/arch/arm/include/asm/fsl_secure_boot.h > @@ -34,6 +34,11 @@ > #define CONFIG_FSL_ISBC_KEY_EXT > #endif > > +#ifdef CONFIG_LS1043A > +/* For LS1043 (ARMv8), ESBC image Address in Header is 64 bit */ > +#define CONFIG_ESBC_ADDR_64BIT #endif > + > #ifndef CONFIG_FIT_SIGNATURE > > #define CONFIG_EXTRA_ENV \ > diff --git a/include/configs/C29XPCIE.h b/include/configs/C29XPCIE.h index > 16920c6..890dcbb 100644 > --- a/include/configs/C29XPCIE.h > +++ b/include/configs/C29XPCIE.h > @@ -567,4 +567,8 @@ > > #include > > +#ifdef CONFIG_SECURE_BOOT > +#define CONFIG_CMD_BLOB > +#endif > + > #endif /* __CONFIG_H */ > diff --git a/include/configs/T102xQDS.h b/include/configs/T102xQDS.h index > 951cbc4..fb41a7d 100644 > --- a/include/configs/T102xQDS.h > +++ b/include/configs/T102xQDS.h > @@ -39,6 +39,8 @@ > #define CONFIG_BOARD_EARLY_INIT_F > #endif > > +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ > + > #ifdef CONFIG_RAMBOOT_PBL > #define CONFIG_SYS_FSL_PBL_PBI board/freescale/t102xqds/t1024_pbi.cfg > #define CONFIG_SYS_FSL_PBL_RCW > board/freescale/t102xqds/t1024_rcw.cfg > @@ -936,8 +938,16 @@ unsigned long get_board_ddr_clk(void); > > #define CONFIG_BOOTCOMMAND CONFIG_LINUX > > -#ifdef CONFIG_SECURE_BOOT > +/* Hash command with SHA acceleration supported in hardware */ #ifdef > +CONFIG_FSL_CAAM #define CONFIG_CMD_HASH #define > CONFIG_SHA_HW_ACCEL > +#endif > + > #include > + > +#ifdef CONFIG_SECURE_BOOT > +#define CONFIG_CMD_BLOB > #endif > > #endif /* __T1024QDS_H */ > diff --git a/include/configs/T102xRDB.h b/include/configs/T102xRDB.h index > 4a0f5b2..113df37 100644 > --- a/include/configs/T102xRDB.h > +++ b/include/configs/T102xRDB.h > @@ -33,6 +33,8 @@ > #define CONFIG_FSL_LAW /* Use common FSL init code > */ > #define CONFIG_ENV_OVERWRITE > > +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ > + > /* support deep sleep */ > #ifdef CONFIG_PPC_T1024 > #define CONFIG_DEEP_SLEEP > @@ -948,8 +950,16 @@ unsigned long get_board_ddr_clk(void); > > #define CONFIG_BOOTCOMMAND CONFIG_LINUX > > -#ifdef CONFIG_SECURE_BOOT > +/* Hash command with SHA acceleration supported in hardware */ #ifdef > +CONFIG_FSL_CAAM #define CONFIG_CMD_HASH #define > CONFIG_SHA_HW_ACCEL > +#endif > + > #include > + > +#ifdef CONFIG_SECURE_BOOT > +#define CONFIG_CMD_BLOB > #endif > > #endif /* __T1024RDB_H */ > diff --git a/include/configs/T1040QDS.h b/include/configs/T1040QDS.h index > 9e151da..5fd93a1 100644 > --- a/include/configs/T1040QDS.h > +++ b/include/configs/T1040QDS.h > @@ -835,8 +835,9 @@ unsigned long get_board_ddr_clk(void); > > #define CONFIG_BOOTCOMMAND CONFIG_LINUX > &
Re: [U-Boot] [PATCH v3 2/7] include/configs: move definition of CONFIG_CMD_BLOB
> -Original Message- > From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com] > Sent: Friday, January 22, 2016 4:37 PM > To: u-boot@lists.denx.de > Cc: york sun <york@nxp.com>; Ruchika Gupta > <ruchika.gu...@nxp.com>; Prabhakar Kushwaha > <prabhakar.kushw...@nxp.com>; Aneesh Bansal > <aneesh.ban...@nxp.com> > Subject: [PATCH v3 2/7] include/configs: move definition of > CONFIG_CMD_BLOB > > CONFIG_CMD_BLOB must be defined in case of Secure Boot. > It was earlier defined in all config files. The definition has been moved to a > common file which is included by all configs. > > Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com> > --- > Changes in v3: > None > > Changes in v2: > None (Changed the Sign-Off with New E-Mail ID) > > arch/arm/include/asm/fsl_secure_boot.h | 1 + > arch/powerpc/include/asm/fsl_secure_boot.h | 1 + > include/configs/B4860QDS.h | 4 > include/configs/BSC9132QDS.h | 4 > include/configs/C29XPCIE.h | 4 > include/configs/P1010RDB.h | 4 > include/configs/P2041RDB.h | 4 > include/configs/T102xQDS.h | 4 > include/configs/T102xRDB.h | 4 > include/configs/T1040QDS.h | 4 > include/configs/T104xRDB.h | 4 > include/configs/T208xQDS.h | 5 - > include/configs/T208xRDB.h | 5 - > include/configs/T4240QDS.h | 4 > include/configs/T4240RDB.h | 9 - > include/configs/corenet_ds.h | 4 > include/configs/ls1021aqds.h | 4 > include/configs/ls1021atwr.h | 4 > 18 files changed, 2 insertions(+), 71 deletions(-) > > diff --git a/arch/arm/include/asm/fsl_secure_boot.h > b/arch/arm/include/asm/fsl_secure_boot.h > index b29e71c..8491a72 100644 > --- a/arch/arm/include/asm/fsl_secure_boot.h > +++ b/arch/arm/include/asm/fsl_secure_boot.h > @@ -9,6 +9,7 @@ > > #ifdef CONFIG_SECURE_BOOT > #define CONFIG_CMD_ESBC_VALIDATE > +#define CONFIG_CMD_BLOB > #define CONFIG_FSL_SEC_MON > #define CONFIG_SHA_PROG_HW_ACCEL > #define CONFIG_RSA > diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h > b/arch/powerpc/include/asm/fsl_secure_boot.h > index 87415b1..7d217a6 100644 > --- a/arch/powerpc/include/asm/fsl_secure_boot.h > +++ b/arch/powerpc/include/asm/fsl_secure_boot.h > @@ -10,6 +10,7 @@ > > #ifdef CONFIG_SECURE_BOOT > #define CONFIG_CMD_ESBC_VALIDATE > +#define CONFIG_CMD_BLOB > #define CONFIG_FSL_SEC_MON > #define CONFIG_SHA_PROG_HW_ACCEL > #define CONFIG_DM > diff --git a/include/configs/B4860QDS.h b/include/configs/B4860QDS.h index > 9fb5cee..bcbae50 100644 > --- a/include/configs/B4860QDS.h > +++ b/include/configs/B4860QDS.h > @@ -924,8 +924,4 @@ unsigned long get_board_ddr_clk(void); > > #include > > -#ifdef CONFIG_SECURE_BOOT > -#define CONFIG_CMD_BLOB > -#endif > - > #endif /* __CONFIG_H */ > diff --git a/include/configs/BSC9132QDS.h b/include/configs/BSC9132QDS.h > index d0e5a25..89907dc 100644 > --- a/include/configs/BSC9132QDS.h > +++ b/include/configs/BSC9132QDS.h > @@ -722,8 +722,4 @@ combinations. this should be removed later > > #include > > -#ifdef CONFIG_SECURE_BOOT > -#define CONFIG_CMD_BLOB > -#endif > - > #endif /* __CONFIG_H */ > diff --git a/include/configs/C29XPCIE.h b/include/configs/C29XPCIE.h index > 890dcbb..16920c6 100644 > --- a/include/configs/C29XPCIE.h > +++ b/include/configs/C29XPCIE.h > @@ -567,8 +567,4 @@ > > #include > > -#ifdef CONFIG_SECURE_BOOT > -#define CONFIG_CMD_BLOB > -#endif > - > #endif /* __CONFIG_H */ > diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h index > f9776c0..3c0faca 100644 > --- a/include/configs/P1010RDB.h > +++ b/include/configs/P1010RDB.h > @@ -952,8 +952,4 @@ extern unsigned long get_sdram_size(void); > > #include > > -#ifdef CONFIG_SECURE_BOOT > -#define CONFIG_CMD_BLOB > -#endif > - > #endif /* __CONFIG_H */ > diff --git a/include/configs/P2041RDB.h b/include/configs/P2041RDB.h index > b2e51b5..f250e7f 100644 > --- a/include/configs/P2041RDB.h > +++ b/include/configs/P2041RDB.h > @@ -756,8 +756,4 @@ unsigned long get_board_sys_clk(unsigned long > dummy); > > #include > > -#ifdef CONFIG_SECURE_BOOT > -#define CONFIG_CMD_BLOB > -#endif > - > #endif /* __CONFIG_H */ > diff --git a/include/configs/T102xQDS.h b/include/configs/T102xQDS.h index > fb41a7d..e5df784 100644 > --- a/includ
Re: [U-Boot] [PATCH v3 7/7] SECURE_BOOT: change error handler for esbc_validate
> -Original Message-
> From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com]
> Sent: Friday, January 22, 2016 4:37 PM
> To: u-boot@lists.denx.de
> Cc: york sun <york@nxp.com>; Ruchika Gupta
> <ruchika.gu...@nxp.com>; Prabhakar Kushwaha
> <prabhakar.kushw...@nxp.com>; Aneesh Bansal
> <aneesh.ban...@nxp.com>
> Subject: [PATCH v3 7/7] SECURE_BOOT: change error handler for
> esbc_validate
>
> In case of error while executing esbc_validate command, SNVS transition and
> issue of reset is required only for secure-boot.
> If boot mode is non-secure, this is not required.
>
> Similarly, esbc_halt command which puts the core in Spin Loop is applicable
> only for Secure Boot.
>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com>
> ---
> Changes in v3:
> None
>
> Changes in v2:
> None (Changed the Sign-Off with New E-Mail ID)
>
> board/freescale/common/cmd_esbc_validate.c | 7 ++-
> board/freescale/common/fsl_validate.c | 7 +++
> 2 files changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/board/freescale/common/cmd_esbc_validate.c
> b/board/freescale/common/cmd_esbc_validate.c
> index ca7c737..dfa3e21 100644
> --- a/board/freescale/common/cmd_esbc_validate.c
> +++ b/board/freescale/common/cmd_esbc_validate.c
> @@ -11,6 +11,11 @@
> static int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
> char * const argv[])
> {
> + if (fsl_check_boot_mode_secure() == 0) {
> + printf("Boot Mode is Non-Secure. Not entering spin
> loop.\n");
> + return 0;
> + }
> +
> printf("Core is entering spin loop.\n");
> loop:
> goto loop;
> @@ -64,6 +69,6 @@ U_BOOT_CMD(
>
> U_BOOT_CMD(
> esbc_halt, 1, 0, do_esbc_halt,
> - "Put the core in spin loop ",
> + "Put the core in spin loop (Secure Boot Only)",
> ""
> );
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index de40081..8fd6dd6 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -370,6 +370,13 @@ void fsl_secboot_handle_error(int error)
> printf("ERROR :: %x :: %s\n", error, e->name);
> }
>
> + /* If Boot Mode is secure, transition the SNVS state and issue
> + * reset based on type of failure and ITS setting.
> + * If Boot mode is non-secure, return from this function.
> + */
> + if (fsl_check_boot_mode_secure() == 0)
> + return;
> +
> switch (error) {
> case ERROR_ESBC_CLIENT_HEADER_BARKER:
> case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
> --
> 1.8.1.4
Acked-by: Ruchika Gupta <ruchika.gu...@nxp.com>
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH v3 3/7] SECURE_BOOT: split the secure boot functionality in two parts
> -Original Message- > From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com] > Sent: Friday, January 22, 2016 4:37 PM > To: u-boot@lists.denx.de > Cc: york sun <york@nxp.com>; Ruchika Gupta > <ruchika.gu...@nxp.com>; Prabhakar Kushwaha > <prabhakar.kushw...@nxp.com>; Aneesh Bansal > <aneesh.ban...@nxp.com> > Subject: [PATCH v3 3/7] SECURE_BOOT: split the secure boot functionality in > two parts > > There are two phases in Secure Boot > 1. ISBC: In BootROM, validate the BootLoader (U-Boot). > 2. ESBC: In U-Boot, continuing the Chain of Trust by > validating and booting LINUX. > > For ESBC phase, there is no difference in SoC's based on ARM or PowerPC > cores. > > But the exit conditions after ISBC phase i.e. entry conditions for U-Boot are > different for ARM and PowerPC. > PowerPC: > > If Secure Boot is executed, a separate U-Boot target is required which must > be compiled with a diffrent Text Base as compared to Non-Secure Boot. > There are some LAW and TLB settings which are required specifically for > Secure Boot scenario. > > ARM: > > ARM based SoC's have a fixed memory map and exit conditions from > BootROM are same irrespective of boot mode (Secure or Non-Secure). > > Thus the current Secure Boot functionlity has been split into two parts: > > CONFIG_CHAIN_OF_TRUST > > This will have the following functionality as part of U-Boot: > 1. Enable commands like esbc_validate, esbc_halt 2. Change the > environment settings based on bootmode (determined at run time): > - If bootmode is non-secure, no change > - If bootmode is secure, set the following: > - bootdelay = 0 (Don't give boot prompt) > - bootcmd = Validate and execute the bootscript. > > CONFIG_SECURE_BOOT > = > This is defined only for creating a different compile time target for secure > boot. > > Traditionally, both these functionalities were defined under > CONFIG_SECURE_BOOT This patch is aimed at removing the requirement for > a separate Secure Boot target for ARM based SoC's. > CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be determine > at run time. > > Another Security Requirement for running CHAIN_OF_TRUST is that U-Boot > environemnt must not be picked from flash/external memory. This cannot > be done based on bootmode at run time in current U-Boot architecture. > Once this dependency is resolved, no separate SECURE_BOOT target will be > required for ARM based SoC's. > > Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is > defining CONFIG_ENV_IS_NOWHERE > > Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com> > --- > Changes in v3: > None > > Changes in v2: > CONFIG_ENV_IS_NOWHERE is defined for Secure Boot > > arch/arm/include/asm/fsl_secure_boot.h | 16 ++-- > arch/powerpc/include/asm/fsl_secure_boot.h | 41 +- > include/config_fsl_chain_trust.h | 101 + > include/config_fsl_secboot.h | 116 > - > 4 files changed, 135 insertions(+), 139 deletions(-) create mode 100644 > include/config_fsl_chain_trust.h delete mode 100644 > include/config_fsl_secboot.h > > diff --git a/arch/arm/include/asm/fsl_secure_boot.h > b/arch/arm/include/asm/fsl_secure_boot.h > index 8491a72..0da0599 100644 > --- a/arch/arm/include/asm/fsl_secure_boot.h > +++ b/arch/arm/include/asm/fsl_secure_boot.h > @@ -8,6 +8,14 @@ > #define __FSL_SECURE_BOOT_H > > #ifdef CONFIG_SECURE_BOOT > + > +#ifndef CONFIG_FIT_SIGNATURE > +#define CONFIG_CHAIN_OF_TRUST > +#endif > + > +#endif > + > +#ifdef CONFIG_CHAIN_OF_TRUST > #define CONFIG_CMD_ESBC_VALIDATE > #define CONFIG_CMD_BLOB > #define CONFIG_FSL_SEC_MON > @@ -40,8 +48,6 @@ > #define CONFIG_ESBC_ADDR_64BIT > #endif > > -#ifndef CONFIG_FIT_SIGNATURE > - > #define CONFIG_EXTRA_ENV \ > "setenv fdt_high 0xcfff;" \ > "setenv initrd_high 0xcfff;"\ > @@ -50,8 +56,6 @@ > /* The address needs to be modified according to NOR memory map */ > #define CONFIG_BOOTSCRIPT_HDR_ADDR 0x600a > > -#include > -#endif > -#endif > - > +#include > +#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */ > #endif > diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h > b/arch/powerpc/include/asm/fsl_secure_boot.h > index 7d217a6..41058d1 100644 > --- a/arch/powerpc/include/asm/fsl_secure_boot.h > +++ b/arch/powerpc/include/asm/fsl_secure_boot.h > @@ -9,19 +9,11 @@ > #include > > #ifdef CONFIG_SECURE_BOOT > -#defi
Re: [U-Boot] [PATCH v3 6/7] enable chain of trust for PowerPC platforms
> -Original Message-
> From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com]
> Sent: Friday, January 22, 2016 4:37 PM
> To: u-boot@lists.denx.de
> Cc: york sun <york@nxp.com>; Ruchika Gupta
> <ruchika.gu...@nxp.com>; Prabhakar Kushwaha
> <prabhakar.kushw...@nxp.com>; Aneesh Bansal
> <aneesh.ban...@nxp.com>
> Subject: [PATCH v3 6/7] enable chain of trust for PowerPC platforms
>
> Chain of Trust is enabled for PowerPC platforms for Secure Boot.
> CONFIG_BOARD_LATE_INIT is defined.
> In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform
> the following:
> - If boot mode is non-secure, return (No Change)
> - If boot mode is secure, set the following environmet variables:
>bootdelay = 0 (To disable Boot Prompt)
>bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com>
> ---
> Changes in v3:
> Protect the inclusion of file fsl_validate.h with macro
> CONFIG_CHAIN_OF_TRUST
>
> Changes in v2:
> None (Changed the Sign-Off with New E-Mail ID)
>
> arch/powerpc/cpu/mpc85xx/cpu_init.c| 14 ++
> arch/powerpc/include/asm/fsl_secure_boot.h | 7 +++
> 2 files changed, 21 insertions(+)
>
> diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c
> b/arch/powerpc/cpu/mpc85xx/cpu_init.c
> index 50bb86a..a4dc140 100644
> --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c
> +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c
> @@ -27,6 +27,9 @@
> #include
> #include
> #include "mp.h"
> +#ifdef CONFIG_CHAIN_OF_TRUST
> +#include
> +#endif
> #ifdef CONFIG_FSL_CAAM
> #include
> #endif
> @@ -1011,3 +1014,14 @@ void cpu_secondary_init_r(void)
> qe_reset();
> #endif
> }
> +
> +#ifdef CONFIG_BOARD_LATE_INIT
> +int board_late_init(void)
> +{
> +#ifdef CONFIG_CHAIN_OF_TRUST
> + fsl_setenv_chain_of_trust();
> +#endif
> +
> + return 0;
> +}
> +#endif
> diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h
> b/arch/powerpc/include/asm/fsl_secure_boot.h
> index 41058d1..c45cace 100644
> --- a/arch/powerpc/include/asm/fsl_secure_boot.h
> +++ b/arch/powerpc/include/asm/fsl_secure_boot.h
> @@ -87,6 +87,13 @@
> #define CONFIG_FSL_CAAM
> #endif
>
> +/* fsl_setenv_chain_of_trust() must be called from
> + * board_late_init()
> + */
> +#ifndef CONFIG_BOARD_LATE_INIT
> +#define CONFIG_BOARD_LATE_INIT
> +#endif
> +
> /* If Boot Script is not on NOR and is required to be copied on RAM */
> #ifdef
> CONFIG_BOOTSCRIPT_COPY_RAM
> #define CONFIG_BS_HDR_ADDR_RAM 0x0001
> --
> 1.8.1.4
Acked-by: Ruchika Gupta <ruchika.gu...@nxp.com>
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH v3 4/7] create function to determine boot mode
> -Original Message-
> From: Aneesh Bansal [mailto:aneesh.ban...@nxp.com]
> Sent: Friday, January 22, 2016 4:37 PM
> To: u-boot@lists.denx.de
> Cc: york sun <york@nxp.com>; Ruchika Gupta
> <ruchika.gu...@nxp.com>; Prabhakar Kushwaha
> <prabhakar.kushw...@nxp.com>; Aneesh Bansal
> <aneesh.ban...@nxp.com>
> Subject: [PATCH v3 4/7] create function to determine boot mode
>
> A function is created to detrmine if the boot mode is secure or non-secure
> for differnt SoC's.
>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@nxp.com>
> ---
> Changes in v3:
> None
>
> Changes in v2:
> Corrected the macro for SB_EN bit in RCW.
>
> .../include/asm/arch-fsl-layerscape/immap_lsch2.h | 3 ++
> arch/arm/include/asm/arch-ls102xa/immap_ls102xa.h | 2 +
> arch/powerpc/include/asm/immap_85xx.h | 3 ++
> board/freescale/common/fsl_chain_of_trust.c| 53
> ++
> 4 files changed, 61 insertions(+)
> create mode 100644 board/freescale/common/fsl_chain_of_trust.c
>
> diff --git a/arch/arm/include/asm/arch-fsl-layerscape/immap_lsch2.h
> b/arch/arm/include/asm/arch-fsl-layerscape/immap_lsch2.h
> index 21b803f..297ff35 100644
> --- a/arch/arm/include/asm/arch-fsl-layerscape/immap_lsch2.h
> +++ b/arch/arm/include/asm/arch-fsl-layerscape/immap_lsch2.h
> @@ -218,6 +218,9 @@ struct ccsr_gur {
> #define FSL_CHASSIS2_RCWSR0_MEM_PLL_RAT_MASK 0x3f
> #define FSL_CHASSIS2_RCWSR4_SRDS1_PRTCL_MASK 0x
> #define FSL_CHASSIS2_RCWSR4_SRDS1_PRTCL_SHIFT16
> +#define RCW_SB_EN_REG_INDEX 7
> +#define RCW_SB_EN_MASK 0x0020
> +
> u8 res_140[0x200-0x140];
> u32 scratchrw[4]; /* Scratch Read/Write */
> u8 res_210[0x300-0x210];
> diff --git a/arch/arm/include/asm/arch-ls102xa/immap_ls102xa.h
> b/arch/arm/include/asm/arch-ls102xa/immap_ls102xa.h
> index 89339fe..0a80772 100644
> --- a/arch/arm/include/asm/arch-ls102xa/immap_ls102xa.h
> +++ b/arch/arm/include/asm/arch-ls102xa/immap_ls102xa.h
> @@ -120,6 +120,8 @@ struct ccsr_gur {
> u32 brrl; /* Boot release */
> u8 res_0e8[0x100-0xe8];
> u32 rcwsr[16]; /* Reset control word status */
> +#define RCW_SB_EN_REG_INDEX 7
> +#define RCW_SB_EN_MASK 0x0020
> u8 res_140[0x200-0x140];
> u32 scratchrw[4]; /* Scratch Read/Write */
> u8 res_210[0x300-0x210];
> diff --git a/arch/powerpc/include/asm/immap_85xx.h
> b/arch/powerpc/include/asm/immap_85xx.h
> index bc7e5f8..53ca6d9 100644
> --- a/arch/powerpc/include/asm/immap_85xx.h
> +++ b/arch/powerpc/include/asm/immap_85xx.h
> @@ -1749,6 +1749,8 @@ typedef struct ccsr_gur {
> u32 brrl; /* Boot release */
> u8 res17[24];
> u32 rcwsr[16]; /* Reset control word status */
> +#define RCW_SB_EN_REG_INDEX 7
> +#define RCW_SB_EN_MASK 0x0020
>
> #ifdef CONFIG_SYS_FSL_QORIQ_CHASSIS2
> #define FSL_CORENET_RCWSR0_MEM_PLL_RAT_SHIFT 16
> @@ -2193,6 +2195,7 @@ typedef struct ccsr_gur {
> #define MPC85xx_PORDEVSR2_DDR_SPD_0 0x0008
> #define MPC85xx_PORDEVSR2_DDR_SPD_0_SHIFT3
> #endif
> +#define MPC85xx_PORDEVSR2_SBC_MASK 0x1000
> /* The 8544 RM says this is bit 26, but it's really bit 24 */
> #define MPC85xx_PORDEVSR2_SEC_CFG0x0080
> u8 res1[8];
> diff --git a/board/freescale/common/fsl_chain_of_trust.c
> b/board/freescale/common/fsl_chain_of_trust.c
> new file mode 100644
> index 000..ff67bd7
> --- /dev/null
> +++ b/board/freescale/common/fsl_chain_of_trust.c
> @@ -0,0 +1,53 @@
> +/*
> + * Copyright 2015 Freescale Semiconductor, Inc.
> + *
> + * SPDX-License-Identifier: GPL-2.0+
> + */
> +
> +#include
> +#include
> +#include
> +
> +#ifdef CONFIG_LS102XA
> +#include
> +#endif
> +
> +#if defined(CONFIG_MPC85xx)
> +#define CONFIG_DCFG_ADDR CONFIG_SYS_MPC85xx_GUTS_ADDR
> +#else
> +#define CONFIG_DCFG_ADDR CONFIG_SYS_FSL_GUTS_ADDR
> +#endif
> +
> +#ifdef CONFIG_SYS_FSL_CCSR_GUR_LE
> +#define gur_in32(a) in_le32(a)
> +#else
> +#define gur_in32(a) in_be32(a)
> +#endif
> +
> +/* Check the Boot Mode. If Secure, return 1 else return 0 */ int
> +fsl_check_boot_mode_secure(void) {
> + uint32_t val;
> + struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
> + struct ccsr_gur __iomem *gur = (void *)(CONFIG_DCFG_ADDR);
> +
> + val = sfp_in32(_regs->ospr) & ITS_MASK;
> + if (val == ITS_MASK)
> + return 1;
> +
> +#if defined(CONFIG_FSL_CORENET) || !defined(CONFIG_MPC85xx)
> + /* For PBL bas
[U-Boot] [PATCH] drivers/crypto/fsl : Allocate output ring with size aligned to CACHELNE SIZE
From: Ruchika Gupta <ruchika.gu...@freescale.com>
The output ring needs to be invalidated before enqueuing the job to SEC.
While allocation of space to output ring, it should be taken care that the
size is cacheline size aligned inorder to prevent invalidating valid data.
The patch also correct the method of aligning end of structs while flushing
caches
Since start = align(start_of_struct), it is incorrect to assign
end = align(start + struct_size). It should instead be,
end = align(start_of_struct + struct_size).
Signed-off-by: Saksham Jain <saks...@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gu...@nxp.com>
---
drivers/crypto/fsl/jr.c | 28
drivers/crypto/fsl/jr.h | 2 ++
2 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c
index b553e3c..4566ec3 100644
--- a/drivers/crypto/fsl/jr.c
+++ b/drivers/crypto/fsl/jr.c
@@ -95,14 +95,16 @@ static int jr_init(void)
JR_SIZE * sizeof(dma_addr_t));
if (!jr.input_ring)
return -1;
+
+ jr.op_size = roundup(JR_SIZE * sizeof(struct op_ring),
+ARCH_DMA_MINALIGN);
jr.output_ring =
- (struct op_ring *)memalign(ARCH_DMA_MINALIGN,
- JR_SIZE * sizeof(struct op_ring));
+ (struct op_ring *)memalign(ARCH_DMA_MINALIGN, jr.op_size);
if (!jr.output_ring)
return -1;
memset(jr.input_ring, 0, JR_SIZE * sizeof(dma_addr_t));
- memset(jr.output_ring, 0, JR_SIZE * sizeof(struct op_ring));
+ memset(jr.output_ring, 0, jr.op_size);
start_jr0();
@@ -190,8 +192,8 @@ static int jr_enqueue(uint32_t *desc_addr,
unsigned long start = (unsigned long)[head] &
~(ARCH_DMA_MINALIGN - 1);
- unsigned long end = ALIGN(start + sizeof(struct jr_info),
- ARCH_DMA_MINALIGN);
+ unsigned long end = ALIGN((unsigned long)[head] +
+ sizeof(struct jr_info), ARCH_DMA_MINALIGN);
flush_dcache_range(start, end);
#ifdef CONFIG_PHYS_64BIT
@@ -216,11 +218,19 @@ static int jr_enqueue(uint32_t *desc_addr,
#endif /* ifdef CONFIG_PHYS_64BIT */
start = (unsigned long)_ring[head] & ~(ARCH_DMA_MINALIGN - 1);
- end = ALIGN(start + sizeof(phys_addr_t), ARCH_DMA_MINALIGN);
+ end = ALIGN((unsigned long)_ring[head] +
+sizeof(dma_addr_t), ARCH_DMA_MINALIGN);
flush_dcache_range(start, end);
jr.head = (head + 1) & (jr.size - 1);
+ /* Invalidate output ring */
+ start = (unsigned long)jr.output_ring &
+ ~(ARCH_DMA_MINALIGN - 1);
+ end = ALIGN((unsigned long)jr.output_ring + jr.op_size,
+ARCH_DMA_MINALIGN);
+ invalidate_dcache_range(start, end);
+
sec_out32(>irja, 1);
return 0;
@@ -241,12 +251,6 @@ static int jr_dequeue(void)
#endif
while (sec_in32(>orsf) && CIRC_CNT(jr.head, jr.tail, jr.size)) {
- unsigned long start = (unsigned long)jr.output_ring &
- ~(ARCH_DMA_MINALIGN - 1);
- unsigned long end = ALIGN(start +
- sizeof(struct op_ring)*JR_SIZE,
- ARCH_DMA_MINALIGN);
- invalidate_dcache_range(start, end);
found = 0;
diff --git a/drivers/crypto/fsl/jr.h b/drivers/crypto/fsl/jr.h
index 5899696..545d964 100644
--- a/drivers/crypto/fsl/jr.h
+++ b/drivers/crypto/fsl/jr.h
@@ -72,6 +72,8 @@ struct jobring {
int write_idx;
/* Size of the rings. */
int size;
+ /* Op ring size aligned to cache line size */
+ int op_size;
/* The ip and output rings have to be accessed by SEC. So the
* pointers will ahve to point to the housekeeping region provided
* by SEC
--
1.8.1.4
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 3/4] SECURE BOOT: separate function created for signature
> -Original Message-
> From: Aneesh Bansal
> Sent: Tuesday, December 08, 2015 2:14 PM
> To: u-boot@lists.denx.de
> Cc: Yusong Sun <york...@freescale.com>; Ruchika Gupta
> <ruchika.gu...@freescale.com>; Prabhakar Kushwaha
> <prabha...@freescale.com>; Aneesh Bansal
> <aneesh.ban...@freescale.com>; Saksham Jain <saks...@freescale.com>
> Subject: [PATCH 3/4] SECURE BOOT: separate function created for signature
>
> The code for image hash calculation, hash calculation from RSA signature and
> comparison of hashes has been mobed to a separate function.
>
> Signed-off-by: Saksham Jain <saks...@freescale.com>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@freescale.com>
> ---
> board/freescale/common/fsl_validate.c | 98 +++---
> -
> 1 file changed, 54 insertions(+), 44 deletions(-)
>
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index ef7a5ae..08a2f79 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -721,6 +721,58 @@ static inline int str2longbe(const char *p, ulong
> *num)
>
> return *p != '\0' && *endptr == '\0';
> }
> +/* Function to calculate the ESBC Image Hash
> + * and hash from Digital signature.
> + * The Two hash's are compared to yield the
> + * result of signature validation.
> + */
> +static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img) {
> + int ret;
> + uint32_t key_len;
> + struct key_prop prop;
> +#if !defined(USE_HOSTCC)
> + struct udevice *mod_exp_dev;
> +#endif
> + ret = calc_esbchdr_esbc_hash(img);
> + if (ret)
> + return ret;
> +
> + /* Construct encoded hash EM' wrt PKCSv1.5 */
> + construct_img_encoded_hash_second(img);
> +
> + /* Fill prop structure for public key */
> + memset(, 0, sizeof(struct key_prop));
> + key_len = get_key_len(img) / 2;
> + prop.modulus = img->img_key;
> + prop.public_exponent = img->img_key + key_len;
> + prop.num_bits = key_len * 8;
> + prop.exp_len = key_len;
> +
> + ret = uclass_get_device(UCLASS_MOD_EXP, 0, _exp_dev);
> + if (ret) {
> + printf("RSA: Can't find Modular Exp implementation\n");
> + return -EINVAL;
> + }
> +
> + ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
> + , img->img_encoded_hash);
> + if (ret)
> + return ret;
> +
> + /*
> + * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
> + * memcmp returns zero on success
> + * memcmp returns non-zero on failure
> + */
> + ret = memcmp(>img_encoded_hash_second,
> >img_encoded_hash,
> + img->hdr.sign_len);
> +
> + if (ret)
> + return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
> +
> + return 0;
> +}
>
> int fsl_secboot_validate(ulong haddr, char *arg_hash_str) { @@ -732,11
> +784,6 @@ int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
> void *esbc;
> int ret, i, hash_cmd = 0;
> u32 srk_hash[8];
> - uint32_t key_len;
> - struct key_prop prop;
> -#if !defined(USE_HOSTCC)
> - struct udevice *mod_exp_dev;
> -#endif
>
> if (arg_hash_str != NULL) {
> const char *cp = arg_hash_str;
> @@ -821,46 +868,9 @@ int fsl_secboot_validate(ulong haddr, char
> *arg_hash_str)
> goto exit;
> }
>
> - ret = calc_esbchdr_esbc_hash(img);
> - if (ret) {
> - fsl_secblk_handle_error(ret);
> - goto exit;
> - }
> -
> - /* Construct encoded hash EM' wrt PKCSv1.5 */
> - construct_img_encoded_hash_second(img);
> -
> - /* Fill prop structure for public key */
> - memset(, 0, sizeof(struct key_prop));
> - key_len = get_key_len(img) / 2;
> - prop.modulus = img->img_key;
> - prop.public_exponent = img->img_key + key_len;
> - prop.num_bits = key_len * 8;
> - prop.exp_len = key_len;
> -
> - ret = uclass_get_device(UCLASS_MOD_EXP, 0, _exp_dev);
> - if (ret) {
> - printf("RSA: Can't find Modular Exp implementation\n");
> - return -EINVAL;
> - }
> -
> - ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
> - , img->img_encoded_hash);
> - if (ret) {
> - fsl_secblk_handle_error(ret);
> - goto exit;
> - }
> -
> - /*
> - * compare the encoded messages EM' and EM wrt
Re: [U-Boot] [PATCH 1/4] SECURE BOOT: change prototype of fsl_secboot_validate function
> -Original Message-
> From: Aneesh Bansal
> Sent: Tuesday, December 08, 2015 2:14 PM
> To: u-boot@lists.denx.de
> Cc: Yusong Sun <york...@freescale.com>; Ruchika Gupta
> <ruchika.gu...@freescale.com>; Prabhakar Kushwaha
> <prabha...@freescale.com>; Aneesh Bansal
> <aneesh.ban...@freescale.com>; Saksham Jain <saks...@freescale.com>
> Subject: [PATCH 1/4] SECURE BOOT: change prototype of
> fsl_secboot_validate function
>
> The prototype and defination of function fsl_secboot_validate has been
> changed to support calling this function from another function within u-boot.
> Only two aruments needed:
> 1) header address - Mandatory
> 2) SHA256 string - optional
>
> Signed-off-by: Saksham Jain <saks...@freescale.com>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@freescale.com>
> ---
> board/freescale/common/cmd_esbc_validate.c | 17 -
> board/freescale/common/fsl_validate.c | 18 +++---
> include/fsl_validate.h | 5 ++---
> 3 files changed, 25 insertions(+), 15 deletions(-)
>
> diff --git a/board/freescale/common/cmd_esbc_validate.c
> b/board/freescale/common/cmd_esbc_validate.c
> index 8bbe85b..ae6a9af 100644
> --- a/board/freescale/common/cmd_esbc_validate.c
> +++ b/board/freescale/common/cmd_esbc_validate.c
> @@ -21,10 +21,25 @@ loop:
> static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc,
> char * const argv[])
> {
> + char *hash_str = NULL;
> + ulong haddr;
> + int ret;
> +
> if (argc < 2)
> return cmd_usage(cmdtp);
> + else if (argc > 2)
> + /* Second arg - Optional - Hash Str*/
> + hash_str = argv[2];
> +
> + /* First argument - header address -32/64bit */
> + haddr = simple_strtoul(argv[1], NULL, 16);
>
> - return fsl_secboot_validate(cmdtp, flag, argc, argv);
> + ret = fsl_secboot_validate(haddr, hash_str);
> + if (ret)
> + return 1;
> +
> + printf("esbc_validate command successful\n");
> + return 0;
> }
>
> /***/
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index b510c71..282ce53 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -699,13 +699,11 @@ static inline int str2longbe(const char *p, ulong
> *num)
> return *p != '\0' && *endptr == '\0';
> }
>
> -int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
> - char * const argv[])
> +int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
> {
> struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
> ulong hash[SHA256_BYTES/sizeof(ulong)];
> char hash_str[NUM_HEX_CHARS + 1];
> - ulong addr = simple_strtoul(argv[1], NULL, 16);
> struct fsl_secboot_img_priv *img;
> struct fsl_secboot_img_hdr *hdr;
> void *esbc;
> @@ -717,8 +715,8 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
> struct udevice *mod_exp_dev;
> #endif
>
> - if (argc == 3) {
> - char *cp = argv[2];
> + if (arg_hash_str != NULL) {
> + const char *cp = arg_hash_str;
> int i = 0;
>
> if (*cp == '0' && *(cp + 1) == 'x')
> @@ -731,7 +729,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
>*/
> if (strlen(cp) != SHA256_NIBBLES) {
> printf("%s is not a 256 bits hex string as expected\n",
> -argv[2]);
> +arg_hash_str);
> return -1;
> }
>
> @@ -741,7 +739,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
> hash_str[NUM_HEX_CHARS] = '\0';
> if (!str2longbe(hash_str, [i])) {
> printf("%s is not a 256 bits hex string ",
> -argv[2]);
> +arg_hash_str);
> return -1;
> }
> }
> @@ -757,7 +755,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
> memset(img, 0, sizeof(struct fsl_secboot_img_priv));
>
> hdr = >hdr;
> - img->ehdrloc = addr;
> + img->ehdrloc = haddr;
> esbc = (u8 *)(uintptr_t)img->ehdrloc;
>
> memcpy(hdr, esbc, sizeof(struct
Re: [U-Boot] [PATCH 2/4] SECURE BOOT: separate functions for reading keys
> -Original Message-
> From: Aneesh Bansal
> Sent: Tuesday, December 08, 2015 2:14 PM
> To: u-boot@lists.denx.de
> Cc: Yusong Sun <york...@freescale.com>; Ruchika Gupta
> <ruchika.gu...@freescale.com>; Prabhakar Kushwaha
> <prabha...@freescale.com>; Aneesh Bansal
> <aneesh.ban...@freescale.com>; Saksham Jain <saks...@freescale.com>
> Subject: [PATCH 2/4] SECURE BOOT: separate functions for reading keys
>
> Separate functions are created for reading and checking the sanity of Public
> keys:
> - read_validate_single_key
> - read_validate_ie_tbl
> - read_validate_srk_table
>
> Signed-off-by: Saksham Jain <saks...@freescale.com>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@freescale.com>
> ---
> board/freescale/common/fsl_validate.c | 169 +++-
> --
> 1 file changed, 96 insertions(+), 73 deletions(-)
>
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index 282ce53..ef7a5ae 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -24,6 +24,10 @@
> #define SHA256_NIBBLES (256/4)
> #define NUM_HEX_CHARS(sizeof(ulong) * 2)
>
> +#define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES /
> 4) || \
> + ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
> + ((key_len) == 2 * KEY_SIZE_BYTES))
> +
> /* This array contains DER value for SHA-256 */ static const u8
> hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
> 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
> @@ -179,20 +183,97 @@ static u32 is_key_revoked(u32 keynum, u32
> rev_flag)
> return 0;
> }
>
> -/* It validates srk_table key lengths.*/ -static u32 validate_srk_tbl(struct
> srk_table *tbl, u32 num_entries)
> +/* It read validates srk_table key lengths.*/ static u32
> +read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
> {
> int i = 0;
> - for (i = 0; i < num_entries; i++) {
> - if (!((tbl[i].key_len == 2 * KEY_SIZE_BYTES/4) ||
> - (tbl[i].key_len == 2 * KEY_SIZE_BYTES/2) ||
> - (tbl[i].key_len == 2 * KEY_SIZE_BYTES)))
> + u32 ret, key_num, key_revoc_flag, size;
> + struct fsl_secboot_img_hdr *hdr = >hdr;
> + void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
> +
> + if ((hdr->len_kr.num_srk == 0) ||
> + (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
> + return
> ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
> +
> + key_num = hdr->len_kr.srk_sel;
> + if (key_num == 0 || key_num > hdr->len_kr.num_srk)
> + return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
> +
> + /* Get revoc key from sfp */
> + key_revoc_flag = get_key_revoc();
> + ret = is_key_revoked(key_num, key_revoc_flag);
> + if (ret)
> + return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
> +
> + size = hdr->len_kr.num_srk * sizeof(struct srk_table);
> +
> + memcpy(>srk_tbl, esbc + hdr->srk_tbl_off, size);
> +
> + for (i = 0; i < hdr->len_kr.num_srk; i++) {
> + if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
> return
> ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
> }
> +
> + img->key_len = img->srk_tbl[key_num - 1].key_len;
> +
> + memcpy(>img_key, &(img->srk_tbl[key_num - 1].pkey),
> +img->key_len);
> +
> return 0;
> }
> #endif
>
> +static u32 read_validate_single_key(struct fsl_secboot_img_priv *img) {
> + struct fsl_secboot_img_hdr *hdr = >hdr;
> + void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
> +
> + /* check key length */
> + if (!CHECK_KEY_LEN(hdr->key_len))
> + return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
> +
> + memcpy(>img_key, esbc + hdr->pkey, hdr->key_len);
> +
> + img->key_len = hdr->key_len;
> +
> + return 0;
> +}
> +
> +#if defined(CONFIG_FSL_ISBC_KEY_EXT)
> +static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img) {
> + struct fsl_secboot_img_hdr *hdr = >hdr;
> + u32 ie_key_len, ie_revoc_flag, ie_num;
> + struct ie_key_info *ie_info;
> +
> + if (get_ie_info_addr(>ie_addr))
> + return ERROR_IE_TABLE_NOT_FOUND;
> + ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
> + if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
> + return
> ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
> +
> + ie_num = hdr->ie_ke
Re: [U-Boot] [PATCH 4/4] SECURE BOOT: support for validation of dynamic image
> -Original Message-
> From: Aneesh Bansal
> Sent: Tuesday, December 08, 2015 2:14 PM
> To: u-boot@lists.denx.de
> Cc: Yusong Sun <york...@freescale.com>; Ruchika Gupta
> <ruchika.gu...@freescale.com>; Prabhakar Kushwaha
> <prabha...@freescale.com>; Aneesh Bansal
> <aneesh.ban...@freescale.com>; Saksham Jain <saks...@freescale.com>
> Subject: [PATCH 4/4] SECURE BOOT: support for validation of dynamic image
>
> Some images to be validated are relocated to a dynamic address at run time.
> So, these addresses cannot be known befor hand while signing the images
> and creating the header offline.
> So, support is required to pass the image address to the validate function as
> an argument.
> If an address is provided to the function, the address field in Header is not
> read and is treated as a reserved field.
>
> Signed-off-by: Saksham Jain <saks...@freescale.com>
> Signed-off-by: Aneesh Bansal <aneesh.ban...@freescale.com>
> ---
> board/freescale/common/cmd_esbc_validate.c | 10 ++---
> board/freescale/common/fsl_validate.c | 33 ++-
> ---
> include/fsl_validate.h | 7 +--
> 3 files changed, 32 insertions(+), 18 deletions(-)
>
> diff --git a/board/freescale/common/cmd_esbc_validate.c
> b/board/freescale/common/cmd_esbc_validate.c
> index ae6a9af..ca7c737 100644
> --- a/board/freescale/common/cmd_esbc_validate.c
> +++ b/board/freescale/common/cmd_esbc_validate.c
> @@ -22,7 +22,7 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
> char * const argv[])
> {
> char *hash_str = NULL;
> - ulong haddr;
> + uintptr_t haddr;
> int ret;
>
> if (argc < 2)
> @@ -32,9 +32,13 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
> hash_str = argv[2];
>
> /* First argument - header address -32/64bit */
> - haddr = simple_strtoul(argv[1], NULL, 16);
> + haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);
>
> - ret = fsl_secboot_validate(haddr, hash_str);
> + /* With esbc_validate command, Image address must be
> + * part of header. So, the function is called
> + * by passing this argument as 0.
> + */
> + ret = fsl_secboot_validate(haddr, hash_str, 0);
> if (ret)
> return 1;
>
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index 08a2f79..de40081 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -536,13 +536,8 @@ static int calc_esbchdr_esbc_hash(struct
> fsl_secboot_img_priv *img)
> return ret;
>
> /* Update hash for actual Image */
> -#ifdef CONFIG_ESBC_ADDR_64BIT
> ret = algo->hash_update(algo, ctx,
> - (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1);
> -#else
> - ret = algo->hash_update(algo, ctx,
> - (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1);
> -#endif
> + (u8 *)img->img_addr, img->img_size, 1);
> if (ret)
> return ret;
>
> @@ -632,16 +627,25 @@ static int read_validate_esbc_client_header(struct
> fsl_secboot_img_priv *img)
> if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
> return ERROR_ESBC_CLIENT_HEADER_BARKER;
>
> -#ifdef CONFIG_ESBC_ADDR_64BIT
> - sprintf(buf, "%llx", hdr->pimg64);
> -#else
> - sprintf(buf, "%x", hdr->pimg);
> -#endif
> + /* If Image Address is not passed as argument to function,
> + * then Address and Size must be read from the Header.
> + */
> + if (img->img_addr == 0) {
> + #ifdef CONFIG_ESBC_ADDR_64BIT
> + img->img_addr = hdr->pimg64;
> + #else
> + img->img_addr = hdr->pimg;
> + #endif
> + }
> +
> + sprintf(buf, "%lx", img->img_addr);
> setenv("img_addr", buf);
>
> if (!hdr->img_size)
> return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
>
> + img->img_size = hdr->img_size;
> +
> /* Key checking*/
> #ifdef CONFIG_KEY_REVOCATION
> if (check_srk(img)) {
> @@ -774,7 +778,8 @@ static int calculate_cmp_img_sig(struct
> fsl_secboot_img_priv *img)
> return 0;
> }
>
> -int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
> +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
> + uintptr_t img_addr)
> {
> struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADD
[U-Boot] [PATCH][v2] Correct License and Copyright information on few files
gpio.h - Added missing copyright in few files. rsa-mod-exp.h - Corrected copyright in the file. fsl_sec.h - Added missing license in files drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com --- Changes from v2: 1. Added more detailed commit message 2. Corrected the time on the patch arch/arm/include/asm/arch-ls102xa/gpio.h | 2 ++ arch/powerpc/include/asm/arch-mpc85xx/gpio.h | 2 ++ drivers/crypto/fsl/Makefile | 4 +--- include/fsl_sec.h| 1 + include/u-boot/rsa-mod-exp.h | 2 +- 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/arch/arm/include/asm/arch-ls102xa/gpio.h b/arch/arm/include/asm/arch-ls102xa/gpio.h index b704436..707a1f3 100644 --- a/arch/arm/include/asm/arch-ls102xa/gpio.h +++ b/arch/arm/include/asm/arch-ls102xa/gpio.h @@ -1,4 +1,6 @@ /* + * Copyright 2014 Freescale Semiconductor, Inc. + * * SPDX-License-Identifier:GPL-2.0+ */ diff --git a/arch/powerpc/include/asm/arch-mpc85xx/gpio.h b/arch/powerpc/include/asm/arch-mpc85xx/gpio.h index 71794a8..da7352a 100644 --- a/arch/powerpc/include/asm/arch-mpc85xx/gpio.h +++ b/arch/powerpc/include/asm/arch-mpc85xx/gpio.h @@ -1,4 +1,6 @@ /* + * Copyright 2014 Freescale Semiconductor, Inc. + * * SPDX-License-Identifier:GPL-2.0+ */ diff --git a/drivers/crypto/fsl/Makefile b/drivers/crypto/fsl/Makefile index 4aa91e4..fd736cf 100644 --- a/drivers/crypto/fsl/Makefile +++ b/drivers/crypto/fsl/Makefile @@ -1,9 +1,7 @@ # # Copyright 2014 Freescale Semiconductor, Inc. # -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# Version 2 as published by the Free Software Foundation. +# SPDX-License-Identifier: GPL-2.0+ # obj-y += sec.o diff --git a/include/fsl_sec.h b/include/fsl_sec.h index ebb1ac6..5e38610 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -3,6 +3,7 @@ * * Copyright 2014 Freescale Semiconductor, Inc. * + * SPDX-License-Identifier:GPL-2.0+ */ #ifndef __FSL_SEC_H diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h index fce445a..45a031b 100644 --- a/include/u-boot/rsa-mod-exp.h +++ b/include/u-boot/rsa-mod-exp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, Ruchika Gupta. + * Copyright 2014 Freescale Semiconductor, Inc. * * SPDX-License-Identifier:GPL-2.0+ */ -- 1.8.1.4 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH] Correct License and Copyright information on few files
Hi, Hi, Am 23.07.2015 um 16:10 schrieb Ruchika Gupta: Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com [...] diff --git a/drivers/crypto/fsl/Makefile b/drivers/crypto/fsl/Makefile index 4aa91e4..fd736cf 100644 --- a/drivers/crypto/fsl/Makefile +++ b/drivers/crypto/fsl/Makefile @@ -1,9 +1,7 @@ # # Copyright 2014 Freescale Semiconductor, Inc. # -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# Version 2 as published by the Free Software Foundation. +# SPDX-License-Identifier: GPL-2.0+ Is this change of license intentional? (GPL-2.0 vs. GPL-2.0+) If so, would've been helpful to explain that in the commit message. Yes the change to GLL-2.0+ is intential. The GPL License added earlier in this file was incomplete. The main aim is to change it to a single line GPLv2.0 or later text. I will add the explanation in the commit. # obj-y += sec.o [snip] Cheers, Andreas -- SUSE Linux GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Felix Imendörffer, Jane Smithard, Dilip Upmanyu, Graham Norton; HRB 21284 (AG Nürnberg) Regards, Ruchika ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
[U-Boot] [PATCH] Correct License and Copyright information on few files
Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com --- arch/arm/include/asm/arch-ls102xa/gpio.h | 2 ++ arch/powerpc/include/asm/arch-mpc85xx/gpio.h | 2 ++ drivers/crypto/fsl/Makefile | 4 +--- include/fsl_sec.h| 1 + include/u-boot/rsa-mod-exp.h | 2 +- 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/arch/arm/include/asm/arch-ls102xa/gpio.h b/arch/arm/include/asm/arch-ls102xa/gpio.h index b704436..707a1f3 100644 --- a/arch/arm/include/asm/arch-ls102xa/gpio.h +++ b/arch/arm/include/asm/arch-ls102xa/gpio.h @@ -1,4 +1,6 @@ /* + * Copyright 2014 Freescale Semiconductor, Inc. + * * SPDX-License-Identifier:GPL-2.0+ */ diff --git a/arch/powerpc/include/asm/arch-mpc85xx/gpio.h b/arch/powerpc/include/asm/arch-mpc85xx/gpio.h index 71794a8..da7352a 100644 --- a/arch/powerpc/include/asm/arch-mpc85xx/gpio.h +++ b/arch/powerpc/include/asm/arch-mpc85xx/gpio.h @@ -1,4 +1,6 @@ /* + * Copyright 2014 Freescale Semiconductor, Inc. + * * SPDX-License-Identifier:GPL-2.0+ */ diff --git a/drivers/crypto/fsl/Makefile b/drivers/crypto/fsl/Makefile index 4aa91e4..fd736cf 100644 --- a/drivers/crypto/fsl/Makefile +++ b/drivers/crypto/fsl/Makefile @@ -1,9 +1,7 @@ # # Copyright 2014 Freescale Semiconductor, Inc. # -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# Version 2 as published by the Free Software Foundation. +# SPDX-License-Identifier: GPL-2.0+ # obj-y += sec.o diff --git a/include/fsl_sec.h b/include/fsl_sec.h index ebb1ac6..5e38610 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -3,6 +3,7 @@ * * Copyright 2014 Freescale Semiconductor, Inc. * + * SPDX-License-Identifier:GPL-2.0+ */ #ifndef __FSL_SEC_H diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h index fce445a..45a031b 100644 --- a/include/u-boot/rsa-mod-exp.h +++ b/include/u-boot/rsa-mod-exp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, Ruchika Gupta. + * Copyright 2014 Freescale Semiconductor, Inc. * * SPDX-License-Identifier:GPL-2.0+ */ -- 1.8.1.4 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 1/3] crypto/fsl: fix era property value on LE platforms
Acked-by: Ruchika Guptaruchika.gu...@freescale.com
-Original Message-
From: Sun York-R58495
Sent: Sunday, July 19, 2015 3:44 AM
To: Gupta Ruchika-R66431
Subject: Re: [PATCH 1/3] crypto/fsl: fix era property value on LE platforms
Ruchika,
Please comment/ack.
York
On 07/08/2015 07:24 AM, Horia Geantă wrote:
Use fdt_setprop_u32() instead of fdt_setprop().
Fixes: 0181937fa371a (crypto/fsl: Add fixup for crypto node)
Signed-off-by: Horia Geantă horia.gea...@freescale.com
Reviewed-by: Mingkai Hu mingkai...@freescale.com
---
drivers/crypto/fsl/sec.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/crypto/fsl/sec.c b/drivers/crypto/fsl/sec.c index
443ee964feae..b25b1a4052d2 100644
--- a/drivers/crypto/fsl/sec.c
+++ b/drivers/crypto/fsl/sec.c
@@ -155,8 +155,7 @@ static void fdt_fixup_crypto_era(void *blob, u32
era)
return;
}
- err = fdt_setprop(blob, crypto_node, fsl,sec-era, era,
- sizeof(era));
+ err = fdt_setprop_u32(blob, crypto_node, fsl,sec-era, era);
if (err 0) {
printf(ERROR: could not set fsl,sec-era property: %s\n,
fdt_strerror(err));
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 2/3] crypto/fsl - change starting entropy delay value
Acked-by: Ruchika Guptaruchika.gu...@freescale.com
-Original Message-
From: Sun York-R58495
Sent: Sunday, July 19, 2015 3:43 AM
To: Gupta Ruchika-R66431
Subject: Re: [PATCH 2/3] crypto/fsl - change starting entropy delay value
Ruchika,
Please comment/ack this patch and others in this set.
York
On 05/05/2015 06:48 AM, Alex Porosanu wrote:
The entropy delay (the length in system clocks of each entropy sample)
for the RNG4 block of CAAM is dependent on the frequency of the SoC.
By elaborate methods, it has been determined that a good starting
value for all platforms integrating the CAAM IP is 3200. Using a
higher value has additional benefit of speeding up the process of
instantiating the RNG, since the entropy delay will be increased and
instantiation of the RNG state handles will be reattempted by the
driver. If the starting value is low, for certain platforms, this can
lead to a quite lengthy process.
This patch changes the starting value of the length of the entropy
sample to 3200 system clocks.
In addition to this change, the attempted entropy delay values are now
printed on the console upon initialization of the RNG block.
Signed-off-by: Alex Porosanu alexandru.poros...@freescale.com
---
include/fsl_sec.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/fsl_sec.h b/include/fsl_sec.h index
14f6633..c84b6ad 100644
--- a/include/fsl_sec.h
+++ b/include/fsl_sec.h
@@ -35,7 +35,7 @@ struct rng4tst {
u32 rtmctl; /* misc. control register */
u32 rtscmisc; /* statistical check misc. register */
u32 rtpkrrng; /* poker range register */
-#define RTSDCTL_ENT_DLY_MIN1200
+#define RTSDCTL_ENT_DLY_MIN3200
#define RTSDCTL_ENT_DLY_MAX12800
union {
u32 rtpkrmax; /* PRGM=1: poker max. limit register */
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 3/3] crypto/fsl: clean-up - use fdt_setprop_u32 helper
Acked-by: Ruchika Guptaruchika.gu...@freescale.com -Original Message- From: Sun York-R58495 Sent: Sunday, July 19, 2015 3:44 AM To: Gupta Ruchika-R66431 Subject: Re: [PATCH 3/3] crypto/fsl: clean-up - use fdt_setprop_u32 helper Ruchika, Please comment/ack. York On 07/08/2015 07:24 AM, Horia Geantă wrote: Signed-off-by: Horia Geantă horia.gea...@freescale.com --- drivers/crypto/fsl/sec.c | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/fsl/sec.c b/drivers/crypto/fsl/sec.c index b25b1a4052d2..0940faf768cc 100644 --- a/drivers/crypto/fsl/sec.c +++ b/drivers/crypto/fsl/sec.c @@ -60,27 +60,26 @@ void fdt_fixup_crypto_node(void *blob, int sec_rev) return; } - val = cpu_to_fdt32(sec_rev_prop_list[sec_idx].num_channels); - err = fdt_setprop(blob, crypto_node, fsl,num-channels, val, 4); + err = fdt_setprop_u32(blob, crypto_node, fsl,num-channels, + sec_rev_prop_list[sec_idx].num_channels); if (err 0) printf(WARNING: could not set crypto property: %s\n, fdt_strerror(err)); - val = cpu_to_fdt32(sec_rev_prop_list[sec_idx].descriptor_types_mask); - err = fdt_setprop(blob, crypto_node, fsl,descriptor-types-mask, - val, 4); + err = fdt_setprop_u32(blob, crypto_node, fsl,descriptor-types- mask, + sec_rev_prop_list[sec_idx].descriptor_types_mask); if (err 0) printf(WARNING: could not set crypto property: %s\n, fdt_strerror(err)); - val = cpu_to_fdt32(sec_rev_prop_list[sec_idx].exec_units_mask); - err = fdt_setprop(blob, crypto_node, fsl,exec-units-mask, val, 4); + err = fdt_setprop_u32(blob, crypto_node, fsl,exec-units-mask, + sec_rev_prop_list[sec_idx].exec_units_mask); if (err 0) printf(WARNING: could not set crypto property: %s\n, fdt_strerror(err)); - val = cpu_to_fdt32(sec_rev_prop_list[sec_idx].channel_fifo_len); - err = fdt_setprop(blob, crypto_node, fsl,channel-fifo-len, val, 4); + err = fdt_setprop_u32(blob, crypto_node, fsl,channel-fifo-len, + sec_rev_prop_list[sec_idx].channel_fifo_len); if (err 0) printf(WARNING: could not set crypto property: %s\n, fdt_strerror(err)); ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 3/3] crypto/fsl - enable raw data instead of von Neumann data
Acked-by: Ruchika Guptaruchika.gu...@freescale.com
-Original Message-
From: Sun York-R58495
Sent: Sunday, July 19, 2015 3:43 AM
To: Gupta Ruchika-R66431
Subject: Re: [PATCH 3/3] crypto/fsl - enable raw data instead of von
Neumann data
Ruchika,
Please comment/ack.
York
On 05/05/2015 06:48 AM, Alex Porosanu wrote:
The sampling of the oscillator can be done in multiple modes for
generating the entropy value. By default, this is set to von Neumann.
This patch changes the sampling to raw data, since it has been
discovered that the generated entropy has a better 'quality'.
Signed-off-by: Alex Porosanu alexandru.poros...@freescale.com
---
drivers/crypto/fsl/jr.c | 11 ++-
include/fsl_sec.h | 10 ++
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index
aa527ec..3560668 100644
--- a/drivers/crypto/fsl/jr.c
+++ b/drivers/crypto/fsl/jr.c
@@ -408,8 +408,17 @@ static void kick_trng(int ent_delay)
sec_out32(rng-rtfreqmin, ent_delay 2);
/* disable maximum frequency count */
sec_out32(rng-rtfreqmax, RTFRQMAX_DISABLE);
+ /* read the control register */
+ val = sec_in32(rng-rtmctl);
+ /*
+* select raw sampling in both entropy shifter
+* and statistical checker
+*/
+ sec_setbits32(val, RTMCTL_SAMP_MODE_RAW_ES_SC);
/* put RNG4 into run mode */
- sec_clrbits32(rng-rtmctl, RTMCTL_PRGM);
+ sec_clrbits32(val, RTMCTL_PRGM);
+ /* write back the control register */
+ sec_out32(rng-rtmctl, val);
}
static int rng_init(void)
diff --git a/include/fsl_sec.h b/include/fsl_sec.h index
c84b6ad..672bcef 100644
--- a/include/fsl_sec.h
+++ b/include/fsl_sec.h
@@ -32,6 +32,16 @@
/* RNG4 TRNG test registers */
struct rng4tst {
#define RTMCTL_PRGM 0x0001 /* 1 - program mode, 0 - run mode
*/
+#define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_SC 0 /* use von
Neumann data in
+ both entropy shifter and
+ statistical checker */
+#define RTMCTL_SAMP_MODE_RAW_ES_SC 1 /* use raw data in
both
+ entropy shifter and
+ statistical checker */
+#define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_RAW_SC 2 /* use
von Neumann data in
+ entropy shifter, raw data
+ in statistical checker */
+#define RTMCTL_SAMP_MODE_INVALID 3 /* invalid combination
*/
u32 rtmctl; /* misc. control register */
u32 rtscmisc; /* statistical check misc. register */
u32 rtpkrrng; /* poker range register */
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 1/3] crypto/fsl - disable RNG oscillator maximum frequency check
Acked-by: Ruchika Guptaruchika.gu...@freescale.com
-Original Message-
From: Sun York-R58495
Sent: Sunday, July 19, 2015 3:43 AM
To: Gupta Ruchika-R66431
Subject: Re: [PATCH 1/3] crypto/fsl - disable RNG oscillator maximum
frequency check
Ruchika,
Please comment/ack this patch and others in this set.
York
On 05/05/2015 06:48 AM, Alex Porosanu wrote:
The rtfrqmax rtfrqmin set the bounds of the expected frequency of
the oscillator, when SEC runs at its maximum frequency. For certain
platforms (f.i. T2080), the oscillator is very fast and thus if the
SEC runs at a lower than normal frequency, the ring oscillator is
incorrectly detected as being out of bounds.
This patch effectively disables the maximum frequency check, by
setting a high enough maximum allowable frequency for the oscillator.
The reasoning behind this is that usually a broken oscillator will run
too slow (i.e. not run at all) rather than run too fast.
Signed-off-by: Alex Porosanu alexandru.poros...@freescale.com
---
drivers/crypto/fsl/jr.c | 4 ++--
include/fsl_sec.h | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index
f99d594..aa527ec 100644
--- a/drivers/crypto/fsl/jr.c
+++ b/drivers/crypto/fsl/jr.c
@@ -406,8 +406,8 @@ static void kick_trng(int ent_delay)
sec_out32(rng-rtsdctl, val);
/* min. freq. count, equal to 1/4 of the entropy sample length */
sec_out32(rng-rtfreqmin, ent_delay 2);
- /* max. freq. count, equal to 8 times the entropy sample length */
- sec_out32(rng-rtfreqmax, ent_delay 3);
+ /* disable maximum frequency count */
+ sec_out32(rng-rtfreqmax, RTFRQMAX_DISABLE);
/* put RNG4 into run mode */
sec_clrbits32(rng-rtmctl, RTMCTL_PRGM); } diff --git
a/include/fsl_sec.h b/include/fsl_sec.h index ebb1ac6..14f6633 100644
--- a/include/fsl_sec.h
+++ b/include/fsl_sec.h
@@ -49,6 +49,7 @@ struct rng4tst {
u32 rttotsam; /* PRGM=0: total samples register */
};
u32 rtfreqmin; /* frequency count min. limit register */
+#define RTFRQMAX_DISABLE (1 20)
union {
u32 rtfreqmax; /* PRGM=1: freq. count max. limit register */
u32 rtfreqcnt; /* PRGM=0: freq. count register */
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH 2/3] crypto/fsl: fix snooping for write transactions
Acked-by: Ruchika Guptaruchika.gu...@freescale.com
-Original Message-
From: Sun York-R58495
Sent: Sunday, July 19, 2015 3:44 AM
To: Gupta Ruchika-R66431
Subject: Re: [PATCH 2/3] crypto/fsl: fix snooping for write transactions
Ruchika,
Please comment/ack.
York
On 07/08/2015 07:24 AM, Horia Geantă wrote:
HW coherency won't work properly for CAAM write transactions if
AWCACHE is left to default (POR) value - 4'b0001.
It has to be programmed to 4'b0010.
For platforms that have HW coherency support:
-PPC-based: the update has no effect; CAAM coherency already works due
to the IOMMU (PAMU) driver setting the correct memory coherency
attributes
-ARM-based: the update fixes cache coherency issues, since IOMMU
(SMMU) driver is not programmed to behave similar to PAMU
Fixes: b9eebfade974c (fsl_sec: Add hardware accelerated SHA256 and
SHA1)
Signed-off-by: Horia Geantă horia.gea...@freescale.com
Reviewed-by: Aneesh Bansal aneesh.ban...@freescale.com
Reviewed-by: Mingkai Hu mingkai...@freescale.com
---
drivers/crypto/fsl/jr.c | 10 ++ drivers/crypto/fsl/jr.h | 2
++
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index
f99d59480c81..e2bd913aa259 100644
--- a/drivers/crypto/fsl/jr.c
+++ b/drivers/crypto/fsl/jr.c
@@ -459,14 +459,16 @@ static int rng_init(void)
int sec_init(void)
{
- int ret = 0;
-
-#ifdef CONFIG_PHYS_64BIT
ccsr_sec_t *sec = (void *)CONFIG_SYS_FSL_SEC_ADDR;
uint32_t mcr = sec_in32(sec-mcfgr);
+ int ret = 0;
- sec_out32(sec-mcfgr, mcr | 1 MCFGR_PS_SHIFT);
+ mcr = (mcr ~MCFGR_AWCACHE_MASK) | (0x2
MCFGR_AWCACHE_SHIFT);
+#ifdef CONFIG_PHYS_64BIT
+ mcr |= (1 MCFGR_PS_SHIFT);
#endif
+ sec_out32(sec-mcfgr, mcr);
+
ret = jr_init();
if (ret 0) {
printf(SEC initialization failed\n); diff --git
a/drivers/crypto/fsl/jr.h b/drivers/crypto/fsl/jr.h index
cce2c589ce0b..152606008845 100644
--- a/drivers/crypto/fsl/jr.h
+++ b/drivers/crypto/fsl/jr.h
@@ -21,6 +21,8 @@
#define MCFGR_SWRST ((uint32_t)(1)31) /* Software Reset */
#define MCFGR_DMA_RST ((uint32_t)(1)28) /* DMA Reset */
#define MCFGR_PS_SHIFT 16
+#define MCFGR_AWCACHE_SHIFT8
+#define MCFGR_AWCACHE_MASK (0xf MCFGR_AWCACHE_SHIFT)
#define JR_INTMASK 0x0001
#define JRCR_RESET 0x01
#define JRINT_ERR_HALT_INPROGRESS 0x4
___
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
[U-Boot] [PATCH] DM: crypto/rsa_mod_exp - Correct copyright on rsa-mod-exp.h
Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com --- include/u-boot/rsa-mod-exp.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h index fce445a..d250694 100644 --- a/include/u-boot/rsa-mod-exp.h +++ b/include/u-boot/rsa-mod-exp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, Ruchika Gupta. + * Copyright (c) 2014 Freescale Semiconductor, Inc. * * SPDX-License-Identifier:GPL-2.0+ */ -- 1.8.1.4 ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH] imx: dek_blob: Add explicit include for mapmem
-Original Message- From: ulises.carde...@freescale.com [mailto:ulises.carde...@freescale.com] Sent: Monday, May 04, 2015 8:23 PM To: Estevam Fabio-R49496 Cc: u-boot@lists.denx.de; sba...@denx.de; s...@chromium.org; Garg Nitin- B37173; Gupta Ruchika-R66431; Ulises Cardenas Casas Subject: [PATCH] imx: dek_blob: Add explicit include for mapmem From: Ulises Cardenas ulises.carde...@freescale.com Boards such as imx6q_sabresd might not have mapmem.h as part of their common library. This causes a build error if the DEK blob command is enabled. Fix: make explicit the include of mapmem.h Signed-off-by: Ulises Cardenas ulises.carde...@freescale.com --- arch/arm/imx-common/cmd_dek.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/imx-common/cmd_dek.c b/arch/arm/imx- common/cmd_dek.c index d93d5fb..ada8adf 100644 --- a/arch/arm/imx-common/cmd_dek.c +++ b/arch/arm/imx-common/cmd_dek.c @@ -14,6 +14,7 @@ #include linux/compiler.h #include fsl_sec.h #include asm/arch/clock.h +#include mapmem.h DECLARE_GLOBAL_DATA_PTR; -- 2.3.2 Reviewed-by: Ruchika Gupta ruchika.gu...@freescale.com ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH] Add bootscript support to esbc_validate.
Hi York, -Original Message- From: Sun York-R58495 Sent: Tuesday, March 10, 2015 10:03 PM To: Gupta Ruchika-R66431; Rana Gaurav-B46163; u-boot@lists.denx.de Cc: Wood Scott-B07421; Bansal Aneesh-B39320 Subject: Re: [PATCH] Add bootscript support to esbc_validate. On 03/10/2015 09:25 AM, Gupta Ruchika-R66431 wrote: Hi York, -Original Message- From: Sun York-R58495 Sent: Tuesday, March 10, 2015 9:45 PM To: Rana Gaurav-B46163; u-boot@lists.denx.de Cc: Wood Scott-B07421; Gupta Ruchika-R66431; Bansal Aneesh-B39320 Subject: Re: [PATCH] Add bootscript support to esbc_validate. On 03/10/2015 01:38 AM, Gaurav Rana wrote: 1. Default environment will be used for secure boot flow which can't be edited or saved. 2. Command for secure boot is predefined in the default environment which will run on autoboot (and autoboot is the only option allowed in case of secure boot) and it looks like this: #define CONFIG_SECBOOT \ setenv bs_hdraddr 0xe8e0; \ esbc_validate $bs_hdraddr;\ source $img_addr; \ esbc_halt; #endif 3. Boot Script can contain esbc_validate commands and bootm command. Uboot source command used in default secure boot command will run the bootscript. 4. Command esbc_halt added to ensure either bootm executes after validation of images or core should just spin. What's the purpose of esbc_halt? Once it enters the spin, how to get it out? The purpose of bootscript is to validate the next level images and then pass control to it, so bootscript must contain a bootm command. We don't expect control to return back to u-boot. Hence a command esbc_halt is introduced which would make the core spin and not provide uboot prompt in case bootscript doesn't pass control to next level image. For secure chain of trust, only validated bootscript should be allowed to execute and be responsible for passing control to next level image. Ruchika, Do you expect secure boot to run automatically once u-boot reaches the prompt and the source $img_addr to actually boot the OS? You put esbc_halt as a fall-back to catch failure above? It doesn't sounds very secure to me. The bootscript is first validated. Only an authenticated user, who has the private key can sign the bootscript. Thus validating bootscript is important in secure boot chain of trust. You are right regarding fallback as esbc_halt. In the esbc_halt implementation, we will add code to clear security secrets on the chip, and issue a reset. We will send a separate patch for that. Ruchika I am hoping other reviewers can chime in and give comments. York ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH] Add bootscript support to esbc_validate.
Hi York, -Original Message- From: Sun York-R58495 Sent: Tuesday, March 10, 2015 9:45 PM To: Rana Gaurav-B46163; u-boot@lists.denx.de Cc: Wood Scott-B07421; Gupta Ruchika-R66431; Bansal Aneesh-B39320 Subject: Re: [PATCH] Add bootscript support to esbc_validate. On 03/10/2015 01:38 AM, Gaurav Rana wrote: 1. Default environment will be used for secure boot flow which can't be edited or saved. 2. Command for secure boot is predefined in the default environment which will run on autoboot (and autoboot is the only option allowed in case of secure boot) and it looks like this: #define CONFIG_SECBOOT \ setenv bs_hdraddr 0xe8e0; \ esbc_validate $bs_hdraddr;\ source $img_addr; \ esbc_halt; #endif 3. Boot Script can contain esbc_validate commands and bootm command. Uboot source command used in default secure boot command will run the bootscript. 4. Command esbc_halt added to ensure either bootm executes after validation of images or core should just spin. What's the purpose of esbc_halt? Once it enters the spin, how to get it out? The purpose of bootscript is to validate the next level images and then pass control to it, so bootscript must contain a bootm command. We don't expect control to return back to u-boot. Hence a command esbc_halt is introduced which would make the core spin and not provide uboot prompt in case bootscript doesn't pass control to next level image. For secure chain of trust, only validated bootscript should be allowed to execute and be responsible for passing control to next level image. Ruchika York ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Re: [U-Boot] [PATCH v4] imx6: Added DEK blob generator command
Hi Ulises,
-Original Message-
From: ulises.carde...@freescale.com [mailto:ulises.carde...@freescale.com]
Sent: Wednesday, February 18, 2015 1:45 AM
To: Gupta Ruchika-R66431
Cc: u-boot@lists.denx.de; Estevam Fabio-R49496; sba...@denx.de;
s...@chromium.org; Ulises Cardenas Casas; Garg Nitin-B37173; Ulises Cardenas
Casas
Subject: [PATCH v4] imx6: Added DEK blob generator command
From: Raul Cardenas ulises.carde...@freescale.com
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for protecting a DEK for non-
secure memory storage.
SEC block protects data in a data structure called a Secret Key Blob, which
provides both confidentiality and integrity protection.
Every time the blob encapsulation is executed, a AES-256 key is randomly
generated to encrypt the DEK.
This key is encrypted with the OTP Secret key from SoC. The resulting blob
consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.
During decapsulation, the reverse process is performed to get back the
original DEK. A caveat to the blob decapsulation process, is that the DEK is
decrypted in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.
Commands added
--
dek_blob - encapsulating DEK as a cryptgraphic blob
Commands Syntax
---
dek_blob src dst len
Encapsulate and create blob of a len-bits DEK at
address src and store the result at address dst.
Signed-off-by: Raul Cardenas ulises.carde...@freescale.com
Signed-off-by: Nitin Garg nitin.g...@freescale.com
Signed-off-by: Ulises Cardenas ulises.carde...@freescale.com
---
Changes in v4:
-Improve coding style as recommended by Simon -Add const type qualifier to
functions using the plaintext as a parameter -Fix and add documentation
Changes in v3:
-Improve cache management for relevant descriptors -Add cache management to
RNG instantiate
Changes in v2:
-Remove weak symbol as recommended by Ruchika
arch/arm/imx-common/Makefile | 1 +
arch/arm/imx-common/cmd_dek.c| 89 ++
arch/arm/imx-common/timer.c | 17
arch/arm/include/asm/arch-mx6/imx-regs.h | 4 +
doc/README.mxc_hab | 48 ++
drivers/crypto/fsl/Makefile | 2 +-
drivers/crypto/fsl/desc.h| 15
drivers/crypto/fsl/fsl_blob.c| 52 +++
drivers/crypto/fsl/jobdesc.c | 149
++-
drivers/crypto/fsl/jobdesc.h | 14 +++
drivers/crypto/fsl/jr.c | 31 ++-
include/fsl_sec.h| 80 +
12 files changed, 495 insertions(+), 7 deletions(-) create mode 100644
arch/arm/imx-common/cmd_dek.c
diff --git a/arch/arm/imx-common/Makefile b/arch/arm/imx-common/Makefile
index 25a9d4c..606482f 100644
--- a/arch/arm/imx-common/Makefile
+++ b/arch/arm/imx-common/Makefile
@@ -24,6 +24,7 @@ obj-$(CONFIG_IMX_VIDEO_SKIP) += video.o endif
obj-$(CONFIG_CMD_BMODE) += cmd_bmode.o
obj-$(CONFIG_CMD_HDMIDETECT) += cmd_hdmidet.o
+obj-$(CONFIG_CMD_DEKBLOB) += cmd_dek.o
quiet_cmd_cpp_cfg = CFGS$@
cmd_cpp_cfg = $(CPP) $(cpp_flags) -x c -o $@ $ diff --git
a/arch/arm/imx-common/cmd_dek.c b/arch/arm/imx-common/cmd_dek.c new file mode
100644 index 000..376d5f2
--- /dev/null
+++ b/arch/arm/imx-common/cmd_dek.c
@@ -0,0 +1,89 @@
+/*
+ * Command for encapsulating DEK blob
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include common.h
+#include command.h
+#include environment.h
+#include malloc.h
+#include asm/byteorder.h
+#include linux/compiler.h
+#include fsl_sec.h
+#include asm/arch/clock.h
+
+DECLARE_GLOBAL_DATA_PTR;
+
+/**
+* blob_dek() - Encapsulate the DEK as a blob using CAM's Key
+* @src: - Address of data to be encapsulated
+* @dst: - Desination address of encapsulated data
+* @len: - Size of data to be encapsulated
+*
+* Returns zero on success,and negative on error.
+*/
+static int blob_encap_dek(const u8 *src, u8 *dst, u32 len) {
+ int ret = 0;
+ u32 jr_size = 4;
+
+ u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR + 0x102c);
+ if (out_jr_size != jr_size) {
+ hab_caam_clock_enable(1);
+ sec_init();
+ }
+
+ if (!((len == 128) | (len == 192) | (len == 256))) {
+ debug(Invalid DEK size. Valid sizes are 128, 192 and 256b\n);
+ return -1;
+ }
+
+ len /= 8;
+ ret = blob_dek(src, dst, len);
+
+ return ret;
+}
+
+/**
+ * do_dek_blob() - Handle the dek_blob command-line command
+ * @cmdtp: Command data struct pointer
+ * @flag: Command flag
+ * @argc: Command-line argument count
+ * @argv: Array of command-line arguments
+ *
+ * Returns zero on success, CMD_RET_USAGE in case of misuse and
+negative
+ * on
Re: [U-Boot] [PATCH] imx6: Added DEK blob generator command
Hi Ulises,
-Original Message-
From: ulises.carde...@freescale.com [mailto:ulises.carde...@freescale.com]
Sent: Thursday, February 05, 2015 2:38 AM
To: Gupta Ruchika-R66431
Cc: u-boot@lists.denx.de; Estevam Fabio-R49496; sba...@denx.de; Ulises
Cardenas Casas; Garg Nitin-B37173
Subject: [PATCH] imx6: Added DEK blob generator command
From: Raul Cardenas ulises.carde...@freescale.com
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for protecting a DEK for non-
secure memory storage.
SEC block protects data in a data structure called a Secret Key Blob, which
provides both confidentiality and integrity protection.
Every time the blob encapsulation is executed, a SHA-256 key is randomly
generated to encrypt the DEK.
This key is itself encrypted with the OTP Secret key from SoC. The ending
blob consists of the encrypted
SHA-256 key, the encrypted DEK, and a 16-bit MAC.
During decapsulation, the reverse process is performed to get back the
original DEK. A caveat to the blob decapsulation process, is that the DEK is
decrypted in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.
Commands added
--
dek_blob - encapsulating DEK as a cryptgraphic blob
Commands Syntax
---
dek_blob src dst len
Encapsulate and create blob of a len-bits DEK at
address src and store the result at address dst.
Signed-off-by: Raul Cardenas ulises.carde...@freescale.com
Signed-off-by: Nitin Garg nitin.g...@freescale.com
---
arch/arm/imx-common/Makefile |1 +
arch/arm/imx-common/cmd_dek.c| 89 +++
arch/arm/imx-common/timer.c | 17
arch/arm/include/asm/arch-mx6/imx-regs.h |4 +
doc/README.mxc_hab | 48 ++
drivers/crypto/fsl/Makefile |2 +-
drivers/crypto/fsl/desc.h| 15
drivers/crypto/fsl/fsl_blob.c| 50 +++
drivers/crypto/fsl/jobdesc.c | 142
+-
drivers/crypto/fsl/jobdesc.h |5 ++
drivers/crypto/fsl/jr.c | 24 -
include/fsl_sec.h| 60 +
12 files changed, 451 insertions(+), 6 deletions(-) create mode 100644
arch/arm/imx-common/cmd_dek.c
diff --git a/arch/arm/imx-common/Makefile b/arch/arm/imx-common/Makefile
index 25a9d4c..606482f 100644
--- a/arch/arm/imx-common/Makefile
+++ b/arch/arm/imx-common/Makefile
@@ -24,6 +24,7 @@ obj-$(CONFIG_IMX_VIDEO_SKIP) += video.o endif
obj-$(CONFIG_CMD_BMODE) += cmd_bmode.o
obj-$(CONFIG_CMD_HDMIDETECT) += cmd_hdmidet.o
+obj-$(CONFIG_CMD_DEKBLOB) += cmd_dek.o
quiet_cmd_cpp_cfg = CFGS$@
cmd_cpp_cfg = $(CPP) $(cpp_flags) -x c -o $@ $ diff --git
a/arch/arm/imx-common/cmd_dek.c b/arch/arm/imx-common/cmd_dek.c new file mode
100644 index 000..e3748d2
--- /dev/null
+++ b/arch/arm/imx-common/cmd_dek.c
@@ -0,0 +1,89 @@
+/*
+ * Command for encapsulating DEK blob
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include common.h
+#include command.h
+#include environment.h
+#include malloc.h
+#include asm/byteorder.h
+#include linux/compiler.h
+#include fsl_sec.h
+#include asm/arch/clock.h
+
+DECLARE_GLOBAL_DATA_PTR;
+
+/**
+* blob_dek() - Encapsulate the DEK as a blob using CAM's Key
+* @src: - Address of data to be encapsulated
+* @dst: - Address of data to be encapsulated
+* @len: - Size of data to be encapsulated
+*
+* Returns zero on success,and negative on error.
+*/
+__weak int blob_encap_dek(u8 *src, u8 *dst, u32 len) {
This should not be a weak function.
+ int ret = 0;
+ u32 jr_size = 4;
+
+ u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR + 0x102c);
+ if (out_jr_size != jr_size) {
+ hab_caam_clock_enable(1);
+ sec_init();
+ }
+
+ if (!((len == 128)|(len == 192)|(len == 256))) {
+ debug(Invalid DEK size. Valid sizes are 128, 192 and 256b\n);
+ return -1;
+ }
+
+ len /= 8;
+ ret = blob_dek(src, dst, len);
+
+ return ret;
+}
+
+/**
+ * do_dek_blob() - Handle the dek_blob command-line command
+ * @cmdtp: Command data struct pointer
+ * @flag: Command flag
+ * @argc: Command-line argument count
+ * @argv: Array of command-line arguments
+ *
+ * Returns zero on success, CMD_RET_USAGE in case of misuse and
+negative
+ * on error.
+ */
+static int do_dek_blob(cmd_tbl_t *cmdtp, int flag, int argc, char
+*const argv[]) {
+ uint32_t src_addr, dst_addr, len;
+ uint8_t *src_ptr, *dst_ptr;
+ int ret = 0;
+
+ if (argc != 4)
+ return CMD_RET_USAGE;
+
+ src_addr = simple_strtoul(argv[1], NULL, 16);
+ dst_addr = simple_strtoul(argv[2], NULL, 16);
+ len = simple_strtoul(argv[3], NULL, 10);
+
+
Re: [U-Boot] [PATCH] crypto/fsl - Add progressive hashing support using hardware acceleration.
Hi Simon,
Thanks for the review comments.
-Original Message-
From: s...@google.com [mailto:s...@google.com] On Behalf Of Simon Glass
Sent: Thursday, February 05, 2015 8:55 AM
To: Rana Gaurav-B46163
Cc: U-Boot Mailing List; Sun York-R58495; Wood Scott-B07421; Gupta Ruchika-
R66431; Bansal Aneesh-B39320
Subject: Re: [PATCH] crypto/fsl - Add progressive hashing support using
hardware acceleration.
Hi,
On 28 January 2015 at 03:51, Gaurav Rana gaurav.r...@freescale.com wrote:
Currently only normal hashing is supported using hardware acceleration.
Added support for progressinve hashing using h/w.
Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com
Signed-off-by: Gaurav Rana gaurav.r...@freescale.com
CC: Simon Glass s...@chromium.org
---
This patch is dependent on following series of 10 patches.
https://patchwork.ozlabs.org/patch/432126/
.
.
Now applied to mainline.
.
https://patchwork.ozlabs.org/patch/432135/
README| 4 ++
common/hash.c | 10 +++
drivers/crypto/fsl/fsl_hash.c | 141
++
drivers/crypto/fsl/fsl_hash.h | 32 ++
include/fsl_sec.h | 30 +
include/hw_sha.h | 77 +++
6 files changed, 294 insertions(+)
create mode 100644 drivers/crypto/fsl/fsl_hash.h
diff --git a/README b/README
index cac7978..98aa31f 100644
--- a/README
+++ b/README
@@ -3151,6 +3151,10 @@ CBFS (Coreboot Filesystem) support
CONFIG_SHA1 - support SHA1 hashing
CONFIG_SHA256 - support SHA256 hashing
+ CONFIG_SHA_HW_ACCEL - support SHA1 and SHA256 hashing
+ using hw
s/hw/hardware/
+ acceleration
+ CONFIG_SHA_PROG_HW_ACCEL - support SHA1 and SHA256
progressive
+ hashing using hw acceleration
Note: There is also a sha1sum command, which should perhaps
be deprecated in favour of 'hash sha1'.
diff --git a/common/hash.c b/common/hash.c index d154d02..d4becd3
100644
--- a/common/hash.c
+++ b/common/hash.c
@@ -127,11 +127,21 @@ static struct hash_algo hash_algo[] = {
SHA1_SUM_LEN,
hw_sha1,
CHUNKSZ_SHA1,
+#ifdef CONFIG_SHA_PROG_HW_ACCEL
+ hw_sha1_init,
+ hw_sha1_update,
+ hw_sha1_finish,
+#endif
}, {
sha256,
SHA256_SUM_LEN,
hw_sha256,
CHUNKSZ_SHA256,
+#ifdef CONFIG_SHA_PROG_HW_ACCEL
+ hw_sha256_init,
+ hw_sha256_update,
+ hw_sha256_finish,
+#endif
},
#endif
#ifdef CONFIG_SHA1
diff --git a/drivers/crypto/fsl/fsl_hash.c
b/drivers/crypto/fsl/fsl_hash.c index d77f257..1681705 100644
--- a/drivers/crypto/fsl/fsl_hash.c
+++ b/drivers/crypto/fsl/fsl_hash.c
@@ -10,6 +10,8 @@
#include jobdesc.h
#include desc.h
#include jr.h
+#include fsl_hash.h
+#include hw_sha.h
#define CRYPTO_MAX_ALG_NAME80
#define SHA1_DIGEST_SIZE20
@@ -39,6 +41,111 @@ static struct caam_hash_template driver_hash[] = {
},
};
+/* Create the context for progressive hashing using h/w acceleration.
+ *
+ * @ctxp: Pointer to the pointer of the context for hashing
+ * @caam_algo: Enum for SHA1 or SHA256
+ * @return 0 if ok, -1 on error
+ */
+static int caam_hash_init(void **ctxp, enum caam_hash_algos
+caam_algo) {
+ struct sha_ctx *ctx = malloc(sizeof(struct sha_ctx));
Please check return value and return -ENOMEM. Also you can use
calloc() to zero it.
Ok
+ memset(ctx, 0, sizeof(struct sha_ctx));
+ *ctxp = ctx;
+ return 0;
+}
+
+/*
+ * Update sg table for progressive hashing using h/w acceleration
+ *
+ * The context is freed by this function if an error occurs.
+ *
+ * @hash_ctx: Pointer to the context for hashing
+ * @buf: Pointer to the buffer being hashed
+ * @size: Size of the buffer being hashed
+ * @is_last: 1 if this is the last update; 0 otherwise
Shouldn't this be handled in finish()?
The interface as defined in hash.h has is_last in the hash_update function. We
have defined this function on similar line. Already existing function pointer
as available in include/hash.h is pasted below for reference.
/*
* hash_update: Perform hashing on the given buffer
*
* The context is freed by this function if an error occurs.
*
* @algo: Pointer to the hash_algo struct
* @ctx: Pointer to the context for hashing
* @buf: Pointer to the buffer being hashed
* @size: Size of the buffer being hashed
* @is_last: 1 if this is the last update; 0 otherwise
* @return 0 if ok, -1 on error
*/
int (*hash_update)(struct
[U-Boot] [PATCH 01/10][v6] rsa: Split the rsa-verify to separate the modular exponentiation
Public exponentiation which is required in rsa verify functionality is
tightly integrated with verification code in rsa_verify.c. The patch
splits the file into twp separating the modular exponentiation.
1. rsa-verify.c
- The file parses device tree keys node to fill a keyprop structure.
The keyprop structure can then be converted to implementation specific
format.
(struct rsa_pub_key for sw implementation)
- The parsed device tree node is then passed to a generic rsa_mod_exp
function.
2. rsa-mod-exp.c
Move the software specific functions related to modular exponentiation
from rsa-verify.c to this file.
Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com
CC: Simon Glass s...@chromium.org
---
Changes in v6:
No changes
Changes in v5:
Reverted change in rsa_mod_exp_sw function to add pointer to output length
Addressed other comments by Simon
Changes in v4:
Modified rsa_mod_exp_sw function to add pointer to output length
Changes in v3:
Kconfig moved to separate patch. This patch just splits the file now
Changes in v2:
Addressed few of Simon Glass's comments:
- Kconfig option added for RSA
- Comments added for new keyprop struct
include/u-boot/rsa-mod-exp.h | 43 ++
lib/rsa/Makefile | 2 +-
lib/rsa/rsa-mod-exp.c| 303 +++
lib/rsa/rsa-verify.c | 329 ---
tools/Makefile | 3 +-
5 files changed, 404 insertions(+), 276 deletions(-)
create mode 100644 include/u-boot/rsa-mod-exp.h
create mode 100644 lib/rsa/rsa-mod-exp.c
diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h
new file mode 100644
index 000..59cd9ea
--- /dev/null
+++ b/include/u-boot/rsa-mod-exp.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2014, Ruchika Gupta.
+ *
+ * SPDX-License-Identifier:GPL-2.0+
+*/
+
+#ifndef _RSA_MOD_EXP_H
+#define _RSA_MOD_EXP_H
+
+#include errno.h
+#include image.h
+
+/**
+ * struct key_prop - holder for a public key properties
+ *
+ * The struct has pointers to modulus (Typically called N),
+ * The inverse, R^2, exponent. These can be typecasted and
+ * used as byte arrays or converted to the required format
+ * as per requirement of RSA implementation.
+ */
+struct key_prop {
+ const void *rr; /* R^2 can be treated as byte array */
+ const void *modulus;/* modulus as byte array */
+ const void *public_exponent; /* public exponent as byte array */
+ uint32_t n0inv; /* -1 / modulus[0] mod 2^32 */
+ int num_bits; /* Key length in bits */
+ uint32_t exp_len; /* Exponent length in number of uint8_t */
+};
+
+/**
+ * rsa_mod_exp_sw() - Perform RSA Modular Exponentiation in sw
+ *
+ * Operation: out[] = sig ^ exponent % modulus
+ *
+ * @sig: RSA PKCS1.5 signature
+ * @sig_len: Length of signature in number of bytes
+ * @node: Node with RSA key elements like modulus, exponent, R^2, n0inv
+ * @out: Result in form of byte array
+ */
+int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
+ struct key_prop *node, uint8_t *out);
+
+#endif
diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile
index a5a96cb6..cc25b3c 100644
--- a/lib/rsa/Makefile
+++ b/lib/rsa/Makefile
@@ -7,4 +7,4 @@
# SPDX-License-Identifier: GPL-2.0+
#
-obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o
+obj-$(CONFIG_FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o rsa-mod-exp.o
diff --git a/lib/rsa/rsa-mod-exp.c b/lib/rsa/rsa-mod-exp.c
new file mode 100644
index 000..4a6de2b
--- /dev/null
+++ b/lib/rsa/rsa-mod-exp.c
@@ -0,0 +1,303 @@
+/*
+ * Copyright (c) 2013, Google Inc.
+ *
+ * SPDX-License-Identifier:GPL-2.0+
+ */
+
+#ifndef USE_HOSTCC
+#include common.h
+#include fdtdec.h
+#include asm/types.h
+#include asm/byteorder.h
+#include asm/errno.h
+#include asm/types.h
+#include asm/unaligned.h
+#else
+#include fdt_host.h
+#include mkimage.h
+#include fdt_support.h
+#endif
+#include u-boot/rsa.h
+#include u-boot/rsa-mod-exp.h
+
+#define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby)))
+
+#define get_unaligned_be32(a) fdt32_to_cpu(*(uint32_t *)a)
+#define put_unaligned_be32(a, b) (*(uint32_t *)(b) = cpu_to_fdt32(a))
+
+/* Default public exponent for backward compatibility */
+#define RSA_DEFAULT_PUBEXP 65537
+
+/**
+ * subtract_modulus() - subtract modulus from the given value
+ *
+ * @key: Key containing modulus to subtract
+ * @num: Number to subtract modulus from, as little endian word array
+ */
+static void subtract_modulus(const struct rsa_public_key *key, uint32_t num[])
+{
+ int64_t acc = 0;
+ uint i;
+
+ for (i = 0; i key-len; i++) {
+ acc += (uint64_t)num[i] - key-modulus[i];
+ num[i] = (uint32_t)acc;
+ acc = 32;
+ }
+}
+
+/**
+ * greater_equal_modulus() - check if a value is = modulus
+ *
+ * @key: Key containing modulus to check
+ * @num: Number to check against
[U-Boot] [PATCH 03/10][v6] DM: crypto/rsa_mod_exp: Add rsa Modular Exponentiation DM driver
Add a new rsa uclass for performing modular exponentiation and implement
the software driver basing on this uclass.
Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com
CC: Simon Glass s...@chromium.org
---
Changes in v6:
No Changes
Changes in v5:
Changed UCLASS name to UCLASS_MOD_EXP
Changes in v4:
Removed Kconfig option for DM_RSA
Corrected driver name for sw rsa driver
Updated the rsa_mod_exp operation to have output length
Changes in v3:
New patch with driver model for RSA UCLASS
drivers/crypto/Makefile | 1 +
drivers/crypto/rsa_mod_exp/Kconfig | 5
drivers/crypto/rsa_mod_exp/Makefile | 7 ++
drivers/crypto/rsa_mod_exp/mod_exp_sw.c | 39 +
drivers/crypto/rsa_mod_exp/mod_exp_uclass.c | 31 +++
include/dm/uclass-id.h | 1 +
include/u-boot/rsa-mod-exp.h| 34 -
7 files changed, 117 insertions(+), 1 deletion(-)
create mode 100644 drivers/crypto/rsa_mod_exp/Kconfig
create mode 100644 drivers/crypto/rsa_mod_exp/Makefile
create mode 100644 drivers/crypto/rsa_mod_exp/mod_exp_sw.c
create mode 100644 drivers/crypto/rsa_mod_exp/mod_exp_uclass.c
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 7b79237..fb8c10b 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -6,4 +6,5 @@
#
obj-$(CONFIG_EXYNOS_ACE_SHA) += ace_sha.o
+obj-y += rsa_mod_exp/
obj-y += fsl/
diff --git a/drivers/crypto/rsa_mod_exp/Kconfig
b/drivers/crypto/rsa_mod_exp/Kconfig
new file mode 100644
index 000..6dcb39a
--- /dev/null
+++ b/drivers/crypto/rsa_mod_exp/Kconfig
@@ -0,0 +1,5 @@
+config DM_MOD_EXP
+ bool Enable Driver Model for RSA Modular Exponentiation
+ depends on DM
+ help
+ If you want to use driver model for RSA Modular Exponentiation, say Y.
diff --git a/drivers/crypto/rsa_mod_exp/Makefile
b/drivers/crypto/rsa_mod_exp/Makefile
new file mode 100644
index 000..915b751
--- /dev/null
+++ b/drivers/crypto/rsa_mod_exp/Makefile
@@ -0,0 +1,7 @@
+#
+# (C) Copyright 2014 Freescale Semiconductor, Inc.
+#
+# SPDX-License-Identifier: GPL-2.0+
+#
+
+obj-$(CONFIG_RSA) += mod_exp_uclass.o mod_exp_sw.o
diff --git a/drivers/crypto/rsa_mod_exp/mod_exp_sw.c
b/drivers/crypto/rsa_mod_exp/mod_exp_sw.c
new file mode 100644
index 000..dc6c064
--- /dev/null
+++ b/drivers/crypto/rsa_mod_exp/mod_exp_sw.c
@@ -0,0 +1,39 @@
+/*
+ * (C) Copyright 2014 Freescale Semiconductor, Inc.
+ * Author: Ruchika Gupta ruchika.gu...@freescale.com
+ *
+ * SPDX-License-Identifier:GPL-2.0+
+ */
+
+#include config.h
+#include common.h
+#include dm.h
+#include u-boot/rsa-mod-exp.h
+
+int mod_exp_sw(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
+ struct key_prop *prop, uint8_t *out)
+{
+ int ret = 0;
+
+ ret = rsa_mod_exp_sw(sig, sig_len, prop, out);
+ if (ret) {
+ debug(%s: RSA failed to verify: %d\n, __func__, ret);
+ return ret;
+ }
+
+ return 0;
+}
+
+static const struct mod_exp_ops mod_exp_ops_sw = {
+ .mod_exp= mod_exp_sw,
+};
+
+U_BOOT_DRIVER(mod_exp_sw) = {
+ .name = mod_exp_sw,
+ .id = UCLASS_MOD_EXP,
+ .ops= mod_exp_ops_sw,
+};
+
+U_BOOT_DEVICE(mod_exp_sw) = {
+ .name = mod_exp_sw,
+};
diff --git a/drivers/crypto/rsa_mod_exp/mod_exp_uclass.c
b/drivers/crypto/rsa_mod_exp/mod_exp_uclass.c
new file mode 100644
index 000..266f094
--- /dev/null
+++ b/drivers/crypto/rsa_mod_exp/mod_exp_uclass.c
@@ -0,0 +1,31 @@
+/*
+ * (C) Copyright 2014 Freescale Semiconductor, Inc
+ * Author: Ruchika Gupta ruchika.gu...@freescale.com
+ *
+ * SPDX-License-Identifier:GPL-2.0+
+ */
+
+#include common.h
+#include dm.h
+#include u-boot/rsa-mod-exp.h
+#include errno.h
+#include fdtdec.h
+#include malloc.h
+#include asm/io.h
+#include linux/list.h
+
+int rsa_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
+ struct key_prop *node, uint8_t *out)
+{
+ const struct mod_exp_ops *ops = device_get_ops(dev);
+
+ if (!ops-mod_exp)
+ return -ENOSYS;
+
+ return ops-mod_exp(dev, sig, sig_len, node, out);
+}
+
+UCLASS_DRIVER(mod_exp) = {
+ .id = UCLASS_MOD_EXP,
+ .name = rsa_mod_exp,
+};
diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h
index f17c3c2..91bb90d 100644
--- a/include/dm/uclass-id.h
+++ b/include/dm/uclass-id.h
@@ -33,6 +33,7 @@ enum uclass_id {
UCLASS_I2C, /* I2C bus */
UCLASS_I2C_GENERIC, /* Generic I2C device */
UCLASS_I2C_EEPROM, /* I2C EEPROM device */
+ UCLASS_MOD_EXP, /* RSA Mod Exp device */
UCLASS_COUNT,
UCLASS_INVALID = -1,
diff --git a/include/u-boot/rsa-mod-exp.h b/include/u-boot/rsa-mod-exp.h
index 59cd9ea..fce445a 100644
--- a/include/u-boot/rsa-mod-exp.h
+++ b/include/u-boot/rsa-mod-exp.h
@@ -35,9 +35,41
[U-Boot] [PATCH 05/10][v6] lib/rsa: Modify rsa to use DM driver
Modify rsa_verify to use the rsa driver of DM library .The tools will continue to use the same RSA sw library. CONFIG_RSA is now dependent on CONFIG_DM. All configurations which enable FIT based signatures have been modified to enable CONFIG_DM by default. Signed-off-by: Ruchika Gupta ruchika.gu...@freescale.com CC: Simon Glass s...@chromium.org --- Changes in v6: No Changes Changes in v5: Added signature option in am335x_boneblack_vboot_defconfig Made changes in rsa-verify.c as suggested by Simon Changes in v4: Make CONFIG_RSA always depenedent on Driver Model. Add CONFIG_DM in defconfigs of the platforms which enable CONFIG_FIT_SIGNATURE Changes in v3: New patch README | 7 ++- configs/am335x_boneblack_vboot_defconfig | 4 configs/ids8313_defconfig| 1 + configs/sandbox_defconfig| 1 + configs/zynq_microzed_defconfig | 1 + configs/zynq_zc70x_defconfig | 1 + configs/zynq_zc770_xm010_defconfig | 1 + configs/zynq_zc770_xm012_defconfig | 1 + configs/zynq_zc770_xm013_defconfig | 1 + configs/zynq_zed_defconfig | 1 + configs/zynq_zybo_defconfig | 1 + include/configs/am335x_evm.h | 6 ++ include/configs/sandbox.h| 1 - lib/rsa/rsa-verify.c | 14 ++ 14 files changed, 35 insertions(+), 6 deletions(-) diff --git a/README b/README index fefa71c..cac7978 100644 --- a/README +++ b/README @@ -3176,8 +3176,13 @@ CBFS (Coreboot Filesystem) support This enables the RSA algorithm used for FIT image verification in U-Boot. See doc/uImage.FIT/signature.txt for more information. + The Modular Exponentiation algorithm in RSA is implemented using + driver model. So CONFIG_DM needs to be enabled by default for this + library to function. + The signing part is build into mkimage regardless of this - option. + option. The software based modular exponentiation is built into + mkimage irrespective of this option. - bootcount support: CONFIG_BOOTCOUNT_LIMIT diff --git a/configs/am335x_boneblack_vboot_defconfig b/configs/am335x_boneblack_vboot_defconfig index 5837a0a..51bf370 100644 --- a/configs/am335x_boneblack_vboot_defconfig +++ b/configs/am335x_boneblack_vboot_defconfig @@ -4,3 +4,7 @@ CONFIG_SYS_EXTRA_OPTIONS=EMMC_BOOT,ENABLE_VBOOT +S:CONFIG_TARGET_AM335X_EVM=y CONFIG_OF_CONTROL=y CONFIG_DEFAULT_DEVICE_TREE=am335x-boneblack +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/ids8313_defconfig b/configs/ids8313_defconfig index 8479cd4..0950ec8 100644 --- a/configs/ids8313_defconfig +++ b/configs/ids8313_defconfig @@ -4,3 +4,4 @@ CONFIG_MPC83xx=y CONFIG_FIT=y CONFIG_FIT_SIGNATURE=y CONFIG_TARGET_IDS8313=y +CONFIG_DM=y diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 0111f25..660063e 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -3,4 +3,5 @@ CONFIG_OF_HOSTFILE=y CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y CONFIG_DEFAULT_DEVICE_TREE=sandbox diff --git a/configs/zynq_microzed_defconfig b/configs/zynq_microzed_defconfig index b9a6fe5..8b985fe 100644 --- a/configs/zynq_microzed_defconfig +++ b/configs/zynq_microzed_defconfig @@ -6,4 +6,5 @@ CONFIG_OF_CONTROL=y CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y CONFIG_DEFAULT_DEVICE_TREE=zynq-microzed diff --git a/configs/zynq_zc70x_defconfig b/configs/zynq_zc70x_defconfig index dc8aa84..cceb321 100644 --- a/configs/zynq_zc70x_defconfig +++ b/configs/zynq_zc70x_defconfig @@ -7,3 +7,4 @@ CONFIG_DEFAULT_DEVICE_TREE=zynq-zc702 CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm010_defconfig b/configs/zynq_zc770_xm010_defconfig index 2f5fa8c..2935c0d 100644 --- a/configs/zynq_zc770_xm010_defconfig +++ b/configs/zynq_zc770_xm010_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE=zynq-zc770-xm010 CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm012_defconfig b/configs/zynq_zc770_xm012_defconfig index a92d495..0401739 100644 --- a/configs/zynq_zc770_xm012_defconfig +++ b/configs/zynq_zc770_xm012_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE=zynq-zc770-xm012 CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zc770_xm013_defconfig b/configs/zynq_zc770_xm013_defconfig index 3a02f75..a95970a 100644 --- a/configs/zynq_zc770_xm013_defconfig +++ b/configs/zynq_zc770_xm013_defconfig @@ -8,3 +8,4 @@ CONFIG_DEFAULT_DEVICE_TREE=zynq-zc770-xm013 CONFIG_FIT=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_SIGNATURE=y +CONFIG_DM=y diff --git a/configs/zynq_zed_defconfig b/configs/zynq_zed_defconfig index 1d816f6
