]> git.ipfire.org Git - thirdparty/u-boot.git/blob - arch/arm/mach-omap2/sec-common.c
projects / thirdparty / u-boot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
command: Remove the cmd_tbl_t typedef
[thirdparty/u-boot.git] / arch / arm / mach-omap2 / sec-common.c
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 *
4 * Common security related functions for OMAP devices
5 *
6 * (C) Copyright 2016-2017
7 * Texas Instruments, <www.ti.com>
8 *
9 * Daniel Allred <d-allred@ti.com>
10 * Andreas Dannenberg <dannenberg@ti.com>
11 * Harinarayan Bhatta <harinarayan@ti.com>
12 * Andrew F. Davis <afd@ti.com>
13 */
14
15 #include <common.h>
16 #include <command.h>
17 #include <cpu_func.h>
18 #include <hang.h>
19 #include <init.h>
20 #include <stdarg.h>
21
22 #include <asm/arch/sys_proto.h>
23 #include <asm/cache.h>
24 #include <asm/omap_common.h>
25 #include <asm/omap_sec_common.h>
26 #include <asm/spl.h>
27 #include <asm/ti-common/sys_proto.h>
28 #include <mapmem.h>
29 #include <spl.h>
30 #include <tee/optee.h>
31
32 /* Index for signature verify ROM API */
33 #ifdef CONFIG_AM33XX
34 #define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000C)
35 #else
36 #define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000E)
37 #endif
38
39 /* Index for signature PPA-based TI HAL APIs */
40 #define PPA_HAL_SERVICES_START_INDEX (0x200)
41 #define PPA_SERV_HAL_TEE_LOAD_MASTER (PPA_HAL_SERVICES_START_INDEX + 23)
42 #define PPA_SERV_HAL_TEE_LOAD_SLAVE (PPA_HAL_SERVICES_START_INDEX + 24)
43 #define PPA_SERV_HAL_SETUP_SEC_RESVD_REGION (PPA_HAL_SERVICES_START_INDEX + 25)
44 #define PPA_SERV_HAL_SETUP_EMIF_FW_REGION (PPA_HAL_SERVICES_START_INDEX + 26)
45 #define PPA_SERV_HAL_LOCK_EMIF_FW (PPA_HAL_SERVICES_START_INDEX + 27)
46
47 /* Offset of header size if image is signed as ISW */
48 #define HEADER_SIZE_OFFSET (0x6D)
49
50 int tee_loaded = 0;
51
52 /* Argument for PPA_SERV_HAL_TEE_LOAD_MASTER */
53 struct ppa_tee_load_info {
54 u32 tee_sec_mem_start; /* Physical start address reserved for TEE */
55 u32 tee_sec_mem_size; /* Size of the memory reserved for TEE */
56 u32 tee_cert_start; /* Address where signed TEE binary is loaded */
57 u32 tee_cert_size; /* Size of TEE certificate (signed binary) */
58 u32 tee_jump_addr; /* Address to jump to start TEE execution */
59 u32 tee_arg0; /* argument to TEE jump function, in r0 */
60 };
61
62 static uint32_t secure_rom_call_args[5] __aligned(ARCH_DMA_MINALIGN) __section(".data");
63
64 u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...)
65 {
66 int i;
67 u32 num_args;
68 va_list ap;
69
70 va_start(ap, flag);
71
72 num_args = va_arg(ap, u32);
73
74 if (num_args > 4) {
75 va_end(ap);
76 return 1;
77 }
78
79 /* Copy args to aligned args structure */
80 for (i = 0; i < num_args; i++)
81 secure_rom_call_args[i + 1] = va_arg(ap, u32);
82
83 secure_rom_call_args[0] = num_args;
84
85 va_end(ap);
86
87 /* if data cache is enabled, flush the aligned args structure */
88 flush_dcache_range(
89 (unsigned int)&secure_rom_call_args[0],
90 (unsigned int)&secure_rom_call_args[0] +
91 roundup(sizeof(secure_rom_call_args), ARCH_DMA_MINALIGN));
92
93 return omap_smc_sec(service, proc_id, flag, secure_rom_call_args);
94 }
95
96 static u32 find_sig_start(char *image, size_t size)
97 {
98 char *image_end = image + size;
99 char *sig_start_magic = "CERT_";
100 int magic_str_len = strlen(sig_start_magic);
101 char *ch;
102
103 while (--image_end > image) {
104 if (*image_end == '_') {
105 ch = image_end - magic_str_len + 1;
106 if (!strncmp(ch, sig_start_magic, magic_str_len))
107 return (u32)ch;
108 }
109 }
110 return 0;
111 }
112
113 int secure_boot_verify_image(void **image, size_t *size)
114 {
115 int result = 1;
116 u32 cert_addr, sig_addr;
117 size_t cert_size;
118
119 /* Perform cache writeback on input buffer */
120 flush_dcache_range(
121 rounddown((u32)*image, ARCH_DMA_MINALIGN),
122 roundup((u32)*image + *size, ARCH_DMA_MINALIGN));
123
124 cert_addr = (uint32_t)*image;
125 sig_addr = find_sig_start((char *)*image, *size);
126
127 if (sig_addr == 0) {
128 printf("No signature found in image!\n");
129 result = 1;
130 goto auth_exit;
131 }
132
133 *size = sig_addr - cert_addr; /* Subtract out the signature size */
134 /* Subtract header if present */
135 if (strncmp((char *)sig_addr, "CERT_ISW_", 9) == 0)
136 *size -= ((u32 *)*image)[HEADER_SIZE_OFFSET];
137 cert_size = *size;
138
139 /* Check if image load address is 32-bit aligned */
140 if (!IS_ALIGNED(cert_addr, 4)) {
141 printf("Image is not 4-byte aligned!\n");
142 result = 1;
143 goto auth_exit;
144 }
145
146 /* Image size also should be multiple of 4 */
147 if (!IS_ALIGNED(cert_size, 4)) {
148 printf("Image size is not 4-byte aligned!\n");
149 result = 1;
150 goto auth_exit;
151 }
152
153 /* Call ROM HAL API to verify certificate signature */
154 debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__,
155 cert_addr, cert_size, sig_addr);
156
157 result = secure_rom_call(
158 API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
159 4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
160
161 /* Perform cache writeback on output buffer */
162 flush_dcache_range(
163 rounddown((u32)*image, ARCH_DMA_MINALIGN),
164 roundup((u32)*image + *size, ARCH_DMA_MINALIGN));
165
166 auth_exit:
167 if (result != 0) {
168 printf("Authentication failed!\n");
169 printf("Return Value = %08X\n", result);
170 hang();
171 }
172
173 /*
174 * Output notification of successful authentication to re-assure the
175 * user that the secure code is being processed as expected. However
176 * suppress any such log output in case of building for SPL and booting
177 * via YMODEM. This is done to avoid disturbing the YMODEM serial
178 * protocol transactions.
179 */
180 if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
181 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
182 spl_boot_device() == BOOT_DEVICE_UART))
183 printf("Authentication passed\n");
184
185 return result;
186 }
187
188 u32 get_sec_mem_start(void)
189 {
190 u32 sec_mem_start = CONFIG_TI_SECURE_EMIF_REGION_START;
191 u32 sec_mem_size = CONFIG_TI_SECURE_EMIF_TOTAL_REGION_SIZE;
192 /*
193 * Total reserved region is all contiguous with protected
194 * region coming first, followed by the non-secure region.
195 * If 0x0 start address is given, we simply put the reserved
196 * region at the end of the external DRAM.
197 */
198 if (sec_mem_start == 0)
199 sec_mem_start =
200 (CONFIG_SYS_SDRAM_BASE + (
201 #if defined(CONFIG_OMAP54XX)
202 omap_sdram_size()
203 #else
204 get_ram_size((void *)CONFIG_SYS_SDRAM_BASE,
205 CONFIG_MAX_RAM_BANK_SIZE)
206 #endif
207 - sec_mem_size));
208 return sec_mem_start;
209 }
210
211 int secure_emif_firewall_setup(uint8_t region_num, uint32_t start_addr,
212 uint32_t size, uint32_t access_perm,
213 uint32_t initiator_perm)
214 {
215 int result = 1;
216
217 /*
218 * Call PPA HAL API to do any other general firewall
219 * configuration for regions 1-6 of the EMIF firewall.
220 */
221 debug("%s: regionNum = %x, startAddr = %x, size = %x", __func__,
222 region_num, start_addr, size);
223
224 result = secure_rom_call(
225 PPA_SERV_HAL_SETUP_EMIF_FW_REGION, 0, 0, 4,
226 (start_addr & 0xFFFFFFF0) | (region_num & 0x0F),
227 size, access_perm, initiator_perm);
228
229 if (result != 0) {
230 puts("Secure EMIF Firewall Setup failed!\n");
231 debug("Return Value = %x\n", result);
232 }
233
234 return result;
235 }
236
237 #if (CONFIG_TI_SECURE_EMIF_TOTAL_REGION_SIZE < \
238 CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE)
239 #error "TI Secure EMIF: Protected size cannot be larger than total size."
240 #endif
241 int secure_emif_reserve(void)
242 {
243 int result = 1;
244 u32 sec_mem_start = get_sec_mem_start();
245 u32 sec_prot_size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE;
246
247 /* If there is no protected region, there is no reservation to make */
248 if (sec_prot_size == 0)
249 return 0;
250
251 /*
252 * Call PPA HAL API to reserve a chunk of EMIF SDRAM
253 * for secure world use. This region should be carved out
254 * from use by any public code. EMIF firewall region 7
255 * will be used to protect this block of memory.
256 */
257 result = secure_rom_call(
258 PPA_SERV_HAL_SETUP_SEC_RESVD_REGION,
259 0, 0, 2, sec_mem_start, sec_prot_size);
260
261 if (result != 0) {
262 puts("SDRAM Firewall: Secure memory reservation failed!\n");
263 debug("Return Value = %x\n", result);
264 }
265
266 return result;
267 }
268
269 int secure_emif_firewall_lock(void)
270 {
271 int result = 1;
272
273 /*
274 * Call PPA HAL API to lock the EMIF firewall configurations.
275 * After this API is called, none of the PPA HAL APIs for
276 * configuring the EMIF firewalls will be usable again (that
277 * is, calls to those APIs will return failure and have no
278 * effect).
279 */
280
281 result = secure_rom_call(
282 PPA_SERV_HAL_LOCK_EMIF_FW,
283 0, 0, 0);
284
285 if (result != 0) {
286 puts("Secure EMIF Firewall Lock failed!\n");
287 debug("Return Value = %x\n", result);
288 }
289
290 return result;
291 }
292
293 static struct ppa_tee_load_info tee_info __aligned(ARCH_DMA_MINALIGN);
294
295 int secure_tee_install(u32 addr)
296 {
297 struct optee_header *hdr;
298 void *loadptr;
299 u32 tee_file_size;
300 u32 sec_mem_start = get_sec_mem_start();
301 const u32 size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE;
302 u32 ret;
303
304 /* If there is no protected region, there is no place to put the TEE */
305 if (size == 0) {
306 printf("Error loading TEE, no protected memory region available\n");
307 return -ENOBUFS;
308 }
309
310 hdr = (struct optee_header *)map_sysmem(addr, sizeof(struct optee_header));
311 /* 280 bytes = size of signature */
312 tee_file_size = hdr->init_size + hdr->paged_size +
313 sizeof(struct optee_header) + 280;
314
315 if ((hdr->magic != OPTEE_MAGIC) ||
316 (hdr->version != OPTEE_VERSION) ||
317 (tee_file_size > size)) {
318 printf("Error in TEE header. Check firewall and TEE sizes\n");
319 unmap_sysmem(hdr);
320 return CMD_RET_FAILURE;
321 }
322
323 tee_info.tee_sec_mem_start = sec_mem_start;
324 tee_info.tee_sec_mem_size = size;
325 tee_info.tee_jump_addr = hdr->init_load_addr_lo;
326 tee_info.tee_cert_start = addr;
327 tee_info.tee_cert_size = tee_file_size;
328 tee_info.tee_arg0 = hdr->init_size + tee_info.tee_jump_addr;
329 unmap_sysmem(hdr);
330 loadptr = map_sysmem(addr, tee_file_size);
331
332 debug("tee_info.tee_sec_mem_start= %08X\n", tee_info.tee_sec_mem_start);
333 debug("tee_info.tee_sec_mem_size = %08X\n", tee_info.tee_sec_mem_size);
334 debug("tee_info.tee_jump_addr = %08X\n", tee_info.tee_jump_addr);
335 debug("tee_info.tee_cert_start = %08X\n", tee_info.tee_cert_start);
336 debug("tee_info.tee_cert_size = %08X\n", tee_info.tee_cert_size);
337 debug("tee_info.tee_arg0 = %08X\n", tee_info.tee_arg0);
338 debug("tee_file_size = %d\n", tee_file_size);
339
340 #if !CONFIG_IS_ENABLED(SYS_DCACHE_OFF)
341 flush_dcache_range(
342 rounddown((u32)loadptr, ARCH_DMA_MINALIGN),
343 roundup((u32)loadptr + tee_file_size, ARCH_DMA_MINALIGN));
344
345 flush_dcache_range((u32)&tee_info, (u32)&tee_info +
346 roundup(sizeof(tee_info), ARCH_DMA_MINALIGN));
347 #endif
348 unmap_sysmem(loadptr);
349
350 ret = secure_rom_call(PPA_SERV_HAL_TEE_LOAD_MASTER, 0, 0, 1, &tee_info);
351 if (ret) {
352 printf("TEE_LOAD_MASTER Failed\n");
353 return ret;
354 }
355 printf("TEE_LOAD_MASTER Done\n");
356
357 #if defined(CONFIG_OMAP54XX)
358 if (!is_dra72x()) {
359 u32 *smc_cpu1_params;
360 /* Reuse the tee_info buffer for SMC params */
361 smc_cpu1_params = (u32 *)&tee_info;
362 smc_cpu1_params[0] = 0;
363 #if !CONFIG_IS_ENABLED(SYS_DCACHE_OFF)
364 flush_dcache_range((u32)smc_cpu1_params, (u32)smc_cpu1_params +
365 roundup(sizeof(u32), ARCH_DMA_MINALIGN));
366 #endif
367 ret = omap_smc_sec_cpu1(PPA_SERV_HAL_TEE_LOAD_SLAVE, 0, 0,
368 smc_cpu1_params);
369 if (ret) {
370 printf("TEE_LOAD_SLAVE Failed\n");
371 return ret;
372 }
373 printf("TEE_LOAD_SLAVE Done\n");
374 }
375 #endif
376
377 tee_loaded = 1;
378
379 return 0;
380 }
"Das U-Boot" Source Tree