arm64: zynqmp: Add support for verifying secure images

This patch adds new command "zynqmp" to handle zynqmp
specific commands like "zynqmp secure". This secure command is
used for verifying zynqmp specific secure images. The secure
image can either be authenticated or encrypted or both encrypted
and authenticated. The secure image is prepared using bootgen
and will be in xilinx specific BOOT.BIN format. The optional
key can be used for decryption of encrypted image if user
key was specified while creation BOOT.BIN.

Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 4c3da9003c65805408553a074fcaac9d67bb3d84..30f6fd89c353aa7838a79af1034368fe1062fb5c 100644 (file)
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -1293,6 +1293,7 @@ source "board/technologic/ts4600/Kconfig"
 source "board/vscom/baltos/Kconfig"
 source "board/woodburn/Kconfig"
 source "board/work-microwave/work_92105/Kconfig"
+source "board/xilinx/zynqmp/Kconfig"
 source "board/zipitz2/Kconfig"
 
 source "arch/arm/Kconfig.debug"

diff --git a/arch/arm/include/asm/arch-zynqmp/sys_proto.h b/arch/arm/include/asm/arch-zynqmp/sys_proto.h
index 084d55a2b01f5ae5f64bf54cd5f60052ff2432af..ad3dc9aba50d0b956f575bb21dba9b4dbb74a47b 100644 (file)
--- a/arch/arm/include/asm/arch-zynqmp/sys_proto.h
+++ b/arch/arm/include/asm/arch-zynqmp/sys_proto.h
@@ -11,6 +11,8 @@
 #define PAYLOAD_ARG_CNT                5
 
 #define ZYNQMP_CSU_SILICON_VER_MASK    0xF
+#define ZYNQMP_SIP_SVC_PM_SECURE_IMG_LOAD      0xC200002D
+#define KEY_PTR_LEN    32
 
 enum {
        IDCODE,

diff --git a/board/xilinx/zynqmp/Kconfig b/board/xilinx/zynqmp/Kconfig
new file mode 100644 (file)
index 0000000..7d1f739
--- /dev/null
+++ b/board/xilinx/zynqmp/Kconfig
@@ -0,0 +1,18 @@
+# Copyright (c) 2018, Xilinx, Inc.
+#
+# SPDX-License-Identifier: GPL-2.0
+
+if ARCH_ZYNQMP
+
+config CMD_ZYNQMP
+       bool "Enable ZynqMP specific commands"
+       default y
+       help
+         Enable ZynqMP specific commands like "zynqmp secure"
+         which is used for zynqmp secure image verification.
+         The secure image is a xilinx specific BOOT.BIN with
+         either authentication or encryption or both encryption
+         and authentication feature enabled while generating
+         BOOT.BIN using Xilinx bootgen tool.
+
+endif

diff --git a/board/xilinx/zynqmp/Makefile b/board/xilinx/zynqmp/Makefile
index f2e4d262eea0d492772883e1f92a3a1d0c6fbbee..1d43928366b1429832dcaedbf6dbdb0be3775e5f 100644 (file)
--- a/board/xilinx/zynqmp/Makefile
+++ b/board/xilinx/zynqmp/Makefile
@@ -28,6 +28,10 @@ endif
 
 obj-$(CONFIG_MMC_SDHCI_ZYNQ) += tap_delays.o
 
+ifndef CONFIG_SPL_BUILD
+obj-$(CONFIG_CMD_ZYNQMP) += cmds.o
+endif
+
 # Suppress "warning: function declaration isn't a prototype"
 CFLAGS_REMOVE_psu_init_gpl.o := -Wstrict-prototypes
 

diff --git a/board/xilinx/zynqmp/cmds.c b/board/xilinx/zynqmp/cmds.c
new file mode 100644 (file)
index 0000000..6712d7b
--- /dev/null
+++ b/board/xilinx/zynqmp/cmds.c
@@ -0,0 +1,105 @@
+/*
+ * (C) Copyright 2018 Xilinx, Inc.
+ * Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
+ *
+ * SPDX-License-Identifier:    GPL-2.0
+ */
+
+#include <common.h>
+#include <malloc.h>
+#include <asm/arch/sys_proto.h>
+#include <asm/io.h>
+
+static int zynqmp_verify_secure(u8 *key_ptr, u8 *src_ptr, u32 len)
+{
+       int ret;
+       u32 src_lo, src_hi;
+       u32 key_lo = 0;
+       u32 key_hi = 0;
+       u32 ret_payload[PAYLOAD_ARG_CNT];
+       u64 addr;
+
+       if ((ulong)src_ptr != ALIGN((ulong)src_ptr,
+                                   CONFIG_SYS_CACHELINE_SIZE)) {
+               printf("Failed: source address not aligned:%p\n", src_ptr);
+               return -EINVAL;
+       }
+
+       src_lo = lower_32_bits((ulong)src_ptr);
+       src_hi = upper_32_bits((ulong)src_ptr);
+       flush_dcache_range((ulong)src_ptr, (ulong)(src_ptr + len));
+
+       if (key_ptr) {
+               key_lo = lower_32_bits((ulong)key_ptr);
+               key_hi = upper_32_bits((ulong)key_ptr);
+               flush_dcache_range((ulong)key_ptr,
+                                  (ulong)(key_ptr + KEY_PTR_LEN));
+       }
+
+       ret = invoke_smc(ZYNQMP_SIP_SVC_PM_SECURE_IMG_LOAD, src_lo, src_hi,
+                        key_lo, key_hi, ret_payload);
+       if (ret) {
+               printf("Failed: secure op status:0x%x\n", ret);
+       } else {
+               addr = (u64)ret_payload[1] << 32 | ret_payload[2];
+               printf("Verified image at 0x%llx\n", addr);
+               env_set_hex("zynqmp_verified_img_addr", addr);
+       }
+
+       return ret;
+}
+
+/**
+ * do_zynqmp - Handle the "zynqmp" command-line command
+ * @cmdtp:     Command data struct pointer
+ * @flag:      Command flag
+ * @argc:      Command-line argument count
+ * @argv:      Array of command-line arguments
+ *
+ * Processes the zynqmp specific commands
+ *
+ * Return: return 0 on success and CMD_RET_USAGE incase of misuse and error
+ */
+static int do_zynqmp(cmd_tbl_t *cmdtp, int flag, int argc,
+                    char *const argv[])
+{
+       u64 src_addr;
+       u32 len;
+       u8 *key_ptr = NULL;
+       u8 *src_ptr;
+       int ret;
+
+       if (argc > 5 || argc < 4 || strncmp(argv[1], "secure", 6))
+               return CMD_RET_USAGE;
+
+       src_addr = simple_strtoull(argv[2], NULL, 16);
+
+       len = simple_strtoul(argv[3], NULL, 16);
+
+       if (argc > 4)
+               key_ptr = (uint8_t *)(uintptr_t)simple_strtoull(argv[4],
+                                                               NULL, 16);
+
+       src_ptr = (uint8_t *)(uintptr_t)src_addr;
+
+       ret = zynqmp_verify_secure(key_ptr, src_ptr, len);
+       if (ret)
+               return CMD_RET_FAILURE;
+
+       return CMD_RET_SUCCESS;
+}
+
+/***************************************************/
+#ifdef CONFIG_SYS_LONGHELP
+static char zynqmp_help_text[] =
+       "secure src len [key_addr] - verifies secure images of $len bytes\n"
+       "                            long at address $src. Optional key_addr\n"
+       "                            can be specified if user key needs to\n"
+       "                            be used for decryption\n";
+#endif
+
+U_BOOT_CMD(
+       zynqmp, 5, 1, do_zynqmp,
+       "Verify and load secure images",
+       zynqmp_help_text
+)

diff --git a/configs/xilinx_zynqmp_mini_defconfig b/configs/xilinx_zynqmp_mini_defconfig
index c313804ce520e9f76075222ae57d2c5da048c3d1..3e7571fbe154959bcbf3e896401b74a5682ac764 100644 (file)
--- a/configs/xilinx_zynqmp_mini_defconfig
+++ b/configs/xilinx_zynqmp_mini_defconfig
@@ -5,6 +5,7 @@ CONFIG_SYS_TEXT_BASE=0xFFFC0000
 CONFIG_SYS_MEM_RSVD_FOR_MMU=y
 CONFIG_DEFINE_TCM_OCM_MMAP=y
 CONFIG_ZYNQMP_PSU_INIT_ENABLED=y
+# CONFIG_CMD_ZYNQMP is not set
 CONFIG_DEFAULT_DEVICE_TREE="zynqmp-mini"
 CONFIG_SYS_EXTRA_OPTIONS="MINI_QSPI"
 CONFIG_BOOTDELAY=-1

diff --git a/configs/xilinx_zynqmp_mini_emmc0_defconfig b/configs/xilinx_zynqmp_mini_emmc0_defconfig
index d3ee7f48f80e4870d447a4b060f8b50211044cb6..c24ffc2549602fff9bea3d20635a2b5a71ddae75 100644 (file)
--- a/configs/xilinx_zynqmp_mini_emmc0_defconfig
+++ b/configs/xilinx_zynqmp_mini_emmc0_defconfig
@@ -2,6 +2,7 @@ CONFIG_ARM=y
 CONFIG_SYS_CONFIG_NAME="xilinx_zynqmp_mini"
 CONFIG_ARCH_ZYNQMP=y
 CONFIG_SYS_TEXT_BASE=0x10000
+# CONFIG_CMD_ZYNQMP is not set
 CONFIG_DEFAULT_DEVICE_TREE="zynqmp-mini-emmc0"
 CONFIG_FIT=y
 CONFIG_SYS_EXTRA_OPTIONS="MINI_EMMC"

diff --git a/configs/xilinx_zynqmp_mini_emmc1_defconfig b/configs/xilinx_zynqmp_mini_emmc1_defconfig
index f563d7a6705d532f3fc0f244e3011a655dbdd2c4..8212cefda89bb0c92c4fa1e9061d00b7db8f2d39 100644 (file)
--- a/configs/xilinx_zynqmp_mini_emmc1_defconfig
+++ b/configs/xilinx_zynqmp_mini_emmc1_defconfig
@@ -2,6 +2,7 @@ CONFIG_ARM=y
 CONFIG_SYS_CONFIG_NAME="xilinx_zynqmp_mini"
 CONFIG_ARCH_ZYNQMP=y
 CONFIG_SYS_TEXT_BASE=0x10000
+# CONFIG_CMD_ZYNQMP is not set
 CONFIG_DEFAULT_DEVICE_TREE="zynqmp-mini-emmc1"
 CONFIG_FIT=y
 CONFIG_SYS_EXTRA_OPTIONS="MINI_EMMC"

diff --git a/configs/xilinx_zynqmp_mini_nand_defconfig b/configs/xilinx_zynqmp_mini_nand_defconfig
index 938d63dd2c70531bc91c61443ca7f569c9aa5260..1849269f0e4d728cccc23591d2db4355e1b89f8f 100644 (file)
--- a/configs/xilinx_zynqmp_mini_nand_defconfig
+++ b/configs/xilinx_zynqmp_mini_nand_defconfig
@@ -2,6 +2,7 @@ CONFIG_ARM=y
 CONFIG_SYS_CONFIG_NAME="xilinx_zynqmp_mini"
 CONFIG_ARCH_ZYNQMP=y
 CONFIG_SYS_TEXT_BASE=0x10000
+# CONFIG_CMD_ZYNQMP is not set
 CONFIG_DEFAULT_DEVICE_TREE="zynqmp-mini-nand"
 CONFIG_FIT=y
 CONFIG_SYS_EXTRA_OPTIONS="MINI_NAND"

diff --git a/configs/xilinx_zynqmp_mini_qspi_defconfig b/configs/xilinx_zynqmp_mini_qspi_defconfig
index c16b50a7228ee9684aa7e2a9e9e688a6cbcbfebb..d735c1eabd8083acdb6be4a0f2b00a4a6bfba21b 100644 (file)
--- a/configs/xilinx_zynqmp_mini_qspi_defconfig
+++ b/configs/xilinx_zynqmp_mini_qspi_defconfig
@@ -7,6 +7,7 @@ CONFIG_ZYNQMP_QSPI=y
 CONFIG_ZYNQMP_NO_DDR=y
 CONFIG_DEFINE_TCM_OCM_MMAP=y
 CONFIG_SPI_GENERIC=y
+# CONFIG_CMD_ZYNQMP is not set
 CONFIG_DEFAULT_DEVICE_TREE="zynqmp-mini-qspi-single"
 CONFIG_SYS_EXTRA_OPTIONS="MINI_QSPI"
 CONFIG_BOOTDELAY=-1