From patchwork Tue Jan 23 20:41:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125588 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1993618ljf; Tue, 23 Jan 2018 12:43:07 -0800 (PST) X-Google-Smtp-Source: AH8x2276S+vU+678teq6RpSeZ8I/MEx8/Vx567XgZ6grhwqamTmIO9dMsCSKIBlAxkA6+LsvQj3+ X-Received: by 10.80.163.185 with SMTP id s54mr20321547edb.228.1516740187632; Tue, 23 Jan 2018 12:43:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740187; cv=none; d=google.com; s=arc-20160816; b=cgy7iDNXeE4SKgVJxjEN3pUZt8gm5gD7/z4gPaBVUpiGze7D2oO+L6RaeiNWaf5h1C MyVRLUl/DnQwrRERMPFJ6kPnGpreGeXD5oHcNKwBnqDABLd6fwNQ5na2iscoiiq0jcx4 1RMl0AOF5422sxhieAAPuka0gyUbNi+j5hPH66TxART0S/blS89n+oV4gxJ8OZshgvzx +TxGf7vNnRivuDtmATDYbzJhIFMm/24rISqIX958l+cQRDvWVjl0hmB39pkzDUb6kW/T YovxhBSAPjEXJccimQUOGLCd05cQy7XUe3Urp6Ak252ZTGkKl+7WsK9ZcwnOvNBwJ5sJ hSUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=jZfgx5i8xW8Q9Vm4cVALxFaYSbkRNQG9IyAg3dyXsdk=; b=El3szy3TfKKa6UxoEydjKZyzLawq2Zu35gjjBwSrJfAsa37pFR6PVei7JnTXrwrcqK S+wgmhnGYtjVXag2UMBy9C66iAnIM75LEOcqk+HODFnYzxbj1sxoxrgJANkUv+bVNvYj RW1SFHUVOTZLe83EEjDDGNf7jaU40AQkSUO9Sc4rLnvbHeJWLrLjBGvPB6eKDMaij5uy jW3pu/9JBdsGau+zdMTjpfCTZKZJQ+qR59/oEXjqirBDsd6Go0yP6cfMg82QrTGVw3th An7qPS92U2n1cRabTgCUqOETQ/OVjpcj3CIzETU54U3mCyOoAn1zT9xH+XtRxerNSMdV jZbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XmBomCOh; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t6si7146498edt.380.2018.01.23.12.43.07; Tue, 23 Jan 2018 12:43:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XmBomCOh; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 45EF1C21ED5; Tue, 23 Jan 2018 20:42:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C4B8AC22114; Tue, 23 Jan 2018 20:42:06 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 202C3C21E65; Tue, 23 Jan 2018 20:42:04 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 9F0D0C21C51 for ; Tue, 23 Jan 2018 20:42:03 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id v71so4470732wmv.2 for ; Tue, 23 Jan 2018 12:42:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mq2x97of2VAHB4zGwZvHJss122SOJ8tl4fM4NvU4R8k=; b=XmBomCOhPqOSbHNti9Z6I5sATKdhDWxqxvXgIMz0raBptcdTJei+rZ7S9O+oHEFKoy dLHxD3vH5QrksmXdvpa+P6u6xvzDJdbKq9mAPTtHO8iDwqCQIna5oU9wPsozROdKEdOF e2ciC+M8vIHIZICOLdXTYqaMuc0Z0vamYZr6A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=mq2x97of2VAHB4zGwZvHJss122SOJ8tl4fM4NvU4R8k=; b=LXGpjbcbEqRsfJz18S+GQgUUSLmyDaAeGdZLwJC+02dCVLn6h7JlAqZuWXwz/nq/UP YZQH0IWDU2TVrTJNGXdmy9ne5etzseSZl8iMTw93q5tWF0SPDeoqfudfbaMzRtsjIWwj lBUv5ZIt4Fa91iwtTgyrMpL+R6yP+sOXljuBXzGgmKmSZgxsO2aFixkX7itlkJ6bhzG1 kyom/gdX+m8n8adVU+aqexIiNwbhBvIDNQLSkbm52gxhr5V6cDA1xe11VqCVSOlwmyGV xS9Si9LgglvniDgg2rhanL8G17YjmJQG5gi7mPY7HvKPG4mRAsjtBAIItnBcAd1sApgV ZZ2w== X-Gm-Message-State: AKwxytckbn2o2n1PGhm8btomWaSBmMjs8BTZcZnCRMFCgrIlAjux5GU+ a76KtrUpufPZr8bIWT9RSPlJDK0DtOY= X-Received: by 10.80.200.139 with SMTP id d11mr20988813edh.199.1516740123127; Tue, 23 Jan 2018 12:42:03 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:02 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:52 +0000 Message-Id: <1516740120-948-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 1/9] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 64 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 00ac650..2077f9c 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -288,5 +288,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 8cd779f..46813b6 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -17,6 +17,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +}