From patchwork Tue Jan 23 20:41:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125596 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1997103ljf; Tue, 23 Jan 2018 12:50:52 -0800 (PST) X-Google-Smtp-Source: AH8x226KYfsAr082eAXweDxEJ0/q+kfpnOpqQMomxLzQb6Ln/bTLAK28/4Ah2sjPXaNEc1JDkKId X-Received: by 10.80.230.148 with SMTP id z20mr19850436edm.61.1516740652506; Tue, 23 Jan 2018 12:50:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740652; cv=none; d=google.com; s=arc-20160816; b=zxEMOxjE8QQ9d2fUcmwYwZAJQT0OGY+eD1ry0tdD4+4WXEKrXeTScfoaI87uENNq49 YMibmMDRJQm8Nrp5aeUIcruGk2wbaTGqOVtP2PdKHaDIsWmMa+XQmVFRrsH7N3afRC2/ 0FvxDSHNKN235hSk6MeRATEZXugaDY+aKcZAM6ywCmOjE8DeFu2p0b5JThU/6iuV9rad h1Q7xIS8Qdfr+Atslu3Cy5m+mPSLxf3hjFLcyJ2t7ghEgv/0kCGmmpceGhprMIWG5SyG zlZC4DkTJupeNhwgdfpEYFimFWRgPLfniED8XABWmz10aADJnAHaNakVXW6vMQlUPPoC xx9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=imD/FFmxIm1O3FKS1inZ6TLvL5Dw7B1dklNfuNVp+RY=; b=z1OwFndx8RRImF45uL7HPutk91AOkbpYmeSNZNsih7f8MjNMsd3GwzKdH7Eknv29sJ cNZDq0ooSqaZh7Zx7S2BQMGvtsImf+1OUdX6Z+PwWnsAYFZImLi1zcXfdU8zQ33bfj0G l0lgF+7ETGu0k6CD3sRxcfgED7UnJeDwWiHkax1FxhF0x4c5tOba8AReAb4JR49i5t8V Eb3jtPmPQNXFWt1skDj3vhUlGKWwlSnTQXW+2wJBV1equtxKGiXmhdE6ZCWzYVhJAnrN c8V6G16oijF0Y6E1awq58+8JJgnVhtJahY5bDIW9Xg2CKeKOWUXGdw+YekuHd4eQHIul uxlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SAUUU9pA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o63si12605128edd.266.2018.01.23.12.50.52; Tue, 23 Jan 2018 12:50:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SAUUU9pA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 1BE3DC2216F; Tue, 23 Jan 2018 20:48:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EEBC5C22160; Tue, 23 Jan 2018 20:42:27 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 65EADC2214A; Tue, 23 Jan 2018 20:42:21 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id A22C1C2212C for ; Tue, 23 Jan 2018 20:42:10 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id t74so4370536wme.3 for ; Tue, 23 Jan 2018 12:42:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=SAUUU9pAkZJpe8nEyfyM87zUcDcq6PIADDZQAqoExHeAwWhxPoeXvGdQGJ8JIw2Anb R3bRY3wh4PAa8xXoKz3cVmqcJElMndg/L7acmACM/ZiNNJ3S80YdM+rbY3BLRrAAWT+J cguhHjCvfkKpyXOTMxaWPJjXBaB7uGfoL0wJk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=YnYIWlEfwUkwa9tOim2fZ1ONlJ1Aps/d555QyRthspsr5lecNyZL/+87xx0q9yLZo6 1J5i9GWZO8tr1Ljwjyy2riV+2LjAuq59z8sJCzDIT8HqptjP3YjgR7tomqC8dAUVa1u4 BsNyUGFUGHFlDEPxAiyuV+CgVNDwheCtfemvo9KdwE9VQpsQaUS2FLWUze3Ow/fy1vON c7Q/lMf3fPzRdMgC4L2ukI9IOdAevEG5rJPxnJNOQJ3hml8tYI0ic12bUBOV3/+RXpXe 48qgT2D94sQtQCydaMrbSWV18vzJPmw8iqUSFKf61OMe5y0XeGJjoCrOtdSsX2g8bhvp 6p0g== X-Gm-Message-State: AKwxytf/7NFlICXsK7iUkFHtoysaAwcNcvAKkh2eaUssri4srLTH8qaF +ZYslJP2bY+heURPQCBey7EBbnAkKy0= X-Received: by 10.80.146.240 with SMTP id l45mr20659029eda.125.1516740130079; Tue, 23 Jan 2018 12:42:10 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:09 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:58 +0000 Message-Id: <1516740120-948-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 7/9] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +}