From patchwork Tue Mar 13 16:50:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131517 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp973111ljb; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) X-Google-Smtp-Source: AG47ELs/B5MxqlH1xuZvrdhQ7YMxCC+nSYd4e/XYI3ygqZvIKr4zOZIG6hINfQHAfRZnGwLYKPzd X-Received: by 10.80.232.69 with SMTP id k5mr1554413edn.133.1520960137616; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960137; cv=none; d=google.com; s=arc-20160816; b=o6CWKwpleN9j/bGc7Ki2uNL+Q3ayo+ecb/H4yJCYj+nfVgCZ6VhypuporcnwKpNnVf x5129vSLKRteI9hqbNHyH4RiHhfFuFVFUOH/FAThssSsOK89nh3mixBJsDS1LS/ypvd9 ljUBfZ6FLfr49gBwo9hObdV1Mzdpt/KOsSOznDqx8LqUg0vRGHkUfnZ3iFq/RgKGEzIM 0UHO8Re7z55nRqukLzywrcBOXtMxl/RMLeO/7KLRtfF6C2tmOCBDZZL6lpKCwivbMKBX luE/jYdkwG3n7tq7EzLgeMZqfc0CCYvAwMqnRYsoT/rjOq0hU9chSIrDQ4S08SjIBDBl 27wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9P+Z1ULXkjhKLCgHMUrqkg4Ilk198k9kAIZoBGKtpWM=; b=jqph0ZRBz+wtU70ljP9j6vbnf9pzBWmQ5AHk7H58L3A//8EoxDnrTPWQyt8icnfbhO drt++rztdKtRNRmUQa5FqMYJERSDJW4BzmF7IfaXBeObKBSIdfCbGt3PaqF4/7gBgKhX QOI4z8/dfgIYBe4s/ElOP7rGMt/1EA9fL5gGpy5PL/Ogss9FXmto0gv+51qgPqcl0Vws Yu4u6OBC3nPj74xmtasqMVow3EXMwLbdPS5molGijxpTJmBpkuoyIbuVWoIKqkc5aE09 ZzwFpy+6qu2gaW27I7ssEFR8HLIDNtdYmWr0KmuPdLXCmYu0SuUVxTptdOndXYfw3aqI ik6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OaWf3ya4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t32si421440eda.188.2018.03.13.09.55.37; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OaWf3ya4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 290BBC21E31; Tue, 13 Mar 2018 16:53:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1C244C21E12; Tue, 13 Mar 2018 16:51:16 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5479EC21DEC; Tue, 13 Mar 2018 16:50:56 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id AEAD3C21DE8 for ; Tue, 13 Mar 2018 16:50:51 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id r8so837212wrg.0 for ; Tue, 13 Mar 2018 09:50:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=OaWf3ya4neAxom3Uo0erpKEtr6k3jndiSfeGoHDsqeYqmak4720d7LV60oTU4YpK0y CO2/FUn+WpCriB1lW5jDiwxEpheCVjYDd1sw2Nh0Awp1V6macz5uZ0DaCd2/gktWTjVs noSZxx4Xxe9hMtWFuhFqrqN+72AhksbIA3R+g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=bvTwemfoWJ/lTrWQUltju0KVEfMHz4oyQTKWOpg0IWLrYMK1/n/zRHCPrmRYzcmkOX 8/9D13lYnjqSV4ueaFZJDPQ+5B2Rfm8uGTLRnd9HNTZFl7WJY6Bhx4ewlJUVwzeTP8wq NvCM91H3xiPRjdVBzpUldwZjHW6HJviL5Q20B/aHozWdAkVrTIg1DHix2tGlwmShHKil ucktF5pa3WzSmMRPPgZYtahuP6Fl/QtZOfhEzoAHzFUlk6ioTxynbCUzPCYF6JXdxbtC NnXrJVj2cu0PFqeMDAKEED6dZltUXYFFA9OC+zeq/Uiif/+OJhpSl1rKT5R+qFk3E1M2 ZX4w== X-Gm-Message-State: AElRT7GT7sIk7aCKKNNbRTn9NXvs1KqadsmMDVmx+jqAYaawsQMFuedk 7XX0aISwFwIkS+rowFPml0mwzMjczMQ= X-Received: by 10.80.137.83 with SMTP id f19mr1534363edf.206.1520959851247; Tue, 13 Mar 2018 09:50:51 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:50 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:33 +0000 Message-Id: <1520959836-16105-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 07/10] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +}