From patchwork Tue Mar 13 16:50:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131520 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp974724ljb; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) X-Google-Smtp-Source: AG47ELvolP+UaOZ9IFM3/fyhs1mN8AzISc8L8UNqTBBX/V63cIkTdjVsuvbrFbwVsjSlXw1pz7nA X-Received: by 10.80.194.10 with SMTP id n10mr1619187edf.84.1520960235624; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960235; cv=none; d=google.com; s=arc-20160816; b=a5jSYTw1CzqPF354qqelTkjKsvva/ciOiRWt3YEys1X1xvd7mvckVl1qPXsmIbB+N6 8BaVjPoBElc7NkRt4DaFxAgKuPAZdRn8XWmGMwvaasRqq7Ik4xDpdcfIlF/0NOCa+3oN VOLsVu++V0KgoUoS6Mxf+Oo0f2Ui270sMkS+hc2DdwUtMharZo6CesNuUlahG8u0NYPt 45opt06/+kjFTw/Ta7ME37t5BsRFA5d6rYAjL4HM0CW+7T4JT8qiUMmoICcyIvv6W7Az DGyLwMhsdd3srLSesXl8AyasDVskRPR2TR9dRLAoxEgo3d/T3vor2g0RLVdV0fV6a9vr bYaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=poOiDwugzhKHEbr6x4e5IZd7EOHNJ9utrnEEm4Mqryo=; b=pXRpTFjRH9j0+ZBKjmnjoGyptOyD5w2TDpPSO+kEM8gvPAzgwVMH5HO7r9Otbmre6k X3ZCcKkTJ6FiBlH85Hjh+3SJq2NSlu2h9UTpZjgoQ2mArt8Kj1f6fiKwAC+50Vr9mjlU urf26kxZnbsnLSTAMSBQkWf5pvKp4LJTvqVpVyRZl/6bkfrIr4cq0CJyDgST7n71ximj eEynzPFQryomnVykEnDF86Lu6KVceQ2MS+s1q61sQZOYNeX1hT+zU1ZulCUYyj2xp7tH dDcTHI9YZ6XSGyvsqhv4hLLe8X+HLbxAWvDIS7gy1jANuxSfNa2WkjVBPhI7GIu15sLf ABfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=excbl+Mc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id e25si167067edj.407.2018.03.13.09.57.15; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=excbl+Mc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 0A71CC21E42; Tue, 13 Mar 2018 16:54:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 64106C21E6C; Tue, 13 Mar 2018 16:51:26 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C9A1CC21DF9; Tue, 13 Mar 2018 16:50:59 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id 459F0C21E08 for ; Tue, 13 Mar 2018 16:50:55 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id l8so797424wrg.5 for ; Tue, 13 Mar 2018 09:50:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Gz0kemg1q++IJnGVn0xjNSFvoHvWf2ZJx7Qiuf0Cyzw=; b=excbl+Mc4iOkRiMekY061MxCtmR6sYZ0B5oalO30MnXnIfsKcC2IFgJ6ANMqfHoqT8 98PWLJR5RrPo6JLE39D27lBNBUPyJvh+IuK6WNhk7U5D9gNC1vbmTB7VSvhq52UysVOi iadu1RYz2wM5/OTWTUCQLP9PYpQ9ubAxNOnpw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Gz0kemg1q++IJnGVn0xjNSFvoHvWf2ZJx7Qiuf0Cyzw=; b=DnWQuREdeNtD+kWpzdjr0mi9IbBq6QZfBXgwd2vRiLguyHHVedLMFpdABwicCu8Amp jrkRzMrEtXXQF7xg2gj7AyAyB+DVJHenawnl6UwcD9ebQPoy1wsQWvwyTOT/gQe9n7vx IxglikPp315z11XYXNHgAvzT3P55RxeA9/uM4kKycleThH1B5k1neIv4A4pgM1EySqM/ FOiD3sFA89li3kmlujHQ/V3R704lYR1qlhWdRqXnc6dL+iJzgzveMtaTxFb8Nr+SY/QP oDoBYaFekz93mfEFqGonAyF+Q1QAYuAYqTLL3uEM2eD7tHymoMKZfKA1j9uhUjYzN2vv izvg== X-Gm-Message-State: AElRT7HxQENcISQtHeWUPQaRZfm49V/++TGsn0pCpcy5bCXPZ0LpOv33 gKd2eEhYbG/+xCsDShOG3ZsX9k4/wWE= X-Received: by 10.80.147.21 with SMTP id m21mr1585379eda.175.1520959854777; Tue, 13 Mar 2018 09:50:54 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:54 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:36 +0000 Message-Id: <1520959836-16105-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 10/10] bootm: optee: Add a bootm command for type IH_OS_TEE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- common/bootm_os.c | 32 ++++++++++++++++++++++++++++++++ lib/optee/Kconfig | 9 +++++++++ 2 files changed, 41 insertions(+) diff --git a/common/bootm_os.c b/common/bootm_os.c index 5e6b177..b84a8e2 100644 --- a/common/bootm_os.c +++ b/common/bootm_os.c @@ -11,6 +11,7 @@ #include #include #include +#include DECLARE_GLOBAL_DATA_PTR; @@ -433,6 +434,34 @@ static int do_bootm_openrtos(int flag, int argc, char * const argv[], } #endif +#ifdef CONFIG_BOOTM_OPTEE +static int do_bootm_tee(int flag, int argc, char * const argv[], + bootm_headers_t *images) +{ + int ret; + + /* Verify OS type */ + if (images->os.os != IH_OS_TEE) { + return 1; + }; + + /* Validate OPTEE header */ + ret = optee_verify_bootm_image(images->os.image_start, + images->os.load, + images->os.image_len); + if (ret) + return ret; + + /* Locate FDT etc */ + ret = bootm_find_images(flag, argc, argv); + if (ret) + return ret; + + /* From here we can run the regular linux boot path */ + return do_bootm_linux(flag, argc, argv, images); +} +#endif + static boot_os_fn *boot_os[] = { [IH_OS_U_BOOT] = do_bootm_standalone, #ifdef CONFIG_BOOTM_LINUX @@ -466,6 +495,9 @@ static boot_os_fn *boot_os[] = { #ifdef CONFIG_BOOTM_OPENRTOS [IH_OS_OPENRTOS] = do_bootm_openrtos, #endif +#ifdef CONFIG_BOOTM_OPTEE + [IH_OS_TEE] = do_bootm_tee, +#endif }; /* Allow for arch specific config before we boot */ diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index cc73ec3..1e5ab45 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -28,3 +28,12 @@ config OPTEE_TZDRAM_BASE help The base address of pre-allocated Trust Zone DRAM for the OPTEE runtime. + +config BOOTM_OPTEE + bool "Support OPTEE bootm command" + select BOOTM_LINUX + default n + help + Select this command to enable chain-loading of a Linux kernel + via an OPTEE firmware. + The bootflow is BootROM -> u-boot -> OPTEE -> Linux in this case.