From patchwork Fri Mar 9 16:55:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131173 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217768lja; Fri, 9 Mar 2018 09:01:18 -0800 (PST) X-Google-Smtp-Source: AG47ELuPQJjRnVUJoxIJVE8ntPbz6bPeGUXcDFnwdVwbHKLW3rWO+gm4+0f5t7leqHAZ6c8xD9jq X-Received: by 10.80.194.10 with SMTP id n10mr38000605edf.84.1520614878420; Fri, 09 Mar 2018 09:01:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614878; cv=none; d=google.com; s=arc-20160816; b=U+CCfkeW53NUhOIw8hcwwm1VJOGCivpot+nPuUl7t1WJpF+5ib3wR9JWWywFkUW6gn fj5S8tkL/hkXADHzeotx9cRO/6Q/xZY/8yZpXJ8o56chQCcGLaaLMaXqwHZKhpCQyIkt FxJY0LpDoZiDX0DBGr29eYfEZlcvxqFKKyV5qDMqpOm8RJPWU+xpILS9XPiJfeNHlETz gVYPbDS8vQ9qOOo+CTxwoSRstQO/bxEDH7e79Lz5OD9IZKFZDFTTm7Wk4X9L1OTNH7Ls x4e/BBw7e19OAxyH84wnS5J6zH5usw2GBnvM0gfYfFAKwXQXKDZPh7fhjST25T0gRo96 Oxnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9P+Z1ULXkjhKLCgHMUrqkg4Ilk198k9kAIZoBGKtpWM=; b=m3XF0lOYIsGe7kC//wQpS406bQxcvPbyEyUiRag6H1nSHUWXQCWayilnQDdz7TO7BM Sl7Wjqxe0CjBwaI5B87myOf9v2fMytosV8uwyyc2GF25N1CMzBpbCIDHr7SYu5VAWNp7 NT6Iq3UT/p4TtG1fSjmy4wAqepJRDJDfG5HC7AmDyhLkuXAThZFyrXtbkpLgA5fDdbN2 UmsC5EtEni9o15SfGGOSscLjfQEpUwSPZfv0hZM76CCZ/71sCuFDqMivvntctcHj02ot 2Wrr5TTbz7zWXEb38nFZlDiwQpj9ESOmFs6svlseBxsd7AfeOqFVwgZExJ58FWXFvlvw 0k/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NpbcZJG+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x60si1321378edc.234.2018.03.09.09.01.18; Fri, 09 Mar 2018 09:01:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NpbcZJG+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 081C5C21E2C; Fri, 9 Mar 2018 16:57:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 39186C21E29; Fri, 9 Mar 2018 16:55:59 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D57BFC21E39; Fri, 9 Mar 2018 16:55:46 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 43680C21DE8 for ; Fri, 9 Mar 2018 16:55:42 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id a20so4242329wmd.1 for ; Fri, 09 Mar 2018 08:55:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=NpbcZJG+Qwv3i1Myl42XxYur2pHAqMNDcq5gm/G7IDdVTTO3jrZRixdQJ1r9naPSvG rlMB5hA4M8hgL+W2e2dZDdmOIbPMq1uQti0dibsjpkMdQKJpZE8VKc5UnwLNSUSm+IdX oeeAinvGG+WkfKJWxr4GhUQ/NCVSytDp4946c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=Q/X8kWVQacsXe8ZsjFVcPhinddg3XCcBdszl8PvIuK6BKJOTF6lHuU5cz+DV1BsWDq ttkMebXPH6SnTi8uIE2l6uquMn6/TrHknIVuK35RGOzv0uMVCw2X/+8wSIlYm4hGN4EB nEkT/Vjsk2mrm8UPHo8+DVrW+7WpsUefznzboXJBNMtQ66vFWLbcVPOBmJTlTSGJ7ArL T6K2ZsOXFcSDVYaq9IB3RE+jSbasapynCRMkkFsY6xVX0fMRWwAWLl05cUop1Jm3pUnf +5ib6fc1gwz4UN5bpzsaonttm+ff0Wp0aIZaFQt4YfP1jlNlbYge9xDFc8nqCpVuqSY+ 67wA== X-Gm-Message-State: APf1xPAJZXU2Q6+SvATKaD61XRmiAnwoKCGqBOQKEfGWZxo/1xs1xeGY m6AH3s2P4+IxVjv861D+w1zklcfqmbw= X-Received: by 10.80.135.170 with SMTP id a39mr38189411eda.82.1520614541775; Fri, 09 Mar 2018 08:55:41 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:41 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:28 +0000 Message-Id: <1520614531-2164-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 07/10] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +}