From patchwork Tue Mar 13 16:50:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131511 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp968832ljb; Tue, 13 Mar 2018 09:51:19 -0700 (PDT) X-Google-Smtp-Source: AG47ELsiErFYHTLdnJzmLUp0GczFODyf9+2/KQ75eJ01PZ8Gk4Qvxd9DwJl1OOGvr7l5sYupW3/t X-Received: by 10.80.211.2 with SMTP id g2mr1591210edh.96.1520959878967; Tue, 13 Mar 2018 09:51:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520959878; cv=none; d=google.com; s=arc-20160816; b=XPg49G8+Ts/x7ZwEW8e4zlHkeqsJuNk19e7lBZPzuPOPjHgvyzB/hq4SiRUQLPUSY/ X2X1vc+li4L3BLfzpWDEx8gmYdEGYEXJNiq8DkJEZvYHmXZGQVNojzVr+gmqoahu1qv+ yAkzpiphGVAcacqpuFhbuvSgnAHvp6b+yBMS+QBKjHfSAgZzIsxYyHXRNLpHc1dnzM1q hRzTafotv3+rbMNj1Bx6s3ETBA+bl7OskiO20hUbWMatIWDKgQ8dJ9Z35YgbwM4UK3aG Xqn+9Rgb2BVLRMAhYQbTNFfcz7cvTnJJFC+avldiNlI3sRmPw7GZpO5IF+hdflMpb6cH UKtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=l5juljvmr/PTK3OvKQkS8Ki3nmnBhU6k0e25cam/Ow8=; b=WjhAt8lSGEXbge4n2vgB1b7YQfGtEYd/svxqwdaTzQ811ajCvUuuFQN7J3bYxvDuqW t7NQmR+AP+vKpRUOIgGJ6foxDCCW7AsmEeHcY+IUrdkhWXnqf3hC+9v/k5jLsnq2aXGz m1vwZNDaLZQNKWNcFTYXAKixe4pkOUvmKhAtANu19njEBm2i7qX+w4TmUIIL/xYh35+B qDk4tQCf0/0+lveb8pSV6thWNS8GrWhM1Uj/QK98Xfjicu/Pu4IAyuA9kOQnTdm+tuYP nwWT5+VnBNoMnuiyG2DxEhg7+7wUppOhjiKH9XFdi+pcNu8FctFNF6WqQIEdSeIKgjja /cJQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=i99BL84v; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id h59si370788edd.220.2018.03.13.09.51.18; Tue, 13 Mar 2018 09:51:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=i99BL84v; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 6C01FC21E6C; Tue, 13 Mar 2018 16:51:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 008C5C21DDC; Tue, 13 Mar 2018 16:50:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id BFF8EC21C8B; Tue, 13 Mar 2018 16:50:43 +0000 (UTC) Received: from mail-wr0-f195.google.com (mail-wr0-f195.google.com [209.85.128.195]) by lists.denx.de (Postfix) with ESMTPS id 55A4EC21BE5 for ; Tue, 13 Mar 2018 16:50:43 +0000 (UTC) Received: by mail-wr0-f195.google.com with SMTP id f14so763117wre.8 for ; Tue, 13 Mar 2018 09:50:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=i99BL84vX5scWFCTuSxT/uBwTfrFGxZFbwtJWEdRseB/iYJvz7m1TuC8RKnVKFitHr fjTf/M/8Hn7avmZ7R4h2AfM4tSVVbYtUzBzBKnqnX2O1cNNOYPvH15jd/ISxCyqm1ZOb ShC2oS2CbbSEsXPifwZkZs4eM3BgoKYfCLBu4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=SXcwfBYaC51GQrN80gwQBTlo9P3r9EX7dRxFBh4Tr0OSwDPKV/pQEVxJd8G0GgZM01 PDtBM/Zg2t7AJ0h1pBOtGTkRKPLioD1EElSTT+lPpmC0ShVr70Jst5zkECsD1ar1AQ25 viBAlMpF3llYb/O4O0uB4P1HbIqZgRXSdR283lckfhIh9uSfwkydg+limRrmZLnB57o+ AfthAhEysMdosbYRpRpmcjbTNGHV3kazTFyxvUlAYu30zsArcLJpgW0EHFTN0b2wPU49 RgpDx0dxrw8tzDEjlXPgw5If8XCJIVCkSlnKckKJOG7W1hOY7dDR33xM28x+yk1j88Xv aegg== X-Gm-Message-State: AElRT7EIe6KlGRwqXIUXtXcpEMALG9ArIhg0/AVgGtH3OpDVvQHVu4hW ZniRSW2UUfE7Gy5CrG41RthajV7DO6s= X-Received: by 10.80.147.21 with SMTP id m21mr1584790eda.175.1520959842770; Tue, 13 Mar 2018 09:50:42 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:42 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:27 +0000 Message-Id: <1520959836-16105-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 01/10] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 64 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 4fd41c4..a4029a6 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -310,5 +310,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 0db41c1..35da570 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -18,6 +18,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +} From patchwork Tue Mar 13 16:50:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131512 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp970371ljb; Tue, 13 Mar 2018 09:52:50 -0700 (PDT) X-Google-Smtp-Source: AG47ELu7hb0lpeBChUBv80O4vTSlcqYZKAdNDbdU+9EMopCGPi3PaMxPatEA4DXaatcS/c3skXLH X-Received: by 10.80.189.131 with SMTP id y3mr1631150edh.122.1520959970102; Tue, 13 Mar 2018 09:52:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520959970; cv=none; d=google.com; s=arc-20160816; b=vkWhDvPbz1igTrut5WEwJb2Q2QF89fWOG8NNB66qPNg82ZOTMSLEWIYgCMvcwcWkuP zje76RlVhfXWF+G/2WrpNAcBz9GVG9JVXRmyWwTxX9jmbX2METhsplEpIY6O+gwNfdeQ 107I4supvoGTNk/QUqngyksDGxenkwjgq/Df92uoAfm2MCZX7nX/T2cgtoW1o8Rx8QBI sBxLkj/6gIUN0LArHJXbmwRdQRx1DLWSyvlldWAw/Qwe1k5Ub/qx3IpcRnh7Rm43peM9 HG9924mkHbCZh1CA90/A1Hv+2+HUDlD4ozpBoE6ItxMlLf9q4TT5bNpBMTABCWuCECaO vxWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=cvvB+lycwb5nber/e5Gw1LfRjIk4mJApi6IWnJNqGH8=; b=yvayTU/zlurokVoa5vpcttLBGBF+xmy24mHcsYnb1RExmQwoXFCVlft/VfZEo1RSYA LcmNvNp03tHgF6c0lYF8v/xQ0F5zvEg4mqSMLc09ZTL0qlDeCdwpr7F2eLUK4xjaPKIp SzWjrRu15s/Kxt83CCoNVwar3UmPfkzOZO4HyIgxDKiQx/QLPFWP/lnVSem5CnjhlMpA xfmPPK0MYB1Fq5Ck8OIGSm70xshKwsM39Brx/ouMBxgei7gR++2nPE9oaV2/AEynjvW5 IsfSiImd836bpPLyqQLVgGQZZvM7KFtUxmKEw+NOfm9u6OKYRAVVC7/kQxQvbRt2AkrZ 6WkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ho1ro5ye; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id q28si350829edb.453.2018.03.13.09.52.49; Tue, 13 Mar 2018 09:52:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ho1ro5ye; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 8B707C21E08; Tue, 13 Mar 2018 16:51:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E9AD3C21E13; Tue, 13 Mar 2018 16:50:48 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E6409C21E1E; Tue, 13 Mar 2018 16:50:47 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id 5D7EFC21D4A for ; Tue, 13 Mar 2018 16:50:44 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id o1so742370wro.10 for ; Tue, 13 Mar 2018 09:50:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=Ho1ro5yevrPJgjzwtHvyeXOXuTfa6H5dcoriT6wZ9695ISVGJf7KS+WLS7+RA31Ond lQqsV9hLiTb33Qt7/hK7iSSWDdJH5ZQL60H9FdBbK/mMd+58KrDHXmGZQWDEZijuIfuF D4ax9jyqHtvanRmQALChquWrzj4pk83ILaLa0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=oz8rLFyjK+nZMCPVW24lFRNStu2HLEdlJ+JhNQ2fMb53iMUnPbUfOwKQ+fnsjmIJWS ieixHDIqxd23TSD/BRIOCfKbAjB9tHN/T6LsRyeHYtxB6bOnidv9kuWveZLk6gbc+JYV S/bxKrSaoUOI2P6d3NbUj14shBnIC5Sor0iWTNzt7xQchMytF6QXzfgC9sRKebQkEBEZ YUqc/LJcaX/Ovmb1moI8qUI8pYIQLXZ9CleEKCOlU/4VpEOaBeEkjHsfLfdzAcKc6y0D jD4nJxPcgfgyT4+l1501CR64m0XO8zWrCBL43kDaT6gPALfkK9HrdD1tG0If4uUy9s3+ Udzg== X-Gm-Message-State: AElRT7GK3js72AoImumI6WJ4E58nsSac+UQCaXUMWnZlR8m4LKKScKXS R/wrzBBp2ciFR+Gi1JiI5v0NnX0hSFE= X-Received: by 10.80.186.81 with SMTP id 17mr1596481eds.107.1520959843847; Tue, 13 Mar 2018 09:50:43 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:43 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:28 +0000 Message-Id: <1520959836-16105-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 02/10] optee: Add CONFIG_OPTEE_TZDRAM_SIZE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default size of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM size specified in the OPTEE build and the TZDRAM size specified in U-Boot match-up. Further patches will use TZDRAM size with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 2e406fe..41c0ab7 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -6,3 +6,11 @@ config OPTEE enable an OPTEE specific bootm command that will perform additional OPTEE specific checks before booting an OPTEE image created with mkimage. + +config OPTEE_TZDRAM_SIZE + hex "Amount of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x3000000 + help + The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE + runtime. From patchwork Tue Mar 13 16:50:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131518 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp973290ljb; Tue, 13 Mar 2018 09:55:50 -0700 (PDT) X-Google-Smtp-Source: AG47ELtoBw7Bqn1VQIJAHl8KKGiJ68T9c+hfAG5U72bm/yiNn54ERJ2yqEv/ueJGWHf502AkYm0h X-Received: by 10.80.158.76 with SMTP id z70mr1618408ede.89.1520960150042; Tue, 13 Mar 2018 09:55:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960150; cv=none; d=google.com; s=arc-20160816; b=tv4PY88kN4AP4abML83XGqPt7Gpv+UybbT0advUH3rrHkt3C1WbVPbzueOxh3ozQ2F 9UktaM+YsUp/oT1wsRTmDg5jNmS79yCmOUhVtIAHAZF5z3bjKsNIKGeyXuvATl460A6j fjdRp6Vt0NEny27KC65VKcUm7vlK2WjAean+A/Yct+Hwetna9hN8NHCgcVdX0901P8N4 0FCnWJ6r9SGGOb7hf9TqpGbIQc0lK7me5+H8UHBmGHesgHRlAAlBt+pr67nXLduaPtP/ B4J0LE60QlGSnIRgK2mlTLM1Gml6lgQAKLrRmRBw04RF5IZtToV5YCblZuDgko8EOcWe UMFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=WIuIgvpgtZYDV9nhJRw8IR1f58HK9TAeX299G1fJjcA=; b=KtoQ7JqTZ0N6X6ovWqqHzogYrG0XesnySG2JrrzFkSw+kIULIjEswxyov+JkBqk/5E GUillKpUIRjHBdJGOWSexui+tiubYAdJ3VSXflH1xd1+W2VVyytFT9De4pGO9QGHbmH3 ctBQgMZvaTklta90Bv3Pn7s1iwrpXQ2HJteMjp7LJQf5HYAVnTzYQ3oTsO0ZE3JkuRfr XRo7rjIKWa+8RNZhfen4F/wboOHYEWed+469lD3IkseXqEhGowlXjqpLqgeYQwC9MFfe BULkzQh5E/ei0/HD0I69dEts1qSxpUVLxuXVdDaGAVfUJ+8+B66CU+u8vki+Fkcr9gof IB2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZcnDFSTa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id b54si398282ede.130.2018.03.13.09.55.49; Tue, 13 Mar 2018 09:55:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZcnDFSTa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A4326C21E39; Tue, 13 Mar 2018 16:52:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 006F6C21E0B; Tue, 13 Mar 2018 16:50:58 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8A32FC21DFF; Tue, 13 Mar 2018 16:50:51 +0000 (UTC) Received: from mail-wr0-f195.google.com (mail-wr0-f195.google.com [209.85.128.195]) by lists.denx.de (Postfix) with ESMTPS id A1EA5C21DFF for ; Tue, 13 Mar 2018 16:50:45 +0000 (UTC) Received: by mail-wr0-f195.google.com with SMTP id k3so769300wrg.6 for ; Tue, 13 Mar 2018 09:50:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JqMardwNHUiMRBwjh6/JFvFB6M2jc+0V4mjRrdamGCA=; b=ZcnDFSTalB6pde0gAbcRaXyWY3JvsWQdDKM4x456DSJx04Wke+imbwiPbX+Pc9PGTG 7bsI3p+p4urhSXB4palwRgo2HFoQCyxGgCKypj5QgxIjvLKEVVz03/5jsaic9+2J6k/U 7DCFuu0pooT2Tzljv00x7kntAmATIr02JD4BY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JqMardwNHUiMRBwjh6/JFvFB6M2jc+0V4mjRrdamGCA=; b=BirOeRLym34vRm2rJBsUaZ9aNtXEh6uEFl5aKt0AR9RdKwuJTUR0eMOVN+tV+6rhYD 819MGSmAXI8WV3mMbDPWlekzsehnsnQplV+vfRqBBoWYjAVSUKSwR4qF6dcUjqQC2vLh q05YePIifAMA/99vvKt6rGBCN/EUh0SCH1K87WsLWxrpidQtJkLgoImejmJM3pQ+ji8F rv5ScHggCHd2pg6dK4cbql0BiqZGu9Qkj7cckAgVad2gl+U1ESHaoBQZPmz1HRjIjG42 DOrDFiPbDYtJ9adilXLat34EdIWyCaUJSZrCGQ2ilPzbmL2thojQm1gFjuPNtYB/8HRF 2HFQ== X-Gm-Message-State: AElRT7FmY+zapgayrSNjf6knqtVHnX4KT2d4shP5rvnm7QKZs5SYUKZ3 tCN/p8MWrB4SuMxI2sU3BVh5QQCiFGs= X-Received: by 10.80.201.76 with SMTP id p12mr1592940edh.199.1520959845116; Tue, 13 Mar 2018 09:50:45 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:44 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:29 +0000 Message-Id: <1520959836-16105-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 03/10] optee: Add CONFIG_OPTEE_TZDRAM_BASE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default address of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM address specified in the OPTEE build and the TZDRAM address specified in U-Boot match-up. Further patches will use TZDRAM address with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 41c0ab7..a3b7332 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -14,3 +14,11 @@ config OPTEE_TZDRAM_SIZE help The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE runtime. + +config OPTEE_TZDRAM_BASE + hex "Base address of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x9d000000 + help + The base address of pre-allocated Trust Zone DRAM for + the OPTEE runtime. From patchwork Tue Mar 13 16:50:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131513 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp971081ljb; Tue, 13 Mar 2018 09:53:35 -0700 (PDT) X-Google-Smtp-Source: AG47ELutMQ14otZEsVrR/pc8a9RI2WJ73op+B8+Q1rewgCSZDqPHgzkVmZq40JFGYtA0Bewrlk2S X-Received: by 10.80.179.73 with SMTP id r9mr1651200edd.78.1520960015502; Tue, 13 Mar 2018 09:53:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960015; cv=none; d=google.com; s=arc-20160816; b=M6/a5BisQLbVkhtgH0nRKtXORF6zgNW3X+NTcwtNi83Rm4E5hxpE69h/6XxqVoTDBy G+l7Wtj2DJLjZ6xCGExyD8faj4L5c948PR6nWjDQD2+903sXEqW/AdA52/9an7OQPNC8 Yq8eVMLL07fsL0WbsA+833Lmir9t/Wdu3tTwXg33iLc1klSnKc6BRNCd9kfiDZufD7YU er3NaQyCPGacy8xOBzOXrfbCylyiS6vLc0pSZL9cvrhrmT1nGvZ4HRdJ0CTqEI/c4kgj fZl0Lj5mYkexSHzM7vScOmbvzGMH90kmLLaz5zLgp459oBVjqshcUx0MKpkidUZsxr/g Px9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:arc-authentication-results; bh=6bvkRZNCgxi9bqqMfx8A4B25+/Sl75gb2NaqvZhnKMs=; b=GQ2bQnWsrIttjDUT7ajr7A1WihR1x3Qg0pMxpXS9qak3mRBB0m6sP2dsXLqJTdf3GO ht7xNacBXgZulLM3/yps+//m6/Oh5n/uObMnsOy2MXZvbTfAwqKD+QopK1s3wfUNhSRF fNtGAF6sIoWW1+kzu6xlTF+QOt6+taYuabPXN0GPAjdWStpfGz20mrr3ViPEPQs9OxtQ q0+9ADUh94tKit0JJAHxwCEpPDJ7/HHyhXlRs/BBY1A4vA55gErtbVRTKfbbaWFr5wnt Tnlc0syuJ15nGuY007G1WIX818yyVqLUQsw0WCJh7d3iRGgz1eJpnaIIX3D1vUpnS/eN 4QqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=DUcQVVh4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 89si358197edo.539.2018.03.13.09.53.35; Tue, 13 Mar 2018 09:53:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=DUcQVVh4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 13C5BC21E2F; Tue, 13 Mar 2018 16:51:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 07505C21E3A; Tue, 13 Mar 2018 16:50:58 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C2CB0C21E38; Tue, 13 Mar 2018 16:50:52 +0000 (UTC) Received: from mail-wr0-f196.google.com (mail-wr0-f196.google.com [209.85.128.196]) by lists.denx.de (Postfix) with ESMTPS id 2372DC21DD3 for ; Tue, 13 Mar 2018 16:50:48 +0000 (UTC) Received: by mail-wr0-f196.google.com with SMTP id r8so836612wrg.0 for ; Tue, 13 Mar 2018 09:50:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=gofIoIyd6njEV/Ghcjl9yXszp/sNxHv0hZ0QSMrCCkw=; b=DUcQVVh4UYPy/ILPg8CDwe7oKUp2VX5JGDlwfLWYdDB1+vz54P7Hs/EzMbe3IXFSwK 9YW3N9lO3plbNmWk7gbdXmTdpS6Cuw7ZW0235imLq8LQO6fFLLGeL9DjQWFD2UB7cJDn 09xPE2WGSYOtkc9BDjNDpPMcbMuiXy+v8JcJc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=gofIoIyd6njEV/Ghcjl9yXszp/sNxHv0hZ0QSMrCCkw=; b=QRaa+WvYinkjrZvezpD9sK1IrrdT3FCxOVI9EBs9AqSFUJ+u28qc2Kt5ISBAJwqUTh wB6CoImTuLY68EbZ99eQDKNwNriz8z8mY8HLmKVKzKWHnXV+2TR7L28cJH19ddW2vz/Y yp/q2Dw9Fq7NUqbu0V3zva18cFn5kE+ipPdAtbEpy1x0FVDnSmIruvs4Fg4FlQMTCsmm X58DZnBsoaoq93jbHZE/TS+q5HFbBZRA1jqDHMcJ+W2BVSnF2RHzHlGlqQ4Ld5c5DSW4 pD4nR8B+b0Wx3IA8GVUINp626vfU4WL0XwGAhMPtAmsShFepbOHmeSdkkOIOXuBQemPy yM8A== X-Gm-Message-State: AElRT7G+up/ERAbjw7wuWtPHaLAuDSc/nvzHp60BwGznoIhkbTDt/ouP SgSiLc82ljKeazL5he3qjcLps6GVOtI= X-Received: by 10.80.143.99 with SMTP id 90mr1575653edy.65.1520959847567; Tue, 13 Mar 2018 09:50:47 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:46 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:30 +0000 Message-Id: <1520959836-16105-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Subject: [U-Boot] [PATCH v6 04/10] optee: Add CONFIG_OPTEE_LOAD_ADDR X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" CONFIG_OPTEE_LOAD_ADDR is used to tell u-boot where to load the OPTEE binary into memory prior to handing off control to OPTEE. We need to pull this value out of u-boot in order to produce an IMX IVT/CSF signed pair for the purposes of secure boot. The best way to do that is to have CONFIG_OPTEE_LOAD_ADDR appear in u-boot.cfg. Adding new CONFIG entires to u-boot should be kconfig driven so this patch does just that. Signed-off-by: Bryan O'Donoghue Reviewed-by: Ryan Harkin --- lib/optee/Kconfig | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index a3b7332..cc73ec3 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -7,6 +7,12 @@ config OPTEE OPTEE specific checks before booting an OPTEE image created with mkimage. +config OPTEE_LOAD_ADDR + hex "OPTEE load address" + default 0x00000000 + help + The load address of the bootable OPTEE binary. + config OPTEE_TZDRAM_SIZE hex "Amount of Trust-Zone RAM for the OPTEE image" depends on OPTEE From patchwork Tue Mar 13 16:50:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131516 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp972219ljb; Tue, 13 Mar 2018 09:54:40 -0700 (PDT) X-Google-Smtp-Source: AG47ELsNNHM9bKhnqAeS7zmEYHm4Dsl/BIvqxVr+7ieXfvX+1GMMqkmC8cipD0hqNAdffn+aXPne X-Received: by 10.80.211.19 with SMTP id g19mr1568767edh.15.1520960080120; Tue, 13 Mar 2018 09:54:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960080; cv=none; d=google.com; s=arc-20160816; b=ebFKypVJyPmn5EzY2BoRLSXu+kUQTEkyM7S0Kz0bYytMILuMSh1iFTMxIFPSk4bw6F dR0nYL9BnjdjipVWjVMRzblUuHisD2ZVe65A+LVBEeVGPrl9aZyMkgngi/BnZHZJsl8i 2qxUNUkGR2rzE00KjEW+TSceVvnru8CWgQ6WfC1erAsqTG08+my/cuGvAMbxz8AXGbJu 4KqevCW1WLzALQruStL9qJUOOl1HDR3Y6OK8iQigrsNXwsVPqB1E4Te5Twu+IjgGTy6/ sZJ9WZ2uRcO4CpY9RB1Cmgn5V+ExRVo2UKoCfBfzIHBaZHGoJV00k1FpjB7MDFaUmLT2 qUvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4CcwC7FBgW8X30HcQeHFFZHS6A58CAZ3P784+gQMGDU=; b=ha3t2bTveKZMALRIYcw2EP3AmXHIPqFIUIxDyDIArw7k6gyd8ZqzAQukuBt4HbvX2a VeJnF1rSnkZO8ktoT7JSIXcVzbO/ZH/d/MLtWmMcTeBENUp7by52Hubr00GKGcYqTR43 Rn/N/lfEI/a6kG762ah4WlgsVvIEF096RtZR479FN4hvw9qBSQc8oTNPgq7kX6CzBmQr gQiNplvzTixcngCjIn2ETJwPAiRrXvon7KdQIZ/hfh1B2vzGYVzBi37J2rB3MT+4w+HM 5NN8r2jr6iMPXynSn8dpGtwdjd5OxCRoljh9i66LWRRWw/dHX7lK6rz73BJa2lYnb9Hq hTQw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JGKZt0my; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 7si353736edj.485.2018.03.13.09.54.39; Tue, 13 Mar 2018 09:54:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JGKZt0my; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A8338C21E15; Tue, 13 Mar 2018 16:52:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EEC04C21DD3; Tue, 13 Mar 2018 16:51:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 6A6FEC21D72; Tue, 13 Mar 2018 16:50:54 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id 1BA1EC21C8B for ; Tue, 13 Mar 2018 16:50:49 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id d10so808251wrf.3 for ; Tue, 13 Mar 2018 09:50:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=JGKZt0myK1JWf9Nrv6qUxZjmgM0U5FmG/pzcFRSghIhlGt4NJCohP9R3ppo2lMR49N NH4nHHzzlF9zVZtNwcIg4PeNUp9Win8pALG9rcSTTkly0oKdt28EXmIenCze49PNpSjj l/CENyQi4EoOrUckg4W4+VrYYyakthXeVyPkc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=FXAkDR1dv5SHSLq0OXCb8Daib6WGPVw+v8ofqWd2465jIYxv8jZxL2CuZVskEAqoRU AZ+Z2wGT7TJiZw8Ipyh3rU06QnJI1F8dQJoV4JTG3Ovzw/oSkEPImH9lto03hTaHrcM6 mYU3cAjsqEJor6jBFHjSY4hcRRh2nzq7RPKIiJiBSHBJBnWkVOqqWdwRDf57zSeldJMT 49SAf8Iju7fExCcPhUIKAWSoQNJy4NkpRgTZvhW/3PXB6pweADAoZlQPCp2nt5ToNjZh pK8mZZ7o8b4X6nzWMPkI7LeDiT/oTUStVSgdhCmWPREl9nY5DdMI87pnC/DVKatHf17j y98A== X-Gm-Message-State: AElRT7HfaqS2DQ1PZQGRo4sSIbCly4dKIPZX4I/XHCF05kKFpg9+d4aT MmZXPe2PpKwr3kR1ydee+F9+Ymj9AV0= X-Received: by 10.80.213.150 with SMTP id v22mr1622777edi.58.1520959848606; Tue, 13 Mar 2018 09:50:48 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:48 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:31 +0000 Message-Id: <1520959836-16105-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 05/10] optee: Add optee_image_get_entry_point() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a helper function for extracting the least significant 32 bits from the OPTEE entry point address, which will be good enough to load OPTEE binaries up to (2^32)-1 bytes. We may need to extend this out later on but for now (2^32)-1 should be fine. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index 8943afb..eb328d3 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -29,6 +29,13 @@ struct optee_header { uint32_t paged_size; }; +static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) +{ + struct optee_header *optee_hdr = (struct optee_header *)(hdr + 1); + + return optee_hdr->init_load_addr_lo; +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Tue Mar 13 16:50:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131515 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp972211ljb; Tue, 13 Mar 2018 09:54:39 -0700 (PDT) X-Google-Smtp-Source: AG47ELuW3HXxmoWfBIxoLkW7cK8erENgjwFdFNZuiGe+K1PNQKB7BiLNYGGyRMtr4dKXdP4Hfnfc X-Received: by 10.80.194.201 with SMTP id u9mr1561196edf.179.1520960079720; Tue, 13 Mar 2018 09:54:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960079; cv=none; d=google.com; s=arc-20160816; b=YNAqnCdhgQneLISvrXw9FjY3oc0Pdby4Vfc6pSoR9lD7fC5JAe8hhl8Y5Zl3UeI7X5 mwJIV5cbI9wvrtSkUH3BLqVk1XRJZU6r7anTGdVGg2RiaqxjjyKDjsaxQG7zFv2NsUVG E+h+9RcvzXWPNh22ZVwAcEdDgktq+UZFTt0rh8lK25uMhuMxipxVrIkGkLiUiRG4noJm ZDom2uhsnLw92/LwLbAKPXkx/QlsjRUsU37guvnhNFW33iSKF7gKn1vX1b8AsTbnyllW jVn1FSHEfFnPl+FmVPgCIZAdJ2azfWXWJc5gmBX14pAlDYnZmc4aVfHjYX/TmLLrXy6G 5Gdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QaYroxNd3askNKowPokMN25W/t4qBXmwlbEd13MrC2M=; b=KRK2pBgxKImUrkDqyWUImtGcQlvdEDx4ubSSuKls3V2bB5mCARp6AmOpAIvMqm5Iuh W2iFsl+DMUfr0kPoJaQi9UQDiqotF1MfXUqtkefqEf2JA69sN4x8fg/YNqoVZbbmrB2Q p3vQUt3wg7lCM77RQT6eNqj8O+epj8vJ56GkZ6eWo/RBQ6m94LMTBEXA/Kj3sCQg1Ahg IDvsL9czFhgqMjUNg+N1PVORyvwOuKJEoBPhN0dpnjVE7XdpuhUPOocnRZZnZj5Zu+PZ 5qHDihhpSCrDYbMIzHi+28XG85c4dbwyQvySeON2h9BDX05wx01jreP3/aXVEmhGpfKq wi/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HTWtLs1n; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id a58si387654edd.351.2018.03.13.09.54.39; Tue, 13 Mar 2018 09:54:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HTWtLs1n; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 55DFBC21E1D; Tue, 13 Mar 2018 16:53:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 51125C21DFF; Tue, 13 Mar 2018 16:51:12 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C1E0DC21DFF; Tue, 13 Mar 2018 16:50:54 +0000 (UTC) Received: from mail-wr0-f194.google.com (mail-wr0-f194.google.com [209.85.128.194]) by lists.denx.de (Postfix) with ESMTPS id 701D3C21DB6 for ; Tue, 13 Mar 2018 16:50:50 +0000 (UTC) Received: by mail-wr0-f194.google.com with SMTP id v65so733533wrc.11 for ; Tue, 13 Mar 2018 09:50:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=HTWtLs1n6iwMLzulW+KiKUk3KLpdkPy3dVs3fT13dDmogORClbCJatO5KmY85b7WyX qC1JAxCWtj8584LcMqkb6QDKVL0nuzaAhfqS5fKOXzKH3BAtuncObqaGIrx9tzghjVTu sx+ZIR16FICizmQvX/5pGO8MEIDDuVTs3jodg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=RWO4Zi6mpd+Act4Om9bEvZvXgB4zvsV5CQ9q7Cil/olQPA3uK7YI9m0XuscRjdSK79 jkD7Bw3IJlAqpwp/TIf5CtozNQXheZMTQP0GKpjSG/uW3ukSqWjQZuiRtEgpCviyqHu3 oFIS2vZM1CcwMS0O872QCDdNHhKVHRYEasnS3kS6/a0dOT1u5qT7fhsvUEc6xOIrjx3C WxjCiX38U4M9BwZNDmEN6n2KJwbxY7C9njM3g3cDhHRPter9HI1MEghoTSRLF6dSdqTX Noon3CuN/IZX5Rn2ghnmyij29Csum2UsWqHY38X3CjJVqvSSDDD+BV9vMN9v9ZvtaN+d HGWQ== X-Gm-Message-State: AElRT7GNvTTV5RFbUPVhxdpD9V2ntKUxqovo/QjjrcJ9jn4sBMncYBZs wKzfEhyXLw/R39VgxKlC56vc4eHONjU= X-Received: by 10.80.247.195 with SMTP id i3mr1589886edn.121.1520959849996; Tue, 13 Mar 2018 09:50:49 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:49 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:32 +0000 Message-Id: <1520959836-16105-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 06/10] optee: Add optee_image_get_load_addr() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_image_get_load_addr() a helper function used to calculate the load-address of an OPTEE image based on the lower entry-point address given in the OPTEE header. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index eb328d3..e782cb0 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -36,6 +36,11 @@ static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) return optee_hdr->init_load_addr_lo; } +static inline uint32_t optee_image_get_load_addr(const image_header_t *hdr) +{ + return optee_image_get_entry_point(hdr) - sizeof(struct optee_header); +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Tue Mar 13 16:50:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131517 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp973111ljb; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) X-Google-Smtp-Source: AG47ELs/B5MxqlH1xuZvrdhQ7YMxCC+nSYd4e/XYI3ygqZvIKr4zOZIG6hINfQHAfRZnGwLYKPzd X-Received: by 10.80.232.69 with SMTP id k5mr1554413edn.133.1520960137616; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960137; cv=none; d=google.com; s=arc-20160816; b=o6CWKwpleN9j/bGc7Ki2uNL+Q3ayo+ecb/H4yJCYj+nfVgCZ6VhypuporcnwKpNnVf x5129vSLKRteI9hqbNHyH4RiHhfFuFVFUOH/FAThssSsOK89nh3mixBJsDS1LS/ypvd9 ljUBfZ6FLfr49gBwo9hObdV1Mzdpt/KOsSOznDqx8LqUg0vRGHkUfnZ3iFq/RgKGEzIM 0UHO8Re7z55nRqukLzywrcBOXtMxl/RMLeO/7KLRtfF6C2tmOCBDZZL6lpKCwivbMKBX luE/jYdkwG3n7tq7EzLgeMZqfc0CCYvAwMqnRYsoT/rjOq0hU9chSIrDQ4S08SjIBDBl 27wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9P+Z1ULXkjhKLCgHMUrqkg4Ilk198k9kAIZoBGKtpWM=; b=jqph0ZRBz+wtU70ljP9j6vbnf9pzBWmQ5AHk7H58L3A//8EoxDnrTPWQyt8icnfbhO drt++rztdKtRNRmUQa5FqMYJERSDJW4BzmF7IfaXBeObKBSIdfCbGt3PaqF4/7gBgKhX QOI4z8/dfgIYBe4s/ElOP7rGMt/1EA9fL5gGpy5PL/Ogss9FXmto0gv+51qgPqcl0Vws Yu4u6OBC3nPj74xmtasqMVow3EXMwLbdPS5molGijxpTJmBpkuoyIbuVWoIKqkc5aE09 ZzwFpy+6qu2gaW27I7ssEFR8HLIDNtdYmWr0KmuPdLXCmYu0SuUVxTptdOndXYfw3aqI ik6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OaWf3ya4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t32si421440eda.188.2018.03.13.09.55.37; Tue, 13 Mar 2018 09:55:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OaWf3ya4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 290BBC21E31; Tue, 13 Mar 2018 16:53:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1C244C21E12; Tue, 13 Mar 2018 16:51:16 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5479EC21DEC; Tue, 13 Mar 2018 16:50:56 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id AEAD3C21DE8 for ; Tue, 13 Mar 2018 16:50:51 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id r8so837212wrg.0 for ; Tue, 13 Mar 2018 09:50:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=OaWf3ya4neAxom3Uo0erpKEtr6k3jndiSfeGoHDsqeYqmak4720d7LV60oTU4YpK0y CO2/FUn+WpCriB1lW5jDiwxEpheCVjYDd1sw2Nh0Awp1V6macz5uZ0DaCd2/gktWTjVs noSZxx4Xxe9hMtWFuhFqrqN+72AhksbIA3R+g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=bvTwemfoWJ/lTrWQUltju0KVEfMHz4oyQTKWOpg0IWLrYMK1/n/zRHCPrmRYzcmkOX 8/9D13lYnjqSV4ueaFZJDPQ+5B2Rfm8uGTLRnd9HNTZFl7WJY6Bhx4ewlJUVwzeTP8wq NvCM91H3xiPRjdVBzpUldwZjHW6HJviL5Q20B/aHozWdAkVrTIg1DHix2tGlwmShHKil ucktF5pa3WzSmMRPPgZYtahuP6Fl/QtZOfhEzoAHzFUlk6ioTxynbCUzPCYF6JXdxbtC NnXrJVj2cu0PFqeMDAKEED6dZltUXYFFA9OC+zeq/Uiif/+OJhpSl1rKT5R+qFk3E1M2 ZX4w== X-Gm-Message-State: AElRT7GT7sIk7aCKKNNbRTn9NXvs1KqadsmMDVmx+jqAYaawsQMFuedk 7XX0aISwFwIkS+rowFPml0mwzMjczMQ= X-Received: by 10.80.137.83 with SMTP id f19mr1534363edf.206.1520959851247; Tue, 13 Mar 2018 09:50:51 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:50 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:33 +0000 Message-Id: <1520959836-16105-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 07/10] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +} From patchwork Tue Mar 13 16:50:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131514 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp972070ljb; Tue, 13 Mar 2018 09:54:31 -0700 (PDT) X-Google-Smtp-Source: AG47ELtngcFh9hW7iZ6oY17UrG31z1C5XBuCBOZIZyfnwp/QK6VqtaS4FPq0CkROkmbBSyRRZWRY X-Received: by 10.80.137.215 with SMTP id h23mr1592707edh.302.1520960071511; Tue, 13 Mar 2018 09:54:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960071; cv=none; d=google.com; s=arc-20160816; b=WuI5MG8w63RRdQrGT4vNND/DjeI/PylqZgaf4tdWURFLRKb1qOtIditrucqwJZOlBJ gjRRSIh2y/oQkgZiGR3ffBk0QUeXVvEHcldf/i2QjHTQD4RSrtOuK03TjQ8/7FfPyn6W nLIHyVlyGyJnvXPL5ieTWabrETVMWiB5ucPoiEeWHPOcunBcwIJjhJt2GUUkPgNe7oiC 2SrLKLC8UF4SJahxI8dN5Il9Q3NFpmx3JITsLzSJGiEa8oQc9rQSBxpjx/YNshYYy0lb ypRddmYDmq8Yd9OmEF7W38sPCeNZG8MEKNvL2C0yh2BA5JM78ncTdW0x1B0X6xy+LFYK WzNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=k2G4x2/VptXi91LLzWj2/3r5duQgFPomWnrH9Y5Gw18=; b=zhHqTvGBa7WmaAQo6Zp5RRkUHg42MW1IaGB0rqNZxrY8DuukHBMnGVcFDgFoinHZ9b plEz0F49UVgv6t0/9paX3LZea3KC6jmxw5H8uoa3n9GedkKBHq+bGJFrfOWa8hcM7Wd8 61VJhaTvHlI3Ha8kGlHa8tY8ioz8BcD/OATCNuUxIya8crq0PkPHkQolcjbkP88ucK50 hpMfqz67BHF5Dv1GpoNvPmdkqbSnK+nt15Lm5DnWxszEewOf/wY+mdAnxE9VyIDxU1y7 1ppQYXlCDh4pUWfXeC9bqMKlkegZaxeaEYcArOtmOKU522gmLjUA/6esSpx3vwi+TutT k/Gw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CF1Ptu88; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 30si388665eds.58.2018.03.13.09.54.31; Tue, 13 Mar 2018 09:54:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CF1Ptu88; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 22BE9C21E02; Tue, 13 Mar 2018 16:52:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 101B2C21E44; Tue, 13 Mar 2018 16:51:02 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5E5D1C21E49; Tue, 13 Mar 2018 16:50:57 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id 025F7C21E2F for ; Tue, 13 Mar 2018 16:50:53 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id m4so773773wrb.7 for ; Tue, 13 Mar 2018 09:50:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=CF1Ptu88gr9T3MP4GQWcBM1ZcAsXQz54VK5GTP3KMTmVS1QbGI9cO+QmZtJKZ7TvWr An1mgQfAKi8/kaChMC0mfTk+5yY6fpW5e/7qeOVq2Jqy6/C/AagbN7GkhSL38sHmsP4r 0MSiV94w3c7KwLTQNBUvqQfkIMUDD7e/rMhyg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=E4gwoxQaml+10xplvqNDt0h8kPGiJstFI5OU1Vjh6gR4YfiPSfmnxaNEfQy1rcB+pN Sxn/d/vAsorCBeMFEgjg44129RcEadMeb2wDpj5ZIG948Rqbq1zCyznCyMUe+n0M1H+H T6SL1PqZVUfRd5jFbSLnF8cGNwTrPnGRgoH/2GmjmAG7i9qG+UKdj388kQe2+QlBNG/5 ZOgPShQ+s/d8HDEOghiBRqf4v6hKGwU70vFN40rdSbAzxn1HTA2+6mrpMTqiaxCMbH0Z Rssro2QLv8xPjq/Ppmf3ujEiyCvKRdT3015RvkDFBqX1Gy2YsnHc9MwqQsHiV/+l0slN Kulg== X-Gm-Message-State: AElRT7FB865WyKrpMdxgLVhiKBuhioFs2+2EZSws4NuRfyIY8n9gKd8A zIl3zK5C8tNTccjuUbbHg1knfxvlWlQ= X-Received: by 10.80.164.82 with SMTP id v18mr1538741edb.115.1520959852504; Tue, 13 Mar 2018 09:50:52 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:51 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:34 +0000 Message-Id: <1520959836-16105-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 08/10] optee: Add error printout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" When encountering an error in OPTEE verification print out various details of the OPTEE header to aid in further debugging of encountered errors. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/optee.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 365c078..78a15e8 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -8,6 +8,12 @@ #include #include +#define optee_hdr_err_msg \ + "OPTEE verification error:" \ + "\n\thdr=%p image=0x%08lx magic=0x%08x tzdram 0x%08lx-0x%08lx " \ + "\n\theader lo=0x%08x hi=0x%08x size=0x%08lx arch=0x%08x" \ + "\n\tuimage params 0x%08lx-0x%08lx\n" + int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len) { @@ -42,10 +48,19 @@ int optee_verify_bootm_image(unsigned long image_addr, ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); if (ret) - return ret; + goto error; - if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) { ret = -EINVAL; + goto error; + } + + return ret; +error: + printf(optee_hdr_err_msg, hdr, image_addr, hdr->magic, tzdram_start, + tzdram_start + tzdram_len, hdr->init_load_addr_lo, + hdr->init_load_addr_hi, image_len, hdr->arch, image_load_addr, + image_load_addr + image_len); return ret; } From patchwork Tue Mar 13 16:50:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131519 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp974424ljb; Tue, 13 Mar 2018 09:56:57 -0700 (PDT) X-Google-Smtp-Source: AG47ELtWDMmn+HejemcSWKrK3x+dsqAjxqjnhFu8B9bEcJROf8bAjwaJFczW8TrZKoITvdvvw9hX X-Received: by 10.80.138.155 with SMTP id j27mr1642790edj.36.1520960217210; Tue, 13 Mar 2018 09:56:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960217; cv=none; d=google.com; s=arc-20160816; b=CNhS1cxpA6q5xlLnhUEJm4nK5+xJMQnmwMRV1eoAx59/yXe76BMdqL8mIxz7kEUk4R UsxECYGshxI4eYghjSEm2gBVji93cNB/yWM9+PFB+ZQpjoW7ErxXlcY8TGaw6BwToNsc b/ewKc7d6+9EtBA+0BA8hfOX2WRFg7p5RalmMwVYfIcdAhl2kraJYCkz587IJvac5fmi BFCvAcqMH4A3wCqRjwULuhJ78R5nLIED64/luEBOxzNJnXloGvaLMHCiz8lF+yAP2rkk iEwFPpgqvA67ZyB4SjUov33uKVcZUFpNEnuRjePjLDr6VjTOvMknkV6noOfEjbACHonw fNhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Nxpv16LWVEZoKd+RBY6AU4YSanVUUR5YuTIbpNNa33w=; b=fPTKLzoS6d+MXJXsFc6bZq/8D/ph4CdX8KaKX82IBz7VEjLziLwyL8CflF6VKlCJVR TVjZxVcN3k6e2I8tHaTUazN5RGM5XAGEypdmrPhSZdz+Yon85HBu0ySNh1froVTN+euM ElGyuvBjjctsp8OjPYX8Am4NTuJE9pego98WuJlS9LAXzeIPWgAPobrKLS3kZ7TSmwK4 W2OPl6q6iiGbepl0U1DeWATNbBdMO8812pleTF8e0UvuyEvdnOhMuL/Gg3xEmGIP7cIL ytyituigqqwxAxdcxVf08acnRKBFKQD+fu84LFdyXT43TcunLYuPJEdfeQz667IoWwEy UTIQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=G87Lyahf; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k4si401333ede.6.2018.03.13.09.56.56; Tue, 13 Mar 2018 09:56:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=G87Lyahf; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C1589C21E0B; Tue, 13 Mar 2018 16:53:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 22A0BC21DB6; Tue, 13 Mar 2018 16:51:18 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 9BDAEC21E3B; Tue, 13 Mar 2018 16:50:58 +0000 (UTC) Received: from mail-wr0-f195.google.com (mail-wr0-f195.google.com [209.85.128.195]) by lists.denx.de (Postfix) with ESMTPS id 5BC33C21E02 for ; Tue, 13 Mar 2018 16:50:54 +0000 (UTC) Received: by mail-wr0-f195.google.com with SMTP id n12so812584wra.2 for ; Tue, 13 Mar 2018 09:50:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=1Xeau/pafFYygWJPzlvvGX1TfjvwM2oL9f2/MJ5tLUQ=; b=G87LyahfHIAgVaEEUjlt8UfP6xSivkq+Q3Ij9PgQ/XyXXQhWiBiFs/XXrYwx2yDG3t 7Hs2fr8VBL3K4GpkuN2roGvTZk87zSCmNXqUEGSyTlcq5fXcS+WeJB/GVjkCrP+LL+di MWVJ2AGcBid364FKktEvuhf3JK1EFsWXKuMus= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=1Xeau/pafFYygWJPzlvvGX1TfjvwM2oL9f2/MJ5tLUQ=; b=Qk8V/gvPPtjGG3jXWEFO76QDzP/ktNUXyrCPtz9bRRqq6/sjbjICc48KRAvocoEThd Cm2rS8+cO5UNWuZc4tzLF/ltXup2vPZxox7PEO5qZa7ghnF/sRvoVHNHBEXGIOobsUTt o5tFZiX8u/p6ozl2IhXQV2Z9oI5L6Gc6RT+ZC3F8lvUc/oQakk86HFhp7FlsNEyk8Scn BsX5gjJPIVwTd3vFGEcZFw5ROioCjOMKezTvppMZBRtkzMKNrHHFVccip+m3RKC12kuS EV4D8Q8lKCXBciFXtSYAma2evooHvUw/RaIcvY1dJP2txzzcIkX++RbdU6RChF5C96hI lz5A== X-Gm-Message-State: AElRT7FkaHgeBfN8L0lBYT5gRUx4ks1e7tDtSvuPgkDf/PEWXCPULz4s IIQnvDpemBAhUA2CsLAltPcbsNipVBY= X-Received: by 10.80.154.130 with SMTP id p2mr1572288edb.211.1520959853769; Tue, 13 Mar 2018 09:50:53 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:53 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:35 +0000 Message-Id: <1520959836-16105-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 09/10] image: Add IH_OS_TEE for TEE chain-load boot X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds a new type IH_OS_TEE. This new OS type will be used for chain-loading to Linux via a TEE. With this patch in-place you can generate a bootable OPTEE image like this: mkimage -A arm -T kernel -O tee -C none -d tee.bin uTee.optee where "tee.bin" is the input binary prefixed with an OPTEE header and uTee.optee is the output prefixed with a u-boot wrapper header. This image type "-T kernel -O tee" is differentiated from the existing IH_TYPE_TEE "-T tee" in that the IH_TYPE is installed by u-boot (flow control returns to u-boot) whereas for the new IH_OS_TEE control passes to the OPTEE firmware and the firmware chainloads onto Linux. Andrew Davis gave the following ASCII diagram: IH_OS_TEE: (mkimage -T kernel -O tee) Non-Secure Secure BootROM | ------------- | v SPL | v U-Boot ------> <----- OP-TEE | V Linux IH_TYPE_TEE: (mkimage -T tee) Non-Secure Secure BootROM | ------------- | v SPL -------> <----- OP-TEE | v U-Boot | V Linux Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Link: http://mrvan.github.io/optee-imx6ul --- common/image.c | 1 + include/image.h | 1 + tools/default_image.c | 15 +++++++++++++-- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/common/image.c b/common/image.c index 14be3ca..61e3d25 100644 --- a/common/image.c +++ b/common/image.c @@ -100,6 +100,7 @@ static const table_entry_t uimage_os[] = { { IH_OS_OSE, "ose", "Enea OSE", }, { IH_OS_PLAN9, "plan9", "Plan 9", }, { IH_OS_RTEMS, "rtems", "RTEMS", }, + { IH_OS_TEE, "tee", "Trusted Execution Environment" }, { IH_OS_U_BOOT, "u-boot", "U-Boot", }, { IH_OS_VXWORKS, "vxworks", "VxWorks", }, #if defined(CONFIG_CMD_ELF) || defined(USE_HOSTCC) diff --git a/include/image.h b/include/image.h index dbdaecb..a0a530d 100644 --- a/include/image.h +++ b/include/image.h @@ -153,6 +153,7 @@ enum { IH_OS_PLAN9, /* Plan 9 */ IH_OS_OPENRTOS, /* OpenRTOS */ IH_OS_ARM_TRUSTED_FIRMWARE, /* ARM Trusted Firmware */ + IH_OS_TEE, /* Trusted Execution Environment */ IH_OS_COUNT, }; diff --git a/tools/default_image.c b/tools/default_image.c index 4e5568e..c67f66b 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -18,6 +18,7 @@ #include "mkimage.h" #include +#include #include static image_header_t header; @@ -90,6 +91,8 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, uint32_t checksum; time_t time; uint32_t imagesize; + uint32_t ep; + uint32_t addr; image_header_t * hdr = (image_header_t *)ptr; @@ -99,18 +102,26 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, sbuf->st_size - sizeof(image_header_t)); time = imagetool_get_source_date(params, sbuf->st_mtime); + ep = params->ep; + addr = params->addr; + if (params->type == IH_TYPE_FIRMWARE_IVT) /* Add size of CSF minus IVT */ imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0; else imagesize = sbuf->st_size - sizeof(image_header_t); + if (params->os == IH_OS_TEE) { + addr = optee_image_get_load_addr(hdr); + ep = optee_image_get_entry_point(hdr); + } + /* Build new header */ image_set_magic(hdr, IH_MAGIC); image_set_time(hdr, time); image_set_size(hdr, imagesize); - image_set_load(hdr, params->addr); - image_set_ep(hdr, params->ep); + image_set_load(hdr, addr); + image_set_ep(hdr, ep); image_set_dcrc(hdr, checksum); image_set_os(hdr, params->os); image_set_arch(hdr, params->arch); From patchwork Tue Mar 13 16:50:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131520 Delivered-To: patch@linaro.org Received: by 10.46.84.17 with SMTP id i17csp974724ljb; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) X-Google-Smtp-Source: AG47ELvolP+UaOZ9IFM3/fyhs1mN8AzISc8L8UNqTBBX/V63cIkTdjVsuvbrFbwVsjSlXw1pz7nA X-Received: by 10.80.194.10 with SMTP id n10mr1619187edf.84.1520960235624; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520960235; cv=none; d=google.com; s=arc-20160816; b=a5jSYTw1CzqPF354qqelTkjKsvva/ciOiRWt3YEys1X1xvd7mvckVl1qPXsmIbB+N6 8BaVjPoBElc7NkRt4DaFxAgKuPAZdRn8XWmGMwvaasRqq7Ik4xDpdcfIlF/0NOCa+3oN VOLsVu++V0KgoUoS6Mxf+Oo0f2Ui270sMkS+hc2DdwUtMharZo6CesNuUlahG8u0NYPt 45opt06/+kjFTw/Ta7ME37t5BsRFA5d6rYAjL4HM0CW+7T4JT8qiUMmoICcyIvv6W7Az DGyLwMhsdd3srLSesXl8AyasDVskRPR2TR9dRLAoxEgo3d/T3vor2g0RLVdV0fV6a9vr bYaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=poOiDwugzhKHEbr6x4e5IZd7EOHNJ9utrnEEm4Mqryo=; b=pXRpTFjRH9j0+ZBKjmnjoGyptOyD5w2TDpPSO+kEM8gvPAzgwVMH5HO7r9Otbmre6k X3ZCcKkTJ6FiBlH85Hjh+3SJq2NSlu2h9UTpZjgoQ2mArt8Kj1f6fiKwAC+50Vr9mjlU urf26kxZnbsnLSTAMSBQkWf5pvKp4LJTvqVpVyRZl/6bkfrIr4cq0CJyDgST7n71ximj eEynzPFQryomnVykEnDF86Lu6KVceQ2MS+s1q61sQZOYNeX1hT+zU1ZulCUYyj2xp7tH dDcTHI9YZ6XSGyvsqhv4hLLe8X+HLbxAWvDIS7gy1jANuxSfNa2WkjVBPhI7GIu15sLf ABfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=excbl+Mc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id e25si167067edj.407.2018.03.13.09.57.15; Tue, 13 Mar 2018 09:57:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=excbl+Mc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 0A71CC21E42; Tue, 13 Mar 2018 16:54:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 64106C21E6C; Tue, 13 Mar 2018 16:51:26 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C9A1CC21DF9; Tue, 13 Mar 2018 16:50:59 +0000 (UTC) Received: from mail-wr0-f193.google.com (mail-wr0-f193.google.com [209.85.128.193]) by lists.denx.de (Postfix) with ESMTPS id 459F0C21E08 for ; Tue, 13 Mar 2018 16:50:55 +0000 (UTC) Received: by mail-wr0-f193.google.com with SMTP id l8so797424wrg.5 for ; Tue, 13 Mar 2018 09:50:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Gz0kemg1q++IJnGVn0xjNSFvoHvWf2ZJx7Qiuf0Cyzw=; b=excbl+Mc4iOkRiMekY061MxCtmR6sYZ0B5oalO30MnXnIfsKcC2IFgJ6ANMqfHoqT8 98PWLJR5RrPo6JLE39D27lBNBUPyJvh+IuK6WNhk7U5D9gNC1vbmTB7VSvhq52UysVOi iadu1RYz2wM5/OTWTUCQLP9PYpQ9ubAxNOnpw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Gz0kemg1q++IJnGVn0xjNSFvoHvWf2ZJx7Qiuf0Cyzw=; b=DnWQuREdeNtD+kWpzdjr0mi9IbBq6QZfBXgwd2vRiLguyHHVedLMFpdABwicCu8Amp jrkRzMrEtXXQF7xg2gj7AyAyB+DVJHenawnl6UwcD9ebQPoy1wsQWvwyTOT/gQe9n7vx IxglikPp315z11XYXNHgAvzT3P55RxeA9/uM4kKycleThH1B5k1neIv4A4pgM1EySqM/ FOiD3sFA89li3kmlujHQ/V3R704lYR1qlhWdRqXnc6dL+iJzgzveMtaTxFb8Nr+SY/QP oDoBYaFekz93mfEFqGonAyF+Q1QAYuAYqTLL3uEM2eD7tHymoMKZfKA1j9uhUjYzN2vv izvg== X-Gm-Message-State: AElRT7HxQENcISQtHeWUPQaRZfm49V/++TGsn0pCpcy5bCXPZ0LpOv33 gKd2eEhYbG/+xCsDShOG3ZsX9k4/wWE= X-Received: by 10.80.147.21 with SMTP id m21mr1585379eda.175.1520959854777; Tue, 13 Mar 2018 09:50:54 -0700 (PDT) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id 33sm476671edz.37.2018.03.13.09.50.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 13 Mar 2018 09:50:54 -0700 (PDT) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Tue, 13 Mar 2018 16:50:36 +0000 Message-Id: <1520959836-16105-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520959836-16105-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v6 10/10] bootm: optee: Add a bootm command for type IH_OS_TEE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- common/bootm_os.c | 32 ++++++++++++++++++++++++++++++++ lib/optee/Kconfig | 9 +++++++++ 2 files changed, 41 insertions(+) diff --git a/common/bootm_os.c b/common/bootm_os.c index 5e6b177..b84a8e2 100644 --- a/common/bootm_os.c +++ b/common/bootm_os.c @@ -11,6 +11,7 @@ #include #include #include +#include DECLARE_GLOBAL_DATA_PTR; @@ -433,6 +434,34 @@ static int do_bootm_openrtos(int flag, int argc, char * const argv[], } #endif +#ifdef CONFIG_BOOTM_OPTEE +static int do_bootm_tee(int flag, int argc, char * const argv[], + bootm_headers_t *images) +{ + int ret; + + /* Verify OS type */ + if (images->os.os != IH_OS_TEE) { + return 1; + }; + + /* Validate OPTEE header */ + ret = optee_verify_bootm_image(images->os.image_start, + images->os.load, + images->os.image_len); + if (ret) + return ret; + + /* Locate FDT etc */ + ret = bootm_find_images(flag, argc, argv); + if (ret) + return ret; + + /* From here we can run the regular linux boot path */ + return do_bootm_linux(flag, argc, argv, images); +} +#endif + static boot_os_fn *boot_os[] = { [IH_OS_U_BOOT] = do_bootm_standalone, #ifdef CONFIG_BOOTM_LINUX @@ -466,6 +495,9 @@ static boot_os_fn *boot_os[] = { #ifdef CONFIG_BOOTM_OPENRTOS [IH_OS_OPENRTOS] = do_bootm_openrtos, #endif +#ifdef CONFIG_BOOTM_OPTEE + [IH_OS_TEE] = do_bootm_tee, +#endif }; /* Allow for arch specific config before we boot */ diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index cc73ec3..1e5ab45 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -28,3 +28,12 @@ config OPTEE_TZDRAM_BASE help The base address of pre-allocated Trust Zone DRAM for the OPTEE runtime. + +config BOOTM_OPTEE + bool "Support OPTEE bootm command" + select BOOTM_LINUX + default n + help + Select this command to enable chain-loading of a Linux kernel + via an OPTEE firmware. + The bootflow is BootROM -> u-boot -> OPTEE -> Linux in this case.