From patchwork Tue Jan 23 20:41:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125588 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1993618ljf; Tue, 23 Jan 2018 12:43:07 -0800 (PST) X-Google-Smtp-Source: AH8x2276S+vU+678teq6RpSeZ8I/MEx8/Vx567XgZ6grhwqamTmIO9dMsCSKIBlAxkA6+LsvQj3+ X-Received: by 10.80.163.185 with SMTP id s54mr20321547edb.228.1516740187632; Tue, 23 Jan 2018 12:43:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740187; cv=none; d=google.com; s=arc-20160816; b=cgy7iDNXeE4SKgVJxjEN3pUZt8gm5gD7/z4gPaBVUpiGze7D2oO+L6RaeiNWaf5h1C MyVRLUl/DnQwrRERMPFJ6kPnGpreGeXD5oHcNKwBnqDABLd6fwNQ5na2iscoiiq0jcx4 1RMl0AOF5422sxhieAAPuka0gyUbNi+j5hPH66TxART0S/blS89n+oV4gxJ8OZshgvzx +TxGf7vNnRivuDtmATDYbzJhIFMm/24rISqIX958l+cQRDvWVjl0hmB39pkzDUb6kW/T YovxhBSAPjEXJccimQUOGLCd05cQy7XUe3Urp6Ak252ZTGkKl+7WsK9ZcwnOvNBwJ5sJ hSUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=jZfgx5i8xW8Q9Vm4cVALxFaYSbkRNQG9IyAg3dyXsdk=; b=El3szy3TfKKa6UxoEydjKZyzLawq2Zu35gjjBwSrJfAsa37pFR6PVei7JnTXrwrcqK S+wgmhnGYtjVXag2UMBy9C66iAnIM75LEOcqk+HODFnYzxbj1sxoxrgJANkUv+bVNvYj RW1SFHUVOTZLe83EEjDDGNf7jaU40AQkSUO9Sc4rLnvbHeJWLrLjBGvPB6eKDMaij5uy jW3pu/9JBdsGau+zdMTjpfCTZKZJQ+qR59/oEXjqirBDsd6Go0yP6cfMg82QrTGVw3th An7qPS92U2n1cRabTgCUqOETQ/OVjpcj3CIzETU54U3mCyOoAn1zT9xH+XtRxerNSMdV jZbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XmBomCOh; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t6si7146498edt.380.2018.01.23.12.43.07; Tue, 23 Jan 2018 12:43:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XmBomCOh; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 45EF1C21ED5; Tue, 23 Jan 2018 20:42:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C4B8AC22114; Tue, 23 Jan 2018 20:42:06 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 202C3C21E65; Tue, 23 Jan 2018 20:42:04 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 9F0D0C21C51 for ; Tue, 23 Jan 2018 20:42:03 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id v71so4470732wmv.2 for ; Tue, 23 Jan 2018 12:42:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mq2x97of2VAHB4zGwZvHJss122SOJ8tl4fM4NvU4R8k=; b=XmBomCOhPqOSbHNti9Z6I5sATKdhDWxqxvXgIMz0raBptcdTJei+rZ7S9O+oHEFKoy dLHxD3vH5QrksmXdvpa+P6u6xvzDJdbKq9mAPTtHO8iDwqCQIna5oU9wPsozROdKEdOF e2ciC+M8vIHIZICOLdXTYqaMuc0Z0vamYZr6A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=mq2x97of2VAHB4zGwZvHJss122SOJ8tl4fM4NvU4R8k=; b=LXGpjbcbEqRsfJz18S+GQgUUSLmyDaAeGdZLwJC+02dCVLn6h7JlAqZuWXwz/nq/UP YZQH0IWDU2TVrTJNGXdmy9ne5etzseSZl8iMTw93q5tWF0SPDeoqfudfbaMzRtsjIWwj lBUv5ZIt4Fa91iwtTgyrMpL+R6yP+sOXljuBXzGgmKmSZgxsO2aFixkX7itlkJ6bhzG1 kyom/gdX+m8n8adVU+aqexIiNwbhBvIDNQLSkbm52gxhr5V6cDA1xe11VqCVSOlwmyGV xS9Si9LgglvniDgg2rhanL8G17YjmJQG5gi7mPY7HvKPG4mRAsjtBAIItnBcAd1sApgV ZZ2w== X-Gm-Message-State: AKwxytckbn2o2n1PGhm8btomWaSBmMjs8BTZcZnCRMFCgrIlAjux5GU+ a76KtrUpufPZr8bIWT9RSPlJDK0DtOY= X-Received: by 10.80.200.139 with SMTP id d11mr20988813edh.199.1516740123127; Tue, 23 Jan 2018 12:42:03 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:02 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:52 +0000 Message-Id: <1516740120-948-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 1/9] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 64 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 00ac650..2077f9c 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -288,5 +288,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 8cd779f..46813b6 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -17,6 +17,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +} From patchwork Tue Jan 23 20:41:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125591 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1995716ljf; Tue, 23 Jan 2018 12:47:57 -0800 (PST) X-Google-Smtp-Source: AH8x2240Q5yBb+sJkxC2eEljcDH1YvjuzWi2tyG+dzSUOmxKB8gGowa+MBi5Y4Cect19MUPfzUK/ X-Received: by 10.80.183.170 with SMTP id h39mr20980197ede.124.1516740477650; Tue, 23 Jan 2018 12:47:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740477; cv=none; d=google.com; s=arc-20160816; b=aJ7GVC9c5MsHBGdprxFZkjnfHj73AoWm+2AWIOfUbtFWZSGKraEli2SWOeSDVPTtPj JBll/EmeeWW3NwX60JMj45+ClBiQT0Sspz8E5ENOtbwxPY6cGfFT1kxs55XUx39qSDUt pju57ifw4AtKp7nQenSnc5ijhBw76/eoO4AAjeu5XbMqYF5Y2JTfiLH+dDIie2Bt4WOS Z0vTYQz3v4oakXDxLR4CgIAjyI5wGtQezZ0h2j6yhKUzNUxdennOkAD/uCpfSSwbmXPn uqL81v2w9BAqgu07BqtHFDa+BKfZOcX5vmha0uTHSa1owOgR4ir+QzCyoQd9d3DTRuds fvkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=cvvB+lycwb5nber/e5Gw1LfRjIk4mJApi6IWnJNqGH8=; b=f4hOyfX7fQZiP/j5dyTS7Zh1OWW14kNSiqs6z5T/2PSYXx3XletVFSBDtIAs0yrdnj 4xhqmYZjk5rDGFYkB5gDS77mHizYUyBwWxKMHWeC46f6h/NdPtpgb1t8FK1Xl3PopTqX Q73T7BOkrUAaQ10zgky5q/u718UWHNRVRTzKRpN644XUATUHkHbgrAwP4B7Ww021CHPM h6eKngRqgHuCeTZh+LoOZEmcApgGTBhvatJyUA8qvMVzLluzTwCluQCUgzdAhFoGpJxE y4jmnu5VWKVUGi8Zi3NbLLEBhWqocwX4UUfl7VTYyRQeUFl3SdTjHR4oL2efkE0ZmEar neKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N9p+B2h9; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id i64si7024929edc.410.2018.01.23.12.47.57; Tue, 23 Jan 2018 12:47:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N9p+B2h9; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 2983DC22155; Tue, 23 Jan 2018 20:47:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AD31AC22176; Tue, 23 Jan 2018 20:42:18 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C4BE9C22167; Tue, 23 Jan 2018 20:42:08 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id ED8A2C21EE5 for ; Tue, 23 Jan 2018 20:42:04 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id j21so15083458wmh.1 for ; Tue, 23 Jan 2018 12:42:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=N9p+B2h9LvbFv5YQ9dBEtV9q7A/1zOg0q0rBSk1Q5JpjYDEUudZs8mkXcvzPfvpVJN rAQooGtDsSngQaXaKrvXlyqpHx/uQzk7gTp9um+tvqCh7mBPIvSeUMt9+VB0t9kI/jsl 3A5YXWXdkrnxkUfYn+ETPOdmho81tedC7RfgQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=kT50GtgcEzLF7VaLykv+KwKT7yAWhXUOO426V84P/SXF8+pA9ZbCZ80XbTSL6Mt0Ov gz8XuschGjE6/mS8lJ+gzjd5D8U0S2qTl4noToTK89rOEPxoEzrukSeXklQyZNFOqlyb DLDcMrYv/iLo0YkSisd412bAx1CCzplrQIoMXwC/aaba6UxsGJ3EAP7PJW0jEdpcLVfM R/QDIbj4Myx3EtFBqfKn/TjQR18SIr2V0n2Xo/6ANM5y5kSPeX59a48Goo2blpC7yDG6 Xkw2lT6/8ln9Kk2xHSb2vJ0fB193pyGI5VPpjDajxEVK9gmb3TltchEiAESuxXnWElk7 lXMQ== X-Gm-Message-State: AKwxyteGZITTuHtLO9usjvAuyWptHoCgYVXARuEtVvJFqoVoJmL29t8k mDV3hEO2jv7nCBEnfTNcXBlqjiEM5m0= X-Received: by 10.80.155.90 with SMTP id a26mr20954367edj.290.1516740124396; Tue, 23 Jan 2018 12:42:04 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:03 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:53 +0000 Message-Id: <1516740120-948-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 2/9] optee: Add CONFIG_OPTEE_TZDRAM_SIZE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default size of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM size specified in the OPTEE build and the TZDRAM size specified in U-Boot match-up. Further patches will use TZDRAM size with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 2e406fe..41c0ab7 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -6,3 +6,11 @@ config OPTEE enable an OPTEE specific bootm command that will perform additional OPTEE specific checks before booting an OPTEE image created with mkimage. + +config OPTEE_TZDRAM_SIZE + hex "Amount of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x3000000 + help + The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE + runtime. From patchwork Tue Jan 23 20:41:54 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125590 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1995157ljf; Tue, 23 Jan 2018 12:46:43 -0800 (PST) X-Google-Smtp-Source: AH8x224fLuVM8If3nv5a/eYNTyFiwGh2mjsQfDXZOvXBfaebcXQxEOM/V2U3Vdyov5yKaeErIbfg X-Received: by 10.80.231.129 with SMTP id b1mr20824516edn.219.1516740403885; Tue, 23 Jan 2018 12:46:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740403; cv=none; d=google.com; s=arc-20160816; b=JFvUNtiJw7dzxmoNtuE65u9I/Tyc888wmuMM+qHxm7LTWrjxy5mW3H2trvv2qgHBDP siNzL3XtZGPV0YM77Af08XoAG7ivVtF5RpiCb0GKgFhWBz5PFO6/o/FLmn2UOMLAfSMC 2w6Mq6GW7yBeEZkeGbR2jejhm5TWxssDDxVrUDEkZOopDJrfpKeLD5b8ka2AzWfwihFa PeFf9oc5qn1cUmGhiED6vsTCV6hepMMpUgmkfejhTriOEH5G0q/TCwPqfMEp6zU8ALku AUFSPrvuBkVvK8xCaNzSVklapYwdCq5wi8aJVCBXl/8XwYQGYxXpvYP6wsmKfUzfRakl XRTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=+HwRYbf7MEs4fz7hMvmA4r5CtLSPj12HQ/fxGwTvpQ8=; b=tWVi83e1RtD2VmeEl7/rQ3InyWGxwlaQQspJfLAlNbDZsVw3zGtPWa+0GZ9Zf0LWjP lyfD/R1hjvJRrzU2cYhxdRef6FGUjCgjlWqicWMoKDnkueabKvVW4YKk3HKJPjPH8ajJ 8g1AQ1j8FmeQeagbuyQ6D3HfXR3PXyCtnDINvamFct6VtFqqdQODnOnsY6aStjM5QC2V P794rfSTrBoOTok5OIkyxo6rojALeX7EUGnFDDA3SnPUfpvKft3CBpzC8AFSaEx4Ne6d M6l8H7c+luS4KcW0raXMRbaTLfNfZ8FmT728iOXCNKumQf+H1o6Oxlz4WOc4qnUa3N83 mhQQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SFFqcCow; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id n1si7248260edf.548.2018.01.23.12.46.43; Tue, 23 Jan 2018 12:46:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SFFqcCow; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 40E1EC21E76; Tue, 23 Jan 2018 20:46:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id A5820C2215F; Tue, 23 Jan 2018 20:42:12 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2B218C21EBD; Tue, 23 Jan 2018 20:42:09 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 144D8C21F10 for ; Tue, 23 Jan 2018 20:42:06 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id v71so4470898wmv.2 for ; Tue, 23 Jan 2018 12:42:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=D3sScOBXVrDfJK8H51bDHqCJRdkVs9+Z4uICV0VXhv0=; b=SFFqcCowd21OSm9Q2Z7cw/ki70lj5CPOvsf6hpqI0FKU0tYLk0SmGvDPjMZS/7b0dy SRLsNAvLsNvkrqMZSLbvTSERPWkNRtj9C+5Dxy5f77cdiHUvvcofKEGahtvOfozAFaKA Wq3BcAzeO0OhJx1cMQBSGiEJQrO7dGHpl7CUM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=D3sScOBXVrDfJK8H51bDHqCJRdkVs9+Z4uICV0VXhv0=; b=HUMcvFYw8MOb/5QMWKQTojs5PGXLu+miTDc5cHXHS6IbWJbg3zVXObFBzkepaQlD/i b2dIfYPwRBZXLlYgHGdnOjuTe8FMSHxaPJpI6cUlfOyGpjXUiatvX+Poov7XighaF1qj Ol1FRE0eSxNP2nvmFWINI5fOeGidBiLeuie+NjDYGll8/VUaAvqRpVcfJ+k68FYTxRUe kkMpeevGtR5U5/tgCleS97DzGzqWX+rwSPKUQI8lINGqT7Xf8dkYE55iz01ZvKwOwMoH PrrRRQ5YfPFHK+P4hKXeWHaJUnd4GVmg+KNaTORtOiVTf7W25j4xLy/QF9WfoNg/oocX rajA== X-Gm-Message-State: AKwxytfbwjvesRUQEj23aJ8k+qKvicuZpuJazC918R6BZ+4wqewLQpTX 1PKfH4R9mUlVvF12nKzEswpF+yqc4bo= X-Received: by 10.80.170.69 with SMTP id p5mr21541590edc.10.1516740125444; Tue, 23 Jan 2018 12:42:05 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:04 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:54 +0000 Message-Id: <1516740120-948-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 3/9] optee: Add CONFIG_OPTEE_TZDRAM_BASE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default address of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM address specified in the OPTEE build and the TZDRAM address specified in U-Boot match-up. Further patches will use TZDRAM address with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 41c0ab7..a3b7332 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -14,3 +14,11 @@ config OPTEE_TZDRAM_SIZE help The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE runtime. + +config OPTEE_TZDRAM_BASE + hex "Base address of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x9d000000 + help + The base address of pre-allocated Trust Zone DRAM for + the OPTEE runtime. From patchwork Tue Jan 23 20:41:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125593 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1996191ljf; Tue, 23 Jan 2018 12:48:56 -0800 (PST) X-Google-Smtp-Source: AH8x227iem4UTSnnuXoVgrFL6A/ZRTXJYBAHndAi8soM48hpK5CZ0MsL34FfnsAOj2rcgYTn5wYi X-Received: by 10.80.138.130 with SMTP id j2mr21695314edj.36.1516740536370; Tue, 23 Jan 2018 12:48:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740536; cv=none; d=google.com; s=arc-20160816; b=Ao7aFMh7zT3MvJZC7AysQOgtw8lUvpTz7g1YaWeQ4Orp21AKwdTG214Tx5V8BrzJL7 F8yb7YikToQHSQbOketNEBJP3HJDVyn2T7xSdZJW7VlkiKUynlD6nKbm6sAKdVYpxXPv mWkjfofxaC1mj2bHOv41JiFhzMS79pVuRuFCFb2c0Za4ybiUNyRcmV+E608aPCMla1TZ o+KZdBsWo0iQzNFPh0eqRqVWkHX3cy0fzvgkeLaxVGP4BX30a/GBgmb0CfFapGzyW4e5 wRz6n0XZYejPhEFIDVyv070jHzp6MTfObEzkTSeSnRJNrlV9XNlndViTeTRSB9wESk7S p4Xg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4CcwC7FBgW8X30HcQeHFFZHS6A58CAZ3P784+gQMGDU=; b=Nlyd299iRRZuxbZEpXETXIfFadHeB/lPIWSShIvySO8YarNBf/DtFJ7ej6cPOpFCXN I8Kh2IUvUXy5t+Kb2sbvl43nTqyGSEj4T7vVcVDCD1asPKqayn5ivBA3iPNN1OHho6dP 3rOUgnsvG9tW9tFem/2thuKjRVoSr3XkilL7hs2Sp4UPPBVE0MunVl1taMw9wSl7RzMN XBnOZrBDSiYyKz9qMr2uPgBJf+APbbzfMwkBO3TIA6lTkGLZqruYRRTLqB1fQYMfvgWA jYnXJM75qpgt7KrjwAeNPzNYzQr1rNvA0p7cd/nmqMTddn5eTOg8yFnPWmlsGuerF8Pb xLvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UJoyebHN; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 6si2260787edn.491.2018.01.23.12.48.56; Tue, 23 Jan 2018 12:48:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UJoyebHN; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E82ECC21F53; Tue, 23 Jan 2018 20:47:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 72E78C2215A; Tue, 23 Jan 2018 20:42:21 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7DAB0C22153; Tue, 23 Jan 2018 20:42:10 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id F2DC1C21EE3 for ; Tue, 23 Jan 2018 20:42:06 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id g1so4344172wmg.2 for ; Tue, 23 Jan 2018 12:42:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=UJoyebHNghzbybRljl+Cq7+f8/RMcc1Qdmbe/p8Zh3eQbk6neWHYSqmbEcLGQ0n3r1 YugAC9/9nIgrQxHkyGaZm5l5MtOc+ENhEkHqDoofrlFHZOqghJAAdVuzszb3Gxy8Pm4/ 5ihFbZVodCS1Zoidje0q7jJ5eZ6mSYDFwqm6E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=Q3E79fTOSgy5SBcW7ZEz2YpxQR7d/lCVoTAmUuaAf4PqroQcr6iDzI8tRsaeY5fA4U j1inhKGDnFHXt6dIqgA0CnExNN4QAyMLXl/QifiR1JsxyZC/qhM4o4+XWVEWJnBH6kjo zSlZMTr5lNO0Ly6DNt4wU84Gk/jPoUbz92Xj3GjPpzgPhOB+5K3L5rqRyJvzx/ZtOPvg kuWyzo47p/3/BvEEQsrwxBxkhNjc/6ioNQAz+bve59ktdxqKL0ZBIeOEB33tetIt9oCm zqcD7K8RdK9mnaWFXIpwmZ3K17JfzE5xi/5GMHc4NskqfHxCXKrc+bPV5IAexrMr+yrz AT/g== X-Gm-Message-State: AKwxytcmG/Ri4yYooPcXnLUa8SQkXxcanMc3G5GpeRsxp0tIx6vfnmat 9b12qDi+sFygYSIc33Gorzb+dpHr5l0= X-Received: by 10.80.182.203 with SMTP id f11mr20777521ede.157.1516740126486; Tue, 23 Jan 2018 12:42:06 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:05 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:55 +0000 Message-Id: <1516740120-948-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 4/9] optee: Add optee_image_get_entry_point() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a helper function for extracting the least significant 32 bits from the OPTEE entry point address, which will be good enough to load OPTEE binaries up to (2^32)-1 bytes. We may need to extend this out later on but for now (2^32)-1 should be fine. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index 8943afb..eb328d3 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -29,6 +29,13 @@ struct optee_header { uint32_t paged_size; }; +static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) +{ + struct optee_header *optee_hdr = (struct optee_header *)(hdr + 1); + + return optee_hdr->init_load_addr_lo; +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Tue Jan 23 20:41:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125592 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1995873ljf; Tue, 23 Jan 2018 12:48:17 -0800 (PST) X-Google-Smtp-Source: AH8x224Sc69/hSSc2Zehvt1xtiJ+rlhFl94FeOGGQwhE4duOgVRPDv7jkig9cuT+juOA/qn+vw7k X-Received: by 10.80.172.47 with SMTP id v44mr20324888edc.130.1516740497477; Tue, 23 Jan 2018 12:48:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740497; cv=none; d=google.com; s=arc-20160816; b=U5BKs1wOYadw0tjDLsD2rbzuTBd75SOvS4AABNBSuzl7y8FbbX9+kxDrH9H5EQOq7O UHVEZOOX4T/Qp8i9E8RWJdNiCJKtJwaB77xCsvAybTLayAgoCOYMPf6YRJ1XkyUOmNRs QMmTb6HfJOPTENkwAQwmwyGsIJSVaLmCe4Do5nd4zZTrRo0xFDhpHorene/PoKL02i6c apez91EvKyEt/zpXc/CuolCIh9i9/h0yLFo96Qy61z1FUP7u1qqafL0NTWQ+nl8BeVAN zUYhVGGGANpEBe6U03d2kWHcQ3kmGK9XKnGAPUsuwfe53Kt6LMLSJ6lJCnuR42MfOsxS Lftg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QaYroxNd3askNKowPokMN25W/t4qBXmwlbEd13MrC2M=; b=CaPtjUmiXbiBu5Nq7yrS125vbfSU8Xx99MiLCmz3ushoPfEzW/GiAEyGcjnMGKkuOQ 2QfvOdJBEbUX9EuZzSTEdZmJrV9oG6RDR8S4ulYskweDDzYZL+0rF3WlaVPdrtVn7G36 iGUCFObOWtKwjD5wfOeah0Kw7lLG3CVRfR6AGN/MVm1bt2KTyY+osEF0sw16lGn3qI7V Ispjccpwg+8+5mnXJCT2kwI7WPnf+zAr2V4jG1mwXJOGidzEKcg4s+yinCS64rGXb3qo d/pXb66WGM+QgFZcSMqyLc5sS4qrRGv6xYV+26qYsvaA6iMqbaWuElCyqb4o5mZtHcCm NhDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eS61+qIH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id b39si4111431edd.373.2018.01.23.12.48.17; Tue, 23 Jan 2018 12:48:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eS61+qIH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 04895C2214C; Tue, 23 Jan 2018 20:48:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 2F4F8C22174; Tue, 23 Jan 2018 20:42:25 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2B717C22174; Tue, 23 Jan 2018 20:42:11 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 079DCC21E8B for ; Tue, 23 Jan 2018 20:42:08 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id j21so15083615wmh.1 for ; Tue, 23 Jan 2018 12:42:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=eS61+qIHPhZBSVeolTgs6DJCE2CE323G9NaJXWzCJj2BklJ0jAjzryQ7iAHMLNJkif kildMst/uq6u6Q0UHpev63R55VTUgkCabcr5cGynP1HLFrTunrS/h6b2ZTo2HSTDTMuS I6p6QQ+NMxEFIbLzI+HQhIXTLKMzaNR0JiXcs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=DZzFP3gPaqXyV51tuLXjtPS1gScEoBgz7+SZ/YILjCF7U0C3OnVJKt7raGh6/In6yL wUpVOv/xHpYTTo40c6YawSZf+aelfh+0hlxz2c3VxTx3SwanSL4oHFBEuWyog/oSoC9k Msi32vD21K6iRVeW7pZI/W/JPVC7owN2GdicPGjD1rVaX14urIwBqbxUh6/2KVi7Z8PX de7jsaOFSOhQCD+tSMOm4OpjUCqJOiY1CwtGMR1d/ecA+uD/LH33uiSk9NELS7O6XCxa Xh9RQFrxujdurd/qAdvZIL1OFtpnyObSnFhsTcvseAucmMH4dNDv5CXLbp1iEuvxcetg XePQ== X-Gm-Message-State: AKwxytem98LaVm3oCPaVzf0rpMQT25vPNAJehjfioIs1kQAWDDd2GSD4 yR2z3YLgTw+VU109tKvtgLBp7PBGNqc= X-Received: by 10.80.147.72 with SMTP id n8mr20968726eda.189.1516740127536; Tue, 23 Jan 2018 12:42:07 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:06 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:56 +0000 Message-Id: <1516740120-948-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 5/9] optee: Add optee_image_get_load_addr() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_image_get_load_addr() a helper function used to calculate the load-address of an OPTEE image based on the lower entry-point address given in the OPTEE header. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index eb328d3..e782cb0 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -36,6 +36,11 @@ static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) return optee_hdr->init_load_addr_lo; } +static inline uint32_t optee_image_get_load_addr(const image_header_t *hdr) +{ + return optee_image_get_entry_point(hdr) - sizeof(struct optee_header); +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Tue Jan 23 20:41:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125594 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1996428ljf; Tue, 23 Jan 2018 12:49:28 -0800 (PST) X-Google-Smtp-Source: AH8x2250icfR3nZiwe0zEmTws2CxGmIrdarTMAWIZrjGJedt7XwPIbk6epcjSS0nEbhREr1g7Au4 X-Received: by 10.80.196.3 with SMTP id v3mr21160473edf.232.1516740568668; Tue, 23 Jan 2018 12:49:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740568; cv=none; d=google.com; s=arc-20160816; b=PqDtQRhkU9TdPImuPFi5eqqMZq9xK7n3FoNkljwe+T7VzaKn1ww/NOj6I+p77cWHYB Gr3HoSgGDHrfC+2qO591Vg7hQn2QbHkBI4LJcgk2OBgTa7OJgMOGP4Gd7Iw7sN+5dv9+ fwtYTbHJlc1zWRffq5CKKzu7rmBeF3wfA9dccDcE12+JnMd7Xya2sjnc7h9WDvhmhZX5 LtSXjBlxDJFK4pIeHowq2BvzhTry9VC7gtCISFYHPBV3Xa5pDc1YGezSN5WVi/EAOpAI tTHViGacI2oiimdiNJkQL4sJHnSs3e5RuRHx9l06w7tSS4ohNR94R0sAGpgaURqnLtNF +QqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=KMz4oEn2kasZUvEAggMbFpMc6dTTUlJKvVOPvzz3Xa0=; b=cjT1zvph6jybJssBvPiVGhL0dEETOax7jo/QyeOPjOvbwDSsPULmjYZ4patz1ulTbM xmxqZq9e+gVqYD9+iJ5h16kRjEmdkkwQpZdk3oicQbxHZQfG5yJbFVVKviuRcnfSgM2M 2sNnR9hepsunP6Y3u9CSKWGLXSGDReAtB0ChsYovpgKIDirWccyksjgToxxoig+wnAjk pV0/trtCd+rJxqj9/3W4hkN0wwI7oqwkGaYT/z6/he98ELWBjO9ANbLH3ZsG9A8qIDHo dKP8NCi1s7JoaBMByr7VyNBK7QpSEGifWYvfVEf6PGa+iiRKA2HX2ZNZ/pFBnsHv4Yvi a5Nw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dzD6+3ey; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d32si1565941edd.514.2018.01.23.12.49.28; Tue, 23 Jan 2018 12:49:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dzD6+3ey; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 30572C21E65; Tue, 23 Jan 2018 20:47:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 44C70C22179; Tue, 23 Jan 2018 20:42:22 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 6C8B3C22160; Tue, 23 Jan 2018 20:42:13 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 8BE98C21EE5 for ; Tue, 23 Jan 2018 20:42:09 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id g1so4344387wmg.2 for ; Tue, 23 Jan 2018 12:42:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nZLw3mP/xgWiSiLqJ0KItknB7hCpsJZZRf40m9E2M/8=; b=dzD6+3eyVxB+S4G2ctczVaCJh07F5WhnMdmi4tD/GM/+tvrXeopdOpzq8aS0g+qJCk OTG0RekLtX/HFdOzD8gZKsKyIql9ZzMHhEDsf2/XVJFxUVSKrkHFO45mttGoq6YyGY+T CB+sYsZjYsiM4nw2DUSJ46gp8XQmArAEsNa1U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nZLw3mP/xgWiSiLqJ0KItknB7hCpsJZZRf40m9E2M/8=; b=DBUMBT4t5WP2prHdOAxym9g+p1EyA7eBy/XLhch/BHyrXDktgzHZVc+7gU+wReB+K5 DD3/a27Tx9ZH6IzIF+X6qB3XRuP3Hzv72OtsDX5OIaq+bxF0Jc3GsaGPM0iouNuEEgl2 rRTdvwbMHC2B6waWUacVeT3dWZhxDHt1vCjE9NeC8SXT4ELSNoVMKoIs9MVfuBu4qO+q GNwaByxTYj1ovAmhH+/3K07J33gS4vV8ZtdBzRpg5Yyc7v3/IDor5NkoAqEVHs8+W/o7 +RYGlVL+Jk8G5fulKR7RQr0gsQHymATQOCbPBuSlb7kb3tg+LlGVRTOaFAK6ky6SgCPX xgFg== X-Gm-Message-State: AKwxyteFZ+3nTq/WV9PldmNvkkLMKq67HbEC4b9A+TRr05TYHhck2eAx bK3oVLN5mmikIOLYw7kZ6lku9G4rNvA= X-Received: by 10.80.142.25 with SMTP id 25mr5132360edw.127.1516740128744; Tue, 23 Jan 2018 12:42:08 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:08 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:57 +0000 Message-Id: <1516740120-948-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 6/9] tools: mkimage: add optee image type X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds support for bootable OPTEE images to mkimage. Currently there is a (Trusted Execution Environment) TEE image type, the TEE image type is installed to a memory location control is passed to the TEE and then the TEE returns to u-boot. flow #0: BootROM -> u-boot -> tee -> u-boot -> onwards For some TEE implementations, such as upstream OPTEE for i.MX6 and i.MX7 the boot flow is flow #1: BootROM -> u-boot -> optee -> kernel This patch adds a new image type to mkimage - IH_TYPE_OPTEE to reflect this TEE boot flow and to facilitate additional OPTEE specific verification of that image type - prior to handing control to that image. The new image type enables us to more easily generate and validate a bootable OPTEE image also, for example instead of generating an OPTEE image like this: mkimage -A arm -O linux -C none -a 0x9c0fffe4 -e 0x9c100000 -d ./out/arm-plat-imx/core/tee.bin uTee we can instead generate images like this: mkimage -A arm -T optee -C none -d ./out/arm-plat-imx/core/tee.bin uTee.optee That OPTEE image then will have a specific image type that bootm can automatically identify and consequently perform additional optee-header checks on. Subsequent patches add logic to perform those optee-specific changes prior to handing over control as described in flow #1 above. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Link: http://mrvan.github.io/optee-imx6ul Tested-by: Peng Fan --- common/image.c | 1 + include/image.h | 1 + tools/default_image.c | 25 +++++++++++++++++++------ 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/common/image.c b/common/image.c index e9609cd..14e738b 100644 --- a/common/image.c +++ b/common/image.c @@ -161,6 +161,7 @@ static const table_entry_t uimage_type[] = { { IH_TYPE_TEE, "tee", "Trusted Execution Environment Image",}, { IH_TYPE_FIRMWARE_IVT, "firmware_ivt", "Firmware with HABv4 IVT" }, { IH_TYPE_PMMC, "pmmc", "TI Power Management Micro-Controller Firmware",}, + { IH_TYPE_OPTEE, "optee", "OPTEE Boot Image",}, { -1, "", "", }, }; diff --git a/include/image.h b/include/image.h index b2b23a9..0b72d28 100644 --- a/include/image.h +++ b/include/image.h @@ -272,6 +272,7 @@ enum { IH_TYPE_TEE, /* Trusted Execution Environment OS Image */ IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */ IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */ + IH_TYPE_OPTEE, /* OPTEE Boot Image */ IH_TYPE_COUNT, /* Number of image types */ }; diff --git a/tools/default_image.c b/tools/default_image.c index 4e5568e..5653933 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -18,6 +18,7 @@ #include "mkimage.h" #include +#include #include static image_header_t header; @@ -25,7 +26,8 @@ static image_header_t header; static int image_check_image_types(uint8_t type) { if (((type > IH_TYPE_INVALID) && (type < IH_TYPE_FLATDT)) || - (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT)) + (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT) || + (type == IH_TYPE_OPTEE)) return EXIT_SUCCESS; else return EXIT_FAILURE; @@ -90,6 +92,8 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, uint32_t checksum; time_t time; uint32_t imagesize; + uint32_t ep; + uint32_t addr; image_header_t * hdr = (image_header_t *)ptr; @@ -99,18 +103,27 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, sbuf->st_size - sizeof(image_header_t)); time = imagetool_get_source_date(params, sbuf->st_mtime); - if (params->type == IH_TYPE_FIRMWARE_IVT) + ep = params->ep; + addr = params->addr; + imagesize = sbuf->st_size - sizeof(image_header_t); + + switch (params->type) { + case IH_TYPE_FIRMWARE_IVT: /* Add size of CSF minus IVT */ imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0; - else - imagesize = sbuf->st_size - sizeof(image_header_t); + break; + case IH_TYPE_OPTEE: + addr = optee_image_get_load_addr(hdr); + ep = optee_image_get_entry_point(hdr); + break; + } /* Build new header */ image_set_magic(hdr, IH_MAGIC); image_set_time(hdr, time); image_set_size(hdr, imagesize); - image_set_load(hdr, params->addr); - image_set_ep(hdr, params->ep); + image_set_load(hdr, addr); + image_set_ep(hdr, ep); image_set_dcrc(hdr, checksum); image_set_os(hdr, params->os); image_set_arch(hdr, params->arch); From patchwork Tue Jan 23 20:41:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125596 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1997103ljf; Tue, 23 Jan 2018 12:50:52 -0800 (PST) X-Google-Smtp-Source: AH8x226KYfsAr082eAXweDxEJ0/q+kfpnOpqQMomxLzQb6Ln/bTLAK28/4Ah2sjPXaNEc1JDkKId X-Received: by 10.80.230.148 with SMTP id z20mr19850436edm.61.1516740652506; Tue, 23 Jan 2018 12:50:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740652; cv=none; d=google.com; s=arc-20160816; b=zxEMOxjE8QQ9d2fUcmwYwZAJQT0OGY+eD1ry0tdD4+4WXEKrXeTScfoaI87uENNq49 YMibmMDRJQm8Nrp5aeUIcruGk2wbaTGqOVtP2PdKHaDIsWmMa+XQmVFRrsH7N3afRC2/ 0FvxDSHNKN235hSk6MeRATEZXugaDY+aKcZAM6ywCmOjE8DeFu2p0b5JThU/6iuV9rad h1Q7xIS8Qdfr+Atslu3Cy5m+mPSLxf3hjFLcyJ2t7ghEgv/0kCGmmpceGhprMIWG5SyG zlZC4DkTJupeNhwgdfpEYFimFWRgPLfniED8XABWmz10aADJnAHaNakVXW6vMQlUPPoC xx9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=imD/FFmxIm1O3FKS1inZ6TLvL5Dw7B1dklNfuNVp+RY=; b=z1OwFndx8RRImF45uL7HPutk91AOkbpYmeSNZNsih7f8MjNMsd3GwzKdH7Eknv29sJ cNZDq0ooSqaZh7Zx7S2BQMGvtsImf+1OUdX6Z+PwWnsAYFZImLi1zcXfdU8zQ33bfj0G l0lgF+7ETGu0k6CD3sRxcfgED7UnJeDwWiHkax1FxhF0x4c5tOba8AReAb4JR49i5t8V Eb3jtPmPQNXFWt1skDj3vhUlGKWwlSnTQXW+2wJBV1equtxKGiXmhdE6ZCWzYVhJAnrN c8V6G16oijF0Y6E1awq58+8JJgnVhtJahY5bDIW9Xg2CKeKOWUXGdw+YekuHd4eQHIul uxlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SAUUU9pA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o63si12605128edd.266.2018.01.23.12.50.52; Tue, 23 Jan 2018 12:50:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=SAUUU9pA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 1BE3DC2216F; Tue, 23 Jan 2018 20:48:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EEBC5C22160; Tue, 23 Jan 2018 20:42:27 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 65EADC2214A; Tue, 23 Jan 2018 20:42:21 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id A22C1C2212C for ; Tue, 23 Jan 2018 20:42:10 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id t74so4370536wme.3 for ; Tue, 23 Jan 2018 12:42:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=SAUUU9pAkZJpe8nEyfyM87zUcDcq6PIADDZQAqoExHeAwWhxPoeXvGdQGJ8JIw2Anb R3bRY3wh4PAa8xXoKz3cVmqcJElMndg/L7acmACM/ZiNNJ3S80YdM+rbY3BLRrAAWT+J cguhHjCvfkKpyXOTMxaWPJjXBaB7uGfoL0wJk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=YnYIWlEfwUkwa9tOim2fZ1ONlJ1Aps/d555QyRthspsr5lecNyZL/+87xx0q9yLZo6 1J5i9GWZO8tr1Ljwjyy2riV+2LjAuq59z8sJCzDIT8HqptjP3YjgR7tomqC8dAUVa1u4 BsNyUGFUGHFlDEPxAiyuV+CgVNDwheCtfemvo9KdwE9VQpsQaUS2FLWUze3Ow/fy1vON c7Q/lMf3fPzRdMgC4L2ukI9IOdAevEG5rJPxnJNOQJ3hml8tYI0ic12bUBOV3/+RXpXe 48qgT2D94sQtQCydaMrbSWV18vzJPmw8iqUSFKf61OMe5y0XeGJjoCrOtdSsX2g8bhvp 6p0g== X-Gm-Message-State: AKwxytf/7NFlICXsK7iUkFHtoysaAwcNcvAKkh2eaUssri4srLTH8qaF +ZYslJP2bY+heURPQCBey7EBbnAkKy0= X-Received: by 10.80.146.240 with SMTP id l45mr20659029eda.125.1516740130079; Tue, 23 Jan 2018 12:42:10 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:09 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:58 +0000 Message-Id: <1516740120-948-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 7/9] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +} From patchwork Tue Jan 23 20:41:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125597 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1997557ljf; Tue, 23 Jan 2018 12:51:48 -0800 (PST) X-Google-Smtp-Source: AH8x225W5QfsLc85zsqqfb4y4sgmxjciSsg+9MomzxgunW+31ViUUph90oCK2VoaE+47I27jABEf X-Received: by 10.80.207.141 with SMTP id h13mr21307357edk.119.1516740707966; Tue, 23 Jan 2018 12:51:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740707; cv=none; d=google.com; s=arc-20160816; b=Itfnd+JJ3zymfHd5o4HadF7czfD9O/NrlQ3+nFi53/WmGkEolGhdpPZuDhwc9IPl7j ub2rmrAWeyvD+DuozQCOvL4/jwu0zJsYWlNF7PxKIfWwffUoAH7l/m+1DTQYvl1Ue3lD G1R7SkJgk/xQWSM+/fV0TW+BYGAkcwjqofc0lFUh9+HXrbpeBKuxRB5bempnZV2ZpuDq FdoOGRdDtZ3yJM9D5ch9WzXp4tfxMpisruw8vk8uXUoAXa5QB8JS/TOoVNA999gcLtkZ 1AwpMfBNGfdyS/qIuDlB7gvFNgfQinr047sKMCLpHOVf900S0HAbSZYXDuiCKfw9GeFc 8lSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=k2G4x2/VptXi91LLzWj2/3r5duQgFPomWnrH9Y5Gw18=; b=NOOe03LiDCHFBWfcDvJdbPNG0ZL19K0TjiKTQSw8ClyHrHZIWcdVQ1k4ml4vzOXbr5 tL854akqNfzIRbUx3V/Yji0JxmSHgVIbKKIs2HjtQECu/7NNX9PtobRW0DhWXmgqn1IU SpfV+Oa1K3J0ityzVg1vWAIzkt/4BjK7wMK66hOguRJ50MrG0Qrzlk5V8P8eyy/02a4d 5zyrr6xuyyrlGc1o8b61hIXVPSSm0xWDbPUE2w2FJAGOcnW44VYHvZREzRWu7KljZS22 ofpS381BV/0cDGSDdtC0mIufVvOaPyF7x3irnBKC9wW5RWpLD70i/Re91i5LJZsD2Noc bbbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LxL2XJAp; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d49si3962875eda.68.2018.01.23.12.51.47; Tue, 23 Jan 2018 12:51:47 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LxL2XJAp; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 8F50EC2217E; Tue, 23 Jan 2018 20:48:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B0A12C2214E; Tue, 23 Jan 2018 20:42:36 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3D1D0C2217F; Tue, 23 Jan 2018 20:42:34 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id A8315C220EC for ; Tue, 23 Jan 2018 20:42:11 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id 143so4326144wma.5 for ; Tue, 23 Jan 2018 12:42:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=LxL2XJApdITdh9c7JEk4mFzi9ajBpB0Y7QuByqIGiqFf53mL9ZAaSnEcQdHiUk2TOr mfJuj8WEGw1fdzNFsgOvXPWntVsy45Cs8I7ocUZSPWLbHUVxMdMdjm4XEPAuJAhriesT MdKvC6O8zJmUc5/IXIkghJVR9gb4o9UtQEJTk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=YhKaFrNk0zoKi795c2HT3IKFwqlDBgDvCI3CEtDIRuxvBm9D6vD68ZTbPgZxSqlFok Vcq+bfoahWSSpKXjxMSI/VkXFWgdSTqhYg0Bqol6kSuxZfZeIAxGi3BQvg4pGk+QZvt7 f+YYz/HhN8vSQ3XnYEEkvHEc4X1ctJ9otsb2gfS1PAGlNTnlk+Dlt+TxMKCXxq+7t+eJ M8jyFp2FPc+zhpdjclm6W2QpnxkO9UBI1PfmvS9tz9HDn0X/O9WNKCypp7BsIQ3Ua/pr BSCAx5TodwSebewtCLYokBzHSmMmgrfb3ptMW8vD0ij0rfRzZCAXSOhJ3jRy+hrwaR6T c0MQ== X-Gm-Message-State: AKwxytf+V3uUC+CEKaIFGPkw5kfw7kSqoGOuZZGfSSGRERyiPRHF0pHt Lmn0xT5+iNGgzmFW8m91NFxo5QfqQ5c= X-Received: by 10.80.153.150 with SMTP id m22mr21299249edb.303.1516740131177; Tue, 23 Jan 2018 12:42:11 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:10 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:59 +0000 Message-Id: <1516740120-948-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 8/9] optee: Add error printout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" When encountering an error in OPTEE verification print out various details of the OPTEE header to aid in further debugging of encountered errors. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/optee.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 365c078..78a15e8 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -8,6 +8,12 @@ #include #include +#define optee_hdr_err_msg \ + "OPTEE verification error:" \ + "\n\thdr=%p image=0x%08lx magic=0x%08x tzdram 0x%08lx-0x%08lx " \ + "\n\theader lo=0x%08x hi=0x%08x size=0x%08lx arch=0x%08x" \ + "\n\tuimage params 0x%08lx-0x%08lx\n" + int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len) { @@ -42,10 +48,19 @@ int optee_verify_bootm_image(unsigned long image_addr, ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); if (ret) - return ret; + goto error; - if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) { ret = -EINVAL; + goto error; + } + + return ret; +error: + printf(optee_hdr_err_msg, hdr, image_addr, hdr->magic, tzdram_start, + tzdram_start + tzdram_len, hdr->init_load_addr_lo, + hdr->init_load_addr_hi, image_len, hdr->arch, image_load_addr, + image_load_addr + image_len); return ret; } From patchwork Tue Jan 23 20:42:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125595 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1996989ljf; Tue, 23 Jan 2018 12:50:36 -0800 (PST) X-Google-Smtp-Source: AH8x224cogP5d6SFpLaBRGrexez5xd4PahcFY6rfFxQhIIMKJ53o+lenq/LqYQ1MT/OA447232SL X-Received: by 10.80.134.132 with SMTP id r4mr21366562eda.250.1516740636658; Tue, 23 Jan 2018 12:50:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740636; cv=none; d=google.com; s=arc-20160816; b=ha+c18+o349uYwXyNG3Tmghp8GrHIbcbZlEa0IuowtqjJshtkZ00YTSxG7WDOOUfy/ Dm65Bn2GOZb2rNBqErsBq1N1edsyi/EY78cinVpJPvXJA/ytJdRYv1FR6zBCRz0YK1Fm s21oKE6JwRGPYPJKT2Gd7xZpCwDlayYqR5DXG7VwdbJ5zc5iJAUUGNbl3sJjxGwH5sPz 18U8PD1mA9pZtllPijwyl/upUwC4+Ew4WeO74KSWDbWFc9hYAhvTbu6tRX/mhVcXC+lC Bwe/ekEUU4RsKxuJQkTgAxC/VFR+Yv9q8SmoZWOmj/u/ooVclTJBxteSSaYAXvJhr+dS WkJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QFzOjjw6Ls0OcJzw5JuhqTbQjg8RHaD1PzgICbRrVMo=; b=N/sSmQ6wlu9vw3TmqICjhk/4BU/49fTtZzWwQksB7/i3DT2lsKxI8wdVOWCmfnnaK9 NM3ZVksP2j9GGYqqtRhFr4zXZiVG+aUi5ovtCD8cifPj6pSAzXMwcTH39mQ/dRc3BUpP b1NRlcl3uWcMz3ERN/TukKuQiEeh/UABLjzq/SsAvXnMccVZ48gngP7gQqc3ljo1uzoH 8fXcLHEAFWllS5+EziU7UEALd0MJMgKJf3FdLHlqPLH8F14KhBR+qRzndn8ZPzIzKH2H AsKGh2IfBEiXTbF3d7CCTEU4hk7K3dMSG0mCu3vVeuQKH7ccOwj6T0Q0Ah7W5EBxJyLg nwMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ioDqTrXV; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w23si204254edd.51.2018.01.23.12.50.36; Tue, 23 Jan 2018 12:50:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ioDqTrXV; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 4E029C21E3B; Tue, 23 Jan 2018 20:49:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 52912C220EC; Tue, 23 Jan 2018 20:42:39 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5BBF5C2217E; Tue, 23 Jan 2018 20:42:34 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 3A894C22111 for ; Tue, 23 Jan 2018 20:42:13 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id x4so23627631wmc.0 for ; Tue, 23 Jan 2018 12:42:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VfQzZRzM3DQYXdLJBCX//TaVWV5MboWeZdKPbCHr1qE=; b=ioDqTrXVEyzukAhpse+1nKQrVnEReJhXg0VtAwDKJGmhC5YnySpIIQ9oRxtENAzBoe YpNsdN0PDbLfCmVu31ypVYF2gCREUiPhid9sh3cI14EnP81ytJ82WxoebABT8xwVMLdg ITlSODsRSCiV4PJ/yIP/J4v7uPqSqp/o+n36Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VfQzZRzM3DQYXdLJBCX//TaVWV5MboWeZdKPbCHr1qE=; b=JkWiwnDBZBpFRXLaPRzk8s1s8t370yTYvs/al6lmracdW4RDtq3GUpsTd1pSBxQlyw Rnj9VesVCdoGp15gBeaKuNDM3Gx44BS1XHVhCVOOXzJZhW56LC6nsXsF9JHzds2ViCV/ DQuhIuKaG3ofiIML/oCaF3aoqlPS0AKI9lKqYzzZxwDjL7P+1zm7QuVEgPm7+8KYPuPZ isF7lTMhxVCzBISQ65GMCQv8KZztO0GcnA1aAo1NEmKY8ILCL137PM0c8u2R1dd//YJm 9kZPxcmR5rr7LpQrdzQNnR/anPrZx+q07hZFOrxQrWIlhJyE3K2+DGT45RXD9t/Ohifr LQ/g== X-Gm-Message-State: AKwxytd0UpqIneTZcSYdSGEkXQ5rKHEAEkJlZOxT8nfRpA6cy07akXDX uCN46D9xa3z/NHdj6WZFu90Wlc5MPJM= X-Received: by 10.80.159.175 with SMTP id c44mr21178171edf.136.1516740132578; Tue, 23 Jan 2018 12:42:12 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:11 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:42:00 +0000 Message-Id: <1516740120-948-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 9/9] bootm: optee: Add mechanism to validate an OPTEE image before boot X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- common/bootm.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/common/bootm.c b/common/bootm.c index adb1213..d528844 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -19,6 +19,7 @@ #include #include #include +#include #if defined(CONFIG_CMD_USB) #include #endif @@ -201,6 +202,12 @@ static int bootm_find_os(cmd_tbl_t *cmdtp, int flag, int argc, if (images.os.type == IH_TYPE_KERNEL_NOLOAD) { images.os.load = images.os.image_start; images.ep += images.os.load; + } else if (images.os.type == IH_TYPE_OPTEE) { + ret = optee_verify_bootm_image(images.os.image_start, + images.os.load, + images.os.image_len); + if (ret) + return ret; } images.os.start = map_to_sysmem(os_hdr); @@ -275,7 +282,8 @@ static int bootm_find_other(cmd_tbl_t *cmdtp, int flag, int argc, { if (((images.os.type == IH_TYPE_KERNEL) || (images.os.type == IH_TYPE_KERNEL_NOLOAD) || - (images.os.type == IH_TYPE_MULTI)) && + (images.os.type == IH_TYPE_MULTI) || + (images.os.type == IH_TYPE_OPTEE)) && (images.os.os == IH_OS_LINUX || images.os.os == IH_OS_VXWORKS)) return bootm_find_images(flag, argc, argv); @@ -827,6 +835,7 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc, switch (image_get_type(hdr)) { case IH_TYPE_KERNEL: case IH_TYPE_KERNEL_NOLOAD: + case IH_TYPE_OPTEE: *os_data = image_get_data(hdr); *os_len = image_get_data_size(hdr); break;