From patchwork Fri Mar 9 16:55:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131165 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1212995lja; Fri, 9 Mar 2018 08:56:42 -0800 (PST) X-Google-Smtp-Source: AG47ELsNG89O2MWnigSxEOHcQS7MgqGwPpW5h9k0ScOhnF/5c1McyDMBdwod8QAG6i6Xy+0jC6D/ X-Received: by 10.80.214.158 with SMTP id r30mr37672876edi.288.1520614602917; Fri, 09 Mar 2018 08:56:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614602; cv=none; d=google.com; s=arc-20160816; b=CKUKF+R1CijFmmmp0oH0YphS0UT4silNk6zo7LO4EA0NpfyOsxff+fDNIVSkR3zqlJ zGJTquWbGYH0WgxBJqx28tA0c8reGgCDMBWM0sKJ7l+c/ijP/kkGB8e1LYz7jUIiT6Tn 5BY7BhRgHGSOvzc/YVyN2Ux1iN/BMRAYDA7D4vDCrf5QHMRFKi+wr0rXs138XdRaduPB JfmdRQqyCvfEtyalca518aDxgqEZiLh1WSAvdyJYvo9/L5DSp5RnUNgT5ZnZ4c2GHW/5 RIgADJmSVv45mL7mLnP3UjrL90FawzeVekd//wMye48iOOEzkwLltW2vxcpCjco9tyzk zouw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=l5juljvmr/PTK3OvKQkS8Ki3nmnBhU6k0e25cam/Ow8=; b=YLL6a95HrLnyglh/49ETXaKN2ljI6DGu0+CGdAHKbxILfVaDBQkEi9CpwMPNDceqlK Sx7DX15yCRi0K/owr0n0k4Nsc+9yc0ztUGF6qCLVAcVfeE5xit2BO9ZQ/031PEU2sbUM kZSwdr9b4KbLhH9pV2dtpARAlVzragLZtj3Og+9Z7zWRJhPUZqBq2EGKrSM9mfbfU8Yy LkxiV5ds5JffjefYt0HL0hBSoY3nvbJai63dP1WZkG3RFTvVLPFetLwO0YTHgf7xfGEr QHPoAn5wtHXvvMpRNEf2/pANoKaUQ5y2/agf8t/3tb48Dz7nz+KIzSY+01m32wA1A25z jGmQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=D40taVcI; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x53si1434791edd.371.2018.03.09.08.56.42; Fri, 09 Mar 2018 08:56:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=D40taVcI; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 4CF67C21D74; Fri, 9 Mar 2018 16:56:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E4FCAC21DA6; Fri, 9 Mar 2018 16:55:36 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id AA9BDC21C6A; Fri, 9 Mar 2018 16:55:35 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 29FD5C21C27 for ; Fri, 9 Mar 2018 16:55:35 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id w128so5153421wmw.0 for ; Fri, 09 Mar 2018 08:55:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=D40taVcIrBRBIbdt0pS90fFJNMJm3saKAQThEp1LX0BUBiiavIdkXmHOkH5vAhTby+ eqFxmnnBHJfZS+sydRJdfY0bZ30vPFBnXjw1lTcrKvkBZ7WOqDVnISdLQ1Pq3MI1tftZ zK4Ri5X+Eq7CPmtK/8PTBR4rDeqX3llClG3vg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=ZDjb9vcEcO3pb0phgbwHQOHzCJmFSKTxc4s55jN8iTnn/7kCvoDCGmnfjsMjH5ejmc htNpSDXdZo5vEFSsat9x0/qU4iijvMn3vemM1ZQu/Edgwt1T0QFDlzE9+lD9Y/jQt5eN oBBqnd6cfdzLRVSRoN9+Pkiat4IzSYZ5IuZBYH8oAtt9/qtGSrxz9umfoBO5gIt2GCnn HldJ6ZfVcmNkKTL8VyQGgVkipjCFMa46CymaK0Sw52IjaSEJTxuhjFWZQxtv/n1fy3rd /YrzvT7NXgwlkTsJ/f914mR4BqdfhmIK3C26Hyqt+tvNYabmWzqV0FEduasNbWUwYQ/f 5mxg== X-Gm-Message-State: APf1xPACyBHPAiOD15yEYwhcTalzg0tsihXQCemQBBajmJCBNS8mTezF mLGEw9cU2/NBnfRZPiZ6baKo2QAP+jw= X-Received: by 10.80.177.16 with SMTP id k16mr38987777edd.92.1520614534590; Fri, 09 Mar 2018 08:55:34 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:33 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:22 +0000 Message-Id: <1520614531-2164-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 01/10] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 64 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 4fd41c4..a4029a6 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -310,5 +310,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 0db41c1..35da570 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -18,6 +18,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +} From patchwork Fri Mar 9 16:55:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131166 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1214213lja; Fri, 9 Mar 2018 08:58:03 -0800 (PST) X-Google-Smtp-Source: AG47ELvr2Rtx4iJDtCcWR/vQEV9wno2HORMaK0e6BEBIMBeoz1s/zdTO+QgamKMqFTRjt8cy19MB X-Received: by 10.80.213.154 with SMTP id v26mr33645049edi.58.1520614683860; Fri, 09 Mar 2018 08:58:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614683; cv=none; d=google.com; s=arc-20160816; b=zBWywA+oGV7h+rji8cDIg+8F9ID/iW89N74xSMdkUOZF3QH7KneUzEcvUMPm7dfIrJ ZmRHnbyPcHYCiwaEekJkwR5PWW1iEQTdsoTdTuCoBzhp9BQdLpJQjtC/nnz4sE9YO22u yodH44pekDtAUx9ukIKw2+9FuE9WOWGppGG137hPZddhbHrAURZQvB46SlgCVLQOJsDu SeoyToY+OQtEg/zy/Sfx6GiZMs6eirNpzkkOi2NajewWlWos6OjxXllwnYE0IkH62eSS xSXQUeQymA7KR+kpACSsBUP7Tn1NmCNPnnWonWp9IXGZ+ZenTYATTOz3nVngozAW9wFJ 90gQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=cvvB+lycwb5nber/e5Gw1LfRjIk4mJApi6IWnJNqGH8=; b=NMZw/nVgzMZoamGRwQRGTLIgjF12LHZZnYW9bURDopurzJgxWkUbjLm0wEwerWujEG DsNBd4J5XkoAeQxngDiujjeahpEU3yO8/Y51TikOzEEp53g3oH2N4GPvPfDOzDX2vYXn PIH1pEUOeP5bNiJkNKSQ/xEclU8/If4Pfn0cTElIDwzAEKH24AIclILkbF7ACk9ddWWd r5fHhgFePSjeqyqv3CVQkEwnUE7AaOojCqbu1clq2zqhw2o54HwxpoPDRKi82/BYHqSL haQjwMWXZyHkPzeyb+XQtRjUfThpWRSW03e0qWbyEc/PiGzuDks7eD0Sl3EVAYV92P2t tDfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZOQa1MpO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id b21si375778edb.350.2018.03.09.08.58.03; Fri, 09 Mar 2018 08:58:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZOQa1MpO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 3912EC21DB3; Fri, 9 Mar 2018 16:56:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 98E77C21E0D; Fri, 9 Mar 2018 16:55:42 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 18A8EC21DED; Fri, 9 Mar 2018 16:55:38 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 44C4DC21D4A for ; Fri, 9 Mar 2018 16:55:36 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id x7so5073359wmc.0 for ; Fri, 09 Mar 2018 08:55:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=ZOQa1MpOZ9tvAYOioc/mB5w23TwZGurOaEZYk+Y6YPg/4/U/3L46iPD6L/oJSfQi75 XAfaRk8dIn58OEtjIClAp4GdCBN90/MmvLXrQgVCSS4idwMEqxbC1JcXEkZ/0Umq/keF 6/gUn4wqp0+jUa4x6knF9o9dNUl+bq/tRlnNc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=qbTT2g7eRGIGTQsZYvFMU7a1ZPp9Iulxa7bevt8/9plQzR4ytf6GtEQmQKLLBx9oMd vsWnbJ7bNvTNaHg3jNQP/rwh91ljCAhl4LW6ZRxdhfPtY+Pa4LFjk+hJ9O7O8u0iwWMw 6/y9stg85qd0RYW/QPbxvM+q6/EwxFBg8xX8e0xi6q2p3WQyVynlUcfHwx90mEurUpIz IRN4/Bd+h80R8WQmqg9mH0EckMvK9+Bjrp6+PEOUK+Psjgzt+tmfGrod2T8i9uKi852q RqS7ls5w82CFphWwOTfuHHvKtPpz6YiFZMbBDeoN+MzmzLPzpUBW0hy7I8vvSxDDs9iv Rh9Q== X-Gm-Message-State: APf1xPCeA7YehDdF/Ot6YUruni0SumpigC0QozutFavbRfbu+H4cL4S9 g911msHzIXGMkE/wX0auFQkWpJvS6No= X-Received: by 10.80.222.131 with SMTP id c3mr38403715edl.220.1520614535758; Fri, 09 Mar 2018 08:55:35 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:35 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:23 +0000 Message-Id: <1520614531-2164-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 02/10] optee: Add CONFIG_OPTEE_TZDRAM_SIZE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default size of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM size specified in the OPTEE build and the TZDRAM size specified in U-Boot match-up. Further patches will use TZDRAM size with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 2e406fe..41c0ab7 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -6,3 +6,11 @@ config OPTEE enable an OPTEE specific bootm command that will perform additional OPTEE specific checks before booting an OPTEE image created with mkimage. + +config OPTEE_TZDRAM_SIZE + hex "Amount of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x3000000 + help + The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE + runtime. From patchwork Fri Mar 9 16:55:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131170 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217056lja; Fri, 9 Mar 2018 09:00:49 -0800 (PST) X-Google-Smtp-Source: AG47ELsRNwZHXfNl/FGUTBYlqbtpldHxLZ+EAPtqTQHGfD3YJjFI/mzRjWGbyuwiCzqWFTjKT2o4 X-Received: by 10.80.144.5 with SMTP id b5mr28353616eda.118.1520614849747; Fri, 09 Mar 2018 09:00:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614849; cv=none; d=google.com; s=arc-20160816; b=QHg7ThOVlrPxnTfCaumacNTcZkj5mKHUc3OLfRRN5A9zGccTnhUsVEKudXuBs+a7QD thtuC+8WlhMPNsGJ+ocxrsOp7B/2uGu8He6Gu4S9AZDTNJ6DKrhlo5/JEH3YMMcSNMQ0 EtpzpZIbZ87FvPkhMY47bRvJWLpOQUNLW1bEkUGzJh1kfb2c8L9XIglQH5fMMWbLJfFO a/E54lInzBe+dLZng3/9cd2o4Iyu9JrbrQT/ADwQZV1FIs//KmpfqW3N7e6pfUsIONTb GQiMITS9xft0rVtoi255lnkiP/NrhC5/LvMQiXVW+ZBOY7tlQF+s/nW3YS75y1I5OjTl yC+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=WIuIgvpgtZYDV9nhJRw8IR1f58HK9TAeX299G1fJjcA=; b=riadkmCZ72rde+nhL7uRmRDCFM2IB3qCrlMhwf6Z6D/6j1dCzRC2IkVck08+D/Wh4K XlRzHTLitDhRUlLVcrPEuzUjV1VVDR2n0laayKo3bnUnB94w73TX7a0yOGyVio7dKsLm qYvSQLK+KbT7a0h/XOHB9YS5cOSksyACkg5U78wZz8ZoOkJ8wLAHDlIcSzSw250ydaa6 qD1tIRTRtBiLHnfiQrGm4tNN1mx+Dey/6LmntpzJsNgqIuCdhNj6mkT44CWV1lVfLaMn FjdsL4C16BWGOylcF1aDGZYIFXTV7MIvK6k86rKE+eEzlhBYo8DduczjDFXlpaOWFeZr ro4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dZAi6V2m; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id v25si1660235eda.290.2018.03.09.09.00.49; Fri, 09 Mar 2018 09:00:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dZAi6V2m; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 560E3C21DF9; Fri, 9 Mar 2018 16:56:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5630FC21C6A; Fri, 9 Mar 2018 16:55:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A4B58C21DED; Fri, 9 Mar 2018 16:55:42 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 42F2FC21DE8 for ; Fri, 9 Mar 2018 16:55:37 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id z9so5036781wmb.3 for ; Fri, 09 Mar 2018 08:55:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JqMardwNHUiMRBwjh6/JFvFB6M2jc+0V4mjRrdamGCA=; b=dZAi6V2mrQmpbkTzcnmDfGWgV5kBo2NF/ZSNZYlxwknBm+CXpeq80BT0GksfAyxeLh 6GqekesyQxoLCorx4QjydGFUQEbe0YEyJJIbXRdvzBEbHHWbzbgiuaDY5p1DGhwCS+gu Qe8Js4KTtqz8KLmaISQqaFCpNRumKApyPq8Z0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JqMardwNHUiMRBwjh6/JFvFB6M2jc+0V4mjRrdamGCA=; b=HsXtKTaZkcWi1W543tWyNOSCfCcAO71SdKxMMbvR4AnLP6dlE4Q4BpIElehuQ6B64+ Eksu/YaXT3d6bGbrNJN/VqGMtCLb+wMoczPvgBVxPDxnWZo/gQhUGGy6MG7Uf/9hT9O+ RXQCbiY+FuMPwivC99SPLU6hmK8O2MaMDYcge2XB1AyfSPeIpZA3MyeDZCZ+sfO7+SRK 6Ir81w2xE4lEk+J9DrBxfg7Q9nRCGAN5WsZyEF9o5OXfGXn7+GB1utgKNgyPxCURde/s 4Joncjhq4ElzUHnRmKctdkoPMaogoUQjGULDhTmgmP+UfbRg5llLU+sVeMxYppP/vskT F4Cg== X-Gm-Message-State: APf1xPBDvVxHxb73mX6NhEjhed4+fBM0KSVxha6aBH8pP6Gjwn55YgJW OCFoCpW76jFjzCnHgWWnLLrSQNuxD34= X-Received: by 10.80.209.216 with SMTP id i24mr37335617edg.213.1520614536759; Fri, 09 Mar 2018 08:55:36 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:36 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:24 +0000 Message-Id: <1520614531-2164-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 03/10] optee: Add CONFIG_OPTEE_TZDRAM_BASE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default address of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM address specified in the OPTEE build and the TZDRAM address specified in U-Boot match-up. Further patches will use TZDRAM address with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 41c0ab7..a3b7332 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -14,3 +14,11 @@ config OPTEE_TZDRAM_SIZE help The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE runtime. + +config OPTEE_TZDRAM_BASE + hex "Base address of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x9d000000 + help + The base address of pre-allocated Trust Zone DRAM for + the OPTEE runtime. From patchwork Fri Mar 9 16:55:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131168 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1215010lja; Fri, 9 Mar 2018 08:58:58 -0800 (PST) X-Google-Smtp-Source: AG47ELuxMMEA9fmykEsL1lZBPIr87go4fzbi06iMAag9QoZUuRe9SCREtwGNEuNP1tjV0c1rCT/c X-Received: by 10.80.230.153 with SMTP id z25mr38875079edm.61.1520614738745; Fri, 09 Mar 2018 08:58:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614738; cv=none; d=google.com; s=arc-20160816; b=aE1O4JTel/bicWl80jFWk4xlRFB5Dfm0duFGKBFpwFzmtNsaCYzrwCQOZL9eDOe20F eTXWKpRmUaTVW9LN9z+vk7ORuXMP+J6jkdKwvgNziUfh0b9kKdv4HsJen65OvXSvlDW+ qLwPk64T714VF794gXOlJokCP2xRbNkjc15/eFJXP2x4XPRITE6BslrKTSNIviE+46wm vZLLNYceI2Kzj8pr1h43ev4DcvIvlr/To3TumnVRknqS8d9M5CsMA3rx1TNquM5Jh8tm hGCas+bCfsnk5AwpLyYahsGPoc9Ej1b0gTPY74VfZC1r3q3T/z1gyAEqOFS2xaxmFUH7 eLcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:arc-authentication-results; bh=6bvkRZNCgxi9bqqMfx8A4B25+/Sl75gb2NaqvZhnKMs=; b=e6/GC5FvWRP3ys99i2VRrbHiB/+SG+RXdoo5BVw8KVZVaUUSX6plsEjoxbnZkmmFWI kuFasgbB/P/C3VoI4IpWXRjDZD2wz8+SO2C2cvGvfL9axZbV0rHyEkymII0hKybt5HLN cS44bd0xW6eWJwUNw9MKzjcBulIATTsJHu0BjXJcme5bdtYEwTOUDycF5AeNLV6Ru5Mr JXTJvO16I9OYVt4cs2YUN/pqTWRaSUC6dkQ8nBfYvmwRsLSsJW909+8/txhT22Kj5mfl sRV6FZBkXM+sLDxnDWiDLtVW210ZKVa/P4nSGJidl6UumIRKmta84l8U8W+IgPkhP8t9 lz+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=abtGUEJc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d88si180812edd.514.2018.03.09.08.58.58; Fri, 09 Mar 2018 08:58:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=abtGUEJc; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 39B06C21DD4; Fri, 9 Mar 2018 16:57:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 49B48C21D72; Fri, 9 Mar 2018 16:55:55 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E133EC21DAF; Fri, 9 Mar 2018 16:55:43 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id F3586C21DD9 for ; Fri, 9 Mar 2018 16:55:38 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id i3so5034040wmi.4 for ; Fri, 09 Mar 2018 08:55:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=gofIoIyd6njEV/Ghcjl9yXszp/sNxHv0hZ0QSMrCCkw=; b=abtGUEJcxdC2/ZeJMLwsDg4aa2i3qeYY9fMQPxIoQnxc/n0bd5Axd1bB0Vzzc6GEYg XICU/dSOw538EddSVBjyiUKg5uB3lsub/GNq3U3cSt13OsrceeL0ut83ujiHjPcS/ZAY kfw/fSNzg5jJR+f4SfwH6gq0sbQaGHWbRmunE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=gofIoIyd6njEV/Ghcjl9yXszp/sNxHv0hZ0QSMrCCkw=; b=QiXC8VycEqbpuMJtNoVJH1tpmivEs3M6GlAgaJualIHu0fxYFF0iGc3FCGT5d7iSNG k0lJr0GtsdNBhxATrq86ryLVV0uOXPPef6UkBKA1UnZVl+cy38y30/W8IVK+rCLXM4wf RoW0etOHpOSdkWHdCArIuQ5cL/WHwo3LYqF5q+lKccgpxeC2pnZ2n7ChE0e0o2wmKBzj XCVkoHwY5zSAmBY7p5UKehFaccG1aLUUfhx3UYGj06IvO9eeJKVRxRrU4QuOV+zU151W XdFAAwCtWbElsj7j+ViUUstOb6pMkaFutsKMMSDr50Zwx5L61/vXp2cC/HGu2/PQf4a5 n32Q== X-Gm-Message-State: APf1xPDK8bgDJRezO9s6x2G63D4JAzJe0SvtC7yZaE/jkPaKa1JuAzCG V9QDhg17bkn1QYcaNqJfkQKauNiOtFQ= X-Received: by 10.80.201.76 with SMTP id p12mr38856073edh.199.1520614538456; Fri, 09 Mar 2018 08:55:38 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:37 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:25 +0000 Message-Id: <1520614531-2164-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Subject: [U-Boot] [PATCH v5 04/10] optee: Add CONFIG_OPTEE_LOAD_ADDR X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" CONFIG_OPTEE_LOAD_ADDR is used to tell u-boot where to load the OPTEE binary into memory prior to handing off control to OPTEE. We need to pull this value out of u-boot in order to produce an IMX IVT/CSF signed pair for the purposes of secure boot. The best way to do that is to have CONFIG_OPTEE_LOAD_ADDR appear in u-boot.cfg. Adding new CONFIG entires to u-boot should be kconfig driven so this patch does just that. Signed-off-by: Bryan O'Donoghue Reviewed-by: Ryan Harkin --- lib/optee/Kconfig | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index a3b7332..cc73ec3 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -7,6 +7,12 @@ config OPTEE OPTEE specific checks before booting an OPTEE image created with mkimage. +config OPTEE_LOAD_ADDR + hex "OPTEE load address" + default 0x00000000 + help + The load address of the bootable OPTEE binary. + config OPTEE_TZDRAM_SIZE hex "Amount of Trust-Zone RAM for the OPTEE image" depends on OPTEE From patchwork Fri Mar 9 16:55:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131167 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1214632lja; Fri, 9 Mar 2018 08:58:34 -0800 (PST) X-Google-Smtp-Source: AG47ELvUTeEXS2ReL+Mn1tw2wB8/rLbM8pGaMGCpZmTr/LZ5aIqGXrtRaf6gn8ollk7JjxVF9R83 X-Received: by 10.80.159.1 with SMTP id b1mr37249452edf.132.1520614713961; Fri, 09 Mar 2018 08:58:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614713; cv=none; d=google.com; s=arc-20160816; b=ZmFZSON3hQzAOSqzbP1xwXELehUM0sAeP+V1MwACNKCNT0jwT6etEu3guARhZEHVOV kaS7GjwsvvPOVOLUpJF31zVC4h2EOtZgPVhf+BvNN2pkXXriqIbU/Hc1EW0cnSujWlko 3JrnOxb7M473QbX9q9O0F2yBH6TqpsJFy/13SW+v0G7NjuoKjkFKLtYlypJTpSgN5V4g ++/s+DbgqYvCXvJZ/E6fmosYMrCDiCvantGUIk8zjVgv2JNBHHBiY2/JBTX04G3E/oNo WcOxtshAMcyizyCFxgVPzPwu9Bg/q/bQxDP2X92MK6lBBsIEHuFGe0XPwcuYipOabSLd PoWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4CcwC7FBgW8X30HcQeHFFZHS6A58CAZ3P784+gQMGDU=; b=m9PcAb7uMADwrUbagxv+leoYeQ99MXQz0igKTEroUL4kQyW5hiDSchek+D1bWjew8b D/Oamy/KzpQlCWaXn+jGUYYqX32yEJ2sJb1jpYTV4sMbgkKo1CXVO02IGyReIOKwVSZl pemoOg4ljzFK9lkWPqLXjQyboZDnizhgD2O6Oskj9oEOJSYVXPgXTRk+3obnm1qYK6wu kuBVsYjZ6WDAfagADTy97dQf6Gj9TZb+laAULCAl+kv+R//77nJ98qyWJLMVJAnsPk40 93ehVPVw3zLQPHpEvUoUYLroL+AaB5tqqbqJiA7edcji9HC2Lqdq+q+SZ2VMfvIorHe/ OWNg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=gap7KTKO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w3si1488937edj.433.2018.03.09.08.58.33; Fri, 09 Mar 2018 08:58:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=gap7KTKO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 94272C21C6A; Fri, 9 Mar 2018 16:57:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1BCF8C21DFB; Fri, 9 Mar 2018 16:55:51 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A973FC21C27; Fri, 9 Mar 2018 16:55:44 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id E2E25C21E0B for ; Fri, 9 Mar 2018 16:55:39 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id h21so5094599wmd.1 for ; Fri, 09 Mar 2018 08:55:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=gap7KTKOPiuAWnEkGOH3j12Dyiggc6z3lYoUPQkiKZ04F+LXpgJb239eQ1UT/ve56U sZcITiRPB+2ojdSoFNPOXBsxaRj0WKfSwmvr+DKZrbfXZX2rYSxU0D/OFTx9tmrXc4S0 QTmBhAyvthJqBRWdNLdlOV5ObebL9EfmKgjyY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=p9KQCggochAVygDUK8Hfke8XIM+PRZrg3XRMJ4PfC/2lUAbyfPqg2hjdCOC3C2zTVT 4aRC5B8FHWtyLcAg0yYvbpxp6WtfW/FzmnlZuHPN6s4JKEQMgdEYbhZtIW1RKTBn02jF YD3K13BvYcsKNoCJfVDc2svy4Bgyg1TiO8bMk6jDBuugjJmbgQ318V4XtwDJ8FbrahKu We0qgkflXDfSXVOr0PIshBKrRLcSQuIwdl9Fu/zHvgYBgH8ExilFYw+V7BT8LOiLXRZ0 XAmbKHudL5GPSecuGrV/lYpi0KTZFnbUYRMC2aHF/g8Q3iTlOCx2setCM8thbCiAUFzB 2Ygw== X-Gm-Message-State: APf1xPDlhpdIVGlJSIVZ45BBpXEPB6WdwoeNkqcVjT/evSFV6ONjnki7 DaVyuUy+L9tl4M6yTSZPPUl9GrjANu0= X-Received: by 10.80.170.222 with SMTP id r30mr37940726edc.309.1520614539413; Fri, 09 Mar 2018 08:55:39 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:38 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:26 +0000 Message-Id: <1520614531-2164-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 05/10] optee: Add optee_image_get_entry_point() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a helper function for extracting the least significant 32 bits from the OPTEE entry point address, which will be good enough to load OPTEE binaries up to (2^32)-1 bytes. We may need to extend this out later on but for now (2^32)-1 should be fine. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index 8943afb..eb328d3 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -29,6 +29,13 @@ struct optee_header { uint32_t paged_size; }; +static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) +{ + struct optee_header *optee_hdr = (struct optee_header *)(hdr + 1); + + return optee_hdr->init_load_addr_lo; +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Fri Mar 9 16:55:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131171 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217427lja; Fri, 9 Mar 2018 09:01:04 -0800 (PST) X-Google-Smtp-Source: AG47ELuFLtSFLNXvcYwAcoZxZx76+TAq+YQ5HV4rUi7Nf8kqcQZFZxpYqNzvGY2A4nCTIpBhJgXz X-Received: by 10.80.205.27 with SMTP id z27mr38737716edi.83.1520614864263; Fri, 09 Mar 2018 09:01:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614864; cv=none; d=google.com; s=arc-20160816; b=tR+mNsogBmQG0h9bXojuiyvfP3kv8T645Rib35BQJgifexGrZORMlFzLycpC5EAOeA o/aRcx/4x3dWqhkO40h49ZTTcU+VGYYjTW4H9ENen250BXNfYTM86wZ2xzi8GLWAh1um v7H6nIrPp5EgTlCb4AscgebZOPWB0rMOOfbaquwYaKKee/12dQS383TY9p8Gu5HgoXWo mCg9lzE7nDeg8LPlIIkya24ykSy50o3hg9aFvGEvJSr1GVYgXRG0pgVUpYdHXBREpaHG VYZ7+IhOnexzKriiLVHL0IE+gsBWKH/F+xH8CXquSNkIqG1DgXlCKnx+wbBI9zunLr3I obug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QaYroxNd3askNKowPokMN25W/t4qBXmwlbEd13MrC2M=; b=vQrsEKkin8bXfxMs5bHnZwWYFGoUMTA/jf4Q86eVrQNA+3qnn1Hm62gW4JUdK+Jm4N eLbOlHLS/mZ+DuD2lDsorgsdKVzraqm6Lq02yb6NE4BfAWAz3c/qa7tuAzlG278AgBm/ dtykonu1Y9YCTsWHzJVV8zvC67T3jVJeHXRvf0K/i8iK2hqO+y+gyOZKZYrNpm7ThqUM u4M2dfYEUoofS0NbU0W7pEoEeWaHcnsqdfhSDif/qhgGaBkNkINrfAYL6Dj48erYm1Ae qEIPHr/i2DUL059WKFgOnYP5iwPdIA+dhH62wSFsTaU81/ERrp9MCeiBJv96iBVqGI6j Ks5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h77aKelm; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x34si1398191edc.202.2018.03.09.09.01.04; Fri, 09 Mar 2018 09:01:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h77aKelm; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D9661C21DA2; Fri, 9 Mar 2018 16:57:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 2D698C21E3A; Fri, 9 Mar 2018 16:55:56 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8BC0CC21DE8; Fri, 9 Mar 2018 16:55:45 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 43657C21E1E for ; Fri, 9 Mar 2018 16:55:41 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id 188so5061584wme.1 for ; Fri, 09 Mar 2018 08:55:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=h77aKelmufce4rnSaK+xAjl63nBri0nmbzHNdCQtUvoMhnNUnmT5D23Md9uvzQsFq3 yH5jJV5lVxBi7UEFzp/nu7PrS5jEyWw16d/QyambwVq4IfA02suOX5uN/g4lXfMeA5ZQ 1B5Xt4o1zjfQ1BlOI/zZAbFq7N7+7UIrT8Vao= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=J42l5deRB5BPquIVpEnaVmtp0WyE+FAAPs5RbWAwu4O6bfk7lmhX0pUZPB0POEqoRx 6V7x25mT4aIbmiGqZikjOTs87ME3ELvPj2QGmkgT//fbzL5QmIarOYxEanhvv8vEBdAC m6H8a4DvHPq9KV8/Rt/2OwfO1YysrT3GYpHvXboKjMvwX4u8zUNkD8cqjB3KlZHSbJOh iCmF0LjiLqEDpXE7RVi9AMVK/hVXQElsnUkPjJwuN0r3n/ITjjJ695RhgChD+zjrXXHR NItRXT3cdJGKIF0lQgXIKElkUuAWf9o6v1b40y6Bm3O5pe+SiFIyZNABwwNrmG6TLf0N zGBg== X-Gm-Message-State: AElRT7FLDDYUeUkQTgzTAQTe9Lhr7svJB96RbNQclFjY+yxXMubekke2 e1+kAMj14XOjq7yKGwQeYXljEUEfEjg= X-Received: by 10.80.160.231 with SMTP id 94mr25372639edo.180.1520614540774; Fri, 09 Mar 2018 08:55:40 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:40 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:27 +0000 Message-Id: <1520614531-2164-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 06/10] optee: Add optee_image_get_load_addr() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_image_get_load_addr() a helper function used to calculate the load-address of an OPTEE image based on the lower entry-point address given in the OPTEE header. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index eb328d3..e782cb0 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -36,6 +36,11 @@ static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) return optee_hdr->init_load_addr_lo; } +static inline uint32_t optee_image_get_load_addr(const image_header_t *hdr) +{ + return optee_image_get_entry_point(hdr) - sizeof(struct optee_header); +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Fri Mar 9 16:55:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131173 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217768lja; Fri, 9 Mar 2018 09:01:18 -0800 (PST) X-Google-Smtp-Source: AG47ELuPQJjRnVUJoxIJVE8ntPbz6bPeGUXcDFnwdVwbHKLW3rWO+gm4+0f5t7leqHAZ6c8xD9jq X-Received: by 10.80.194.10 with SMTP id n10mr38000605edf.84.1520614878420; Fri, 09 Mar 2018 09:01:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614878; cv=none; d=google.com; s=arc-20160816; b=U+CCfkeW53NUhOIw8hcwwm1VJOGCivpot+nPuUl7t1WJpF+5ib3wR9JWWywFkUW6gn fj5S8tkL/hkXADHzeotx9cRO/6Q/xZY/8yZpXJ8o56chQCcGLaaLMaXqwHZKhpCQyIkt FxJY0LpDoZiDX0DBGr29eYfEZlcvxqFKKyV5qDMqpOm8RJPWU+xpILS9XPiJfeNHlETz gVYPbDS8vQ9qOOo+CTxwoSRstQO/bxEDH7e79Lz5OD9IZKFZDFTTm7Wk4X9L1OTNH7Ls x4e/BBw7e19OAxyH84wnS5J6zH5usw2GBnvM0gfYfFAKwXQXKDZPh7fhjST25T0gRo96 Oxnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9P+Z1ULXkjhKLCgHMUrqkg4Ilk198k9kAIZoBGKtpWM=; b=m3XF0lOYIsGe7kC//wQpS406bQxcvPbyEyUiRag6H1nSHUWXQCWayilnQDdz7TO7BM Sl7Wjqxe0CjBwaI5B87myOf9v2fMytosV8uwyyc2GF25N1CMzBpbCIDHr7SYu5VAWNp7 NT6Iq3UT/p4TtG1fSjmy4wAqepJRDJDfG5HC7AmDyhLkuXAThZFyrXtbkpLgA5fDdbN2 UmsC5EtEni9o15SfGGOSscLjfQEpUwSPZfv0hZM76CCZ/71sCuFDqMivvntctcHj02ot 2Wrr5TTbz7zWXEb38nFZlDiwQpj9ESOmFs6svlseBxsd7AfeOqFVwgZExJ58FWXFvlvw 0k/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NpbcZJG+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x60si1321378edc.234.2018.03.09.09.01.18; Fri, 09 Mar 2018 09:01:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NpbcZJG+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 081C5C21E2C; Fri, 9 Mar 2018 16:57:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 39186C21E29; Fri, 9 Mar 2018 16:55:59 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D57BFC21E39; Fri, 9 Mar 2018 16:55:46 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 43680C21DE8 for ; Fri, 9 Mar 2018 16:55:42 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id a20so4242329wmd.1 for ; Fri, 09 Mar 2018 08:55:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=NpbcZJG+Qwv3i1Myl42XxYur2pHAqMNDcq5gm/G7IDdVTTO3jrZRixdQJ1r9naPSvG rlMB5hA4M8hgL+W2e2dZDdmOIbPMq1uQti0dibsjpkMdQKJpZE8VKc5UnwLNSUSm+IdX oeeAinvGG+WkfKJWxr4GhUQ/NCVSytDp4946c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uemXRx5/51OFiTMXaXUhm55yC4L3W9Zkd6/DsEMMGy8=; b=Q/X8kWVQacsXe8ZsjFVcPhinddg3XCcBdszl8PvIuK6BKJOTF6lHuU5cz+DV1BsWDq ttkMebXPH6SnTi8uIE2l6uquMn6/TrHknIVuK35RGOzv0uMVCw2X/+8wSIlYm4hGN4EB nEkT/Vjsk2mrm8UPHo8+DVrW+7WpsUefznzboXJBNMtQ66vFWLbcVPOBmJTlTSGJ7ArL T6K2ZsOXFcSDVYaq9IB3RE+jSbasapynCRMkkFsY6xVX0fMRWwAWLl05cUop1Jm3pUnf +5ib6fc1gwz4UN5bpzsaonttm+ff0Wp0aIZaFQt4YfP1jlNlbYge9xDFc8nqCpVuqSY+ 67wA== X-Gm-Message-State: APf1xPAJZXU2Q6+SvATKaD61XRmiAnwoKCGqBOQKEfGWZxo/1xs1xeGY m6AH3s2P4+IxVjv861D+w1zklcfqmbw= X-Received: by 10.80.135.170 with SMTP id a39mr38189411eda.82.1520614541775; Fri, 09 Mar 2018 08:55:41 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:41 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:28 +0000 Message-Id: <1520614531-2164-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 07/10] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +} From patchwork Fri Mar 9 16:55:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131174 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217904lja; Fri, 9 Mar 2018 09:01:23 -0800 (PST) X-Google-Smtp-Source: AG47ELuXgcE8iD18tg30WQK4v3315Pg/f67lHO7KmUJoazB54Gfrb4z9Tq+ioq2iDuq2DodU13EZ X-Received: by 10.80.241.83 with SMTP id z19mr38528156edl.104.1520614883631; Fri, 09 Mar 2018 09:01:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614883; cv=none; d=google.com; s=arc-20160816; b=yNpw8bOl3WV/NcqjGizMuBoU3EygX+ErrBEEw39C93x2FVcJoBaTVeMUfgsgYWFaVg Jr9aDrVZigeKHLuDlCYdEvdqudK95I3XswYriPjehH6YO/AcUrOfRMoc3mmNM0SXPxgA jUeNwipCB9nvkPQfrhi+l478aEBHWJ0ITTDTn5+uZqIvF9No7t5112RZYMlFeD5l28I8 IHibgEK9lz1M16vCKkRdRfxKGY0tMlLKckGosDpidIYrHm2Jz2NXvGZPHHj5+EzHyrnn FAJD6viFULUlpgK08eYeUr7F7/xA944iNhZZJl/pHZg7PKcNREN9VadeIizlzCGwCkH8 8/Kg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=k2G4x2/VptXi91LLzWj2/3r5duQgFPomWnrH9Y5Gw18=; b=ceJIkA8oDbzIRflbYIvkMmjX6H9RhM52jmfA1GXNx6h45LgLspSayfyJK/XD5L0RHR Z9k29L/j3+taAxGkm8VFeQaIWAne+geb+r8046wpN1am/PO6PLEPfGQEu9KMfNOrsQGY iczCaZiQwmyFOVSnC0gOeMkac2jyqtCxHv32HZ+7/RNwm7mLE0yxoz174fspRNuu0oTW jI8jX5mkfCbVRmI168IZAxxKQVuuM6Cw5NVObojR6FsotG/6uVWQL0BbAWTsTcqb/Omw wEGhvPJnyDv6SAMaI9rijh/N0eSVKVXEpaMq4F+jGEzC7hMIwYyK0P4h8FFyimdBJvWY ttSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FgXkvf86; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id n21si1459046eda.281.2018.03.09.09.01.22; Fri, 09 Mar 2018 09:01:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FgXkvf86; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D44ECC21DFD; Fri, 9 Mar 2018 16:58:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B9824C21E44; Fri, 9 Mar 2018 16:56:05 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 049C3C21E3B; Fri, 9 Mar 2018 16:55:47 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 3EF14C21DD9 for ; Fri, 9 Mar 2018 16:55:43 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id 139so5091134wmn.2 for ; Fri, 09 Mar 2018 08:55:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=FgXkvf86UVtesaakVTGB9ndvVM684fu3AzYMCqxvUxGtX+CbjioipyouPy8E1UxyJA uNb3/IsVWRee5zOOaJbZ68PycjhBUxC9CJ5Cd9gHswGXiN1G6UNcwbhzh7fi/X5W66W+ 3Dvw0gIQAA/rBneCBuvZDwKs53NKw/UWmWXwc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9l4y29YT9GA9C87v2s0KMfjVt7b/wQv5HyUsRKb+Koc=; b=tjie2MWDrAwOY3lr1B+reVfCp64yUxfm3zkOM4qd/dsa0Ja7pRZYNF4QIIlb3zeve/ 5fy7T+pdSs3sWUBdvsX0eAmV/mZefnmF4r9uz6GN8e3uDuV7aFKTyQL72gn998Kp1H/6 8wKr7B5DOPunsSl1G4f2mz6As0CmhQbF9ZguSFIOE6y8+AnfTJ9UNYFbVY94bBDkZVHR Fud8Eqa4f2XwCgULyT9IXxbssU/tcHM2tCzCeTxg48mk4lG7yw2YHEYyNXoNbL6V6XJ8 UHUoNGop7UOFwUixl2SzzdXyAWTbB9bOzN2dAH1R1/aQkDyMu0yBd+AP1tVzhuTQlJn/ sTVA== X-Gm-Message-State: APf1xPB246yDuKeNxdnFsbIG1greaFjGqpulktgu4IZ7nDGcCF4/oBzu zJVgyVGcdHU+zzAfonLcewb6u6YGgkY= X-Received: by 10.80.157.130 with SMTP id w2mr38751468ede.123.1520614542772; Fri, 09 Mar 2018 08:55:42 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:42 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:29 +0000 Message-Id: <1520614531-2164-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 08/10] optee: Add error printout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" When encountering an error in OPTEE verification print out various details of the OPTEE header to aid in further debugging of encountered errors. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/optee.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 365c078..78a15e8 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -8,6 +8,12 @@ #include #include +#define optee_hdr_err_msg \ + "OPTEE verification error:" \ + "\n\thdr=%p image=0x%08lx magic=0x%08x tzdram 0x%08lx-0x%08lx " \ + "\n\theader lo=0x%08x hi=0x%08x size=0x%08lx arch=0x%08x" \ + "\n\tuimage params 0x%08lx-0x%08lx\n" + int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len) { @@ -42,10 +48,19 @@ int optee_verify_bootm_image(unsigned long image_addr, ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); if (ret) - return ret; + goto error; - if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) { ret = -EINVAL; + goto error; + } + + return ret; +error: + printf(optee_hdr_err_msg, hdr, image_addr, hdr->magic, tzdram_start, + tzdram_start + tzdram_len, hdr->init_load_addr_lo, + hdr->init_load_addr_hi, image_len, hdr->arch, image_load_addr, + image_load_addr + image_len); return ret; } From patchwork Fri Mar 9 16:55:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131169 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1215516lja; Fri, 9 Mar 2018 08:59:32 -0800 (PST) X-Google-Smtp-Source: AG47ELtGki7JIiCdM9NwnWb4Lm8VsGK3KPg4qmiYiVYjkx3mTJK58fd/A4ZohXGN6UFpq1SEMfcn X-Received: by 10.80.132.5 with SMTP id 5mr25546343edp.139.1520614772633; Fri, 09 Mar 2018 08:59:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614772; cv=none; d=google.com; s=arc-20160816; b=ThuRhA9IcyrCwnZhON3B95/fmOdQceQ7igsbSgqho/7CgmoQLcUSJjlLOJWpR+PgMu 4QOU4zI94EHPg51ujGNgKa9NZ79k9RTEBoCOU65pFa5Fixmtbgfne3RZXyzjzC+P34+b G3SJyYI/UUm9Xt/j0SCpvx8dIh9IdND9iKcHYcJGS9BgYB2yxwt3camSYWpoQsnE46QB JU0Y+y98v/Xtf8+0n2IyfnOQP45ShitUvPSSD1Ha7m3za8F+3U28CBOY/0NCaChV8X4r 1ZQN+cHkvejAT+mLnOnPSYiZZLMEF621YrbDpfhQbTAlLPZj0t+zq3HUpWGj2QpzQ+RL 6nCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Nxpv16LWVEZoKd+RBY6AU4YSanVUUR5YuTIbpNNa33w=; b=Qo94qNCztsL6A5NO+A/imsoQKTloebrBmbIkyy+qcSxQWeCy+W2NHl9w79xqX07IPw ZxjKn2UNAr62pPnZPbhZBFfF9OzljT6tJNXza35uvJXY0QGdQq4R6cLc7I9SMSZyRaYI jEddxZ4tl7YN702Z7o5hWs71NQFaQwJ9vuvyi22np9mK/3FSPzs0JVLDYi+Mqz0gvt4P AaoxBIgukJEA4ftJ4IydWmF3ZPuTUWgbr7569r/ZU2SuilCUSseDHfCGO0FtFw8b5gIy SHECSmrSJA2cgQpY99dcV949iGuKntSdPhI5+tCsUuHEYRQUGICuFTbIAFj3hcc/kP/U w5+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LIcxDRkW; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w10si328103edl.328.2018.03.09.08.59.32; Fri, 09 Mar 2018 08:59:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LIcxDRkW; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 4339BC21DF3; Fri, 9 Mar 2018 16:58:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id DAB54C21DFF; Fri, 9 Mar 2018 16:56:16 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B8BFBC21DD4; Fri, 9 Mar 2018 16:55:48 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 80AF8C21D4A for ; Fri, 9 Mar 2018 16:55:44 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id q83so5108807wme.5 for ; Fri, 09 Mar 2018 08:55:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=1Xeau/pafFYygWJPzlvvGX1TfjvwM2oL9f2/MJ5tLUQ=; b=LIcxDRkW7IJNFpHhYarqFyXUWGfjW5vctJ+iQiey2c+w6SIWYtnXBR5eRqSoo7c85W OX3MWfM1Ai/Wp4k49/TDLRLdiIctmCVZbkJXGozG/gj+XI1q8dX+kWvbiF+ROa54fH1c 99pJ7m1y/GkXkyfcPr7GbzYn+UOswAKu/slCg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=1Xeau/pafFYygWJPzlvvGX1TfjvwM2oL9f2/MJ5tLUQ=; b=kyAoWFNzSyOSEGj96NTjaA5bb9A/Ym1w/UvChMq4V+FxK+ny1I8xPN+L7obdt6PhbA YxZzxSC2ZikV31NEt8Nz7QtJfko597nFkhHDXEQMBS2CmxLZmoB3I/x+0XMkBagz0SeV CD3n7m1IzQnEre2f3yNGhzQRAe6jfUgHP3xl7n+ZSCfaxvWhACSifXVVxvjzR4wMMYO1 08JXsiyFo64R2KeQCwvdHLO8WHW42IV+LOVMitDV58JIaVAJbusiCK4n6LeE4qxQlRn5 PocZwxtUTgsPat5SNFqyIMq3sQDneLHoJB7pAKWKVncQU9oTVsHKMkLgCYcNZOLFrMVU Dqlg== X-Gm-Message-State: AElRT7FpAENxaPqCkNUPE7HQPyqD6XECXXj6RhsGrQPH33mTnFB0ELou mnn7tYTo46rf/oQiOV/yakP5gbe+Cuo= X-Received: by 10.80.149.132 with SMTP id w4mr12124156eda.229.1520614543814; Fri, 09 Mar 2018 08:55:43 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:43 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:30 +0000 Message-Id: <1520614531-2164-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 09/10] image: Add IH_OS_TEE for TEE chain-load boot X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds a new type IH_OS_TEE. This new OS type will be used for chain-loading to Linux via a TEE. With this patch in-place you can generate a bootable OPTEE image like this: mkimage -A arm -T kernel -O tee -C none -d tee.bin uTee.optee where "tee.bin" is the input binary prefixed with an OPTEE header and uTee.optee is the output prefixed with a u-boot wrapper header. This image type "-T kernel -O tee" is differentiated from the existing IH_TYPE_TEE "-T tee" in that the IH_TYPE is installed by u-boot (flow control returns to u-boot) whereas for the new IH_OS_TEE control passes to the OPTEE firmware and the firmware chainloads onto Linux. Andrew Davis gave the following ASCII diagram: IH_OS_TEE: (mkimage -T kernel -O tee) Non-Secure Secure BootROM | ------------- | v SPL | v U-Boot ------> <----- OP-TEE | V Linux IH_TYPE_TEE: (mkimage -T tee) Non-Secure Secure BootROM | ------------- | v SPL -------> <----- OP-TEE | v U-Boot | V Linux Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Link: http://mrvan.github.io/optee-imx6ul --- common/image.c | 1 + include/image.h | 1 + tools/default_image.c | 15 +++++++++++++-- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/common/image.c b/common/image.c index 14be3ca..61e3d25 100644 --- a/common/image.c +++ b/common/image.c @@ -100,6 +100,7 @@ static const table_entry_t uimage_os[] = { { IH_OS_OSE, "ose", "Enea OSE", }, { IH_OS_PLAN9, "plan9", "Plan 9", }, { IH_OS_RTEMS, "rtems", "RTEMS", }, + { IH_OS_TEE, "tee", "Trusted Execution Environment" }, { IH_OS_U_BOOT, "u-boot", "U-Boot", }, { IH_OS_VXWORKS, "vxworks", "VxWorks", }, #if defined(CONFIG_CMD_ELF) || defined(USE_HOSTCC) diff --git a/include/image.h b/include/image.h index dbdaecb..a0a530d 100644 --- a/include/image.h +++ b/include/image.h @@ -153,6 +153,7 @@ enum { IH_OS_PLAN9, /* Plan 9 */ IH_OS_OPENRTOS, /* OpenRTOS */ IH_OS_ARM_TRUSTED_FIRMWARE, /* ARM Trusted Firmware */ + IH_OS_TEE, /* Trusted Execution Environment */ IH_OS_COUNT, }; diff --git a/tools/default_image.c b/tools/default_image.c index 4e5568e..c67f66b 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -18,6 +18,7 @@ #include "mkimage.h" #include +#include #include static image_header_t header; @@ -90,6 +91,8 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, uint32_t checksum; time_t time; uint32_t imagesize; + uint32_t ep; + uint32_t addr; image_header_t * hdr = (image_header_t *)ptr; @@ -99,18 +102,26 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, sbuf->st_size - sizeof(image_header_t)); time = imagetool_get_source_date(params, sbuf->st_mtime); + ep = params->ep; + addr = params->addr; + if (params->type == IH_TYPE_FIRMWARE_IVT) /* Add size of CSF minus IVT */ imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0; else imagesize = sbuf->st_size - sizeof(image_header_t); + if (params->os == IH_OS_TEE) { + addr = optee_image_get_load_addr(hdr); + ep = optee_image_get_entry_point(hdr); + } + /* Build new header */ image_set_magic(hdr, IH_MAGIC); image_set_time(hdr, time); image_set_size(hdr, imagesize); - image_set_load(hdr, params->addr); - image_set_ep(hdr, params->ep); + image_set_load(hdr, addr); + image_set_ep(hdr, ep); image_set_dcrc(hdr, checksum); image_set_os(hdr, params->os); image_set_arch(hdr, params->arch); From patchwork Fri Mar 9 16:55:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131172 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217704lja; Fri, 9 Mar 2018 09:01:16 -0800 (PST) X-Google-Smtp-Source: AG47ELv+hUcT7OBFcteipqXSnwQO6hvKhAHg800OmjTVEG/r2U+bdqu4o6UNcds0r13r2ifxUn7z X-Received: by 10.80.169.66 with SMTP id m2mr13677936edc.244.1520614876147; Fri, 09 Mar 2018 09:01:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614876; cv=none; d=google.com; s=arc-20160816; b=BSQh6i3dSY+L57XVokn3RrpqW1ZlPvcgmLpkSo/WuEmCKX7haA5I6tA2lB9fmXOpcv iFCda5s9fm9MrTRsNtK3yhumkhM0mQAtv0PrzTWbDfInNYd4nkKP1YjommYKCdMZuCkZ zVE0LLfd4mfdLw+MRPZXeRlPfxyttX/MQLuPw0YRY1QqQk9HDxPsznrUJEbW/PMSH8ww iylxNTs5eMhMNUGhnCZgUP09nS/HX1UI81a4S+CnxLlt20S3+1ro6vhUatK1Hsn0gimd xJkpqL018jtkSMBXbBH4LYmlDxW1u1noJRVMZikqYHvlbqRJyd9mMcWdX6yfmCreMqKY wx+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=OuvoDMc1J2Cdh/JMF8KDDz6AVbKl7a7/p7QqRI/GlmY=; b=KZeG3MrUGo+KdIqNIWWwHO1Z6gDZvWP9IMDYXMQ8GAjq9I+csR22uLnyOtg/e3zPSQ g9QkMrPqrRaeuYbA61bwpUakvuNfvRdNEfp/o7pBsbxWZZvCGt0sd7AlKZn4pxCt/mp4 5Ux82D6pykJQTIH3rgmwFvZF8IPjrvpzgyiaTcQpQlsoCkaBzoMlxHRQl1Hi8c4aMEVC BkMFWfH+G3DkjyUcy/R3Wri/Y6khm3FSPAIiqPYEZ4zaBF3+PkcmrdfTcylezxrF1zrR 1HKEhQKCxfrPOs579fjjWUgcRBWci/t5MZMDb2STVndtDw0t823INqMgIlNqyROmyrT5 0f5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=H3Dc4KqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k3si1390919edc.549.2018.03.09.09.01.15; Fri, 09 Mar 2018 09:01:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=H3Dc4KqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BCB39C21E29; Fri, 9 Mar 2018 16:58:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D8497C21E02; Fri, 9 Mar 2018 16:56:01 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8C332C21DE8; Fri, 9 Mar 2018 16:55:50 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 8CBE2C21E16 for ; Fri, 9 Mar 2018 16:55:45 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id z81so5077302wmb.4 for ; Fri, 09 Mar 2018 08:55:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=d5KjfEUORjyISKTpuQcNlTyiwnPfxFREMPPYPXtco5M=; b=H3Dc4KqH3mc00vytpNon1of1avr39M3PxfN+SKUS4n5L198DrV71RlSs8VHZfNP5mr OYzSjG4dOl+K+s4Zye27c580H+7529rcndG5NgCLyVUduEVTuNXW5tLskCmaslxzh6H9 0yKlQ94Xm9HHst5a7SPKUrS+VNTwtQfoqRIWA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=d5KjfEUORjyISKTpuQcNlTyiwnPfxFREMPPYPXtco5M=; b=JMGd5LTR43WulqC8mSl3OYpvqUtiUDhX+0AcrYpXMUls7q+ZCZMeznYw2r1/ANdvOS hXI+n2X1AF+QSiQ8lsADhYP3g7YYnb43tX15g73pPuBy6k5Q08cJIczOnee/VSmov47N coDdOg6+HUlt9xDik1pDrfCSY/3ZqCJuqbv/GN0UzjN28Re4YUW5c1jaHrArry78uhYX 902Qn+LDnXKb7X3bwHQct5U+mVFd4l2FG6PYTzVoIjb4cbQ25NQGXndGDH1mXYxqcSge vYWYRRaBfIOEkjeeNOyJrD0ZG8++v5Itw8O9UDkybuqoJAmzdVvHyHNLUDXuu61eAlwu /zKQ== X-Gm-Message-State: APf1xPBNQd5YEO9q7YThc7iMn0P6d2zpQkuXyca+J4+efcRYJrGIv/Mi +qKODV4vUBf+Cp1MaHOu1lyFbkd33Ws= X-Received: by 10.80.182.71 with SMTP id c7mr38338074ede.57.1520614545005; Fri, 09 Mar 2018 08:55:45 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:44 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:31 +0000 Message-Id: <1520614531-2164-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 10/10] bootm: optee: Add a bootm command for type IH_OS_TEE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- common/bootm_os.c | 32 ++++++++++++++++++++++++++++++++ lib/optee/Kconfig | 9 +++++++++ 2 files changed, 41 insertions(+) diff --git a/common/bootm_os.c b/common/bootm_os.c index 5e6b177..cddf98e 100644 --- a/common/bootm_os.c +++ b/common/bootm_os.c @@ -11,6 +11,7 @@ #include #include #include +#include DECLARE_GLOBAL_DATA_PTR; @@ -433,6 +434,34 @@ static int do_bootm_openrtos(int flag, int argc, char * const argv[], } #endif +#ifdef CONFIG_BOOTM_TEE +static int do_bootm_tee(int flag, int argc, char * const argv[], + bootm_headers_t *images) +{ + int ret; + + /* Verify OS type */ + if (images->os.os != IH_OS_TEE) { + return 1; + }; + + /* Validate TEE header */ + ret = optee_verify_bootm_image(images->os.image_start, + images->os.load, + images->os.image_len); + if (ret) + return ret; + + /* Locate FDT etc */ + ret = bootm_find_images(flag, argc, argv); + if (ret) + return ret; + + /* From here we can run the regular linux boot path */ + return do_bootm_linux(flag, argc, argv, images); +} +#endif + static boot_os_fn *boot_os[] = { [IH_OS_U_BOOT] = do_bootm_standalone, #ifdef CONFIG_BOOTM_LINUX @@ -466,6 +495,9 @@ static boot_os_fn *boot_os[] = { #ifdef CONFIG_BOOTM_OPENRTOS [IH_OS_OPENRTOS] = do_bootm_openrtos, #endif +#ifdef CONFIG_BOOTM_TEE + [IH_OS_TEE] = do_bootm_tee, +#endif }; /* Allow for arch specific config before we boot */ diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index cc73ec3..1e5ab45 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -28,3 +28,12 @@ config OPTEE_TZDRAM_BASE help The base address of pre-allocated Trust Zone DRAM for the OPTEE runtime. + +config BOOTM_OPTEE + bool "Support OPTEE bootm command" + select BOOTM_LINUX + default n + help + Select this command to enable chain-loading of a Linux kernel + via an OPTEE firmware. + The bootflow is BootROM -> u-boot -> OPTEE -> Linux in this case.