diff mbox series

[7/9] optee: Add optee_verify_bootm_image()

Message ID 1515768744-25246-8-git-send-email-bryan.odonoghue@linaro.org
State New
Headers show
Series Add new OPTEE bootm support to u-boot | expand

Commit Message

Bryan O'Donoghue Jan. 12, 2018, 2:52 p.m. UTC 
This patch adds optee_verify_bootm_image() which will be subsequently used
to verify the parameters encoded in the OPTEE header match the memory
allocated to the OPTEE region, OPTEE header magic and version prior to
handing off control to the OPTEE image.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
---
 include/tee/optee.h | 13 +++++++++++++
 lib/optee/optee.c   | 35 +++++++++++++++++++++++++++++++----
 2 files changed, 44 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/include/tee/optee.h b/include/tee/optee.h
index e782cb0..4b9e94c 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -55,4 +55,17 @@  static inline int optee_verify_image(struct optee_header *hdr,
 
 #endif
 
+#if defined(CONFIG_OPTEE)
+int optee_verify_bootm_image(unsigned long image_addr,
+			     unsigned long image_load_addr,
+			     unsigned long image_len);
+#else
+static inline int optee_verify_bootm_image(unsigned long image_addr,
+					   unsigned long image_load_addr,
+					   unsigned long image_len)
+{
+	return -EPERM;
+}
+#endif
+
 #endif /* _OPTEE_H */
diff --git a/lib/optee/optee.c b/lib/optee/optee.c
index 6e55027..36358f1 100644
--- a/lib/optee/optee.c
+++ b/lib/optee/optee.c
@@ -29,12 +29,39 @@  int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start,
 	    (tee_file_size > tzdram_len) ||
 	    (tee_file_size != image_len) ||
 	    ((hdr->init_load_addr_lo + tee_file_size) > tzdram_end)) {
-		printf("OPTEE verification error tzdram 0x%08lx-0x%08lx "
-		       "header lo=0x%08x hi=0x%08x size=0x%08x\n",
-		       tzdram_start, tzdram_end, hdr->init_load_addr_lo,
-		       hdr->init_load_addr_hi, tee_file_size);
 		return -EINVAL;
 	}
 
 	return 0;
 }
+
+int optee_verify_bootm_image(unsigned long image_addr,
+			     unsigned long image_load_addr,
+			     unsigned long image_len)
+{
+	struct optee_header *hdr = (struct optee_header *)image_addr;
+	unsigned long tzdram_start = OPTEE_TZDRAM_BASE;
+	unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE;
+
+	int ret;
+
+	ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len);
+	if (ret)
+		goto error;
+
+	if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) {
+		ret = -EINVAL;
+		goto error;
+	}
+
+	return ret;
+error:
+	printf("OPTEE verification error tzdram 0x%08lx-0x%08lx "
+	       "header 0x%08x-0x%08x size=0x%08lx arch=0x%08x"
+	       "uimage params 0x%08lx-0x%08lx\n",
+	       tzdram_start, tzdram_start + tzdram_len, hdr->init_load_addr_lo,
+	       hdr->init_load_addr_hi, image_len, hdr->arch, image_load_addr,
+	       image_load_addr + image_len);
+
+	return ret;
+}