From patchwork Fri Jan 19 19:43:24 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
X-Patchwork-Id: 125225
Delivered-To: patch@linaro.org
Received: by 10.46.66.141 with SMTP id h13csp444891ljf;
 Fri, 19 Jan 2018 11:50:10 -0800 (PST)
X-Google-Smtp-Source: AH8x227+PBWa7G5Fy3Oy2fk87K8zn9YqL7W33/G9L5rX0RrUWFO3OCTFsNJ8gt+kSir0hB9XgsJW
X-Received: by 10.80.192.72 with SMTP id u8mr51015edd.109.1516391410668;
 Fri, 19 Jan 2018 11:50:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516391410; cv=none;
 d=google.com; s=arc-20160816;
 b=oX+Yo7YR2DnLVc9Zo+2+3bHgMWeimBYQN4VQ4Ebg9ooqx6Ywgt5bzL1jk+cpAdBHEN
 LwKapfvOcKFpi06ZC1Ycn+CbHrTgXhq3KxDwGPUS+QMINaTrDXixn9alidlvTojxke+Z
 obvZGQ4pZrlNFGrdCcNT3zYczcvmLJvmTwkJqLiP1BWNBqpfKVAWZOlfYD4/nPF6MOIg
 RIx+bc3KBbYDPB9lcSXHf3E43Ztn/I62j4U/e1Gkq36+pDCodFJP1Co4x8pQSbq0YK1t
 NUM+OUJB+dGhuqwpEVU5Ng1cXN0sTY0dxRVv8pDzMfsY+Z4b3NYVG+C6OXV0pIirYEl1
 IjPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:mime-version
 :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
 :list-id:precedence:subject:cc:references:in-reply-to:message-id
 :date:to:from:dkim-signature:arc-authentication-results;
 bh=Y30VzfUBI0Tkub1tdeQlkVWD6ZeyxAxy2n01OxPrnhY=;
 b=RhvHSnuhu3zzoku6JJXekiUNzrtwauzh2ocNyLZhcu4My3k/L/38mNj7qVgRTNddNq
 hdx+ZUkzZ/EkrG1XWB9cr5sjV2AAfcsfCwfnOM3+5nnKPdtIw3TBcyCR+8Tt9bojFsfE
 ybMrL2Bf1yFJjGUf1ZnK6E3snix8LRf3yeybmnv+kjqc3DjHtW4Qc4Ru0QtjIgjpSjyC
 fS12Jv0jDR7oKBP/mZ4qRdw3agPvTcrGqfvUz/y1ZSntCg9pG2YKIbUG6x6+z20rLjW0
 VFD9UpMhlspsFiwNbjlOD7ou1P46AVbblQFzxxUIi1FZyjryop0STn0wwUTe7NBDbeHg
 Nr0w==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=Ui7Kdz2c; 
 spf=pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from lists.denx.de (dione.denx.de. [81.169.180.215])
 by mx.google.com with ESMTP id t11si738639edc.177.2018.01.19.11.50.10;
 Fri, 19 Jan 2018 11:50:10 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) client-ip=81.169.180.215; 
Authentication-Results: mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=Ui7Kdz2c; 
 spf=pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: by lists.denx.de (Postfix, from userid 105)
 id 435F0C21F8A; Fri, 19 Jan 2018 19:45:35 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3,
 RCVD_IN_MSPIKE_WL,
 T_DKIM_INVALID autolearn=unavailable autolearn_force=no
 version=3.4.0
Received: from lists.denx.de (localhost [IPv6:::1])
 by lists.denx.de (Postfix) with ESMTP id 6BE2BC21F6B;
 Fri, 19 Jan 2018 19:44:00 +0000 (UTC)
Received: by lists.denx.de (Postfix, from userid 105)
 id 0368FC21F97; Fri, 19 Jan 2018 19:43:42 +0000 (UTC)
Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66])
 by lists.denx.de (Postfix) with ESMTPS id 23EBCC21F38
 for <u-boot@lists.denx.de>; Fri, 19 Jan 2018 19:43:39 +0000 (UTC)
Received: by mail-wm0-f66.google.com with SMTP id g1so5485997wmg.2
 for <u-boot@lists.denx.de>; Fri, 19 Jan 2018 11:43:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=nq/UXMM+S/39ZQzMRLg+v22x4rlDp8VH7yjw2zNHqwY=;
 b=Ui7Kdz2c/PxprKK1Ifvyl0tp9cmB08MuyvZ2IxmtT+h1TIJMle6CwcOpe09cecFThv
 6N735TQpuHA007icJ2XB7uJzPvdV7g+NCdpDUPjDJg5eVfSt41WcnYDe5oVHmn75iLyo
 XWO6TWe7uUE0zLfd9wZ1ZG1TweSUeg0dx8QFo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=nq/UXMM+S/39ZQzMRLg+v22x4rlDp8VH7yjw2zNHqwY=;
 b=WFlEzFjdRMCU9nTLQTvAtG5AfVLBT9KmLPzrSnPKrR2hR5XJFyidz2qdS2m9NFDpUb
 OSZy1lvkKHFBpiB27jikgM80oOAsVvLC0PR7QFbIqc7uRe0TN8NwEkF6TJ7APsn04v/n
 vfXAxoHjooqkCit631cDW4oRpnHPCu9/816l8s6Xrh9KpXsO7Xn83Mk9SkFsrpiQZ2VK
 TN0/014XHvyqj6t3rgzOObjrUcuYCKdZJyHXvECILHF/BG33DfiUb1wQhWLzbLBB2veW
 1VtW3ccevJzAberSwJxuCpw5aDku/EcSLHohbkNRkJY7ZUD0D6zZkZEe027bUu2f7Ur0
 cfxA==
X-Gm-Message-State: AKwxytcwv6iYsVFnWN6mvhpEusXUgNlKsJ1n8oTg54Vdtlzf9omvf49F
 2mVvitBUCb1fsIHQkQqo3FXNwFV7Xv0=
X-Received: by 10.80.204.1 with SMTP id m1mr57205edi.146.1516391018524;
 Fri, 19 Jan 2018 11:43:38 -0800 (PST)
Received: from localhost.localdomain ([109.255.42.2])
 by smtp.gmail.com with ESMTPSA id
 p6sm5936051edh.68.2018.01.19.11.43.37
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Fri, 19 Jan 2018 11:43:37 -0800 (PST)
From: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
To: u-boot@lists.denx.de,
	trini@konsulko.com
Date: Fri, 19 Jan 2018 19:43:24 +0000
Message-Id: <1516391006-22483-8-git-send-email-bryan.odonoghue@linaro.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org>
References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org>
Cc: harinarayan@ti.com
Subject: [U-Boot] [PATCH v2 7/9] optee: Add optee_verify_bootm_image()
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
MIME-Version: 1.0
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

This patch adds optee_verify_bootm_image() which will be subsequently used
to verify the parameters encoded in the OPTEE header match the memory
allocated to the OPTEE region, OPTEE header magic and version prior to
handing off control to the OPTEE image.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Tested-by: Peng Fan <peng.fan@nxp.com>
---
 include/tee/optee.h | 13 +++++++++++++
 lib/optee/optee.c   | 34 ++++++++++++++++++++++++++++++----
 2 files changed, 43 insertions(+), 4 deletions(-)

diff --git a/include/tee/optee.h b/include/tee/optee.h
index e782cb0..4b9e94c 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr,
 
 #endif
 
+#if defined(CONFIG_OPTEE)
+int optee_verify_bootm_image(unsigned long image_addr,
+			     unsigned long image_load_addr,
+			     unsigned long image_len);
+#else
+static inline int optee_verify_bootm_image(unsigned long image_addr,
+					   unsigned long image_load_addr,
+					   unsigned long image_len)
+{
+	return -EPERM;
+}
+#endif
+
 #endif /* _OPTEE_H */
diff --git a/lib/optee/optee.c b/lib/optee/optee.c
index 64ceacd..e28627d 100644
--- a/lib/optee/optee.c
+++ b/lib/optee/optee.c
@@ -9,7 +9,8 @@
 #include <tee/optee.h>
 
 #define optee_hdr_err_msg "OPTEE verification error tzdram 0x%08lx-0x%08lx " \
-			   "header lo=0x%08x hi=0x%08x size=0x%08x\n"
+			  "header 0x%08x-0x%08x size=0x%08lx arch=0x%08x" \
+			  "uimage params 0x%08lx-0x%08lx\n"
 
 int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start,
 		       unsigned long tzdram_len, unsigned long image_len)
@@ -27,11 +28,36 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start,
 	    tee_file_size > tzdram_len ||
 	    tee_file_size != image_len ||
 	    (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) {
-		printf(optee_hdr_err_msg, tzdram_start, tzdram_end,
-		       hdr->init_load_addr_lo, hdr->init_load_addr_hi,
-		       tee_file_size);
 		return -EINVAL;
 	}
 
 	return 0;
 }
+
+int optee_verify_bootm_image(unsigned long image_addr,
+			     unsigned long image_load_addr,
+			     unsigned long image_len)
+{
+	struct optee_header *hdr = (struct optee_header *)image_addr;
+	unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE;
+	unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE;
+
+	int ret;
+
+	ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len);
+	if (ret)
+		goto error;
+
+	if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) {
+		ret = -EINVAL;
+		goto error;
+	}
+
+	return ret;
+error:
+	printf(optee_hdr_err_msg, tzdram_start, tzdram_start + tzdram_len,
+	       hdr->init_load_addr_lo, hdr->init_load_addr_hi, image_len,
+	       hdr->arch, image_load_addr, image_load_addr + image_len);
+
+	return ret;
+}