diff mbox series

arm: mach-k3: security: Clean image out of cache before authentication

Message ID 20200107232229.10199-1-afd@ti.com
State Accepted
Commit 95b256ec3ff71d026f6b9750ae3c610d13bf8b32
Headers show
Series arm: mach-k3: security: Clean image out of cache before authentication | expand

Commit Message

Andrew Davis Jan. 7, 2020, 11:22 p.m. UTC
On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually
A53 or A72). The large ARMs are coherent with the DMA controllers and
the SYSFW that perform authentication. And previously the R5 core did
not enable caches. Now that R5 does enable caching we need to be sure
to clean out any of the image that may still only be in cache before we
read it using external DMA for authentication.

Although not expected to happen, it may be possible that the data was
read back into cache after the flush but before the external operation,
in this case we must invalidate our stale local cached version.

Signed-off-by: Andrew F. Davis <afd at ti.com>
---
 arch/arm/mach-k3/security.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

Comments

Lokesh Vutla Jan. 8, 2020, 4:11 a.m. UTC | #1
On 08/01/20 4:52 AM, Andrew F. Davis wrote:
> On K3 systems U-Boot runs on both an R5 and a large ARM cores (usually
> A53 or A72). The large ARMs are coherent with the DMA controllers and
> the SYSFW that perform authentication. And previously the R5 core did
> not enable caches. Now that R5 does enable caching we need to be sure
> to clean out any of the image that may still only be in cache before we
> read it using external DMA for authentication.
> 
> Although not expected to happen, it may be possible that the data was
> read back into cache after the flush but before the external operation,
> in this case we must invalidate our stale local cached version.
> 
> Signed-off-by: Andrew F. Davis <afd at ti.com>

Reviewed-by: Lokesh Vutla <lokeshvutla at ti.com>

Thanks and regards,
Lokesh

> ---
>  arch/arm/mach-k3/security.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
> index 4e011ee10e..83b037f189 100644
> --- a/arch/arm/mach-k3/security.c
> +++ b/arch/arm/mach-k3/security.c
> @@ -7,6 +7,7 @@
>   */
>  
>  #include <common.h>
> +#include <cpu_func.h>
>  #include <dm.h>
>  #include <linux/soc/ti/ti_sci_protocol.h>
>  #include <mach/spl.h>
> @@ -22,8 +23,14 @@ void board_fit_image_post_process(void **p_image, size_t *p_size)
>  	int ret;
>  
>  	image_addr = (uintptr_t)*p_image;
> +	image_size = *p_size;
>  
>  	debug("Authenticating image at address 0x%016llx\n", image_addr);
> +	debug("Authenticating image of size %d bytes\n", image_size);
> +
> +	flush_dcache_range((unsigned long)image_addr,
> +			   ALIGN((unsigned long)image_addr + image_size,
> +				 ARCH_DMA_MINALIGN));
>  
>  	/* Authenticate image */
>  	ret = proc_ops->proc_auth_boot_image(ti_sci, &image_addr, &image_size);
> @@ -32,6 +39,11 @@ void board_fit_image_post_process(void **p_image, size_t *p_size)
>  		hang();
>  	}
>  
> +	if (image_size)
> +		invalidate_dcache_range((unsigned long)image_addr,
> +					ALIGN((unsigned long)image_addr +
> +					      image_size, ARCH_DMA_MINALIGN));
> +
>  	/*
>  	 * The image_size returned may be 0 when the authentication process has
>  	 * moved the image. When this happens no further processing on the
>
diff mbox series

Patch

diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index 4e011ee10e..83b037f189 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -7,6 +7,7 @@ 
  */
 
 #include <common.h>
+#include <cpu_func.h>
 #include <dm.h>
 #include <linux/soc/ti/ti_sci_protocol.h>
 #include <mach/spl.h>
@@ -22,8 +23,14 @@  void board_fit_image_post_process(void **p_image, size_t *p_size)
 	int ret;
 
 	image_addr = (uintptr_t)*p_image;
+	image_size = *p_size;
 
 	debug("Authenticating image at address 0x%016llx\n", image_addr);
+	debug("Authenticating image of size %d bytes\n", image_size);
+
+	flush_dcache_range((unsigned long)image_addr,
+			   ALIGN((unsigned long)image_addr + image_size,
+				 ARCH_DMA_MINALIGN));
 
 	/* Authenticate image */
 	ret = proc_ops->proc_auth_boot_image(ti_sci, &image_addr, &image_size);
@@ -32,6 +39,11 @@  void board_fit_image_post_process(void **p_image, size_t *p_size)
 		hang();
 	}
 
+	if (image_size)
+		invalidate_dcache_range((unsigned long)image_addr,
+					ALIGN((unsigned long)image_addr +
+					      image_size, ARCH_DMA_MINALIGN));
+
 	/*
 	 * The image_size returned may be 0 when the authentication process has
 	 * moved the image. When this happens no further processing on the