From patchwork Tue Jan 23 20:41:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125594 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1996428ljf; Tue, 23 Jan 2018 12:49:28 -0800 (PST) X-Google-Smtp-Source: AH8x2250icfR3nZiwe0zEmTws2CxGmIrdarTMAWIZrjGJedt7XwPIbk6epcjSS0nEbhREr1g7Au4 X-Received: by 10.80.196.3 with SMTP id v3mr21160473edf.232.1516740568668; Tue, 23 Jan 2018 12:49:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516740568; cv=none; d=google.com; s=arc-20160816; b=PqDtQRhkU9TdPImuPFi5eqqMZq9xK7n3FoNkljwe+T7VzaKn1ww/NOj6I+p77cWHYB Gr3HoSgGDHrfC+2qO591Vg7hQn2QbHkBI4LJcgk2OBgTa7OJgMOGP4Gd7Iw7sN+5dv9+ fwtYTbHJlc1zWRffq5CKKzu7rmBeF3wfA9dccDcE12+JnMd7Xya2sjnc7h9WDvhmhZX5 LtSXjBlxDJFK4pIeHowq2BvzhTry9VC7gtCISFYHPBV3Xa5pDc1YGezSN5WVi/EAOpAI tTHViGacI2oiimdiNJkQL4sJHnSs3e5RuRHx9l06w7tSS4ohNR94R0sAGpgaURqnLtNF +QqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=KMz4oEn2kasZUvEAggMbFpMc6dTTUlJKvVOPvzz3Xa0=; b=cjT1zvph6jybJssBvPiVGhL0dEETOax7jo/QyeOPjOvbwDSsPULmjYZ4patz1ulTbM xmxqZq9e+gVqYD9+iJ5h16kRjEmdkkwQpZdk3oicQbxHZQfG5yJbFVVKviuRcnfSgM2M 2sNnR9hepsunP6Y3u9CSKWGLXSGDReAtB0ChsYovpgKIDirWccyksjgToxxoig+wnAjk pV0/trtCd+rJxqj9/3W4hkN0wwI7oqwkGaYT/z6/he98ELWBjO9ANbLH3ZsG9A8qIDHo dKP8NCi1s7JoaBMByr7VyNBK7QpSEGifWYvfVEf6PGa+iiRKA2HX2ZNZ/pFBnsHv4Yvi a5Nw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dzD6+3ey; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d32si1565941edd.514.2018.01.23.12.49.28; Tue, 23 Jan 2018 12:49:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dzD6+3ey; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 30572C21E65; Tue, 23 Jan 2018 20:47:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 44C70C22179; Tue, 23 Jan 2018 20:42:22 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 6C8B3C22160; Tue, 23 Jan 2018 20:42:13 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 8BE98C21EE5 for ; Tue, 23 Jan 2018 20:42:09 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id g1so4344387wmg.2 for ; Tue, 23 Jan 2018 12:42:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nZLw3mP/xgWiSiLqJ0KItknB7hCpsJZZRf40m9E2M/8=; b=dzD6+3eyVxB+S4G2ctczVaCJh07F5WhnMdmi4tD/GM/+tvrXeopdOpzq8aS0g+qJCk OTG0RekLtX/HFdOzD8gZKsKyIql9ZzMHhEDsf2/XVJFxUVSKrkHFO45mttGoq6YyGY+T CB+sYsZjYsiM4nw2DUSJ46gp8XQmArAEsNa1U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nZLw3mP/xgWiSiLqJ0KItknB7hCpsJZZRf40m9E2M/8=; b=DBUMBT4t5WP2prHdOAxym9g+p1EyA7eBy/XLhch/BHyrXDktgzHZVc+7gU+wReB+K5 DD3/a27Tx9ZH6IzIF+X6qB3XRuP3Hzv72OtsDX5OIaq+bxF0Jc3GsaGPM0iouNuEEgl2 rRTdvwbMHC2B6waWUacVeT3dWZhxDHt1vCjE9NeC8SXT4ELSNoVMKoIs9MVfuBu4qO+q GNwaByxTYj1ovAmhH+/3K07J33gS4vV8ZtdBzRpg5Yyc7v3/IDor5NkoAqEVHs8+W/o7 +RYGlVL+Jk8G5fulKR7RQr0gsQHymATQOCbPBuSlb7kb3tg+LlGVRTOaFAK6ky6SgCPX xgFg== X-Gm-Message-State: AKwxyteFZ+3nTq/WV9PldmNvkkLMKq67HbEC4b9A+TRr05TYHhck2eAx bK3oVLN5mmikIOLYw7kZ6lku9G4rNvA= X-Received: by 10.80.142.25 with SMTP id 25mr5132360edw.127.1516740128744; Tue, 23 Jan 2018 12:42:08 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id k12sm12400896edl.86.2018.01.23.12.42.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 23 Jan 2018 12:42:08 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Tue, 23 Jan 2018 20:41:57 +0000 Message-Id: <1516740120-948-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516740120-948-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v3 6/9] tools: mkimage: add optee image type X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds support for bootable OPTEE images to mkimage. Currently there is a (Trusted Execution Environment) TEE image type, the TEE image type is installed to a memory location control is passed to the TEE and then the TEE returns to u-boot. flow #0: BootROM -> u-boot -> tee -> u-boot -> onwards For some TEE implementations, such as upstream OPTEE for i.MX6 and i.MX7 the boot flow is flow #1: BootROM -> u-boot -> optee -> kernel This patch adds a new image type to mkimage - IH_TYPE_OPTEE to reflect this TEE boot flow and to facilitate additional OPTEE specific verification of that image type - prior to handing control to that image. The new image type enables us to more easily generate and validate a bootable OPTEE image also, for example instead of generating an OPTEE image like this: mkimage -A arm -O linux -C none -a 0x9c0fffe4 -e 0x9c100000 -d ./out/arm-plat-imx/core/tee.bin uTee we can instead generate images like this: mkimage -A arm -T optee -C none -d ./out/arm-plat-imx/core/tee.bin uTee.optee That OPTEE image then will have a specific image type that bootm can automatically identify and consequently perform additional optee-header checks on. Subsequent patches add logic to perform those optee-specific changes prior to handing over control as described in flow #1 above. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Link: http://mrvan.github.io/optee-imx6ul Tested-by: Peng Fan --- common/image.c | 1 + include/image.h | 1 + tools/default_image.c | 25 +++++++++++++++++++------ 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/common/image.c b/common/image.c index e9609cd..14e738b 100644 --- a/common/image.c +++ b/common/image.c @@ -161,6 +161,7 @@ static const table_entry_t uimage_type[] = { { IH_TYPE_TEE, "tee", "Trusted Execution Environment Image",}, { IH_TYPE_FIRMWARE_IVT, "firmware_ivt", "Firmware with HABv4 IVT" }, { IH_TYPE_PMMC, "pmmc", "TI Power Management Micro-Controller Firmware",}, + { IH_TYPE_OPTEE, "optee", "OPTEE Boot Image",}, { -1, "", "", }, }; diff --git a/include/image.h b/include/image.h index b2b23a9..0b72d28 100644 --- a/include/image.h +++ b/include/image.h @@ -272,6 +272,7 @@ enum { IH_TYPE_TEE, /* Trusted Execution Environment OS Image */ IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */ IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */ + IH_TYPE_OPTEE, /* OPTEE Boot Image */ IH_TYPE_COUNT, /* Number of image types */ }; diff --git a/tools/default_image.c b/tools/default_image.c index 4e5568e..5653933 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -18,6 +18,7 @@ #include "mkimage.h" #include +#include #include static image_header_t header; @@ -25,7 +26,8 @@ static image_header_t header; static int image_check_image_types(uint8_t type) { if (((type > IH_TYPE_INVALID) && (type < IH_TYPE_FLATDT)) || - (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT)) + (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT) || + (type == IH_TYPE_OPTEE)) return EXIT_SUCCESS; else return EXIT_FAILURE; @@ -90,6 +92,8 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, uint32_t checksum; time_t time; uint32_t imagesize; + uint32_t ep; + uint32_t addr; image_header_t * hdr = (image_header_t *)ptr; @@ -99,18 +103,27 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, sbuf->st_size - sizeof(image_header_t)); time = imagetool_get_source_date(params, sbuf->st_mtime); - if (params->type == IH_TYPE_FIRMWARE_IVT) + ep = params->ep; + addr = params->addr; + imagesize = sbuf->st_size - sizeof(image_header_t); + + switch (params->type) { + case IH_TYPE_FIRMWARE_IVT: /* Add size of CSF minus IVT */ imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0; - else - imagesize = sbuf->st_size - sizeof(image_header_t); + break; + case IH_TYPE_OPTEE: + addr = optee_image_get_load_addr(hdr); + ep = optee_image_get_entry_point(hdr); + break; + } /* Build new header */ image_set_magic(hdr, IH_MAGIC); image_set_time(hdr, time); image_set_size(hdr, imagesize); - image_set_load(hdr, params->addr); - image_set_ep(hdr, params->ep); + image_set_load(hdr, addr); + image_set_ep(hdr, ep); image_set_dcrc(hdr, checksum); image_set_os(hdr, params->os); image_set_arch(hdr, params->arch);