From patchwork Mon Feb 26 12:35:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 129631 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp153039lja; Mon, 26 Feb 2018 04:36:52 -0800 (PST) X-Google-Smtp-Source: AH8x226r+VxV+RrzS04ajkZ8va35CdvDPIiBzBhIcBg1Xk5YYM+mbv+nHvWyB8vAEPAi6OehLmFA X-Received: by 10.80.145.251 with SMTP id h56mr14802139eda.68.1519648612214; Mon, 26 Feb 2018 04:36:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519648612; cv=none; d=google.com; s=arc-20160816; b=T7tuKPXDWQteb6OE3lzESJJ2vy8ydRgL7WF7RV0m3SiTCtkGdKODrh2wyuCHEBera1 s0mrNeUL7/6d0pcOHAj1uWv+/KOxiNV8CKc3ud0wMq8aaQZXn3NoT1drsMg31ail6IDn oZSpoykXge2Sug1itUaCkH8pNR+SGMKFOozO7Za5+UVt1pLoG7pwwWMGtpm0wrCEpDSS Mgjmr6NXh/B5nBhmblAeYV/pa2SIRSZ2czW0s6AP+jGC72MHzu/UgSvFq9ZD4wvI1iuc pHAQc+e/gu4g+MecFxQ7n0hIdHQ90r4Djufgw4df9B6GT9D8oKOSAObpn8g9b6AzKH2Z suqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:arc-authentication-results; bh=nHcEAqKeTAi2gJb2IvPfVpY43ixMvhSXGiaul2z3CHk=; b=G5I5W0u2ZDrGZ3RUoALjMFyAipZ0zAmp5g61ygX5FPe9K2yf04up1kmIiMIWMfqX7I VZekg2aIXOUjICfjCpUjvQP3qOmqsxhzFVgzxCYFU0odp6OACZkQvsisfkumFUIoVE9D GOBD5dgeDhzhF2xefi+pjmXn5J10qq1lcF9D0NZvg2WaG7HtCqC2s7EUAb/PFB7kqZt6 0X/UUZ4z+lKnwWqhOBXnZ3fk3n/cA3nMCJWtGgkPv0lkJRLBQTHZXOl2SHESEOlmFfFn Mh3aIHTPFgTT9Mpk9sxUgjklIeZFEUpmge3JEsfRUk6izftg75FVwjzIf8JGjgsAe+69 J4WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Npss7vc+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w56si5517791edc.97.2018.02.26.04.36.51; Mon, 26 Feb 2018 04:36:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Npss7vc+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BDA7DC2210D; Mon, 26 Feb 2018 12:36:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AD5D3C220EA; Mon, 26 Feb 2018 12:36:12 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 187BFC2202B; Mon, 26 Feb 2018 12:36:11 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 85D03C21DED for ; Mon, 26 Feb 2018 12:36:10 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id a20so16796037wmd.1 for ; Mon, 26 Feb 2018 04:36:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=gSYqsvPvU29dc5lv859k7rBX2d1MSQQaU6BLz0ewhp0=; b=Npss7vc+bsiJhzsZn/bHU4rZUhB4foMGW1GUbZfFU7j6HFEPKp23m6M/Od0NzgvEI+ AMKKXQ8bGIXPsfYiyoNxh1Mz1hdak3t8KBYQJ6AIbGs5lEZ26vY/FtQcMtLpxe41vWS4 eSrdKgJoYi+mxLftlXrlcyViFZHtRwI8IXdJ8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=gSYqsvPvU29dc5lv859k7rBX2d1MSQQaU6BLz0ewhp0=; b=rQPUHJgu3jvyw1CSLRzUMkXpeCGnr4PY1gWiyuAHrkoAcG8jvYJ512YHXyHTn1DLoh MQ2K7J0wWpSxfS+kHDL7jI5cbJvO5ESWzUYF4qBxgO2O8RaF9IV3kUYlqVxEL9zt4YXV gQLnwSchV0kGvVRahmhEooAL7Cqo1dUVvFNWqgzDZwfQIM4cQVs+iFULwwaGONi1tQz0 32ZUn4T/wI+A4oTfV2bgRJd08KhqYjZsfIXKxnqx4Ov5S4ElJ/4//dKP8ha8wZibl92E rG29LrJ1Vrs8cpD5dXB6Vo436B1aomtyf67QtSazO6wf222ODcSuSYDBWsSRkMKTowcJ jkEw== X-Gm-Message-State: APf1xPCo8YJOOgRC5D1gk4ouBFQSLAuKzePAI4TVnkhZhn9GH0xt95xg sbZqWBWVY6VEPlBkKHTzXpyZvjvxIW8= X-Received: by 10.80.135.230 with SMTP id 35mr14726331edz.1.1519648569896; Mon, 26 Feb 2018 04:36:09 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id f6sm2493967edn.45.2018.02.26.04.36.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 26 Feb 2018 04:36:09 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com, harinarayan@ti.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Mon, 26 Feb 2018 12:35:55 +0000 Message-Id: <1519648566-12061-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> References: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> Subject: [U-Boot] [PATCH v4 01/12] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 7 +++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 63 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 4fd41c4..a4029a6 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -310,5 +310,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 0db41c1..35da570 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -18,6 +18,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..ed6405f --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,7 @@ +config OPTEE + bool "Support OPTEE images" + help + Selecting this option enables the OPTEE library code and + an OPTEE specific bootm command that will perform additional + OPTEE-specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +}