From patchwork Fri Mar 9 16:55:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131165 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1212995lja; Fri, 9 Mar 2018 08:56:42 -0800 (PST) X-Google-Smtp-Source: AG47ELsNG89O2MWnigSxEOHcQS7MgqGwPpW5h9k0ScOhnF/5c1McyDMBdwod8QAG6i6Xy+0jC6D/ X-Received: by 10.80.214.158 with SMTP id r30mr37672876edi.288.1520614602917; Fri, 09 Mar 2018 08:56:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614602; cv=none; d=google.com; s=arc-20160816; b=CKUKF+R1CijFmmmp0oH0YphS0UT4silNk6zo7LO4EA0NpfyOsxff+fDNIVSkR3zqlJ zGJTquWbGYH0WgxBJqx28tA0c8reGgCDMBWM0sKJ7l+c/ijP/kkGB8e1LYz7jUIiT6Tn 5BY7BhRgHGSOvzc/YVyN2Ux1iN/BMRAYDA7D4vDCrf5QHMRFKi+wr0rXs138XdRaduPB JfmdRQqyCvfEtyalca518aDxgqEZiLh1WSAvdyJYvo9/L5DSp5RnUNgT5ZnZ4c2GHW/5 RIgADJmSVv45mL7mLnP3UjrL90FawzeVekd//wMye48iOOEzkwLltW2vxcpCjco9tyzk zouw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=l5juljvmr/PTK3OvKQkS8Ki3nmnBhU6k0e25cam/Ow8=; b=YLL6a95HrLnyglh/49ETXaKN2ljI6DGu0+CGdAHKbxILfVaDBQkEi9CpwMPNDceqlK Sx7DX15yCRi0K/owr0n0k4Nsc+9yc0ztUGF6qCLVAcVfeE5xit2BO9ZQ/031PEU2sbUM kZSwdr9b4KbLhH9pV2dtpARAlVzragLZtj3Og+9Z7zWRJhPUZqBq2EGKrSM9mfbfU8Yy LkxiV5ds5JffjefYt0HL0hBSoY3nvbJai63dP1WZkG3RFTvVLPFetLwO0YTHgf7xfGEr QHPoAn5wtHXvvMpRNEf2/pANoKaUQ5y2/agf8t/3tb48Dz7nz+KIzSY+01m32wA1A25z jGmQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=D40taVcI; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x53si1434791edd.371.2018.03.09.08.56.42; Fri, 09 Mar 2018 08:56:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=D40taVcI; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 4CF67C21D74; Fri, 9 Mar 2018 16:56:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E4FCAC21DA6; Fri, 9 Mar 2018 16:55:36 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id AA9BDC21C6A; Fri, 9 Mar 2018 16:55:35 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 29FD5C21C27 for ; Fri, 9 Mar 2018 16:55:35 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id w128so5153421wmw.0 for ; Fri, 09 Mar 2018 08:55:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=D40taVcIrBRBIbdt0pS90fFJNMJm3saKAQThEp1LX0BUBiiavIdkXmHOkH5vAhTby+ eqFxmnnBHJfZS+sydRJdfY0bZ30vPFBnXjw1lTcrKvkBZ7WOqDVnISdLQ1Pq3MI1tftZ zK4Ri5X+Eq7CPmtK/8PTBR4rDeqX3llClG3vg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Lzxdlo82gHbbDckSk9ZPGjw6g4zxoV7d0gNuIaKRog4=; b=ZDjb9vcEcO3pb0phgbwHQOHzCJmFSKTxc4s55jN8iTnn/7kCvoDCGmnfjsMjH5ejmc htNpSDXdZo5vEFSsat9x0/qU4iijvMn3vemM1ZQu/Edgwt1T0QFDlzE9+lD9Y/jQt5eN oBBqnd6cfdzLRVSRoN9+Pkiat4IzSYZ5IuZBYH8oAtt9/qtGSrxz9umfoBO5gIt2GCnn HldJ6ZfVcmNkKTL8VyQGgVkipjCFMa46CymaK0Sw52IjaSEJTxuhjFWZQxtv/n1fy3rd /YrzvT7NXgwlkTsJ/f914mR4BqdfhmIK3C26Hyqt+tvNYabmWzqV0FEduasNbWUwYQ/f 5mxg== X-Gm-Message-State: APf1xPACyBHPAiOD15yEYwhcTalzg0tsihXQCemQBBajmJCBNS8mTezF mLGEw9cU2/NBnfRZPiZ6baKo2QAP+jw= X-Received: by 10.80.177.16 with SMTP id k16mr38987777edd.92.1520614534590; Fri, 09 Mar 2018 08:55:34 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:33 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:22 +0000 Message-Id: <1520614531-2164-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 01/10] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 31 +++++++++++++++++++++++++++++++ 6 files changed, 64 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 4fd41c4..a4029a6 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -310,5 +310,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 0db41c1..35da570 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -18,6 +18,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..2cc16d7 --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + return -EINVAL; + } + + return 0; +}