| /* |
| * |
| * Common security related functions for OMAP devices |
| * |
| * (C) Copyright 2016 |
| * Texas Instruments, <www.ti.com> |
| * |
| * Daniel Allred <d-allred@ti.com> |
| * Andreas Dannenberg <dannenberg@ti.com> |
| * |
| * SPDX-License-Identifier: GPL-2.0+ |
| */ |
| |
| #include <common.h> |
| #include <stdarg.h> |
| |
| #include <asm/arch/sys_proto.h> |
| #include <asm/omap_common.h> |
| #include <asm/omap_sec_common.h> |
| #include <asm/spl.h> |
| #include <spl.h> |
| |
| /* Index for signature verify ROM API */ |
| #define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000E) |
| |
| static uint32_t secure_rom_call_args[5] __aligned(ARCH_DMA_MINALIGN); |
| |
| u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...) |
| { |
| int i; |
| u32 num_args; |
| va_list ap; |
| |
| va_start(ap, flag); |
| |
| num_args = va_arg(ap, u32); |
| |
| if (num_args > 4) |
| return 1; |
| |
| /* Copy args to aligned args structure */ |
| for (i = 0; i < num_args; i++) |
| secure_rom_call_args[i + 1] = va_arg(ap, u32); |
| |
| secure_rom_call_args[0] = num_args; |
| |
| va_end(ap); |
| |
| /* if data cache is enabled, flush the aligned args structure */ |
| flush_dcache_range( |
| (unsigned int)&secure_rom_call_args[0], |
| (unsigned int)&secure_rom_call_args[0] + |
| roundup(sizeof(secure_rom_call_args), ARCH_DMA_MINALIGN)); |
| |
| return omap_smc_sec(service, proc_id, flag, secure_rom_call_args); |
| } |
| |
| static u32 find_sig_start(char *image, size_t size) |
| { |
| char *image_end = image + size; |
| char *sig_start_magic = "CERT_"; |
| int magic_str_len = strlen(sig_start_magic); |
| char *ch; |
| |
| while (--image_end > image) { |
| if (*image_end == '_') { |
| ch = image_end - magic_str_len + 1; |
| if (!strncmp(ch, sig_start_magic, magic_str_len)) |
| return (u32)ch; |
| } |
| } |
| return 0; |
| } |
| |
| int secure_boot_verify_image(void **image, size_t *size) |
| { |
| int result = 1; |
| u32 cert_addr, sig_addr; |
| size_t cert_size; |
| |
| /* Perform cache writeback on input buffer */ |
| flush_dcache_range( |
| (u32)*image, |
| (u32)*image + roundup(*size, ARCH_DMA_MINALIGN)); |
| |
| cert_addr = (uint32_t)*image; |
| sig_addr = find_sig_start((char *)*image, *size); |
| |
| if (sig_addr == 0) { |
| printf("No signature found in image!\n"); |
| result = 1; |
| goto auth_exit; |
| } |
| |
| *size = sig_addr - cert_addr; /* Subtract out the signature size */ |
| cert_size = *size; |
| |
| /* Check if image load address is 32-bit aligned */ |
| if (!IS_ALIGNED(cert_addr, 4)) { |
| printf("Image is not 4-byte aligned!\n"); |
| result = 1; |
| goto auth_exit; |
| } |
| |
| /* Image size also should be multiple of 4 */ |
| if (!IS_ALIGNED(cert_size, 4)) { |
| printf("Image size is not 4-byte aligned!\n"); |
| result = 1; |
| goto auth_exit; |
| } |
| |
| /* Call ROM HAL API to verify certificate signature */ |
| debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__, |
| cert_addr, cert_size, sig_addr); |
| |
| result = secure_rom_call( |
| API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0, |
| 4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF); |
| auth_exit: |
| if (result != 0) { |
| printf("Authentication failed!\n"); |
| printf("Return Value = %08X\n", result); |
| hang(); |
| } |
| |
| /* |
| * Output notification of successful authentication as well the name of |
| * the signing certificate used to re-assure the user that the secure |
| * code is being processed as expected. However suppress any such log |
| * output in case of building for SPL and booting via YMODEM. This is |
| * done to avoid disturbing the YMODEM serial protocol transactions. |
| */ |
| if (!(IS_ENABLED(CONFIG_SPL_BUILD) && |
| IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) && |
| spl_boot_device() == BOOT_DEVICE_UART)) |
| printf("Authentication passed: %s\n", (char *)sig_addr); |
| |
| return result; |
| } |