Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / 4d7df7f7666a2bc6b0b8980969b69c8008b90af6 / . / arch / arm / mach-omap2 / sec-common.c
blob: 0551bc125e8fc2ba2604c3e0a311b8a23ad26f10 [file] [log] [blame]
Tom Rini83d290c2018-05-06 17:58:06 -0400[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]2/*
3 *
4 * Common security related functions for OMAP devices
5 *
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]6 * (C) Copyright 2016-2017
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]7 * Texas Instruments, <www.ti.com>
8 *
9 * Daniel Allred <d-allred@ti.com>
10 * Andreas Dannenberg <dannenberg@ti.com>
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]11 * Harinarayan Bhatta <harinarayan@ti.com>
12 * Andrew F. Davis <afd@ti.com>
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]13 */
14
15#include <common.h>
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]16#include <command.h>
Simon Glass1eb69ae2019-11-14 12:57:39 -0700[diff] [blame]17#include <cpu_func.h>
Simon Glassdb41d652019-12-28 10:45:07 -0700[diff] [blame]18#include <hang.h>
Simon Glass9b4a2052019-12-28 10:45:05 -0700[diff] [blame]19#include <init.h>
Simon Glassf7ae49f2020-05-10 11:40:05 -0600[diff] [blame]20#include <log.h>
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]21#include <stdarg.h>
22
23#include <asm/arch/sys_proto.h>
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]24#include <asm/cache.h>
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]25#include <asm/omap_common.h>
26#include <asm/omap_sec_common.h>
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]27#include <asm/spl.h>
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]28#include <asm/ti-common/sys_proto.h>
29#include <mapmem.h>
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]30#include <spl.h>
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]31#include <tee/optee.h>
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]32
33/* Index for signature verify ROM API */
Andrew F. Davis4ac19ba2017-01-11 10:19:52 -0600[diff] [blame]34#ifdef CONFIG_AM33XX
35#define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000C)
36#else
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]37#define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000E)
Andrew F. Davis4ac19ba2017-01-11 10:19:52 -0600[diff] [blame]38#endif
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]39
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]40/* Index for signature PPA-based TI HAL APIs */
41#define PPA_HAL_SERVICES_START_INDEX (0x200)
42#define PPA_SERV_HAL_TEE_LOAD_MASTER (PPA_HAL_SERVICES_START_INDEX + 23)
43#define PPA_SERV_HAL_TEE_LOAD_SLAVE (PPA_HAL_SERVICES_START_INDEX + 24)
44#define PPA_SERV_HAL_SETUP_SEC_RESVD_REGION (PPA_HAL_SERVICES_START_INDEX + 25)
45#define PPA_SERV_HAL_SETUP_EMIF_FW_REGION (PPA_HAL_SERVICES_START_INDEX + 26)
46#define PPA_SERV_HAL_LOCK_EMIF_FW (PPA_HAL_SERVICES_START_INDEX + 27)
47
Madan Srinivas0830d722017-09-20 14:37:36 -0500[diff] [blame]48/* Offset of header size if image is signed as ISW */
49#define HEADER_SIZE_OFFSET (0x6D)
50
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]51int tee_loaded = 0;
52
53/* Argument for PPA_SERV_HAL_TEE_LOAD_MASTER */
54struct ppa_tee_load_info {
55 u32 tee_sec_mem_start; /* Physical start address reserved for TEE */
56 u32 tee_sec_mem_size; /* Size of the memory reserved for TEE */
57 u32 tee_cert_start; /* Address where signed TEE binary is loaded */
58 u32 tee_cert_size; /* Size of TEE certificate (signed binary) */
59 u32 tee_jump_addr; /* Address to jump to start TEE execution */
60 u32 tee_arg0; /* argument to TEE jump function, in r0 */
61};
62
Andrew F. Davis60013a22018-01-16 14:25:48 -0600[diff] [blame]63static uint32_t secure_rom_call_args[5] __aligned(ARCH_DMA_MINALIGN) __section(".data");
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]64
65u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...)
66{
67 int i;
68 u32 num_args;
69 va_list ap;
70
71 va_start(ap, flag);
72
73 num_args = va_arg(ap, u32);
74
xypron.glpk@gmx.de1ecd2a22017-04-15 12:29:20 +0200[diff] [blame]75 if (num_args > 4) {
76 va_end(ap);
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]77 return 1;
xypron.glpk@gmx.de1ecd2a22017-04-15 12:29:20 +0200[diff] [blame]78 }
Andreas Dannenbergd86f7af2016-06-27 09:19:18 -0500[diff] [blame]79
80 /* Copy args to aligned args structure */
81 for (i = 0; i < num_args; i++)
82 secure_rom_call_args[i + 1] = va_arg(ap, u32);
83
84 secure_rom_call_args[0] = num_args;
85
86 va_end(ap);
87
88 /* if data cache is enabled, flush the aligned args structure */
89 flush_dcache_range(
90 (unsigned int)&secure_rom_call_args[0],
91 (unsigned int)&secure_rom_call_args[0] +
92 roundup(sizeof(secure_rom_call_args), ARCH_DMA_MINALIGN));
93
94 return omap_smc_sec(service, proc_id, flag, secure_rom_call_args);
95}
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]96
97static u32 find_sig_start(char *image, size_t size)
98{
99 char *image_end = image + size;
100 char *sig_start_magic = "CERT_";
101 int magic_str_len = strlen(sig_start_magic);
102 char *ch;
103
104 while (--image_end > image) {
105 if (*image_end == '_') {
106 ch = image_end - magic_str_len + 1;
107 if (!strncmp(ch, sig_start_magic, magic_str_len))
108 return (u32)ch;
109 }
110 }
111 return 0;
112}
113
114int secure_boot_verify_image(void **image, size_t *size)
115{
116 int result = 1;
117 u32 cert_addr, sig_addr;
118 size_t cert_size;
119
120 /* Perform cache writeback on input buffer */
121 flush_dcache_range(
Andrew F. Davisef3fc42d2017-07-26 14:53:19 -0500[diff] [blame]122 rounddown((u32)*image, ARCH_DMA_MINALIGN),
123 roundup((u32)*image + *size, ARCH_DMA_MINALIGN));
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]124
125 cert_addr = (uint32_t)*image;
126 sig_addr = find_sig_start((char *)*image, *size);
127
128 if (sig_addr == 0) {
129 printf("No signature found in image!\n");
130 result = 1;
131 goto auth_exit;
132 }
133
134 *size = sig_addr - cert_addr; /* Subtract out the signature size */
Madan Srinivas0830d722017-09-20 14:37:36 -0500[diff] [blame]135 /* Subtract header if present */
136 if (strncmp((char *)sig_addr, "CERT_ISW_", 9) == 0)
Madan Srinivasfbd23b92018-01-09 14:32:41 -0600[diff] [blame]137 *size -= ((u32 *)*image)[HEADER_SIZE_OFFSET];
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]138 cert_size = *size;
139
140 /* Check if image load address is 32-bit aligned */
141 if (!IS_ALIGNED(cert_addr, 4)) {
142 printf("Image is not 4-byte aligned!\n");
143 result = 1;
144 goto auth_exit;
145 }
146
147 /* Image size also should be multiple of 4 */
148 if (!IS_ALIGNED(cert_size, 4)) {
149 printf("Image size is not 4-byte aligned!\n");
150 result = 1;
151 goto auth_exit;
152 }
153
154 /* Call ROM HAL API to verify certificate signature */
155 debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__,
156 cert_addr, cert_size, sig_addr);
157
158 result = secure_rom_call(
159 API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
160 4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
Andrew F. Davis4f65ee32017-02-22 17:46:39 -0600[diff] [blame]161
162 /* Perform cache writeback on output buffer */
163 flush_dcache_range(
Andrew F. Davisef3fc42d2017-07-26 14:53:19 -0500[diff] [blame]164 rounddown((u32)*image, ARCH_DMA_MINALIGN),
165 roundup((u32)*image + *size, ARCH_DMA_MINALIGN));
Andrew F. Davis4f65ee32017-02-22 17:46:39 -0600[diff] [blame]166
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]167auth_exit:
168 if (result != 0) {
169 printf("Authentication failed!\n");
170 printf("Return Value = %08X\n", result);
171 hang();
172 }
173
174 /*
Andrew F. Davis6b3d4f32018-01-09 14:33:54 -0600[diff] [blame]175 * Output notification of successful authentication to re-assure the
176 * user that the secure code is being processed as expected. However
177 * suppress any such log output in case of building for SPL and booting
178 * via YMODEM. This is done to avoid disturbing the YMODEM serial
179 * protocol transactions.
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]180 */
181 if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
182 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
183 spl_boot_device() == BOOT_DEVICE_UART))
Andrew F. Davis6b3d4f32018-01-09 14:33:54 -0600[diff] [blame]184 printf("Authentication passed\n");
Andreas Dannenberg1bb0a212016-06-27 09:19:19 -0500[diff] [blame]185
186 return result;
187}
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]188
Andrew F. Davis03750232017-07-10 14:45:50 -0500[diff] [blame]189u32 get_sec_mem_start(void)
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]190{
191 u32 sec_mem_start = CONFIG_TI_SECURE_EMIF_REGION_START;
192 u32 sec_mem_size = CONFIG_TI_SECURE_EMIF_TOTAL_REGION_SIZE;
193 /*
194 * Total reserved region is all contiguous with protected
195 * region coming first, followed by the non-secure region.
196 * If 0x0 start address is given, we simply put the reserved
197 * region at the end of the external DRAM.
198 */
199 if (sec_mem_start == 0)
200 sec_mem_start =
201 (CONFIG_SYS_SDRAM_BASE + (
202#if defined(CONFIG_OMAP54XX)
203 omap_sdram_size()
204#else
205 get_ram_size((void *)CONFIG_SYS_SDRAM_BASE,
206 CONFIG_MAX_RAM_BANK_SIZE)
207#endif
208 - sec_mem_size));
209 return sec_mem_start;
210}
211
212int secure_emif_firewall_setup(uint8_t region_num, uint32_t start_addr,
213 uint32_t size, uint32_t access_perm,
214 uint32_t initiator_perm)
215{
216 int result = 1;
217
218 /*
219 * Call PPA HAL API to do any other general firewall
220 * configuration for regions 1-6 of the EMIF firewall.
221 */
222 debug("%s: regionNum = %x, startAddr = %x, size = %x", __func__,
223 region_num, start_addr, size);
224
225 result = secure_rom_call(
226 PPA_SERV_HAL_SETUP_EMIF_FW_REGION, 0, 0, 4,
227 (start_addr & 0xFFFFFFF0) | (region_num & 0x0F),
228 size, access_perm, initiator_perm);
229
230 if (result != 0) {
231 puts("Secure EMIF Firewall Setup failed!\n");
232 debug("Return Value = %x\n", result);
233 }
234
235 return result;
236}
237
238#if (CONFIG_TI_SECURE_EMIF_TOTAL_REGION_SIZE < \
239 CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE)
240#error "TI Secure EMIF: Protected size cannot be larger than total size."
241#endif
242int secure_emif_reserve(void)
243{
244 int result = 1;
245 u32 sec_mem_start = get_sec_mem_start();
246 u32 sec_prot_size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE;
247
248 /* If there is no protected region, there is no reservation to make */
249 if (sec_prot_size == 0)
250 return 0;
251
252 /*
253 * Call PPA HAL API to reserve a chunk of EMIF SDRAM
254 * for secure world use. This region should be carved out
255 * from use by any public code. EMIF firewall region 7
256 * will be used to protect this block of memory.
257 */
258 result = secure_rom_call(
259 PPA_SERV_HAL_SETUP_SEC_RESVD_REGION,
260 0, 0, 2, sec_mem_start, sec_prot_size);
261
262 if (result != 0) {
263 puts("SDRAM Firewall: Secure memory reservation failed!\n");
264 debug("Return Value = %x\n", result);
265 }
266
267 return result;
268}
269
270int secure_emif_firewall_lock(void)
271{
272 int result = 1;
273
274 /*
275 * Call PPA HAL API to lock the EMIF firewall configurations.
276 * After this API is called, none of the PPA HAL APIs for
277 * configuring the EMIF firewalls will be usable again (that
278 * is, calls to those APIs will return failure and have no
279 * effect).
280 */
281
282 result = secure_rom_call(
283 PPA_SERV_HAL_LOCK_EMIF_FW,
284 0, 0, 0);
285
286 if (result != 0) {
287 puts("Secure EMIF Firewall Lock failed!\n");
288 debug("Return Value = %x\n", result);
289 }
290
291 return result;
292}
293
294static struct ppa_tee_load_info tee_info __aligned(ARCH_DMA_MINALIGN);
295
296int secure_tee_install(u32 addr)
297{
298 struct optee_header *hdr;
299 void *loadptr;
300 u32 tee_file_size;
301 u32 sec_mem_start = get_sec_mem_start();
302 const u32 size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE;
303 u32 ret;
304
305 /* If there is no protected region, there is no place to put the TEE */
306 if (size == 0) {
307 printf("Error loading TEE, no protected memory region available\n");
308 return -ENOBUFS;
309 }
310
311 hdr = (struct optee_header *)map_sysmem(addr, sizeof(struct optee_header));
312 /* 280 bytes = size of signature */
313 tee_file_size = hdr->init_size + hdr->paged_size +
314 sizeof(struct optee_header) + 280;
315
316 if ((hdr->magic != OPTEE_MAGIC) ||
317 (hdr->version != OPTEE_VERSION) ||
Harinarayan Bhattaa1e4bc62017-09-13 13:27:44 -0500[diff] [blame]318 (tee_file_size > size)) {
319 printf("Error in TEE header. Check firewall and TEE sizes\n");
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]320 unmap_sysmem(hdr);
321 return CMD_RET_FAILURE;
322 }
323
324 tee_info.tee_sec_mem_start = sec_mem_start;
325 tee_info.tee_sec_mem_size = size;
326 tee_info.tee_jump_addr = hdr->init_load_addr_lo;
327 tee_info.tee_cert_start = addr;
328 tee_info.tee_cert_size = tee_file_size;
329 tee_info.tee_arg0 = hdr->init_size + tee_info.tee_jump_addr;
330 unmap_sysmem(hdr);
331 loadptr = map_sysmem(addr, tee_file_size);
332
333 debug("tee_info.tee_sec_mem_start= %08X\n", tee_info.tee_sec_mem_start);
334 debug("tee_info.tee_sec_mem_size = %08X\n", tee_info.tee_sec_mem_size);
335 debug("tee_info.tee_jump_addr = %08X\n", tee_info.tee_jump_addr);
336 debug("tee_info.tee_cert_start = %08X\n", tee_info.tee_cert_start);
337 debug("tee_info.tee_cert_size = %08X\n", tee_info.tee_cert_size);
338 debug("tee_info.tee_arg0 = %08X\n", tee_info.tee_arg0);
339 debug("tee_file_size = %d\n", tee_file_size);
340
Trevor Woerner10015022019-05-03 09:41:00 -0400[diff] [blame]341#if !CONFIG_IS_ENABLED(SYS_DCACHE_OFF)
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]342 flush_dcache_range(
343 rounddown((u32)loadptr, ARCH_DMA_MINALIGN),
344 roundup((u32)loadptr + tee_file_size, ARCH_DMA_MINALIGN));
345
346 flush_dcache_range((u32)&tee_info, (u32)&tee_info +
347 roundup(sizeof(tee_info), ARCH_DMA_MINALIGN));
348#endif
349 unmap_sysmem(loadptr);
350
351 ret = secure_rom_call(PPA_SERV_HAL_TEE_LOAD_MASTER, 0, 0, 1, &tee_info);
352 if (ret) {
353 printf("TEE_LOAD_MASTER Failed\n");
354 return ret;
355 }
356 printf("TEE_LOAD_MASTER Done\n");
357
358#if defined(CONFIG_OMAP54XX)
359 if (!is_dra72x()) {
360 u32 *smc_cpu1_params;
361 /* Reuse the tee_info buffer for SMC params */
362 smc_cpu1_params = (u32 *)&tee_info;
363 smc_cpu1_params[0] = 0;
Trevor Woerner10015022019-05-03 09:41:00 -0400[diff] [blame]364#if !CONFIG_IS_ENABLED(SYS_DCACHE_OFF)
Andrew F. Davis3348e0c2017-07-10 14:45:49 -0500[diff] [blame]365 flush_dcache_range((u32)smc_cpu1_params, (u32)smc_cpu1_params +
366 roundup(sizeof(u32), ARCH_DMA_MINALIGN));
367#endif
368 ret = omap_smc_sec_cpu1(PPA_SERV_HAL_TEE_LOAD_SLAVE, 0, 0,
369 smc_cpu1_params);
370 if (ret) {
371 printf("TEE_LOAD_SLAVE Failed\n");
372 return ret;
373 }
374 printf("TEE_LOAD_SLAVE Done\n");
375 }
376#endif
377
378 tee_loaded = 1;
379
380 return 0;
381}