From: Andreas Dannenberg <dannenberg@ti.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [RFC 7/9] arm: am4x: add secure ROM signature verify API
Date: Wed, 15 Jun 2016 14:26:39 -0500 [thread overview]
Message-ID: <1466018801-18044-8-git-send-email-dannenberg@ti.com> (raw)
In-Reply-To: <1466018801-18044-1-git-send-email-dannenberg@ti.com>
From: Madan Srinivas <madans@ti.com>
Adds an API that verifies a signature attached to an image (binary
blob). This API is basically a entry to a secure ROM service provided by
the device and accessed via an SMC call, using a particular calling
convention. This API is common across AM3x HS and AM4x HS devices.
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
---
arch/arm/cpu/armv7/am33xx/Makefile | 2 +
arch/arm/cpu/armv7/am33xx/sec_fxns.c | 90 ++++++++++++++++++++++++++++
arch/arm/include/asm/arch-am33xx/sys_proto.h | 6 +-
3 files changed, 97 insertions(+), 1 deletion(-)
create mode 100644 arch/arm/cpu/armv7/am33xx/sec_fxns.c
diff --git a/arch/arm/cpu/armv7/am33xx/Makefile b/arch/arm/cpu/armv7/am33xx/Makefile
index 6fda482..d2b3e37 100644
--- a/arch/arm/cpu/armv7/am33xx/Makefile
+++ b/arch/arm/cpu/armv7/am33xx/Makefile
@@ -20,3 +20,5 @@ obj-y += board.o
obj-y += mux.o
obj-$(CONFIG_CLOCK_SYNTHESIZER) += clk_synthesizer.o
+
+obj-$(CONFIG_TI_SECURE_DEVICE) += sec_fxns.o
diff --git a/arch/arm/cpu/armv7/am33xx/sec_fxns.c b/arch/arm/cpu/armv7/am33xx/sec_fxns.c
new file mode 100644
index 0000000..560297c
--- /dev/null
+++ b/arch/arm/cpu/armv7/am33xx/sec_fxns.c
@@ -0,0 +1,90 @@
+/*
+ * sec_fxns.c
+ *
+ * Common security functions for AMxx devices that rely
+ * on secure ROM services.
+ *
+ * Copyright (C) 2013, Texas Instruments, Incorporated - http://www.ti.com/
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include <common.h>
+#include <asm/arch/sys_proto.h>
+#include <asm/omap_common.h>
+
+/* Index for signature verify ROM API*/
+#define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000E)
+
+static u32 find_sig_start(char *image, size_t size)
+{
+ char *image_end = image + size;
+ char *sig_start_magic = "CERT_";
+ int magic_str_len = strlen(sig_start_magic);
+ char *ch;
+
+ while (--image_end > image) {
+ if (*image_end == '_') {
+ ch = image_end - magic_str_len + 1;
+ if (!strncmp(ch, sig_start_magic, magic_str_len))
+ return (u32)ch;
+ }
+ }
+ return 0;
+}
+
+int secure_boot_verify_image(void **image, size_t *size)
+{
+ int result = 1;
+ u32 cert_addr, sig_addr;
+ size_t cert_size;
+
+#ifndef CONFIG_SYS_DCACHE_OFF
+ /* Perform cache writeback on input buffer */
+ flush_dcache_range(
+ (u32)*image,
+ (u32)*image + roundup(*size, ARCH_DMA_MINALIGN));
+#endif
+ cert_addr = (uint32_t)*image;
+ sig_addr = find_sig_start((char *)*image, *size);
+
+ if (sig_addr == 0) {
+ puts("No signature found in image.\n");
+ result = 1;
+ goto auth_exit;
+ }
+
+ *size = sig_addr - cert_addr; /* Subtract out the signature size */
+ cert_size = *size;
+
+ /* Check if image load address is 32-bit aligned */
+ if (0 != (0x3 & cert_addr)) {
+ puts("Image is not 4-byte aligned.\n");
+ result = 1;
+ goto auth_exit;
+ }
+
+ /* Image size also should be multiple of 4 */
+ if (0 != (0x3 & cert_size)) {
+ puts("Image size is not 4-byte aligned.\n");
+ result = 1;
+ goto auth_exit;
+ }
+
+ /* Call ROM HAL API to verify certificate signature */
+ debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__,
+ cert_addr, cert_size, sig_addr);
+
+ result = secure_rom_call(
+ API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
+ 4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
+auth_exit:
+ if (result != 0) {
+ puts("Authentication failed!\n");
+ printf("Return Value = %08X\n", result);
+ hang();
+ }
+
+ printf("Authentication passed: %s\n", (char *)sig_addr);
+ return result;
+}
diff --git a/arch/arm/include/asm/arch-am33xx/sys_proto.h b/arch/arm/include/asm/arch-am33xx/sys_proto.h
index 8f573d2..f5fc916 100644
--- a/arch/arm/include/asm/arch-am33xx/sys_proto.h
+++ b/arch/arm/include/asm/arch-am33xx/sys_proto.h
@@ -41,7 +41,11 @@ void enable_norboot_pin_mux(void);
void am33xx_spl_board_init(void);
int am335x_get_efuse_mpu_max_freq(struct ctrl_dev *cdev);
int am335x_get_tps65910_mpu_vdd(int sil_rev, int frequency);
-#endif
void enable_usb_clocks(int index);
void disable_usb_clocks(int index);
+
+#ifdef CONFIG_TI_SECURE_DEVICE
+int secure_boot_verify_image(void **p_image, size_t *p_size);
+#endif
+#endif
--
2.6.4
next prev parent reply other threads:[~2016-06-15 19:26 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-15 19:26 [U-Boot] [RFC 0/9] Secure Boot by Authenticating/Decrypting SPL FIT blobs Andreas Dannenberg
2016-06-15 19:26 ` [U-Boot] [RFC 1/9] spl: fit: add support for post-processing of images Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-15 19:26 ` [U-Boot] [RFC 2/9] arm: cache: add missing dummy functions for when dcache disabled Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-20 2:13 ` Tom Rini
2016-06-15 19:26 ` [U-Boot] [RFC 3/9] arm: omap-common: add secure smc entry Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-15 19:26 ` [U-Boot] [RFC 4/9] arm: omap-common: add secure rom call API for secure devices Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-17 4:18 ` Lokesh Vutla
2016-06-15 19:26 ` [U-Boot] [RFC 5/9] arm: omap5: add secure ROM signature verify API Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-20 2:13 ` Tom Rini
2016-06-15 19:26 ` [U-Boot] [RFC 6/9] arm: omap5: add FIT image post process function Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-17 4:26 ` Lokesh Vutla
2016-06-15 19:26 ` Andreas Dannenberg [this message]
2016-06-17 3:52 ` [U-Boot] [RFC 7/9] arm: am4x: add secure ROM signature verify API Simon Glass
2016-06-15 19:26 ` [U-Boot] [RFC 8/9] arm: am4x: add FIT image post process function Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-17 4:27 ` Lokesh Vutla
2016-06-15 19:26 ` [U-Boot] [RFC 9/9] ti: omap-common: Update to generate secure FIT Andreas Dannenberg
2016-06-17 3:52 ` Simon Glass
2016-06-17 16:13 ` Andreas Dannenberg
2016-06-20 22:40 ` Simon Glass
2016-06-21 2:35 ` Andreas Dannenberg
2016-06-23 4:59 ` Masahiro Yamada
2016-06-23 13:23 ` Andreas Dannenberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1466018801-18044-8-git-send-email-dannenberg@ti.com \
--to=dannenberg@ti.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.