All of lore.kernel.org
 help / color / mirror / Atom feed
From: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 1/9] optee: Add lib entries for sharing OPTEE code across ports
Date: Fri, 12 Jan 2018 14:52:16 +0000	[thread overview]
Message-ID: <1515768744-25246-2-git-send-email-bryan.odonoghue@linaro.org> (raw)
In-Reply-To: <1515768744-25246-1-git-send-email-bryan.odonoghue@linaro.org>

This patch adds code to lib to enable sharing of useful OPTEE code between
board-ports and architectures. The code on lib/optee/optee.c comes from the
TI omap2 port. Eventually the OMAP2 code will be patched to include the
shared code. The intention here is to add more useful OPTEE specific code
as more functionality gets added.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
---
 include/tee/optee.h | 16 ++++++++++++++++
 lib/Kconfig         |  1 +
 lib/Makefile        |  1 +
 lib/optee/Kconfig   |  8 ++++++++
 lib/optee/Makefile  |  7 +++++++
 lib/optee/optee.c   | 35 +++++++++++++++++++++++++++++++++++
 6 files changed, 68 insertions(+)
 create mode 100644 lib/optee/Kconfig
 create mode 100644 lib/optee/Makefile
 create mode 100644 lib/optee/optee.c

diff --git a/include/tee/optee.h b/include/tee/optee.h
index 9ab0d08..8943afb 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -10,6 +10,8 @@
 #ifndef	_OPTEE_H
 #define _OPTEE_H
 
+#include <linux/errno.h>
+
 #define OPTEE_MAGIC             0x4554504f
 #define OPTEE_VERSION           1
 #define OPTEE_ARCH_ARM32        0
@@ -27,4 +29,18 @@ struct optee_header {
 	uint32_t paged_size;
 };
 
+#if defined(CONFIG_OPTEE)
+int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start,
+		       unsigned long tzdram_len, unsigned long image_len);
+#else
+static inline int optee_verify_image(struct optee_header *hdr,
+				     unsigned long tzdram_start,
+				     unsigned long tzdram_len,
+				     unsigned long image_len)
+{
+	return -EPERM;
+}
+
+#endif
+
 #endif /* _OPTEE_H */
diff --git a/lib/Kconfig b/lib/Kconfig
index f447c53..5742fb7 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -278,5 +278,6 @@ endmenu
 
 source lib/efi/Kconfig
 source lib/efi_loader/Kconfig
+source lib/optee/Kconfig
 
 endmenu
diff --git a/lib/Makefile b/lib/Makefile
index 8cd779f..46813b6 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -17,6 +17,7 @@ obj-$(CONFIG_FIT) += libfdt/
 obj-$(CONFIG_OF_LIVE) += of_live.o
 obj-$(CONFIG_CMD_DHRYSTONE) += dhry/
 obj-$(CONFIG_ARCH_AT91) += at91/
+obj-$(CONFIG_OPTEE) += optee/
 
 obj-$(CONFIG_AES) += aes.o
 obj-y += charset.o
diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig
new file mode 100644
index 0000000..2e406fe
--- /dev/null
+++ b/lib/optee/Kconfig
@@ -0,0 +1,8 @@
+config OPTEE
+	bool "Support OPTEE images"
+	help
+	  U-Boot can be configured to boot OPTEE images.
+	  Selecting this option will enable shared OPTEE library code and
+          enable an OPTEE specific bootm command that will perform additional
+          OPTEE specific checks before booting an OPTEE image created with
+          mkimage.
diff --git a/lib/optee/Makefile b/lib/optee/Makefile
new file mode 100644
index 0000000..03e832f
--- /dev/null
+++ b/lib/optee/Makefile
@@ -0,0 +1,7 @@
+#
+# (C) Copyright 2017 Linaro
+#
+# SPDX-License-Identifier:	GPL-2.0+
+#
+
+obj-$(CONFIG_OPTEE) += optee.o
diff --git a/lib/optee/optee.c b/lib/optee/optee.c
new file mode 100644
index 0000000..a6c856a
--- /dev/null
+++ b/lib/optee/optee.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2017 Linaro
+ * Bryan O'Donoghue <bryan.odonoghue@linaro.org>
+ *
+ * SPDX-License-Identifier:	GPL-2.0+
+ */
+
+#include <common.h>
+#include <tee/optee.h>
+
+int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start,
+		       unsigned long tzdram_len, unsigned long image_len)
+{
+	unsigned long tzdram_end = tzdram_start + tzdram_len;
+	uint32_t tee_file_size;
+
+	tee_file_size = hdr->init_size + hdr->paged_size +
+			sizeof(struct optee_header);
+
+	if ((hdr->magic != OPTEE_MAGIC) ||
+	    (hdr->version != OPTEE_VERSION) ||
+	    (hdr->init_load_addr_hi > tzdram_end) ||
+	    (hdr->init_load_addr_lo < tzdram_start) ||
+	    (tee_file_size > tzdram_len) ||
+	    (tee_file_size != image_len) ||
+	    ((hdr->init_load_addr_lo + tee_file_size) > tzdram_end)) {
+		printf("OPTEE verification error tzdram 0x%08lx-0x%08lx "
+		       "header lo=0x%08x hi=0x%08x size=0x%08x\n",
+		       tzdram_start, tzdram_end, hdr->init_load_addr_lo,
+		       hdr->init_load_addr_hi, tee_file_size);
+		return -EINVAL;
+	}
+
+	return 0;
+}
-- 
2.7.4

  reply	other threads:[~2018-01-12 14:52 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-12 14:52 [U-Boot] [PATCH 0/9] Add new OPTEE bootm support to u-boot Bryan O'Donoghue
2018-01-12 14:52 ` Bryan O'Donoghue [this message]
2018-01-12 14:52 ` [U-Boot] [PATCH 2/9] optee: Add CONFIG_OPTEE_TZDRAM_SIZE Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 3/9] optee: Make OPTEE_TZDRAM_BASE a mandatory define Bryan O'Donoghue
2018-01-12 16:23   ` Tom Rini
2018-01-12 14:52 ` [U-Boot] [PATCH 4/9] optee: Add optee_image_get_entry_point() Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 5/9] optee: Add optee_image_get_load_addr() Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 6/9] tools: mkimage: add optee image type Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 7/9] optee: Add optee_verify_bootm_image() Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 8/9] optee: Improve error printout Bryan O'Donoghue
2018-01-12 14:52 ` [U-Boot] [PATCH 9/9] bootm: optee: Add mechanism to validate an OPTEE image before boot Bryan O'Donoghue
2018-01-15  4:00 ` [U-Boot] [PATCH 0/9] Add new OPTEE bootm support to u-boot Peng Fan
2018-01-15  4:39 ` Kever Yang
2018-01-15 10:24   ` Dr. Philipp Tomsich
2018-01-15 10:29     ` Dr. Philipp Tomsich
2018-01-15 12:03       ` Peng Fan
2018-01-15 13:26         ` Dr. Philipp Tomsich
2018-01-15 14:01         ` Bryan O'Donoghue

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1515768744-25246-2-git-send-email-bryan.odonoghue@linaro.org \
    --to=bryan.odonoghue@linaro.org \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.