From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82132C433F5 for ; Tue, 5 Oct 2021 12:23:22 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B9C1461425 for ; Tue, 5 Oct 2021 12:23:21 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org B9C1461425 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=xilinx.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id EF2188169E; Tue, 5 Oct 2021 14:23:19 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=xilinx.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=xilinx.onmicrosoft.com header.i=@xilinx.onmicrosoft.com header.b="ouqHjca0"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 38A5181E14; Tue, 5 Oct 2021 14:23:18 +0200 (CEST) Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam08on2061b.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8c::61b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id BC5FB805F9 for ; Tue, 5 Oct 2021 14:23:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=xilinx.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=michals@xilinx.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Af7R75iYmRJzY1rlCZTpvcKZprFpqNcNpoDnKbwSh9HOk5FnI2J5BcWJDN8xp3h+MUMwkSJB7nWqmpt8n0xjpaH06kRzWxcgIEjhEdjD8bUkaPAkpsB8oOVt6ODwm4jUsk4pIgzHz/1y+wwZT+uylxn+twbiyNtb/Bp1cjA3Hs2hAnJzOT2MQ/6OjGDB/QWmcgiDlufsARq3vdQ05ODfiTTQr5r4KMJBmfadiQ1gDvwrKeKgrZBXDm4etUNy/gjnY33T5MfEbwZQKKWeZ+6c6IhW8W//GlWtLHcD6aOVGifY9QhbTD4zhkbxcIPb3ZgazkdcIK9p+sdmC6X9ZRgBAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5vx7c8qmpwLn2xfbbMmCucbXgX41mRbC4+C3Wz3B8W4=; b=lJN2vrKC2piXv7ON+4sLcNKa3+yhEW1kTe7XGPb0ELW6EwxIqweErpiPK0gcCL3KTZFL8eYEKd8NvQUbJ4OnOFIc447N4spi7vVXZEh5SeuMal9LTMHez84r/3dD7R8tIDJB4wr4LqjI+yTdkVs7o5KYPA+JmIZ+UTFG2L/Ii9DxlRoFGRMJ7h4sAE1FkLHOGEgvoj400rroCLgjkdhBuvu2JeJbOQwiSPkRkjbVD6HuiZPkNVWhws8cDVmDKWehA/kET0HdsRNennMQsGu7PYhDIRP32wjv30HTAJLqR+0cfzqdh7WkBT6ldkT72TU1wm83sXlEWJEuSMOvXKPfVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 149.199.62.198) smtp.rcpttodomain=foundries.io smtp.mailfrom=xilinx.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=xilinx.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xilinx.onmicrosoft.com; s=selector2-xilinx-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5vx7c8qmpwLn2xfbbMmCucbXgX41mRbC4+C3Wz3B8W4=; b=ouqHjca0p/WUeyw0X3wMHVb5z/PG6iuA/7GtiM4v+dRKfIIJfIyngN7K8H99fc2uhFRWtKX6vqtJ8exY/SukoA85RZ7EcnSHckEohaWrJOe83l2KPe1ryI2yl4+Wtz35JxAgw3xfGLvl/ht1TfSE1nnSB7ObNqVTRU9ljYuzo7c= Received: from SN4PR0501CA0132.namprd05.prod.outlook.com (2603:10b6:803:42::49) by PH0PR02MB7128.namprd02.prod.outlook.com (2603:10b6:510:17::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.19; Tue, 5 Oct 2021 12:23:11 +0000 Received: from SN1NAM02FT0056.eop-nam02.prod.protection.outlook.com (2603:10b6:803:42:cafe::6b) by SN4PR0501CA0132.outlook.office365.com (2603:10b6:803:42::49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.13 via Frontend Transport; Tue, 5 Oct 2021 12:23:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 149.199.62.198) smtp.mailfrom=xilinx.com; foundries.io; dkim=none (message not signed) header.d=none;foundries.io; dmarc=pass action=none header.from=xilinx.com; Received-SPF: Pass (protection.outlook.com: domain of xilinx.com designates 149.199.62.198 as permitted sender) receiver=protection.outlook.com; client-ip=149.199.62.198; helo=xsj-pvapexch01.xlnx.xilinx.com; Received: from xsj-pvapexch01.xlnx.xilinx.com (149.199.62.198) by SN1NAM02FT0056.mail.protection.outlook.com (10.97.4.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4566.14 via Frontend Transport; Tue, 5 Oct 2021 12:23:11 +0000 Received: from xsj-pvapexch02.xlnx.xilinx.com (172.19.86.41) by xsj-pvapexch01.xlnx.xilinx.com (172.19.86.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.14; Tue, 5 Oct 2021 05:23:09 -0700 Received: from smtp.xilinx.com (172.19.127.96) by xsj-pvapexch02.xlnx.xilinx.com (172.19.86.41) with Microsoft SMTP Server id 15.1.2176.14 via Frontend Transport; Tue, 5 Oct 2021 05:23:09 -0700 Envelope-to: igor.opaniuk@foundries.io, mike@foundries.io, ricardo@foundries.io, u-boot@lists.denx.de, mr.nuke.me@gmail.com, sjg@chromium.org, trini@konsulko.com, jorge@foundries.io Received: from [10.254.241.49] (port=60276) by smtp.xilinx.com with esmtp (Exim 4.90) (envelope-from ) id 1mXjTR-000CaS-9w; Tue, 05 Oct 2021 05:23:09 -0700 Subject: Re: [PATCH] arm64: zynqmp: Print the secure boot status information in EL3 To: Jorge Ramirez-Ortiz , , , , CC: , , , References: <20211005111324.19749-1-jorge@foundries.io> From: Michal Simek Message-ID: Date: Tue, 5 Oct 2021 14:23:06 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: <20211005111324.19749-1-jorge@foundries.io> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: edb63df1-450a-4689-ab29-08d987fae575 X-MS-TrafficTypeDiagnostic: PH0PR02MB7128: X-Microsoft-Antispam-PRVS: X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-MS-Oob-TLC-OOBClassifiers: OLM:2582; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nSAPOqrHjVDMYGz2wSBIUVkjRUTwc3RmJJE1Hg6KrwA/g3y68U4tUw1NLrlmqrALDXpiBEmPjeyVcGTPgXKu2G+LFRl1Gz0654wjfitPcAgEQPH4hEKaAe3YwXZpc0LbtwStGJFwP5oH+LPf39ngsJIfyecVUuAZNKVNTEdRyao3OvxpJS/wiS5ns4mnETeLNR31+VJjO2SadciM8g7o6L/nzeZAuu1NNxpjAWnllws3l9tL/CWBhNDl0pRRvVTY4HBS6as7dNtIXr/4TXGhmEAVXxHLZzRV8sD6NE5B2Ij3BlgXXvSkZGSCzHzJNhuZc72fpS5NOLT2FMRQ88nz3ttSbzvSGmDo1p/MWfylOg2j8UThkG0R/xE2OXoYku+F2ONjhyIr4TzX9SC8z9MlZ9C3D6izdXxIHDlkzxDI6vgVwba99LCObJMEyMelgUPD7fC08qnX1pQbAYZMLtRSOq1JdTWHmXGKqizZG3Zinwe555yL1MZAQEz7qCGT/1YRHCiuPZfArBH31dkNGRCOS+OdqyDESi2Q05isxSJcSuWVQKt0oKZ2i6o3Tw8CTaek5OKNCCQf08NQpXy/ll5Xv5DQBMEECkCdqmR2MTafzDDcmGa4Bm3PwqPFlchDr3C5FjUAV0RY1w0qM6SfirbAjbRtasR2n9V/Sa0fISQx+p3BD2OBtgtC67CLEZ0VLbnTRw1/JPb88zawGcTM4WWooJNfZg2BIhXDDw8gl7m6WNOLxWUXK50CGHBoKW1FK50NcXeumYpRLbCPaHIgOrhAsQ== X-Forefront-Antispam-Report: CIP:149.199.62.198; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:xsj-pvapexch01.xlnx.xilinx.com; PTR:unknown-62-198.xilinx.com; CAT:NONE; SFS:(46966006)(36840700001)(54906003)(26005)(36756003)(83380400001)(47076005)(186003)(6666004)(9786002)(31686004)(36860700001)(508600001)(53546011)(110136005)(2906002)(2616005)(316002)(426003)(336012)(356005)(7636003)(5660300002)(70206006)(82310400003)(4326008)(8936002)(8676002)(31696002)(36906005)(44832011)(70586007)(50156003)(43740500002); DIR:OUT; SFP:1101; X-OriginatorOrg: xilinx.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 12:23:11.0103 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: edb63df1-450a-4689-ab29-08d987fae575 X-MS-Exchange-CrossTenant-Id: 657af505-d5df-48d0-8300-c31994686c5c X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=657af505-d5df-48d0-8300-c31994686c5c; Ip=[149.199.62.198]; Helo=[xsj-pvapexch01.xlnx.xilinx.com] X-MS-Exchange-CrossTenant-AuthSource: SN1NAM02FT0056.eop-nam02.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR02MB7128 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On 10/5/21 1:13 PM, Jorge Ramirez-Ortiz wrote: > Confirm the secure boot configuration on the console. > > Signed-off-by: Jorge Ramirez-Ortiz > --- > arch/arm/mach-zynqmp/include/mach/hardware.h | 3 ++- > board/xilinx/zynqmp/zynqmp.c | 16 +++++++++++++++- > 2 files changed, 17 insertions(+), 2 deletions(-) > > diff --git a/arch/arm/mach-zynqmp/include/mach/hardware.h b/arch/arm/mach-zynqmp/include/mach/hardware.h > index 3776499070..3d3ffa086e 100644 > --- a/arch/arm/mach-zynqmp/include/mach/hardware.h > +++ b/arch/arm/mach-zynqmp/include/mach/hardware.h > @@ -139,7 +139,8 @@ struct apu_regs { > #define ZYNQMP_SILICON_VER_SHIFT 0 > > struct csu_regs { > - u32 reserved0[4]; > + u32 status; > + u32 reserved0[3]; > u32 multi_boot; > u32 reserved1[11]; > u32 idcode; > diff --git a/board/xilinx/zynqmp/zynqmp.c b/board/xilinx/zynqmp/zynqmp.c > index 1748fec2e4..b7d11630d1 100644 > --- a/board/xilinx/zynqmp/zynqmp.c > +++ b/board/xilinx/zynqmp/zynqmp.c > @@ -355,6 +355,18 @@ static int multi_boot(void) > return 0; > } > > +static void secure_boot(void) > +{ > + u32 status; > + > + status = readl(&csu_base->status); I would prefer to use zynqmp_mmio_read instead to make sure that we can call this function also from regular u-boot not running in EL3. For SPL it will be just readl what you have here too. > + if (status & (BIT(0) | BIT(1))) { > + printf("Secure Boot:\t%s%s\n", > + status & BIT(0) ? "authenticated" : "not authenticated", > + status & BIT(1) ? ", encrypted" : ", not encrypted"); It is pretty much visible that instead of BIT(X) you should use macros. > + } > +} > + > #define PS_SYSMON_ANALOG_BUS_VAL 0x3210 > #define PS_SYSMON_ANALOG_BUS_REG 0xFFA50914 > > @@ -391,8 +403,10 @@ int board_init(void) > fpga_add(fpga_xilinx, &zynqmppl); > #endif > > - if (current_el() == 3) > + if (current_el() == 3) { > multi_boot(); This code has changed a little bit. Please use the latest u-boot version. > + secure_boot(); Is it useful to get information only for SPL in EL3? Just asking. > + } > > return 0; > } > Thanks, Michal