When in early SPL we make some secure ROM calls that can effect
DRAM, due to this it is more stable to store the args for these
calls in SRAM, but uninitialized and zero'd globals are placed
in BSS, located in DRAM. Force our args into the data section
which is in SRAM during SPL.
Signed-off-by: Andrew F. Davis <afd@ti.com>
The signing certificate name is always 15 chars long, but need not be
null terminated. One solution is then to use printf precision modifiers
to only print this many chars ("%.15s"), but tiny printf does not support
this, so lets just drop printing the cert name for now.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Fix the size calculation in the verify boot. The header size
should be subtracted from the image size, not be assigned to
the image size.
Fixes: 0830d72bb9 ("arm: am33xx: security: adds auth support for encrypted images")
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Dan Murphy <dmurphy@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
This patch adds support for authentication of both plain
text and encrypted binaries. A new SECDEV package is needed
to enable encryption of binaries by default for AM3x.
The ROM authentication API detects encrypted images at
runtime and automatically decrypts the image if the
signature verification passes.
Addition of encryption on AM3x results in a change in the
image format. On AM4x, AM5x and, on AM3x devices signing
clear test images, the signature is appended to the end of the
binary.
On AM3x, when the SECDEV package is used to create signed
and encrypted images, the signature is added as a header
to the start of the binary. So the binary size calculation
has been updated to reflect this change.
The signing tools and encrypted image format for AM3x
cannot be changed to behave like AM4x and AM5x to
maintain backward compatibility with older Sitara
M-Shield releases.
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
When the OP-TEE image is built for secure paging the load address may be
in SRAM, remove checks that prevent this.
Signed-off-by: Harinarayan Bhatta <harinarayan@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
The image address passed to secure_boot_verify_image() may not be
cacheline aligned, round the address down to the nearest cacheline.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Some of the fixups currently done for OMAP5 class boards are common to
other OMAP family devices, move these to fdt-common.c.
Signed-off-by: Andrew F. Davis <afd@ti.com>
TEE loading and firewall setup are common to all omap2 devices, move
these function out of omap5 and into mach-omap2. This allows us
to use these functions from other omap class devices.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Each call of va_start must be matched by a call of va_end.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
After we authenticate/decrypt an image we need to flush the caches
as they may still contain bits of the encrypted image. This will
cause failures if we attempt to jump to this image.
Reported-by: Yogesh Siraswar<yogeshs@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
On AM33xx devices the secure ROM uses a different call index for
signature verification, the function and arguments are the same.
Signed-off-by: Andrew F. Davis <afd@ti.com>
This moves what was in arch/arm/cpu/armv7/omap-common in to
arch/arm/mach-omap2 and moves
arch/arm/cpu/armv7/{am33xx,omap3,omap4,omap5} in to arch/arm/mach-omap2
as subdirectories. All refernces to the former locations are updated to
the current locations. For the logic to decide what our outputs are,
consolidate the tests into a single config.mk rather than including 4.
Signed-off-by: Tom Rini <trini@konsulko.com>
2016-11-21 14:07:29 -05:00
Renamed from arch/arm/cpu/armv7/omap-common/sec-common.c (Browse further)