mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-23 19:43:33 +00:00
481d394e77
board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Tero Kristo <kristo@kernel.org>
143 lines
3.2 KiB
C
143 lines
3.2 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/*
|
|
* K2x: Secure commands file
|
|
*
|
|
* Copyright (C) 2012-2019 Texas Instruments Incorporated - http://www.ti.com/
|
|
*/
|
|
|
|
#include <hang.h>
|
|
#include <image.h>
|
|
#include <asm/unaligned.h>
|
|
#include <common.h>
|
|
#include <command.h>
|
|
#include <mach/mon.h>
|
|
#include <spl.h>
|
|
asm(".arch_extension sec\n\t");
|
|
|
|
int mon_install(u32 addr, u32 dpsc, u32 freq, u32 bm_addr)
|
|
{
|
|
int result;
|
|
|
|
__asm__ __volatile__ (
|
|
"stmfd r13!, {lr}\n"
|
|
"mov r0, %1\n"
|
|
"mov r1, %2\n"
|
|
"mov r2, %3\n"
|
|
"mov r3, %4\n"
|
|
"blx r0\n"
|
|
"mov %0, r0\n"
|
|
"ldmfd r13!, {lr}\n"
|
|
: "=&r" (result)
|
|
: "r" (addr), "r" (dpsc), "r" (freq), "r" (bm_addr)
|
|
: "cc", "r0", "r1", "r2", "r3", "memory");
|
|
return result;
|
|
}
|
|
|
|
int mon_power_on(int core_id, void *ep)
|
|
{
|
|
int result;
|
|
|
|
asm volatile (
|
|
"stmfd r13!, {lr}\n"
|
|
"mov r1, %1\n"
|
|
"mov r2, %2\n"
|
|
"mov r0, #0\n"
|
|
"smc #0\n"
|
|
"mov %0, r0\n"
|
|
"ldmfd r13!, {lr}\n"
|
|
: "=&r" (result)
|
|
: "r" (core_id), "r" (ep)
|
|
: "cc", "r0", "r1", "r2", "memory");
|
|
return result;
|
|
}
|
|
|
|
int mon_power_off(int core_id)
|
|
{
|
|
int result;
|
|
|
|
asm volatile (
|
|
"stmfd r13!, {lr}\n"
|
|
"mov r1, %1\n"
|
|
"mov r0, #1\n"
|
|
"smc #1\n"
|
|
"mov %0, r0\n"
|
|
"ldmfd r13!, {lr}\n"
|
|
: "=&r" (result)
|
|
: "r" (core_id)
|
|
: "cc", "r0", "r1", "memory");
|
|
return result;
|
|
}
|
|
|
|
#ifdef CONFIG_TI_SECURE_DEVICE
|
|
#define KS2_HS_SEC_HEADER_LEN 0x60
|
|
#define KS2_HS_SEC_TAG_OFFSET 0x34
|
|
#define KS2_AUTH_CMD 130
|
|
|
|
/**
|
|
* k2_hs_bm_auth() - Invokes security functions using a
|
|
* proprietary TI interface. This binary and source for
|
|
* this is available in the secure development package or
|
|
* SECDEV. For details on how to access this please refer
|
|
* doc/README.ti-secure
|
|
*
|
|
* @cmd: Secure monitor command
|
|
* @arg1: Argument for command
|
|
*
|
|
* returns non-zero value on success, zero on error
|
|
*/
|
|
static int k2_hs_bm_auth(int cmd, void *arg1)
|
|
{
|
|
int result;
|
|
|
|
asm volatile (
|
|
"stmfd r13!, {r4-r12, lr}\n"
|
|
"mov r0, %1\n"
|
|
"mov r1, %2\n"
|
|
"smc #2\n"
|
|
"mov %0, r0\n"
|
|
"ldmfd r13!, {r4-r12, lr}\n"
|
|
: "=&r" (result)
|
|
: "r" (cmd), "r" (arg1)
|
|
: "cc", "r0", "r1", "memory");
|
|
|
|
return result;
|
|
}
|
|
|
|
void board_fit_image_post_process(const void *fit, int node, void **p_image,
|
|
size_t *p_size)
|
|
{
|
|
int result = 0;
|
|
void *image = *p_image;
|
|
|
|
if (strncmp(image + KS2_HS_SEC_TAG_OFFSET, "KEYS", 4)) {
|
|
printf("No signature found in image!\n");
|
|
hang();
|
|
}
|
|
|
|
result = k2_hs_bm_auth(KS2_AUTH_CMD, image);
|
|
if (result == 0) {
|
|
printf("Authentication failed!\n");
|
|
hang();
|
|
}
|
|
|
|
/*
|
|
* Overwrite the image headers after authentication
|
|
* and decryption. Update size to reflect removal
|
|
* of header and restore original file size.
|
|
*/
|
|
*p_size = get_unaligned_le32(image + (*p_size - 4));
|
|
memcpy(image, image + KS2_HS_SEC_HEADER_LEN, *p_size);
|
|
|
|
/*
|
|
* Output notification of successful authentication to re-assure the
|
|
* user that the secure code is being processed as expected. However
|
|
* suppress any such log output in case of building for SPL and booting
|
|
* via YMODEM. This is done to avoid disturbing the YMODEM serial
|
|
* protocol transactions.
|
|
*/
|
|
if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
|
|
IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
|
|
spl_boot_device() == BOOT_DEVICE_UART))
|
|
printf("Authentication passed\n");
|
|
}
|
|
#endif
|