From patchwork Mon Feb 26 12:36:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 129640 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp158340lja; Mon, 26 Feb 2018 04:43:30 -0800 (PST) X-Google-Smtp-Source: AH8x226my+MuCTg5dbrLYSlRcfDdCWOYNogwxavYNIsQfkI49IcK5kpifXcnqMQN9Fa8vnGUH3QL X-Received: by 10.80.138.212 with SMTP id k20mr13931851edk.181.1519649010256; Mon, 26 Feb 2018 04:43:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519649010; cv=none; d=google.com; s=arc-20160816; b=oL0zaEQb815Kgyia2q0KGww44HPaa5snAgKqnbxRcr5tL9Lm7IxwLwLW54fmbh9nW3 kZls2YrChJqF8uj1NXuzaIZxZtqfSwFReJj44gry75CNlipvE4WqiwUY95nz6OxjmVSM v98RZyBb6VVT1G2i/wFoLwT3e0eugM/HWEnUEwkbmZmxJxCpoAwKhld5CFQ5udSMCK3K c7Z5dWTA8pbeD0/7yZRY6mgjv+mllubTfubBUd0cLnpcegkVivxuTy6scPKEXeaBlxVs qzgH69o4bkixK9MBZOPcmtag4VbhI9r5cqi+ZhX6Z85ngq1jsD1hM6TZumkh5fTYONtA QJMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:arc-authentication-results; bh=imD/FFmxIm1O3FKS1inZ6TLvL5Dw7B1dklNfuNVp+RY=; b=HH7b5rDi5PoclozvSN3O7AvutpVLz1VGR7MLyIJTiVAJjqTbvFFDt1ZBdI3FxX2Dpf xGnZTvU7MYjZH5BPvMvldUG3H0m1rMzWv+j3G4xpxJD4rqrV836BPU1Rr9a53WhIjQtR epdmf/Pbd1sKdvv5r4CL2sxmDbVo5T/fGFX3HBOm/+yiF89mSIfHCoyWcVizyajATlYU U+VoH2Efg5zP6Sjb46GvNlrOze11yuzIsoxzV727P3TjV8oFOtFB4IBXvfgv7wiAID9Q pm2spAGTfN6lHHcnwZFu5QNd8fPcWklbC3i0KaIMLBNJcPmFi47ax0iTUb79iOmc7lv1 7JKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hygTe9wa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id s12si649361edb.5.2018.02.26.04.43.30; Mon, 26 Feb 2018 04:43:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hygTe9wa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D091BC22102; Mon, 26 Feb 2018 12:38:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 8FF13C2211A; Mon, 26 Feb 2018 12:36:41 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 883BCC2210F; Mon, 26 Feb 2018 12:36:23 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 4418AC22102 for ; Mon, 26 Feb 2018 12:36:19 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id h21so17136678wmd.1 for ; Mon, 26 Feb 2018 04:36:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=hygTe9wa4Zp+7Dl5E/zdMVliHr+V68cR1mco+i8R02xqpacrHfy7jKYTMlQX6H5oS7 /QibBuX+BhK38Dibh7GTGSvpfQwM/dQ73OMdB2P9lYj2pDQt5odzj9M3++wlgT+rAlgw 8LvbKc9MER8MHLBVh8lt9AgQ54tgRzXuCWscw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Sebbz03t3iaTy+2et9QKnZ7ab4Axd/fkQ6N9N9AZVPk=; b=ZjWq/gBCf3qh8J5poNMj/wPuE99sRK5Q0VqGF4w9z7uJ9SXcx5STrZ4K/AmsxbUna9 V3sKzA0Dx+XliFL3RAJw8F4YHj2d1jwor58ju3hRulaHT7PAYYv+k/dpyhSiO4gCYU5p 7xYIPWqg3FaNJJq1QMWRe79dfM+4K3qycpy2H3wVoFFCx3LCjIBSmbG8w5Px/jJf9pO9 3Itikg6lIDv4+NEmxsrxhLVYFoScN9Yepr0jyETYtgy19grNpQ2dW7PXxF2m2ORF+Ofh 4LGeJtUl97n8f+uNOVkE/64NeRBAmIzrGT4OJFPMAZ/JqBtwXSTkjhQz+tfaDpDB0nWW d5ww== X-Gm-Message-State: APf1xPDOKh0a1migJph24+MMzxEeYPpc13vN94pLR7EujIDwyQFXvYYG osWzGfwy/1zX39W3U5ZMPmf3gWNyDms= X-Received: by 10.80.157.203 with SMTP id l11mr14026565edk.200.1519648578685; Mon, 26 Feb 2018 04:36:18 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id f6sm2493967edn.45.2018.02.26.04.36.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 26 Feb 2018 04:36:18 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com, harinarayan@ti.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Mon, 26 Feb 2018 12:36:03 +0000 Message-Id: <1519648566-12061-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> References: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> Subject: [U-Boot] [PATCH v4 09/12] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 2cc16d7..365c078 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -29,3 +29,23 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + return ret; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) + ret = -EINVAL; + + return ret; +}