From patchwork Fri Mar 9 16:55:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131172 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp1217704lja; Fri, 9 Mar 2018 09:01:16 -0800 (PST) X-Google-Smtp-Source: AG47ELv+hUcT7OBFcteipqXSnwQO6hvKhAHg800OmjTVEG/r2U+bdqu4o6UNcds0r13r2ifxUn7z X-Received: by 10.80.169.66 with SMTP id m2mr13677936edc.244.1520614876147; Fri, 09 Mar 2018 09:01:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520614876; cv=none; d=google.com; s=arc-20160816; b=BSQh6i3dSY+L57XVokn3RrpqW1ZlPvcgmLpkSo/WuEmCKX7haA5I6tA2lB9fmXOpcv iFCda5s9fm9MrTRsNtK3yhumkhM0mQAtv0PrzTWbDfInNYd4nkKP1YjommYKCdMZuCkZ zVE0LLfd4mfdLw+MRPZXeRlPfxyttX/MQLuPw0YRY1QqQk9HDxPsznrUJEbW/PMSH8ww iylxNTs5eMhMNUGhnCZgUP09nS/HX1UI81a4S+CnxLlt20S3+1ro6vhUatK1Hsn0gimd xJkpqL018jtkSMBXbBH4LYmlDxW1u1noJRVMZikqYHvlbqRJyd9mMcWdX6yfmCreMqKY wx+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=OuvoDMc1J2Cdh/JMF8KDDz6AVbKl7a7/p7QqRI/GlmY=; b=KZeG3MrUGo+KdIqNIWWwHO1Z6gDZvWP9IMDYXMQ8GAjq9I+csR22uLnyOtg/e3zPSQ g9QkMrPqrRaeuYbA61bwpUakvuNfvRdNEfp/o7pBsbxWZZvCGt0sd7AlKZn4pxCt/mp4 5Ux82D6pykJQTIH3rgmwFvZF8IPjrvpzgyiaTcQpQlsoCkaBzoMlxHRQl1Hi8c4aMEVC BkMFWfH+G3DkjyUcy/R3Wri/Y6khm3FSPAIiqPYEZ4zaBF3+PkcmrdfTcylezxrF1zrR 1HKEhQKCxfrPOs579fjjWUgcRBWci/t5MZMDb2STVndtDw0t823INqMgIlNqyROmyrT5 0f5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=H3Dc4KqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k3si1390919edc.549.2018.03.09.09.01.15; Fri, 09 Mar 2018 09:01:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=H3Dc4KqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BCB39C21E29; Fri, 9 Mar 2018 16:58:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D8497C21E02; Fri, 9 Mar 2018 16:56:01 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8C332C21DE8; Fri, 9 Mar 2018 16:55:50 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 8CBE2C21E16 for ; Fri, 9 Mar 2018 16:55:45 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id z81so5077302wmb.4 for ; Fri, 09 Mar 2018 08:55:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=d5KjfEUORjyISKTpuQcNlTyiwnPfxFREMPPYPXtco5M=; b=H3Dc4KqH3mc00vytpNon1of1avr39M3PxfN+SKUS4n5L198DrV71RlSs8VHZfNP5mr OYzSjG4dOl+K+s4Zye27c580H+7529rcndG5NgCLyVUduEVTuNXW5tLskCmaslxzh6H9 0yKlQ94Xm9HHst5a7SPKUrS+VNTwtQfoqRIWA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=d5KjfEUORjyISKTpuQcNlTyiwnPfxFREMPPYPXtco5M=; b=JMGd5LTR43WulqC8mSl3OYpvqUtiUDhX+0AcrYpXMUls7q+ZCZMeznYw2r1/ANdvOS hXI+n2X1AF+QSiQ8lsADhYP3g7YYnb43tX15g73pPuBy6k5Q08cJIczOnee/VSmov47N coDdOg6+HUlt9xDik1pDrfCSY/3ZqCJuqbv/GN0UzjN28Re4YUW5c1jaHrArry78uhYX 902Qn+LDnXKb7X3bwHQct5U+mVFd4l2FG6PYTzVoIjb4cbQ25NQGXndGDH1mXYxqcSge vYWYRRaBfIOEkjeeNOyJrD0ZG8++v5Itw8O9UDkybuqoJAmzdVvHyHNLUDXuu61eAlwu /zKQ== X-Gm-Message-State: APf1xPBNQd5YEO9q7YThc7iMn0P6d2zpQkuXyca+J4+efcRYJrGIv/Mi +qKODV4vUBf+Cp1MaHOu1lyFbkd33Ws= X-Received: by 10.80.182.71 with SMTP id c7mr38338074ede.57.1520614545005; Fri, 09 Mar 2018 08:55:45 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id e40sm960335ede.15.2018.03.09.08.55.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 08:55:44 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, trini@konsulko.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Fri, 9 Mar 2018 16:55:31 +0000 Message-Id: <1520614531-2164-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520614531-2164-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta Subject: [U-Boot] [PATCH v5 10/10] bootm: optee: Add a bootm command for type IH_OS_TEE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Suggested-by: Andrew F. Davis Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- common/bootm_os.c | 32 ++++++++++++++++++++++++++++++++ lib/optee/Kconfig | 9 +++++++++ 2 files changed, 41 insertions(+) diff --git a/common/bootm_os.c b/common/bootm_os.c index 5e6b177..cddf98e 100644 --- a/common/bootm_os.c +++ b/common/bootm_os.c @@ -11,6 +11,7 @@ #include #include #include +#include DECLARE_GLOBAL_DATA_PTR; @@ -433,6 +434,34 @@ static int do_bootm_openrtos(int flag, int argc, char * const argv[], } #endif +#ifdef CONFIG_BOOTM_TEE +static int do_bootm_tee(int flag, int argc, char * const argv[], + bootm_headers_t *images) +{ + int ret; + + /* Verify OS type */ + if (images->os.os != IH_OS_TEE) { + return 1; + }; + + /* Validate TEE header */ + ret = optee_verify_bootm_image(images->os.image_start, + images->os.load, + images->os.image_len); + if (ret) + return ret; + + /* Locate FDT etc */ + ret = bootm_find_images(flag, argc, argv); + if (ret) + return ret; + + /* From here we can run the regular linux boot path */ + return do_bootm_linux(flag, argc, argv, images); +} +#endif + static boot_os_fn *boot_os[] = { [IH_OS_U_BOOT] = do_bootm_standalone, #ifdef CONFIG_BOOTM_LINUX @@ -466,6 +495,9 @@ static boot_os_fn *boot_os[] = { #ifdef CONFIG_BOOTM_OPENRTOS [IH_OS_OPENRTOS] = do_bootm_openrtos, #endif +#ifdef CONFIG_BOOTM_TEE + [IH_OS_TEE] = do_bootm_tee, +#endif }; /* Allow for arch specific config before we boot */ diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index cc73ec3..1e5ab45 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -28,3 +28,12 @@ config OPTEE_TZDRAM_BASE help The base address of pre-allocated Trust Zone DRAM for the OPTEE runtime. + +config BOOTM_OPTEE + bool "Support OPTEE bootm command" + select BOOTM_LINUX + default n + help + Select this command to enable chain-loading of a Linux kernel + via an OPTEE firmware. + The bootflow is BootROM -> u-boot -> OPTEE -> Linux in this case.