From patchwork Sat Jun 24 13:41:11 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sughosh Ganu <sughosh.ganu@linaro.org>
X-Patchwork-Id: 695738
Delivered-To: patch@linaro.org
Received: by 2002:adf:e885:0:0:0:0:0 with SMTP id d5csp2551859wrm;
 Sat, 24 Jun 2023 13:50:40 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ48Gx9moQzGzMj6Ii3Yo/GETwc04wPvDqEHep6MI2bRzqjwpRJ7+bE7q+Kvd6EZvU2r18vw
X-Received: by 2002:a05:6214:2686:b0:620:a1be:c74d with SMTP id
 gm6-20020a056214268600b00620a1bec74dmr28963434qvb.37.1687639839883;
 Sat, 24 Jun 2023 13:50:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1687639839; cv=none;
 d=google.com; s=arc-20160816;
 b=WyOSwMXz1bw5B2T6VPSF49Xj6FQs2VIe+36/1AQVA8dVnXRiQWI7cPpk4AAqjNBdAf
 tM81H85+I9rG1VzU+enFkUOJjaOUEW8qSTt8wMXRcASTSedTH6QAA2YlVuWFkMZlprlj
 SqKemaFo0BpllDSuUoW463pEj5L+K3syEVCPC97PdEXnGkStUpLISxPLIe2Lxlx9wv0x
 4sYjYsLnmoZwgBvjO1jukPD9OYoUy6jG3kW706SiltvtbM1rh48G/AITEWhFQBMBWdo8
 kCmSgXzmLXhQm4XLSft9Zu+7G7kGm/cZJY18VPMFXszZCtxwa2twYqwlUv1OcmJTPMtb
 fmsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=vqH1qlJBsVrvXCUchvRQBHyhN9vG09dUzoHha83NH1Q=;
 fh=lu5TYXXCc9HXOnqxAkmvhXm+orfKNM3ataUOg5fXk40=;
 b=gRcG3zHfkj9JBUH2+cqwkzdkmWJ/pw4kllQl4/iu/M+1v6iGjXIRmb2MhuZcfgRMHB
 630vILmUI0oMtk7v1Lj4v00Lh9TW88NFSQffcNn3GWiFwm/GIe3Q5ndcGHiRSYoJi2e3
 do2zX1ezS8Hnhy4ihIawMFp16xXAOn08mE76ui3yzYsrYtpj935gQ1bmSz2b6Lnq7c9T
 C0XlqxK7tTiqIFJIy4S193uJtwNFYLiYZhFMOVFlQil2NGR1IySBKEZrblCcemKSn6Ms
 BMvxGFn1nLfFE9oLQ7qSWtV5HDCWoZyyhKocnslNDWknTU6O/rPTWkOTB6/QhqUu8Jd/
 y/8w==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de.
 [2a01:238:438b:c500:173d:9f52:ddab:ee01])
 by mx.google.com with ESMTPS id
 gc6-20020a056214230600b006213d2222b6si868385qvb.277.2023.06.24.13.50.39
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 24 Jun 2023 13:50:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01;
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id 52F3E8623D;
 Sat, 24 Jun 2023 22:49:35 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
 id E34AC80181; Sat, 24 Jun 2023 22:49:14 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
 SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
 version=3.4.2
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by phobos.denx.de (Postfix) with ESMTP id 896B185FD2
 for <u-boot@lists.denx.de>; Sat, 24 Jun 2023 22:49:01 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=fail smtp.mailfrom=sughosh.ganu@linaro.org
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 792C4D75;
 Sat, 24 Jun 2023 06:42:35 -0700 (PDT)
Received: from a076522.blr.arm.com (unknown [10.162.46.7])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D082F3F663;
 Sat, 24 Jun 2023 06:41:48 -0700 (PDT)
From: Sughosh Ganu <sughosh.ganu@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>, Michal Simek <michal.simek@amd.com>,
 Takahiro Akashi <takahiro.akashi@linaro.org>,
 Malte Schmidt <malte.schmidt-oss@weidmueller.com>,
 Tom Rini <trini@konsulko.com>, Sughosh Ganu <sughosh.ganu@linaro.org>
Subject: [PATCH v2 1/8] fdt_add_pubkey: Add support for adding ESL public key
 under signature node
Date: Sat, 24 Jun 2023 19:11:11 +0530
Message-Id: <20230624134118.944567-2-sughosh.ganu@linaro.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230624134118.944567-1-sughosh.ganu@linaro.org>
References: <20230624134118.944567-1-sughosh.ganu@linaro.org>
MIME-Version: 1.0
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de
X-Virus-Status: Clean

The fdt_add_pubkey tool is used for adding a public key to the
devicetree, which is then used for verifying the FIT signatures. Add a
function for embedding the public key in the form of an EFI Signature
List(ESL) file as a property under the signature node of the device
tree.

Unlike the public key added for FIT signature verification, the ESL
file contents are added as a whole, as a property under the signature
node in the DTB.

The public key in the ESL form is used by the capsule authentication
feature for authenticating the capsules, prior to update.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
---
Changes since V1:
* New patch
* Use fdt_add_pubkey tool for adding the ESL into the dtb instead of
  using the shell script used in the earlier version.

 tools/Makefile             |  2 +-
 tools/fdt_add_pubkey.c     | 16 +++++--
 tools/fdt_add_pubkey_esl.c | 98 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 112 insertions(+), 4 deletions(-)
 create mode 100644 tools/fdt_add_pubkey_esl.c

diff --git a/tools/Makefile b/tools/Makefile
index d793cf3bec..a5558eeb4d 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -152,7 +152,7 @@ dumpimage-objs := $(dumpimage-mkimage-objs) dumpimage.o
 mkimage-objs   := $(dumpimage-mkimage-objs) mkimage.o
 fit_info-objs   := $(dumpimage-mkimage-objs) fit_info.o
 fit_check_sign-objs   := $(dumpimage-mkimage-objs) fit_check_sign.o
-fdt_add_pubkey-objs   := $(dumpimage-mkimage-objs) fdt_add_pubkey.o
+fdt_add_pubkey-objs   := $(dumpimage-mkimage-objs) fdt_add_pubkey.o fdt_add_pubkey_esl.o
 file2include-objs := file2include.o
 
 ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_TOOLS_LIBCRYPTO),)
diff --git a/tools/fdt_add_pubkey.c b/tools/fdt_add_pubkey.c
index 5582d7a8ef..f536ab543b 100644
--- a/tools/fdt_add_pubkey.c
+++ b/tools/fdt_add_pubkey.c
@@ -2,18 +2,21 @@
 #include <image.h>
 #include "fit_common.h"
 
+extern int fdt_embed_esl(const char *esl_file, void *keydest);
+
 static const char *cmdname;
 
 static const char *algo_name = "sha1,rsa2048"; /* -a <algo> */
 static const char *keydir = "."; /* -k <keydir> */
 static const char *keyname = "key"; /* -n <keyname> */
 static const char *require_keys; /* -r <conf|image> */
+static const char *esl_file; /* -e <esl file> */
 static const char *keydest; /* argv[n] */
 
 static void __attribute__((__noreturn__)) print_usage(const char *msg)
 {
 	fprintf(stderr, "Error: %s\n", msg);
-	fprintf(stderr, "Usage: %s [-a <algo>] [-k <keydir>] [-n <keyname>] [-r <conf|image>]"
+	fprintf(stderr, "Usage: %s [-a <algo>] [-e <esl file>] [-k <keydir>] [-n <keyname>] [-r <conf|image>]"
 			" <fdt blob>\n", cmdname);
 	fprintf(stderr, "Help information: %s [-h]\n", cmdname);
 	exit(EXIT_FAILURE);
@@ -23,6 +26,7 @@ static void __attribute__((__noreturn__)) print_help(void)
 {
 	fprintf(stderr, "Options:\n"
 		"\t-a <algo>       Cryptographic algorithm. Optional parameter, default value: sha1,rsa2048\n"
+		"\t-e <esl file>   EFI Signature List(ESL) file to embed into the FDT\n"
 		"\t-k <keydir>     Directory with public key. Optional parameter, default value: .\n"
 		"\t-n <keyname>    Public key name. Optional parameter, default value: key\n"
 		"\t-r <conf|image> Required: If present this indicates that the key must be verified for the image / configuration to be considered valid.\n"
@@ -34,7 +38,7 @@ static void process_args(int argc, char *argv[])
 {
 	int opt;
 
-	while ((opt = getopt(argc, argv, "a:k:n:r:h")) != -1) {
+	while ((opt = getopt(argc, argv, "a:e:k:n:r:h")) != -1) {
 		switch (opt) {
 		case 'k':
 			keydir = optarg;
@@ -48,6 +52,9 @@ static void process_args(int argc, char *argv[])
 		case 'r':
 			require_keys = optarg;
 			break;
+		case 'e':
+			esl_file = optarg;
+			break;
 		case 'h':
 			print_help();
 		default:
@@ -106,7 +113,10 @@ static int add_pubkey(struct image_sign_info *info)
 		if (destfd < 0)
 			exit(EXIT_FAILURE);
 
-		ret = info->crypto->add_verify_data(info, dest_blob);
+
+		ret = esl_file ? fdt_embed_esl(esl_file, dest_blob) :
+			info->crypto->add_verify_data(info, dest_blob);
+
 		if (ret == -ENOSPC)
 			continue;
 		else if (ret < 0)
diff --git a/tools/fdt_add_pubkey_esl.c b/tools/fdt_add_pubkey_esl.c
new file mode 100644
index 0000000000..de6ee41535
--- /dev/null
+++ b/tools/fdt_add_pubkey_esl.c
@@ -0,0 +1,98 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright 2023 Linaro Limited
+ *
+ */
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <unistd.h>
+
+#include <linux/libfdt.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#include "mkimage.h"
+
+#define ESL_SIG_NODENAME	"signature"
+
+static int get_esl_pub_key(const char *esl_file, void **key_ptr, int *key_fd,
+			   off_t *key_size)
+{
+	int ret;
+	struct stat pub_key;
+
+	debug("%s: esl file => %s\n", __func__, esl_file);
+	*key_fd = open(esl_file, O_RDONLY);
+	if (*key_fd == -1) {
+		fprintf(stderr, "Unable to open %s: %s\n",
+			esl_file, strerror(errno));
+		return -EACCES;
+	}
+
+	ret = fstat(*key_fd, &pub_key);
+	if (ret == -1) {
+		fprintf(stderr, "Can't stat %s: %s\n",
+			esl_file, strerror(errno));
+		ret = errno;
+		goto err;
+	}
+	*key_size = pub_key.st_size;
+
+	/* mmap the public key esl file */
+	*key_ptr = mmap(0, *key_size, PROT_READ, MAP_SHARED, *key_fd, 0);
+	if ((*key_ptr == MAP_FAILED) || (errno != 0)) {
+		fprintf(stderr, "Failed to mmap %s:%s\n",
+			esl_file, strerror(errno));
+		ret = errno;
+		goto err;
+	}
+
+	return 0;
+err:
+	close(*key_fd);
+
+	return ret;
+}
+
+int fdt_embed_esl(const char *esl_file, void *keydest)
+{
+	int ret, key_fd;
+	off_t key_size = 0;
+	void *key_ptr = NULL;
+	int parent;
+
+	ret = get_esl_pub_key(esl_file, &key_ptr, &key_fd, &key_size);
+	if (ret) {
+		debug("Unable to open the public key esl file\n");
+		goto out;
+	}
+
+	parent = fdt_subnode_offset(keydest, 0, ESL_SIG_NODENAME);
+	if (parent == -FDT_ERR_NOTFOUND) {
+		parent = fdt_add_subnode(keydest, 0, ESL_SIG_NODENAME);
+		if (parent < 0) {
+			ret = parent;
+			if (ret != -FDT_ERR_NOSPACE) {
+				fprintf(stderr, "Couldn't create signature node: %s\n",
+					fdt_strerror(parent));
+			}
+		}
+	}
+
+	if (ret)
+		goto out;
+
+	ret = fdt_setprop(keydest, parent, "capsule-key",
+			  key_ptr, key_size);
+
+out:
+	close(key_fd);
+	munmap(key_ptr, key_size);
+
+	if (ret)
+		return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
+
+	return ret;
+}