From patchwork Fri Jul 12 23:43:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sam Protsenko X-Patchwork-Id: 812338 Delivered-To: patch@linaro.org Received: by 2002:adf:fac3:0:b0:367:895a:4699 with SMTP id a3csp916240wrs; Fri, 12 Jul 2024 16:43:23 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWbKfiQjq6hVmzhhCgjVb/U2MxSV7gjjmy2peWUihgVMio9KQYNXMcJuZ2giJcZVWPV5Ne3L/CcDExQ2FWBDhtw X-Google-Smtp-Source: AGHT+IFtNBntb3ABzAf1qokR3w9fdkWvBALjAyMzS9KkaQYlagu2fiUZp7PaR0pfzT/pJf5ImY8f X-Received: by 2002:a17:906:f8db:b0:a6f:309d:ec23 with SMTP id a640c23a62f3a-a780b89ca05mr835496466b.72.1720827803002; Fri, 12 Jul 2024 16:43:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720827802; cv=none; d=google.com; s=arc-20160816; b=wWERU1H6sa80m8QwquCoF8bPgois92V3B4jrSr5E2P9oxpc069jo5xp36i/R/C35st xKf7IQ56xM0j4MWZ9dqk4S5U0jWtlfMclzYvHq+sQ0Evv0/Og0atpFvuZfkRcPB4zAzF YB+IoRK9NJgeB3X7pDzXFNqM4Z08IERbVe9MHz6xXhx5RzD/JJERAkqTeeDgYtFR/vAN NGGU4PiaiaYlVnYZp6ocFo6oMzbjLPap/uPl5n3Aer5Yonh1Kacf03Nz7wlpxfI4JNq4 ESyOvEqtP+VRKDPX0Q2faMxOGYntOymnJTN7dIvVM/c4A+0YMIokFBmnSI6HXjIVEslS WIxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=WHqxuw5i2VufbzjblRZ2BmuXj+jBO8HWxGf+ApIz+3c=; fh=bqHYwa9hUr/LUBwnepKANdy0ATN+J08WZhgTFqlbALc=; b=kTaucIZiTfZ65kYPLc2ldbKHmtlgEEIxt9972mRupHcXxOokxfPb2fjORvsOcUWeog CsGuGNX0FvsXC3zD4taziLQnmf1MStdzQ62+KI+yNfjxtjpWv3C4FzVXWJaGwkc0jH+r JsOLtPBykDKyOvogAAX71VmvyhO7zDUEUxC2rlsRpN2RC7UB2Yigx0QqCWn/XEUWfvLR tlXIBctEuSnehzzKv1Ll2E3Pj3fO8jyxszXEUDDBXbknOArv+TC9ZhWfZcpwTs67Wug3 DZe+A35zDy+P8KicYBZEONX4HpZuQnthQx4/6e5vI+04JDuMl6Do8kEI1VngEMb375Hq dxFA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gJIJWzMi; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id a640c23a62f3a-a79bc7c1b93si1202166b.404.2024.07.12.16.43.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Jul 2024 16:43:22 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gJIJWzMi; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 8EB128871F; Sat, 13 Jul 2024 01:43:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="gJIJWzMi"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id B0EDC887DB; Sat, 13 Jul 2024 01:43:11 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 0C5CE887E2 for ; Sat, 13 Jul 2024 01:43:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=semen.protsenko@linaro.org Received: by mail-ot1-x335.google.com with SMTP id 46e09a7af769-704494efa7cso1492366a34.3 for ; Fri, 12 Jul 2024 16:43:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1720827787; x=1721432587; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WHqxuw5i2VufbzjblRZ2BmuXj+jBO8HWxGf+ApIz+3c=; b=gJIJWzMikYdwNweNIhSLtqErqj7eKkDTH6LSRWCrCgezF8Qy5w/2YkF7PxGAkhEUhF k5X18R9p/Qvjkyqfgy1o/pg6QkhqsgRrjx1pR+0Ar4l/0CUj1zRhVs7y6yBnn5g/BqHP w7f+aEUUFIGYVS4egEQwiQj1rm5yjoorEdJmiCXXTtWFlNbDVVJC7Q7Bgh4CBARNKO0j 650vGakqXRmUk8vZfoafNeX1JdFNpWBHJZNyNK78OWWkl5ran/ynzIBcNyZ/3d5TgeZB y/jQuxi1FJ7MF4zh7nAaQzlBL5yKDDyQH9ipmIO6AYgtXhQYQnRifNM6DvlUvw8Z6WXc Vt/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720827787; x=1721432587; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WHqxuw5i2VufbzjblRZ2BmuXj+jBO8HWxGf+ApIz+3c=; b=DLuoM1K62LJRQcfdogwuYnshiJD7FyvyPCTjpu9wxXsMtxbbrR9cuZotgPBG90VbMH SZcf1jFWuUxI/Fy4w5f4b4/NpGOSTglXK+WkOZML5oFf6lvH+8v+btkz/GK+UrAtO/wK opJ6qdxb8n0pGs0YGZ0+A+AS0CKvue4vyvmHXtjV7w+Gh/aqSS1YxCrhUZ2ooG3gQB74 j/NeC6Wyuhctd0MoR2mOK+5KlUv9yzB1ldR5LveVeOuEY3Ph3H2I2GJ7p0N95ggMlUvb K1U/ONVRkk6s6lU/wpzJo3q7rMzYbHmsBH5g82YM8o18sc7a4LrSj6EAwdMd7zjb8HKt i60w== X-Forwarded-Encrypted: i=1; AJvYcCUmP7Yyy4zdc65FvBY7DMDUydwhDixd9KiUukb7CyThx8MhjL+lvIYOOznVQU+1JRLoR3HGmIeN7otfsoQSedv9JgaHYg== X-Gm-Message-State: AOJu0Yyd7OQDw4RQ3fWFXpMix7RsoM5qQkXxAHxjIxc/dbQP7Xgowo6A BiNyzNyLuwICsKFKvze9Yt57wRZJCxlKuBv6rRkUs4z5CpEUrbGXb2SMosti/NQ= X-Received: by 2002:a05:6830:908:b0:704:498f:7a67 with SMTP id 46e09a7af769-704498f7d46mr13608767a34.23.1720827786737; Fri, 12 Jul 2024 16:43:06 -0700 (PDT) Received: from localhost ([136.62.192.75]) by smtp.gmail.com with ESMTPSA id 46e09a7af769-708c0c62f0fsm36822a34.20.2024.07.12.16.43.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Jul 2024 16:43:06 -0700 (PDT) From: Sam Protsenko To: Tom Rini , Minkyu Kang Cc: Lukasz Majewski , Sean Anderson , Anand Moon , Sughosh Ganu , Heinrich Schuchardt , Sumit Garg , Chanho Park , u-boot@lists.denx.de Subject: [PATCH 2/5] board: samsung: e850-96: Load LDFW firmware on board init Date: Fri, 12 Jul 2024 18:43:01 -0500 Message-Id: <20240712234304.9675-3-semen.protsenko@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240712234304.9675-1-semen.protsenko@linaro.org> References: <20240712234304.9675-1-semen.protsenko@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean LDFW is a Loadable Firmware which provides additional security capabilities in EL3 monitor. For example, True Random Number Generator (TRNG) block registers can't be accessed from EL1 (where U-Boot and Linux kernel are running), but it's possible to access TRNG capabilities via corresponding SMC calls, which in turn are handled by LDFW. To do so, LDFW firmware has to be loaded first. It's stored on a raw eMMC partition, so it has to be read into NWD (Normal World) RAM buffer, and then loaded to SWD (Secure World) memory using the special SMC call to EL3 monitor program. EL3_MON will load LDFW to SWD memory, more specifically to the area starting at 0xbf700000 (with size of 7.5 MiB). That memory area is reserved in device tree, so there shouldn't be any collisions. After that LDFW becomes functional. Implement LDFW firmware loading on board init. While at it, fix the copyright date in header comments, as this board support was actually added in 2024, not in 2020: it was probably a copy-paste mistake. Signed-off-by: Sam Protsenko --- board/samsung/e850-96/Makefile | 4 +- board/samsung/e850-96/e850-96.c | 6 +- board/samsung/e850-96/fw.c | 131 ++++++++++++++++++++++++++++++++ board/samsung/e850-96/fw.h | 12 +++ 4 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 board/samsung/e850-96/fw.c create mode 100644 board/samsung/e850-96/fw.h diff --git a/board/samsung/e850-96/Makefile b/board/samsung/e850-96/Makefile index 301c22337119..71d46ea3d2b4 100644 --- a/board/samsung/e850-96/Makefile +++ b/board/samsung/e850-96/Makefile @@ -1,6 +1,6 @@ # SPDX-License-Identifier: GPL-2.0+ # -# Copyright (C) 2020, Linaro Limited +# Copyright (C) 2024, Linaro Limited # Sam Protsenko -obj-y := e850-96.o +obj-y := e850-96.o fw.o diff --git a/board/samsung/e850-96/e850-96.c b/board/samsung/e850-96/e850-96.c index a00d81b5d4c3..c5cef6f19d22 100644 --- a/board/samsung/e850-96/e850-96.c +++ b/board/samsung/e850-96/e850-96.c @@ -1,10 +1,11 @@ // SPDX-License-Identifier: GPL-2.0+ /* - * Copyright (C) 2020, Linaro Limited - * Sam Protsenko + * Copyright (c) 2024, Linaro Ltd. + * Author: Sam Protsenko */ #include +#include "fw.h" int dram_init(void) { @@ -18,5 +19,6 @@ int dram_init_banksize(void) int board_init(void) { + load_ldfw(); return 0; } diff --git a/board/samsung/e850-96/fw.c b/board/samsung/e850-96/fw.c new file mode 100644 index 000000000000..82a0b224c670 --- /dev/null +++ b/board/samsung/e850-96/fw.c @@ -0,0 +1,131 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2024 Linaro Ltd. + * Author: Sam Protsenko + * + * Firmware loading code. + */ + +#include +#include +#include "fw.h" + +#define EMMC_IFACE "mmc" +#define EMMC_DEV_NUM 0 + +/* LDFW constants */ +#define LDFW_PART_NAME "ldfw" +#define LDFW_NWD_ADDR 0x88000000 +#define LDFW_MAGIC 0x10adab1e +#define SMC_CMD_LOAD_LDFW -0x500 +#define SDM_HW_RESET_STATUS 0x1230 +#define SDM_SW_RESET_STATUS 0x1231 +#define SB_ERROR_PREFIX 0xfdaa0000 + +struct ldfw_header { + u32 magic; + u32 size; + u32 init_entry; + u32 entry_point; + u32 suspend_entry; + u32 resume_entry; + u32 start_smc_id; + u32 version; + u32 set_runtime_entry; + u32 reserved[3]; + char fw_name[16]; +}; + +static int read_fw(const char *part_name, void *buf) +{ + struct blk_desc *blk_desc; + struct disk_partition part; + unsigned long cnt; + int part_num; + + blk_desc = blk_get_dev(EMMC_IFACE, EMMC_DEV_NUM); + if (!blk_desc) { + debug("%s: Can't get eMMC device\n", __func__); + return -ENODEV; + } + + part_num = part_get_info_by_name(blk_desc, part_name, &part); + if (part_num < 0) { + debug("%s: Can't get LDWF partition\n", __func__); + return -ENOENT; + } + + cnt = blk_dread(blk_desc, part.start, part.size, buf); + if (cnt != part.size) { + debug("%s: Can't read LDFW partition\n", __func__); + return -EIO; + } + + return 0; +} + +int load_ldfw(void) +{ + const phys_addr_t addr = (phys_addr_t)LDFW_NWD_ADDR; + struct ldfw_header *hdr; + struct arm_smccc_res res; + void *buf = (void *)addr; + u64 size = 0; + int err, i; + + /* Load LDFW from the block device partition into RAM buffer */ + err = read_fw(LDFW_PART_NAME, buf); + if (err) + return err; + + /* Validate LDFW by magic number in its header */ + hdr = buf; + if (hdr->magic != LDFW_MAGIC) { + debug("%s: Wrong LDFW magic; is LDFW flashed?\n", __func__); + return -EINVAL; + } + + /* Calculate actual total size of all LDFW blobs */ + for (i = 0; hdr->magic == LDFW_MAGIC; ++i) { +#ifdef DEBUG + char name[17] = { 0 }; + + strncpy(name, hdr->fw_name, 16); + debug("%s: ldfw #%d: version = 0x%x, name = %s\n", __func__, i, + hdr->version, name); +#endif + + size += (u64)hdr->size; + hdr = (struct ldfw_header *)((u64)hdr + (u64)hdr->size); + } + debug("%s: The whole size of all LDFWs: 0x%llx\n", __func__, size); + + /* Load LDFW firmware to SWD (Secure World) memory via EL3 monitor */ + arm_smccc_smc(SMC_CMD_LOAD_LDFW, addr, size, 0, 0, 0, 0, 0, &res); + err = (int)res.a0; + if (err == -1 || err == SDM_HW_RESET_STATUS) { + debug("%s: Can't load LDFW in dump_gpr state\n", __func__); + return -EIO; + } else if (err == SDM_SW_RESET_STATUS) { + debug("%s: Can't load LDFW in kernel panic (SW RESET) state\n", + __func__); + return -EIO; + } else if (err < 0 && (err & 0xffff0000) == SB_ERROR_PREFIX) { + debug("%s: LDFW signature is corrupted! ret=0x%x\n", __func__, + (u32)err); + return -EIO; + } else if (err == 0) { + debug("%s: No LDFW is inited\n", __func__); + return -EIO; + } + +#ifdef DEBUG + u32 tried = res.a0 & 0xffff; + u32 failed = (res.a0 >> 16) & 0xffff; + + debug("%s: %d/%d LDFWs have been loaded successfully\n", __func__, + tried - failed, tried); +#endif + + return 0; +} diff --git a/board/samsung/e850-96/fw.h b/board/samsung/e850-96/fw.h new file mode 100644 index 000000000000..472664e4ed21 --- /dev/null +++ b/board/samsung/e850-96/fw.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2024 Linaro Ltd. + * Sam Protsenko + */ + +#ifndef __E850_96_FW_H +#define __E850_96_FW_H + +int load_ldfw(void); + +#endif /* __E850_96_FW_H */