From patchwork Sun May 17 08:27:59 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>
X-Patchwork-Id: 245902
List-Id: U-Boot discussion <u-boot.lists.denx.de>
From: rayagonda.kokatanur at broadcom.com (Rayagonda Kokatanur)
Date: Sun, 17 May 2020 13:57:59 +0530
Subject: [PATCH v1 1/3] board: ns3: add optee based bnxt fw load driver
In-Reply-To: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
References: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
Message-ID: <20200517082802.21819-2-rayagonda.kokatanur@broadcom.com>

From: Vikas Gupta <vikas.gupta at broadcom.com>

Add optee based bnxt fw load driver.

Signed-off-by: Vikas Gupta <vikas.gupta at broadcom.com>
Signed-off-by: Rayagonda Kokatanur <rayagonda.kokatanur at broadcom.com>
---
 board/broadcom/bcmns3/Kconfig       |   5 +
 board/broadcom/bcmns3/Makefile      |   1 +
 board/broadcom/bcmns3/chimp_optee.c | 154 ++++++++++++++++++++++++++++
 include/brcm/chimp.h                |  40 ++++++++
 4 files changed, 200 insertions(+)
 create mode 100644 board/broadcom/bcmns3/chimp_optee.c
 create mode 100644 include/brcm/chimp.h

diff --git a/board/broadcom/bcmns3/Kconfig b/board/broadcom/bcmns3/Kconfig
index 8ce21f980d..84daad9415 100644
--- a/board/broadcom/bcmns3/Kconfig
+++ b/board/broadcom/bcmns3/Kconfig
@@ -12,4 +12,9 @@ config SYS_SOC
 config SYS_CONFIG_NAME
 	default "bcm_ns3"
 
+config CHIMP_OPTEE
+	bool "Enable secure ChiMP firmware loading"
+	depends on OPTEE
+	default y
+
 endif
diff --git a/board/broadcom/bcmns3/Makefile b/board/broadcom/bcmns3/Makefile
index 3404260148..08e1d7203b 100644
--- a/board/broadcom/bcmns3/Makefile
+++ b/board/broadcom/bcmns3/Makefile
@@ -3,3 +3,4 @@
 # Copyright 2020 Broadcom.
 
 obj-y	:= ns3.o
+obj-$(CONFIG_CHIMP_OPTEE) += chimp_optee.o
diff --git a/board/broadcom/bcmns3/chimp_optee.c b/board/broadcom/bcmns3/chimp_optee.c
new file mode 100644
index 0000000000..edbb7afd91
--- /dev/null
+++ b/board/broadcom/bcmns3/chimp_optee.c
@@ -0,0 +1,154 @@
+// SPDX-License-Identifier: BSD-2-Clause
+/*
+ * Copyright 2020 Broadcom.
+ */
+
+#include <brcm/chimp.h>
+#include <common.h>
+#include <tee.h>
+
+#define CHMIP_BOOT_UUID { 0x6272636D, 0x2019, 0x0716, \
+		   { 0x42, 0x43, 0x4D, 0x5F, 0x53, 0x43, 0x48, 0x49 } }
+
+enum {
+	TEE_CHIMP_FASTBOOT = 0,
+	TEE_CHIMP_HEALTH_STATUS,
+	TEE_CHIMP_HANDSHAKE_STATUS,
+} tee_chmip_cmd;
+
+struct bcm_chimp_data {
+	struct udevice *tee;
+	u32 session;
+} chimp_data;
+
+static int get_open_session(struct bcm_chimp_data *b_data)
+{
+	struct udevice *tee = NULL;
+
+	while (!b_data->tee) {
+		const struct tee_optee_ta_uuid uuid = CHMIP_BOOT_UUID;
+		struct tee_open_session_arg arg;
+		int rc;
+
+		tee = tee_find_device(tee, NULL, NULL, NULL);
+		if (!tee)
+			return -ENODEV;
+
+		memset(&arg, 0, sizeof(arg));
+		tee_optee_ta_uuid_to_octets(arg.uuid, &uuid);
+		rc = tee_open_session(tee, &arg, 0, NULL);
+		if (!rc) {
+			b_data->tee = tee;
+			b_data->session = arg.session;
+		}
+	}
+
+	return 0;
+}
+
+int chimp_handshake_status_optee(u32 timeout, u32 *hs)
+{
+	struct tee_invoke_arg arg;
+	struct tee_param param[1];
+	int ret;
+
+	if (get_open_session(&chimp_data))
+		return BCM_CHIMP_FAILURE;
+
+	memset(&arg, 0, sizeof(arg));
+	arg.func = TEE_CHIMP_HANDSHAKE_STATUS;
+	arg.session = chimp_data.session;
+
+	param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_INOUT;
+	param[0].u.value.a = timeout;
+
+	if (tee_invoke_func(chimp_data.tee, &arg,
+			    ARRAY_SIZE(param), param)) {
+		printf("Handshake status command failed\n");
+		ret = BCM_CHIMP_FAILURE;
+		goto out;
+	}
+	switch (arg.ret) {
+	case TEE_SUCCESS:
+		*hs = param[0].u.value.a;
+		ret =  BCM_CHIMP_SUCCESS;
+		break;
+	default:
+		ret = BCM_CHIMP_FAILURE;
+		break;
+	}
+out:
+	tee_close_session(chimp_data.tee, chimp_data.session);
+	chimp_data.tee = NULL;
+
+	return ret;
+}
+
+int chimp_health_status_optee(u32 *health)
+{
+	struct tee_invoke_arg arg;
+	struct tee_param param[1];
+	int ret;
+
+	if (get_open_session(&chimp_data))
+		return BCM_CHIMP_FAILURE;
+
+	memset(&arg, 0, sizeof(arg));
+	arg.func = TEE_CHIMP_HEALTH_STATUS;
+	arg.session = chimp_data.session;
+
+	param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT;
+
+	if (tee_invoke_func(chimp_data.tee, &arg,
+			    ARRAY_SIZE(param), param)) {
+		printf("Helath status command failed\n");
+		ret =  BCM_CHIMP_FAILURE;
+		goto out;
+	}
+	switch (arg.ret) {
+	case TEE_SUCCESS:
+		*health = param[0].u.value.a;
+		ret =  BCM_CHIMP_SUCCESS;
+		break;
+	default:
+		ret = BCM_CHIMP_FAILURE;
+		break;
+	}
+out:
+	tee_close_session(chimp_data.tee, chimp_data.session);
+	chimp_data.tee = NULL;
+
+	return ret;
+}
+
+int chimp_fastboot_optee(void)
+{
+	struct tee_invoke_arg arg;
+	int ret;
+
+	if (get_open_session(&chimp_data))
+		return BCM_CHIMP_FAILURE;
+
+	memset(&arg, 0, sizeof(arg));
+	arg.func = TEE_CHIMP_FASTBOOT;
+	arg.session = chimp_data.session;
+
+	if (tee_invoke_func(chimp_data.tee, &arg, 0, NULL)) {
+		printf("Chimp boot_fail\n");
+		ret =  BCM_CHIMP_FAILURE;
+		goto out;
+	}
+	switch (arg.ret) {
+	case TEE_SUCCESS:
+		ret = BCM_CHIMP_SUCCESS;
+		break;
+	default:
+		ret = BCM_CHIMP_FAILURE;
+		break;
+	}
+out:
+	tee_close_session(chimp_data.tee, chimp_data.session);
+	chimp_data.tee = NULL;
+
+	return ret;
+}
diff --git a/include/brcm/chimp.h b/include/brcm/chimp.h
new file mode 100644
index 0000000000..c3d4594c4b
--- /dev/null
+++ b/include/brcm/chimp.h
@@ -0,0 +1,40 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright 2020 Broadcom.
+ *
+ */
+
+#ifndef __CHIMP_H__
+#define __CHIMP_H__
+
+#include <common.h>
+#include <linux/compiler.h>
+
+#define BCM_CHIMP_SUCCESS	0
+#define BCM_CHIMP_FAILURE	(!BCM_CHIMP_SUCCESS)
+
+#ifdef CONFIG_CHIMP_OPTEE
+int chimp_fastboot_optee(void);
+int chimp_health_status_optee(u32 *status);
+int chimp_handshake_status_optee(u32 timeout, u32 *hstatus);
+#else
+static inline int chimp_handshake_status_optee(u32 timeout, u32 *status)
+{
+	printf("ChiMP handshake status fail (OPTEE not enabled)\n");
+	return BCM_CHIMP_FAILURE;
+}
+
+static inline int chimp_health_status_optee(u32 *status)
+{
+	printf("ChiMP health status fail (OPTEE not enabled)\n");
+	return BCM_CHIMP_FAILURE;
+}
+
+static inline int chimp_fastboot_optee(void)
+{
+	printf("ChiMP secure boot fail (OPTEE not enabled)\n");
+	return BCM_CHIMP_FAILURE;
+}
+#endif
+
+#endif

From patchwork Sun May 17 08:28:00 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>
X-Patchwork-Id: 245903
List-Id: U-Boot discussion <u-boot.lists.denx.de>
From: rayagonda.kokatanur at broadcom.com (Rayagonda Kokatanur)
Date: Sun, 17 May 2020 13:58:00 +0530
Subject: [PATCH v1 2/3] configs: ns3: enable tee and optee driver
In-Reply-To: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
References: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
Message-ID: <20200517082802.21819-3-rayagonda.kokatanur@broadcom.com>

From: Vikas Gupta <vikas.gupta at broadcom.com>

Enable tee and optee drivers.

Signed-off-by: Vikas Gupta <vikas.gupta at broadcom.com>
Signed-off-by: Rayagonda Kokatanur <rayagonda.kokatanur at broadcom.com>
Reviewed-by: Simon Glass <sjg at chromium.org>
---
 configs/bcm_ns3_defconfig | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/configs/bcm_ns3_defconfig b/configs/bcm_ns3_defconfig
index b52c6d7d93..13fe9d439e 100644
--- a/configs/bcm_ns3_defconfig
+++ b/configs/bcm_ns3_defconfig
@@ -4,12 +4,12 @@ CONFIG_TARGET_BCMNS3=y
 CONFIG_SYS_TEXT_BASE=0xFF000000
 CONFIG_ENV_SIZE=0x80000
 CONFIG_NR_DRAM_BANKS=2
-CONFIG_OF_BOARD_SETUP=y
 CONFIG_FIT=y
 CONFIG_FIT_SIGNATURE=y
 CONFIG_FIT_SIGNATURE_MAX_SIZE=0x20000000
 CONFIG_FIT_VERBOSE=y
 CONFIG_LEGACY_IMAGE_FORMAT=y
+CONFIG_OF_BOARD_SETUP=y
 CONFIG_LOGLEVEL=7
 CONFIG_SILENT_CONSOLE=y
 CONFIG_SILENT_U_BOOT_ONLY=y
@@ -42,6 +42,9 @@ CONFIG_PINCTRL=y
 CONFIG_PINCTRL_SINGLE=y
 CONFIG_DM_SERIAL=y
 CONFIG_SYS_NS16550=y
+CONFIG_TEE=y
+CONFIG_OPTEE=y
+# CONFIG_OPTEE_TA_AVB is not set
 # CONFIG_WATCHDOG is not set
 CONFIG_WDT=y
 CONFIG_WDT_SP805=y

From patchwork Sun May 17 08:28:01 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>
X-Patchwork-Id: 245904
List-Id: U-Boot discussion <u-boot.lists.denx.de>
From: rayagonda.kokatanur at broadcom.com (Rayagonda Kokatanur)
Date: Sun, 17 May 2020 13:58:01 +0530
Subject: [PATCH v1 3/3] arm: dts: ns3: add optee node
In-Reply-To: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
References: <20200517082802.21819-1-rayagonda.kokatanur@broadcom.com>
Message-ID: <20200517082802.21819-4-rayagonda.kokatanur@broadcom.com>

From: Vikas Gupta <vikas.gupta at broadcom.com>

Add support for optee

Signed-off-by: Vikas Gupta <vikas.gupta at broadcom.com>
Signed-off-by: Rayagonda Kokatanur <rayagonda.kokatanur at broadcom.com>
Reviewed-by: Simon Glass <sjg at chromium.org>
---
 arch/arm/dts/ns3.dtsi | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/arm/dts/ns3.dtsi b/arch/arm/dts/ns3.dtsi
index 6962e658d3..509818e23e 100644
--- a/arch/arm/dts/ns3.dtsi
+++ b/arch/arm/dts/ns3.dtsi
@@ -21,6 +21,13 @@
 			<0x8 0x80000000 0x1 0x80000000>;
 	};
 
+	firmware {
+		optee {
+			compatible = "linaro,optee-tz";
+			method = "smc";
+		};
+	};
+
 	hsls {
 		compatible = "simple-bus";
 		dma-ranges;