From patchwork Fri Jan 19 19:43:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125216 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp443216ljf; Fri, 19 Jan 2018 11:44:57 -0800 (PST) X-Google-Smtp-Source: AH8x225h5gI+Wsn4+u9hzNVcntH06BS+RGol8lxXNmB6W07e8hvA3GT64wCO1uZHKjqf0UoUI8bw X-Received: by 10.80.143.38 with SMTP id 35mr25656edy.183.1516391097411; Fri, 19 Jan 2018 11:44:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391097; cv=none; d=google.com; s=arc-20160816; b=pEmtGJXyGXZXU+RU3cMg6GJLTF2gRHL0h0m/ILifhlMDZQ+/xxXImcp4wp0olMvqD6 sZU5nm/k8cTIKsfVUx81g63A63aFq54lmQYuF8vsc3cQI+gg1f9k4n8H6GsqlCoTMHMk yWHoJysgvB/kzejOoIHQqZ8flSErpgywjvTKNLTUvFQ7fzV+J6ev9BsIR6G1i9zmPDhe K6+QHeaAkt2nPlQ02nxYUwJbZT7EJCly5rOFSYnzfSNDYgUU8nyQq3bB0engrELMuE0a ca47MeHGkI+F8oVU3JSozV/K3VijGuX9D7zZ9cB/3FMUQGi2KRx07c8xUT4ENEQ6DUOI 5x9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=8Tk0aN3HAsHwB9FH29RmRU7VgtWxF1PYlntj1O03GNQ=; b=cUvjwu0/FSYk6gS/gkyaz5pvbKe6XQS/UfEbQ04GSb0KYHnQ5hSnTt7pckDxdcIEQD om75DlY+OdheoteMK7gHfcnUmtUENA1OmX64Kdvz/5a2QjW4F6lsWPawtls7aEvh8XTQ PH5Y5NRkHaOYRxhemV3t1oT0YY4ew/KcFiEmIdQxdysPX5M/myU9wz9j5sAfHSpqfKUx 4XyDgYKElyyWsp0jkdvZ5wragXWmHvNNm7YGwfeL5xNEXKHgjwJd3rq7QAHLVxOMkrW5 noVlHdcM8o9R6mPfFseQn0w5lKhdft2/2+YarME6WdwM+gpDg2y9d2qRMct+W01oNAqW cAIg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=M+ANSlYr; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p53si7323376eda.70.2018.01.19.11.44.57; Fri, 19 Jan 2018 11:44:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=M+ANSlYr; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E4FFAC21FAF; Fri, 19 Jan 2018 19:43:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 56633C21F45; Fri, 19 Jan 2018 19:43:33 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 177BBC21D64; Fri, 19 Jan 2018 19:43:32 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 743C5C21DDF for ; Fri, 19 Jan 2018 19:43:31 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 143so5468697wma.5 for ; Fri, 19 Jan 2018 11:43:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=WrkOFdTDPKEwG2JA6qQGKJbAWNIFWKAauqL9Z+CzZkM=; b=M+ANSlYrdSXwK0oqTsWI50x6y6arJ7wu5YCJWu4YngDZA2/p4yFcWBTxtgX/U+rVqW 4NVa4XoU4kOqTkO6U/nm5O9/6ljPFqooiHtQUh5E9ZB7Mbh57Gkq3q6e7ffee/dnkMyw vMY398T/Dl6uc6nQSqvHqf6tCDwRhxg7zEH3M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=WrkOFdTDPKEwG2JA6qQGKJbAWNIFWKAauqL9Z+CzZkM=; b=Q+RmwwS2cbBkj4OKJ5s6YRFIhzpTkVU5pZ/8GmGXkZEOJotZ58JhhuPc8ueYOvdlOt oxacizRJSIpGx3DbEbxfBeJTWspYa8p4Oz8tCgA+oSziLOd3zMS+Y+HDLGBPG+fNivKT J1EKO0S2+njXhOHxIgYSLcLPCBSCUJg0uN42rGg/hX/es9LNBesCYken2DJfUuEK27eY 6+B3DVltzYkmF65cDsHsk/jF6rGgA3gnkpIJiXUvWotyCGaiW9ZQy3VbWmTwmlwP+rfW IHYjCh5r0KikQ39MD9pjx35TNxxv7NhF0lVm8M9XGl80sFNhsfeaeZdUbZTBYkKTwulG rTtA== X-Gm-Message-State: AKwxytd7zMrUqlf4bwgLsF7NGEqxkfnbsB+M0OypP90LAZaZhSRpTbpd VJESp1GApl9ud74ng4iNi+uh4tldiZQ= X-Received: by 10.80.196.3 with SMTP id v3mr50336edf.232.1516391010894; Fri, 19 Jan 2018 11:43:30 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:30 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:18 +0000 Message-Id: <1516391006-22483-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 1/9] optee: Add lib entries for sharing OPTEE code across ports X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds code to lib to enable sharing of useful OPTEE code between board-ports and architectures. The code on lib/optee/optee.c comes from the TI omap2 port. Eventually the OMAP2 code will be patched to include the shared code. The intention here is to add more useful OPTEE specific code as more functionality gets added. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 16 ++++++++++++++++ lib/Kconfig | 1 + lib/Makefile | 1 + lib/optee/Kconfig | 8 ++++++++ lib/optee/Makefile | 7 +++++++ lib/optee/optee.c | 37 +++++++++++++++++++++++++++++++++++++ 6 files changed, 70 insertions(+) create mode 100644 lib/optee/Kconfig create mode 100644 lib/optee/Makefile create mode 100644 lib/optee/optee.c diff --git a/include/tee/optee.h b/include/tee/optee.h index 9ab0d08..8943afb 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -10,6 +10,8 @@ #ifndef _OPTEE_H #define _OPTEE_H +#include + #define OPTEE_MAGIC 0x4554504f #define OPTEE_VERSION 1 #define OPTEE_ARCH_ARM32 0 @@ -27,4 +29,18 @@ struct optee_header { uint32_t paged_size; }; +#if defined(CONFIG_OPTEE) +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len); +#else +static inline int optee_verify_image(struct optee_header *hdr, + unsigned long tzdram_start, + unsigned long tzdram_len, + unsigned long image_len) +{ + return -EPERM; +} + +#endif + #endif /* _OPTEE_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 00ac650..2077f9c 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -288,5 +288,6 @@ endmenu source lib/efi/Kconfig source lib/efi_loader/Kconfig +source lib/optee/Kconfig endmenu diff --git a/lib/Makefile b/lib/Makefile index 8cd779f..46813b6 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -17,6 +17,7 @@ obj-$(CONFIG_FIT) += libfdt/ obj-$(CONFIG_OF_LIVE) += of_live.o obj-$(CONFIG_CMD_DHRYSTONE) += dhry/ obj-$(CONFIG_ARCH_AT91) += at91/ +obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o obj-y += charset.o diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig new file mode 100644 index 0000000..2e406fe --- /dev/null +++ b/lib/optee/Kconfig @@ -0,0 +1,8 @@ +config OPTEE + bool "Support OPTEE images" + help + U-Boot can be configured to boot OPTEE images. + Selecting this option will enable shared OPTEE library code and + enable an OPTEE specific bootm command that will perform additional + OPTEE specific checks before booting an OPTEE image created with + mkimage. diff --git a/lib/optee/Makefile b/lib/optee/Makefile new file mode 100644 index 0000000..03e832f --- /dev/null +++ b/lib/optee/Makefile @@ -0,0 +1,7 @@ +# +# (C) Copyright 2017 Linaro +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_OPTEE) += optee.o diff --git a/lib/optee/optee.c b/lib/optee/optee.c new file mode 100644 index 0000000..64ceacd --- /dev/null +++ b/lib/optee/optee.c @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2017 Linaro + * Bryan O'Donoghue + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include + +#define optee_hdr_err_msg "OPTEE verification error tzdram 0x%08lx-0x%08lx " \ + "header lo=0x%08x hi=0x%08x size=0x%08x\n" + +int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, + unsigned long tzdram_len, unsigned long image_len) +{ + unsigned long tzdram_end = tzdram_start + tzdram_len; + uint32_t tee_file_size; + + tee_file_size = hdr->init_size + hdr->paged_size + + sizeof(struct optee_header); + + if (hdr->magic != OPTEE_MAGIC || + hdr->version != OPTEE_VERSION || + hdr->init_load_addr_hi > tzdram_end || + hdr->init_load_addr_lo < tzdram_start || + tee_file_size > tzdram_len || + tee_file_size != image_len || + (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { + printf(optee_hdr_err_msg, tzdram_start, tzdram_end, + hdr->init_load_addr_lo, hdr->init_load_addr_hi, + tee_file_size); + return -EINVAL; + } + + return 0; +} From patchwork Fri Jan 19 19:43:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125217 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp443431ljf; Fri, 19 Jan 2018 11:45:38 -0800 (PST) X-Google-Smtp-Source: AH8x2264bCy10/8xdII9X76+HR3o6YCmwO5duoG9JY4oRpOovR4XDoV0Z3W6HPhc8Ws/2F5QWv/A X-Received: by 10.80.225.3 with SMTP id h3mr58283edl.194.1516391138805; Fri, 19 Jan 2018 11:45:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391138; cv=none; d=google.com; s=arc-20160816; b=nhLaMR9Vzh1JhtvCJfShwy1FDIAffEvbU4WvIlWTDXdvbgPa3NCm+3DPK1Pz7Mui+S +KjjVPqRjwDJiFeSrR4udzl89914OWemr85KKvHOzkGuboOSUv+qaO2bKUaUk+JnXAjz XQrAqe5Vea8YBSr/WH5D/wE8Mt/tRu8DqxmjNI1V33ut02+BeX/Zk/1Epn2RlDanUs0R yZoTP4cDNzIdNx3RvbKI+fdsZrNyKG2jYPHvafV1KGSO1EKHTPSJQVufXCgzWnz8GLhg 5fc4bQLpJEKzMIDPxNkKELsCfIeFPs068F/f0VhDopeyX5jRbLMeC2/58J2/K4/MdjAP ilfw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=cvvB+lycwb5nber/e5Gw1LfRjIk4mJApi6IWnJNqGH8=; b=YFAPltkv1c0vPAc8vKS2w6R/vo6D18NSJEREap9Hdy3KHbadntYgjK+C0Y80KRwu/0 ABJUTMMpunOcMYSPWAwNoQ5Fof1MkWoOVzS819mS5Bw9sZU8/JTjN9j5SJ2qZ3YRNoTk ssFWTsw2+985hIAccnX2vG/Sft8X1nlWlQCG1SD87TTBFvSRHxi28VpNFueelUNwsXz8 5prn1LbfVIv9SiOyXdXYvSeli9AM9ZneLN8aqI2yjkUSZ8p2BK64Aem43dff4mX0g88F a/FHQPjGL1OHLKRaPINmZkbr6rInOaqyYbmpmofPPah4XGeh9yQrJLaadDYi6NqEDfZs M+QA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Vo05nwoa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 36si329087edp.547.2018.01.19.11.45.38; Fri, 19 Jan 2018 11:45:38 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Vo05nwoa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 3A300C21F3D; Fri, 19 Jan 2018 19:44:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 258A9C21F7F; Fri, 19 Jan 2018 19:43:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 80A3AC21F81; Fri, 19 Jan 2018 19:43:36 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id E4427C21F38 for ; Fri, 19 Jan 2018 19:43:32 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id v123so5685188wmd.5 for ; Fri, 19 Jan 2018 11:43:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=Vo05nwoa2YGvyPmqvy7knQIs0vQgqOYTrhhBiLs8ii/UyorYvUy+0WMatxgCR6V3jE l4ZAwK1UX+S/XWXutX176qSGbkcGnO1CDj+yA4tBPRU06//cMUMKGjeLWSheBNyfo+CY dTvnHn/RTJ4K6dyaVo0I9PmrQNblRHcqyl2KM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNK1Wntmes7j8la0QK0jKrehDGZdNJdBUpWJaSzYxl0=; b=jhVW7hY2aXzOkRuwv38BZlI+epbIVVtvpcdE+FRjfv9uhltleHJjByr1IjJt1AUp7F dgk0N3rGKSUR6DjctDqyHviEaBUJbTTcPnxrKwVUac6SkQnu2HHFiOk6+qsNcaRoPTk9 CfBL8iXGLb14eklLTiICd0TWzdR08W9k3zTERgnBHEuC0uUNUR6zvTjgyeZArvA9+qql /Xen1a9okNX+OT+U57NqIKJ4iIX3DlqbaalvvvyUkR5vMotx8DWhajr8gean/7PpBFkr Oct09lnx4ud2lbmCrylnegh30AzQHkAoFsfCgy1CYnxTJliovNusum19AyDMXbBtr4US JlCQ== X-Gm-Message-State: AKwxytcm99bpLWwP1nmIgZuOHYGHbdZgvtL85ak40HimVQBnrYzSEKf4 AQBi0rqregUOor6FZt1TqCJOQB5swho= X-Received: by 10.80.216.205 with SMTP id y13mr23018edj.173.1516391012197; Fri, 19 Jan 2018 11:43:32 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:31 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:19 +0000 Message-Id: <1516391006-22483-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 2/9] optee: Add CONFIG_OPTEE_TZDRAM_SIZE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default size of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM size specified in the OPTEE build and the TZDRAM size specified in U-Boot match-up. Further patches will use TZDRAM size with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 2e406fe..41c0ab7 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -6,3 +6,11 @@ config OPTEE enable an OPTEE specific bootm command that will perform additional OPTEE specific checks before booting an OPTEE image created with mkimage. + +config OPTEE_TZDRAM_SIZE + hex "Amount of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x3000000 + help + The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE + runtime. From patchwork Fri Jan 19 19:43:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125221 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444240ljf; Fri, 19 Jan 2018 11:48:01 -0800 (PST) X-Google-Smtp-Source: AH8x225a+pIbGD5dGYWPlOtLS2dicWv4m1wY6ZxqBoVfZC72TFYA88ZK6rK8XKfuGCumRx1Lchb5 X-Received: by 10.80.208.2 with SMTP id j2mr70370edf.134.1516391280982; Fri, 19 Jan 2018 11:48:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391280; cv=none; d=google.com; s=arc-20160816; b=hBMFBXQmjwxRDax4P3+DuOudONTa94h1O4qNQZ4+4geqcJIJ+cz3E11m6/diICOy2J RcqseqmDLgQfCiLCX3Ban6O0IDOW+7p4aUGO/MqtBMynW4vZaLDgw4t5aJIt8Osg51Th wQ0syzk1UlF8JCDDqNQOz0sDLIgAIfWfByM9mGevh3KS9q56D9jsj5LG/2eeXobbUGdC yMM5AVxHTkvYjI9IgGIhkuUGBcHDT7+DDOsiUK7jUOiuIw/G/T/HhvA6mftLQGr1MhTD 46Otdty+ldTQR6PNz918gZNnZ3ZIaZ8yB+OjU69S1M4/wp/ZpMFdBnx+p086rWPoiI7w UfSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=+HwRYbf7MEs4fz7hMvmA4r5CtLSPj12HQ/fxGwTvpQ8=; b=ZMtk0bNNu0ZJ7PxlIABoWa9QlMmalP28y57VFCv0IebvyksQYq2UChLxZq65aN11g2 YXAdZmTHIBjhp/iZ10FGuCNKvMqQknTNfiN5f96YsSwfyTJk9dCcW7pbTBJlehFyNg/b HkeW9Bh47QLBY9MBpVQMp45t3AoMTdhYCNcco8bcZCgJ/cGHdB4jsPeiVxNKZkgGSYcX AbaX0bh1ixRtGB+IXkfrvteifmnRCaMGUH6e50Tv7e9BebAEEY957DMooyuGTJ9UpJwC 4s5MYQgsGnFp8LYy/dj0PNq4Ex+l2OuZbQBaYiLBI2CkWlOnEY4fTIm22lI/rI+zmxQM tvnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=W4fDe3A3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id l25si1096944edf.456.2018.01.19.11.48.00; Fri, 19 Jan 2018 11:48:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=W4fDe3A3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 849CEC21F73; Fri, 19 Jan 2018 19:45:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 882C1C21FA6; Fri, 19 Jan 2018 19:44:13 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A34F2C21F49; Fri, 19 Jan 2018 19:43:39 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 0C0B7C21F6B for ; Fri, 19 Jan 2018 19:43:34 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 143so5468840wma.5 for ; Fri, 19 Jan 2018 11:43:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=D3sScOBXVrDfJK8H51bDHqCJRdkVs9+Z4uICV0VXhv0=; b=W4fDe3A3B1ReWzD+Qu/ewiiY8cWykbbnZdyFKqZEX4jEEZ4I0omrK9yTQyC4t1UGts zjZ83DuwGFNKGthiQ0/T+g9Yxdi1V3LWANkZ2CqjW4P5PCvu15cshUxg4B72kubAqWDw 47gAQP/kUcqlfXQUOi0E/zshUo5+6h6aAUQGA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=D3sScOBXVrDfJK8H51bDHqCJRdkVs9+Z4uICV0VXhv0=; b=IzkoNncXLT0ywVD+LgZRcdGzqthYXogl0yLuE3r/UqICUgqlIvTiaoJsX+gXKEXJ8k /umF2Q4J3Ba0sgeA70wVVnzxXd/a9wBImxu0SRLSGwJ4kToQnW6+HZa/Of4ksXJAUw1h nMrZiC7HZue7FXByrnmrifNDgRYbaGf1kW6dTuH8/kJBt4chmWI/sZeHABvfMMMcaMLz dlBxcpz+bT9DldfD1fNVxVWO6xF+hJL2IhXg9ymmCMIY0iWOF2+UIgdHib6mceUzfeH2 /GRdpDlyBi3I6y9O3alPryKAxbeaGt3AJt6akjTL2g14NMD59uG29QqXHHNwP0pxHWJo +TIA== X-Gm-Message-State: AKwxytc+oNV+Vyr2dd8c9UvJlffn9sEuoHqKPS2y2B58/QIdvx2qBx5d 1/TlnOfB1enfAJAS99rSVjtUjisReE8= X-Received: by 10.80.152.19 with SMTP id g19mr37720edb.33.1516391013434; Fri, 19 Jan 2018 11:43:33 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:32 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:20 +0000 Message-Id: <1516391006-22483-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 3/9] optee: Add CONFIG_OPTEE_TZDRAM_BASE X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" OPTEE is currently linked to a specific area of memory called the TrustZone DRAM. This patch adds a CONFIG entry for the default address of TrustZone DRAM that a board-port can over-ride. The region that U-Boot sets aside for the OPTEE run-time should be verified before attempting to hand off to the OPTEE run-time. Each board-port should carefully ensure that the TZDRAM address specified in the OPTEE build and the TZDRAM address specified in U-Boot match-up. Further patches will use TZDRAM address with other defines and variables to carry out a degree of automated verification in U-Boot prior to trying to boot an OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan --- lib/optee/Kconfig | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/optee/Kconfig b/lib/optee/Kconfig index 41c0ab7..a3b7332 100644 --- a/lib/optee/Kconfig +++ b/lib/optee/Kconfig @@ -14,3 +14,11 @@ config OPTEE_TZDRAM_SIZE help The size of pre-allocated Trust Zone DRAM to allocate for the OPTEE runtime. + +config OPTEE_TZDRAM_BASE + hex "Base address of Trust-Zone RAM for the OPTEE image" + depends on OPTEE + default 0x9d000000 + help + The base address of pre-allocated Trust Zone DRAM for + the OPTEE runtime. From patchwork Fri Jan 19 19:43:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125224 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444886ljf; Fri, 19 Jan 2018 11:50:08 -0800 (PST) X-Google-Smtp-Source: AH8x227pqZMTPwAfxJlvkbl/KF1wi5E9Sa6glcB88HCNTj85ZsXUoK3NRw4h4DWsWVLXuFtDE54g X-Received: by 10.80.208.197 with SMTP id g5mr71532edf.216.1516391408658; Fri, 19 Jan 2018 11:50:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391408; cv=none; d=google.com; s=arc-20160816; b=w7uWCZOxqG/LbDVRiY6/mbvV5MRMVyIUBJXdy4UnoD3fA3KGpur3dKDrn3fy7KVVuQ DvNFxFO1sw3HNWzb3SXGlfCjVX1ms+7E8X3OJx6tfStLBYAhIAj960pWlq1tASYz2C39 cFThEefMOOkAviLJlE/gNhmK++x171cGsOkjKUY8KknqDGTgGwEh1CG1VrLwN+3y3vD9 +QpujSs2YKnuCJ7SxRN0GsrAUT5nD6pBeCoylCiLtima8JusopSJylI3kMIul3nuz2C+ lFE8+dw0mbUia7Eby0I/5hIFJm7y+HFylFRQxEGhzVqb2k8d+i4EPC5ZXWgx6OF3hz7q qevQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4CcwC7FBgW8X30HcQeHFFZHS6A58CAZ3P784+gQMGDU=; b=JuHi5MLsDm87d+o87rc7EcLJGZLlu8KAtJk33PtCjARcKLnzG1TGtdAMxVDgixgef2 3N7Uo869wtKWMUOiLPzutWKjM+u8sngGSGKwWpZR4aAnBXE550eH9gv/lFIyPbfr8m0q g6+ErTIhYFrVdWeVmXigAdQe3F7x5ZVIsR/rFy92p1KYA5dP6IpwuVk66EwWDhh4tsNR 2W/wfXQxjQtb2Nm/NRjE8L6NO9w7eJ6GxFcz0fS7qxbm0JHaygE2M4pr+OS5lQDQ4ORw Jj8TTEWgX6IbQXpR/2DiUWmOMEuV2BDxP3wdCAM9psEDrwY0NPBMonoa6zhShOUNMFm6 IquA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=EWW+6fdE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d7si818369edl.453.2018.01.19.11.50.08; Fri, 19 Jan 2018 11:50:08 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=EWW+6fdE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 3DD76C21F7F; Fri, 19 Jan 2018 19:46:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 8297EC21F27; Fri, 19 Jan 2018 19:44:14 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id AEB63C21F5F; Fri, 19 Jan 2018 19:43:39 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 30114C21F53 for ; Fri, 19 Jan 2018 19:43:35 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id i186so5478982wmi.4 for ; Fri, 19 Jan 2018 11:43:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=EWW+6fdECQxw9/fYOOJWnbDN1mb4mOyJ661BWvAq/ZGEgjPw6QMmSFZBjTsxmMSmr7 c+/X1122GDiY+TKrOiLhE1TFev6cbHLa+01IRnjSAfGyi4m5Zo+LCdPZ2q2mBT5K7MWb i9VH3ETqvfg+nNEob+fuYFvB47Dfk3OnzG7tc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HehyfLwBiGL7w0M1GQgZW2L7CjFJl409qccQ+xCD/gQ=; b=QmUAOapo6FrnNzyIQOB5RH/DCHY5fJZTfl8mMus4GsthA4Wmradq7E8pDnrZJbeQr5 PsCZCTHOBlbcOFlsQXlZQBp0LQo7gNUA9UheWKHgJQkdd6bNYd5H9br9gvkOtJKB4zpS O1MKpn4GQRotq9JkfYkrfgVj+YAEq7drWacHAjp4Hvt9isiitWFG4GMIyC/rXMJbc+pM QDF8SzdJVw7Vlp+MTpcPSWupntJTnCpa1PgCEOGe2zzPFTL8+aDvqwMi+b0M2unAaIdk cs+ohUng5fXLlsUTiv52aiUTK81FKTUEQPCjN99dXxz+CS5yIi1KVWCsjmIopg1WgnUJ augQ== X-Gm-Message-State: AKwxytfAfEvKmfBLyIT8MROMB/3k/4krAKXfYCHHtQWlVrkkTDcJyZN7 09YZimVz52HT2D88O0+gG665yUTfnVw= X-Received: by 10.80.142.15 with SMTP id 15mr26006edw.127.1516391014586; Fri, 19 Jan 2018 11:43:34 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:34 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:21 +0000 Message-Id: <1516391006-22483-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 4/9] optee: Add optee_image_get_entry_point() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a helper function for extracting the least significant 32 bits from the OPTEE entry point address, which will be good enough to load OPTEE binaries up to (2^32)-1 bytes. We may need to extend this out later on but for now (2^32)-1 should be fine. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index 8943afb..eb328d3 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -29,6 +29,13 @@ struct optee_header { uint32_t paged_size; }; +static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) +{ + struct optee_header *optee_hdr = (struct optee_header *)(hdr + 1); + + return optee_hdr->init_load_addr_lo; +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Fri Jan 19 19:43:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125218 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp443451ljf; Fri, 19 Jan 2018 11:45:44 -0800 (PST) X-Google-Smtp-Source: AH8x224DRh4kq6/aiIA43I8GJ1hr7Cl6zY2QZ+mjLVbLt+0hYcj5MHHZp/Ba1VvKxuUsASuwZFH2 X-Received: by 10.80.155.90 with SMTP id a26mr50338edj.290.1516391144148; Fri, 19 Jan 2018 11:45:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391144; cv=none; d=google.com; s=arc-20160816; b=ccc/4DubKAX9It+DADr525rzE7bTo3NiYn1bplDiZclZKYEf9XBpD/k8NN2snWc1Sc h4F2c8Ccdqu78FtcJ9wJF66qxP4hoNAze6DQ0d4I19i2mql4JewmiOCY/BLsu2D3W+YM PYTFSAxlBXLLmByOsfsmCKvIAeffDhQx4TBWWG5E1xE41uM8is27f608zQWgFM7nfc6b 6p0bFFZcZ8vRW4vLzZR96Nc8b7WQVZfCwT43xwS3Xyx/7GrTS5MUUENjgTJsFLlxamLg YBuGjBVTMbjlEmgBxsdsEIlcLa017jszKq7l+cJDLG23v25EwxBEZh9SDj1nwnMgKYPF Hy+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QaYroxNd3askNKowPokMN25W/t4qBXmwlbEd13MrC2M=; b=s5oEqaJSeqIp5+tReydEj8zJwd0fv2if+8R0dtN16VULJdNtPJGmFzZGwPx9QM4sJQ F0hZQDcwzWu++Vz22u5SN2rh5EcOIQPMcD/5JqKy6IgjLoXvI4eS3tCH8Sxe9i8DJoZn hGD3BkFnfsUmha/yTmzXLnlHdM8eK/wFxfjY+WziIOscXttH2FThNgZtyze9sRMR/8xm GbF8iA8LIknS17BmLKav5T+z7cMR3SaL+rfY5+/+Nu7u4GNT9PW+Qc8oq76dySfIEHJk 62VgCoeatjyhRA7SWA6gg9Nq76kEkzrhgERwC/Ez7itGzPVQB06xJlAkmA0r1QI2610D yEbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CNx0qurg; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p90si1520501edp.421.2018.01.19.11.45.43; Fri, 19 Jan 2018 11:45:44 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CNx0qurg; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A4822C21F5F; Fri, 19 Jan 2018 19:44:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 15F31C21F3D; Fri, 19 Jan 2018 19:43:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id BEE06C21F7E; Fri, 19 Jan 2018 19:43:40 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 74757C21F59 for ; Fri, 19 Jan 2018 19:43:36 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id r78so5727595wme.0 for ; Fri, 19 Jan 2018 11:43:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=CNx0qurgz7+ex5FrqQtDA/JU6lmkwE8ldKox5xSCeK5NcG48/q5UoVPi7t3hHdUgu9 htDpmjm5TMaLh/kKjNJ/8ADDZsGUBSjddL4v6Se5Np1wwNeSAaqrw3+Pvlt69gDeFOIw FiEgaie7w9yktXUlinazN7Zrxrg/cjDCu4kgs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=jd7TJ8ToMThI42VzCdFxxuucXAuvkiPJC/i5sG6S6nU=; b=id5tYfc0FE8yOJXcDhqeQLzkrmzKNToweCkeiH5GXChEQMRJQLcmSy3VfmjfrEF5DA 5gWzWLBfmCpkt3lcCqSf6ugC8uKvn+XP/2uFVPkXxC7khvVxdy3TmjITfD+KbB+ABHbZ nXQOCcQZKbkf4bNYrJnSMtDhD2Wc1DG3FqL6qPLdnHmxaBtxWbEqeTTLz6nl+0dQeliv QwHK2HBJdn+kLVhgiHBg38cXyfHgY+UMW5Japn+bKb6ev0VQUhTW5xwsNm9gymdm8Mp6 hpDSZWsNjHe9/cspDrcPJR7Aw33SCHZF/AG0p7WRERo6EavLNVuA64KVAXT8g79QCn0W Ajdg== X-Gm-Message-State: AKwxytfM4DakTixqTUjKcLQ3oYQmJZSegipYQu8pxQcrALon3RSHViMy ibiRxbrP9k59HYmlw5ynbZFTzvRId6o= X-Received: by 10.80.230.142 with SMTP id z14mr57854edm.174.1516391015779; Fri, 19 Jan 2018 11:43:35 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:35 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:22 +0000 Message-Id: <1516391006-22483-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 5/9] optee: Add optee_image_get_load_addr() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_image_get_load_addr() a helper function used to calculate the load-address of an OPTEE image based on the lower entry-point address given in the OPTEE header. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/tee/optee.h b/include/tee/optee.h index eb328d3..e782cb0 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -36,6 +36,11 @@ static inline uint32_t optee_image_get_entry_point(const image_header_t *hdr) return optee_hdr->init_load_addr_lo; } +static inline uint32_t optee_image_get_load_addr(const image_header_t *hdr) +{ + return optee_image_get_entry_point(hdr) - sizeof(struct optee_header); +} + #if defined(CONFIG_OPTEE) int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len); From patchwork Fri Jan 19 19:43:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125222 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444605ljf; Fri, 19 Jan 2018 11:49:03 -0800 (PST) X-Google-Smtp-Source: AH8x226+1qr4VWkYU8Q3Q71mRyG9C0Wb8xUBWFY4TaRaC6U65ZguAElPG1D+Qev0IIG3fLo15Jgv X-Received: by 10.80.165.87 with SMTP id z23mr61415edb.300.1516391343201; Fri, 19 Jan 2018 11:49:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391343; cv=none; d=google.com; s=arc-20160816; b=WX4dizK930197dBpOWPdacYx790KKAGu1tdBGYYWozqhYDkw0ZUnUomMflltVj8k1d r9WUEuNrJam0kDjTLcCEg4SS1QOEj5uENFPVM2GDBq0kUvFq8Pu2VvX1wT5w0Q7TSDfX u3t+/JIASiYd86yRFH1B6JB+/B5POzCoh2HJuoiCi6e4U0ZWkikwOs29da8V8euIONpc SLhE7MlHPen9cgns2fuXfCAh+hxONalsTqHJms6yw0dvDdxqJ593mL7hRI0mWas0sEXF y11zOLBrqW5oul0Cbbvxsbj2Z+9EHrRmdeUyUA5Py3Z4xTsMxxWtkxU8OMd+JsSmOdB5 pzNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ncLozwEYCI8dTXb9wg5+4XfZtB5WjzlshyPvjQZYLtM=; b=ojdP/SIFkVytR9J/o8hdXYPaubkcNDgR12iBZzRu4jnZwGsRhxQk9W0hi0HhJi0aoY tAW7OvquxXSOvZor40BMcYJ0xi2Oq1yWkGIQO2AedQNyskRRNkEgNvZ/s+MEwzKBvctF 0iHSddaWAe2NJjiHKtb5I5jPWC+z3WbZn848ujRTIyBE/UXhPwTkPmEW5R5dTNRYeev8 ulaJ0nvrEQ8qsS75bjShQ233WbibUvCvWtUFhIsA4HQ/2HenA2zMZdwJfGRq4Uy+eb1s +HG6pGXCFupxf/Gjd2Gu4JWXHk5lAYo1u+1gSr48NmAbz9QQFYQQ/hS1adbgmajOyWFl jlPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=M2drpsZq; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id m1si3575823edb.448.2018.01.19.11.49.02; Fri, 19 Jan 2018 11:49:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=M2drpsZq; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A50CBC21FB2; Fri, 19 Jan 2018 19:46:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 794CFC21FAA; Fri, 19 Jan 2018 19:44:18 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 20DF6C21FB2; Fri, 19 Jan 2018 19:43:41 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id BD824C21F5F for ; Fri, 19 Jan 2018 19:43:37 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id t74so5522259wme.3 for ; Fri, 19 Jan 2018 11:43:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ZflaXR1zhk0qwf7CFLVXBSyeQm1rVE3wJf74G5rZf8g=; b=M2drpsZq+f6Sa4GC7DVN/4HwRwepzek0oOh3KVC6LztzPZh4sjXOjQOFG1+gbE2Cof Pmux4x/yfsmoakgsiwkf8bKJToidV6unjluwx3hkMjdrrRTqO9vjoN6LdDLStjJZ23eX 3bSZYrIKMvVUjz6H1kbsvw+GE29MuvuKisUcI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ZflaXR1zhk0qwf7CFLVXBSyeQm1rVE3wJf74G5rZf8g=; b=iuEKOe692G5koMEL773DymBAaW5Dy9/A3UDlMB3e9IENNbh+MT42yLZDWU4WN4enzU H2GtMyPzrCHoBhakN93Geshbcxz5Mf+iF9Ia0qwSMwzIRpSJAbUYl6ozbRs1RPi/rxr4 HxepLYPbusd3FV+Z1fbyUu11aRVK4MaWxjUGswqnNDuVQ4q+hjfg5jRJRC3Pbu6mMsIe Wu1gqh+A/xWsFZm5hLVHakvQjqCoL6NdQv9/312CTkktrb18W0mie0kxTWDOO+nHjA/1 AdGSQY9tM5+TOL+yTVus5h8AEmD7fMnbc6AHB2EGokABRZeexZYOAjuDrO/8SVYmu/LM FnAA== X-Gm-Message-State: AKwxytf36/BXcgDJ8NrT/RwDVGZZE1OBWfnZXqyv2Fv8vXvB3rxoOpY/ 3kfZWAjnyoXyhH4jzUSCosCMcE7fUpE= X-Received: by 10.80.187.73 with SMTP id y67mr55760ede.172.1516391017059; Fri, 19 Jan 2018 11:43:37 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:36 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:23 +0000 Message-Id: <1516391006-22483-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 6/9] tools: mkimage: add optee image type X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds support for bootable OPTEE images to mkimage. Currently there is a (Trusted Execution Environment) TEE image type, the TEE image type is installed to a memory location with u-boot continuing to own the boot process whereas the OPTEE image type defined here is a bootable image, which typically wants to live at a defined location in memory. Defining a new image type allows us to pull out the load address and entry point defined in the OPTEE header and having a separate image type lays the foundation for a subsequent patch to validate the OPTEE memory defined in a board-port matches the link location specified in the OPTEE bootable image. example usage: mkimage -A arm -T optee -C none -d ./out/arm-plat-imx/core/tee.bin uTee.optee making a separate image type means you don't need to specify things like entry point and load address as you would if you were defining the OPTEE image as a linux image. mkimage -A arm -O linux -C none -a 0x9c0fffe4 -e 0x9c100000 -d ./out/arm-plat-imx/core/tee.bin uTee Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- common/image.c | 1 + include/image.h | 1 + tools/default_image.c | 25 +++++++++++++++++++------ 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/common/image.c b/common/image.c index e9609cd..14e738b 100644 --- a/common/image.c +++ b/common/image.c @@ -161,6 +161,7 @@ static const table_entry_t uimage_type[] = { { IH_TYPE_TEE, "tee", "Trusted Execution Environment Image",}, { IH_TYPE_FIRMWARE_IVT, "firmware_ivt", "Firmware with HABv4 IVT" }, { IH_TYPE_PMMC, "pmmc", "TI Power Management Micro-Controller Firmware",}, + { IH_TYPE_OPTEE, "optee", "OPTEE Boot Image",}, { -1, "", "", }, }; diff --git a/include/image.h b/include/image.h index a128a62..9175624 100644 --- a/include/image.h +++ b/include/image.h @@ -271,6 +271,7 @@ enum { IH_TYPE_TEE, /* Trusted Execution Environment OS Image */ IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */ IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */ + IH_TYPE_OPTEE, /* OPTEE Boot Image */ IH_TYPE_COUNT, /* Number of image types */ }; diff --git a/tools/default_image.c b/tools/default_image.c index 4e5568e..5653933 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -18,6 +18,7 @@ #include "mkimage.h" #include +#include #include static image_header_t header; @@ -25,7 +26,8 @@ static image_header_t header; static int image_check_image_types(uint8_t type) { if (((type > IH_TYPE_INVALID) && (type < IH_TYPE_FLATDT)) || - (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT)) + (type == IH_TYPE_KERNEL_NOLOAD) || (type == IH_TYPE_FIRMWARE_IVT) || + (type == IH_TYPE_OPTEE)) return EXIT_SUCCESS; else return EXIT_FAILURE; @@ -90,6 +92,8 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, uint32_t checksum; time_t time; uint32_t imagesize; + uint32_t ep; + uint32_t addr; image_header_t * hdr = (image_header_t *)ptr; @@ -99,18 +103,27 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd, sbuf->st_size - sizeof(image_header_t)); time = imagetool_get_source_date(params, sbuf->st_mtime); - if (params->type == IH_TYPE_FIRMWARE_IVT) + ep = params->ep; + addr = params->addr; + imagesize = sbuf->st_size - sizeof(image_header_t); + + switch (params->type) { + case IH_TYPE_FIRMWARE_IVT: /* Add size of CSF minus IVT */ imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0; - else - imagesize = sbuf->st_size - sizeof(image_header_t); + break; + case IH_TYPE_OPTEE: + addr = optee_image_get_load_addr(hdr); + ep = optee_image_get_entry_point(hdr); + break; + } /* Build new header */ image_set_magic(hdr, IH_MAGIC); image_set_time(hdr, time); image_set_size(hdr, imagesize); - image_set_load(hdr, params->addr); - image_set_ep(hdr, params->ep); + image_set_load(hdr, addr); + image_set_ep(hdr, ep); image_set_dcrc(hdr, checksum); image_set_os(hdr, params->os); image_set_arch(hdr, params->arch); From patchwork Fri Jan 19 19:43:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125225 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444891ljf; Fri, 19 Jan 2018 11:50:10 -0800 (PST) X-Google-Smtp-Source: AH8x227+PBWa7G5Fy3Oy2fk87K8zn9YqL7W33/G9L5rX0RrUWFO3OCTFsNJ8gt+kSir0hB9XgsJW X-Received: by 10.80.192.72 with SMTP id u8mr51015edd.109.1516391410668; Fri, 19 Jan 2018 11:50:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391410; cv=none; d=google.com; s=arc-20160816; b=oX+Yo7YR2DnLVc9Zo+2+3bHgMWeimBYQN4VQ4Ebg9ooqx6Ywgt5bzL1jk+cpAdBHEN LwKapfvOcKFpi06ZC1Ycn+CbHrTgXhq3KxDwGPUS+QMINaTrDXixn9alidlvTojxke+Z obvZGQ4pZrlNFGrdCcNT3zYczcvmLJvmTwkJqLiP1BWNBqpfKVAWZOlfYD4/nPF6MOIg RIx+bc3KBbYDPB9lcSXHf3E43Ztn/I62j4U/e1Gkq36+pDCodFJP1Co4x8pQSbq0YK1t NUM+OUJB+dGhuqwpEVU5Ng1cXN0sTY0dxRVv8pDzMfsY+Z4b3NYVG+C6OXV0pIirYEl1 IjPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Y30VzfUBI0Tkub1tdeQlkVWD6ZeyxAxy2n01OxPrnhY=; b=RhvHSnuhu3zzoku6JJXekiUNzrtwauzh2ocNyLZhcu4My3k/L/38mNj7qVgRTNddNq hdx+ZUkzZ/EkrG1XWB9cr5sjV2AAfcsfCwfnOM3+5nnKPdtIw3TBcyCR+8Tt9bojFsfE ybMrL2Bf1yFJjGUf1ZnK6E3snix8LRf3yeybmnv+kjqc3DjHtW4Qc4Ru0QtjIgjpSjyC fS12Jv0jDR7oKBP/mZ4qRdw3agPvTcrGqfvUz/y1ZSntCg9pG2YKIbUG6x6+z20rLjW0 VFD9UpMhlspsFiwNbjlOD7ou1P46AVbblQFzxxUIi1FZyjryop0STn0wwUTe7NBDbeHg Nr0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ui7Kdz2c; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t11si738639edc.177.2018.01.19.11.50.10; Fri, 19 Jan 2018 11:50:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ui7Kdz2c; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 435F0C21F8A; Fri, 19 Jan 2018 19:45:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 6BE2BC21F6B; Fri, 19 Jan 2018 19:44:00 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 0368FC21F97; Fri, 19 Jan 2018 19:43:42 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 23EBCC21F38 for ; Fri, 19 Jan 2018 19:43:39 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id g1so5485997wmg.2 for ; Fri, 19 Jan 2018 11:43:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nq/UXMM+S/39ZQzMRLg+v22x4rlDp8VH7yjw2zNHqwY=; b=Ui7Kdz2c/PxprKK1Ifvyl0tp9cmB08MuyvZ2IxmtT+h1TIJMle6CwcOpe09cecFThv 6N735TQpuHA007icJ2XB7uJzPvdV7g+NCdpDUPjDJg5eVfSt41WcnYDe5oVHmn75iLyo XWO6TWe7uUE0zLfd9wZ1ZG1TweSUeg0dx8QFo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nq/UXMM+S/39ZQzMRLg+v22x4rlDp8VH7yjw2zNHqwY=; b=WFlEzFjdRMCU9nTLQTvAtG5AfVLBT9KmLPzrSnPKrR2hR5XJFyidz2qdS2m9NFDpUb OSZy1lvkKHFBpiB27jikgM80oOAsVvLC0PR7QFbIqc7uRe0TN8NwEkF6TJ7APsn04v/n vfXAxoHjooqkCit631cDW4oRpnHPCu9/816l8s6Xrh9KpXsO7Xn83Mk9SkFsrpiQZ2VK TN0/014XHvyqj6t3rgzOObjrUcuYCKdZJyHXvECILHF/BG33DfiUb1wQhWLzbLBB2veW 1VtW3ccevJzAberSwJxuCpw5aDku/EcSLHohbkNRkJY7ZUD0D6zZkZEe027bUu2f7Ur0 cfxA== X-Gm-Message-State: AKwxytcwv6iYsVFnWN6mvhpEusXUgNlKsJ1n8oTg54Vdtlzf9omvf49F 2mVvitBUCb1fsIHQkQqo3FXNwFV7Xv0= X-Received: by 10.80.204.1 with SMTP id m1mr57205edi.146.1516391018524; Fri, 19 Jan 2018 11:43:38 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:37 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:24 +0000 Message-Id: <1516391006-22483-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 7/9] optee: Add optee_verify_bootm_image() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds optee_verify_bootm_image() which will be subsequently used to verify the parameters encoded in the OPTEE header match the memory allocated to the OPTEE region, OPTEE header magic and version prior to handing off control to the OPTEE image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- include/tee/optee.h | 13 +++++++++++++ lib/optee/optee.c | 34 ++++++++++++++++++++++++++++++---- 2 files changed, 43 insertions(+), 4 deletions(-) diff --git a/include/tee/optee.h b/include/tee/optee.h index e782cb0..4b9e94c 100644 --- a/include/tee/optee.h +++ b/include/tee/optee.h @@ -55,4 +55,17 @@ static inline int optee_verify_image(struct optee_header *hdr, #endif +#if defined(CONFIG_OPTEE) +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len); +#else +static inline int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + return -EPERM; +} +#endif + #endif /* _OPTEE_H */ diff --git a/lib/optee/optee.c b/lib/optee/optee.c index 64ceacd..e28627d 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -9,7 +9,8 @@ #include #define optee_hdr_err_msg "OPTEE verification error tzdram 0x%08lx-0x%08lx " \ - "header lo=0x%08x hi=0x%08x size=0x%08x\n" + "header 0x%08x-0x%08x size=0x%08lx arch=0x%08x" \ + "uimage params 0x%08lx-0x%08lx\n" int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len) @@ -27,11 +28,36 @@ int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, tee_file_size > tzdram_len || tee_file_size != image_len || (hdr->init_load_addr_lo + tee_file_size) > tzdram_end) { - printf(optee_hdr_err_msg, tzdram_start, tzdram_end, - hdr->init_load_addr_lo, hdr->init_load_addr_hi, - tee_file_size); return -EINVAL; } return 0; } + +int optee_verify_bootm_image(unsigned long image_addr, + unsigned long image_load_addr, + unsigned long image_len) +{ + struct optee_header *hdr = (struct optee_header *)image_addr; + unsigned long tzdram_start = CONFIG_OPTEE_TZDRAM_BASE; + unsigned long tzdram_len = CONFIG_OPTEE_TZDRAM_SIZE; + + int ret; + + ret = optee_verify_image(hdr, tzdram_start, tzdram_len, image_len); + if (ret) + goto error; + + if (image_load_addr + sizeof(*hdr) != hdr->init_load_addr_lo) { + ret = -EINVAL; + goto error; + } + + return ret; +error: + printf(optee_hdr_err_msg, tzdram_start, tzdram_start + tzdram_len, + hdr->init_load_addr_lo, hdr->init_load_addr_hi, image_len, + hdr->arch, image_load_addr, image_load_addr + image_len); + + return ret; +} From patchwork Fri Jan 19 19:43:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125220 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444174ljf; Fri, 19 Jan 2018 11:47:51 -0800 (PST) X-Google-Smtp-Source: AH8x225dCEVmC1SLTSngISB8t4hLwxDCeLd5p399eDW6cdUPDkdAyGlHW/pfoSopOgyWEZz2uV5p X-Received: by 10.80.215.91 with SMTP id i27mr45040edj.95.1516391271118; Fri, 19 Jan 2018 11:47:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391271; cv=none; d=google.com; s=arc-20160816; b=UGsrf/E7Sh7gFojRvL4vwbsU9yx9J8/XRtiwoy4W20ibsUrufZarfMk5DrPiIHibq8 OUzOjnM9n/etpWcVC+GJl9Hy8Twpd2ija63xreamfB0DhIracVKDl+5P7u9GZWw0rpQs DVKjZQ+mcWQ0R5S3RV85YbkjD7GexAhEcIt3SQskIXqa1HYCJx8QwgvEML35EAJ2Xt9E HzM7DzvGXWiDIxhpSE60aTiPWqCZicGvx4hENKjKqBWdkQx83gB+CCvS7+x4KfO1rMEv rTyUT8vWBq3QQFqc+QrSofIwVRHNTJ95BB2SaNET3dYtbYqT82ssDNqyQc8P04GmwMAa BTDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9SeYNN7fAzc9ye43F64/zjFVwEPTVm8fj91KG77oSig=; b=FhPHe5Im0iE2FHzRGV50T9jl+H8l9ykHIopgpcibtesOK786kfq30tF/wLvxP8XdhP zfShmeFDBjgfiJBu6lhA8gVrMHhAcSvB6mNfCTU3BODVHoeuDKS9r/X1au/dW30Uwfb5 HrN5hwEcrXoSPn13wxtBu2uDqhUp8tMix2NZXz04YLbaT62S19nZMFu0Q3gr4m74ZTRr ANGpCAR19bf185oCMuTsvjseiCYOj79qEdkPmIz54iUUxYJ+N1tEt0UYgKolPJxZyJUZ 1KZUkn9fDjbEUTY2xzEIz1Xvf9kOyRTSydSdJzUGcRvoWDYfzpTVH0KxLvr6ldjPl9d0 PQ/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CuMqA1Dd; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id h61si158271edc.183.2018.01.19.11.47.50; Fri, 19 Jan 2018 11:47:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CuMqA1Dd; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 9CD93C21F8A; Fri, 19 Jan 2018 19:44:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0A5F5C21F81; Fri, 19 Jan 2018 19:43:52 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 28B53C21DDF; Fri, 19 Jan 2018 19:43:44 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 725A8C21F53 for ; Fri, 19 Jan 2018 19:43:40 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id b21so5705154wme.4 for ; Fri, 19 Jan 2018 11:43:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ESPTwR3kNFGmQZLp6cbr7Sd9trs1Y1G/LXwiNCzV96k=; b=CuMqA1Ddj5218vbWPoMknhkxeqcZnOqxVHXOYYbt9l2Bu7LRTYJRqxlR2ts8hNQack aRHNJe7oEzHRVA+5vg7AL3YAt7/t2v3xSp1fmO53i1SnPTpr8ThGF2hwoUkLA2tnkFks Pn5n9XCx89DZ6BtcCRco21oBCA+AgytQki9Nk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ESPTwR3kNFGmQZLp6cbr7Sd9trs1Y1G/LXwiNCzV96k=; b=tTb7iY2fkQn1qvlGKW1OYXb1+Ciwfgj4mVHPAMGHG+kOdmONnWjmyrb1EUL3k1Mn8p lg0ojysNJiEdP3lav+FexduEjtsH/715zNLa2nmjdXmZkDyaZndalkElmgwjf28vicz8 r+Bf/vVR5A4/HpACxBdN6oYNN+h3YNr+9xYw4AenE5zMxYQHvAfuaW/xWbazYCFYkwCJ e0yKMWm+fJ33Tm8jWA4gUmDyvCAYTmnfqX9Zyhjl+e548K9RgA/opwYdV1wo+3LprCO/ qaHaEDeqd91wLo5yE8u02iiA/jp245u5ObANtaVQugr3bqSMbTdNV0BgaxSZgFDf64uN OkSA== X-Gm-Message-State: AKwxytcMVao/9qkafVenQEs1Im4lv786ljSgg4ikd1kpU+WzvNEUVpxC UNVvv67p7D7XxJ5xadVm5ZyMJrKoT5w= X-Received: by 10.80.175.102 with SMTP id g93mr57180edd.156.1516391019875; Fri, 19 Jan 2018 11:43:39 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:39 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:25 +0000 Message-Id: <1516391006-22483-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 8/9] optee: Improve error printout X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" When encountering an error in OPTEE verification print out the address of the header and image. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- lib/optee/optee.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/lib/optee/optee.c b/lib/optee/optee.c index e28627d..78a15e8 100644 --- a/lib/optee/optee.c +++ b/lib/optee/optee.c @@ -8,9 +8,11 @@ #include #include -#define optee_hdr_err_msg "OPTEE verification error tzdram 0x%08lx-0x%08lx " \ - "header 0x%08x-0x%08x size=0x%08lx arch=0x%08x" \ - "uimage params 0x%08lx-0x%08lx\n" +#define optee_hdr_err_msg \ + "OPTEE verification error:" \ + "\n\thdr=%p image=0x%08lx magic=0x%08x tzdram 0x%08lx-0x%08lx " \ + "\n\theader lo=0x%08x hi=0x%08x size=0x%08lx arch=0x%08x" \ + "\n\tuimage params 0x%08lx-0x%08lx\n" int optee_verify_image(struct optee_header *hdr, unsigned long tzdram_start, unsigned long tzdram_len, unsigned long image_len) @@ -55,9 +57,10 @@ int optee_verify_bootm_image(unsigned long image_addr, return ret; error: - printf(optee_hdr_err_msg, tzdram_start, tzdram_start + tzdram_len, - hdr->init_load_addr_lo, hdr->init_load_addr_hi, image_len, - hdr->arch, image_load_addr, image_load_addr + image_len); + printf(optee_hdr_err_msg, hdr, image_addr, hdr->magic, tzdram_start, + tzdram_start + tzdram_len, hdr->init_load_addr_lo, + hdr->init_load_addr_hi, image_len, hdr->arch, image_load_addr, + image_load_addr + image_len); return ret; } From patchwork Fri Jan 19 19:43:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 125219 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp444112ljf; Fri, 19 Jan 2018 11:47:40 -0800 (PST) X-Google-Smtp-Source: AH8x225JWqWbXJ5nmtXM5wtMCYW2qe0ZJQ9kgMrwjn2SqMN1mx1o5KbtICkDPIYho4aBvE8jTMJO X-Received: by 10.80.133.140 with SMTP id a12mr57605edh.286.1516391260772; Fri, 19 Jan 2018 11:47:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516391260; cv=none; d=google.com; s=arc-20160816; b=awIuIrfP5sAbvz71nUGJGfBHGyphjaHcEr6pJSOBHNA/pPO0UR9IEBhq6CvFv3sMDk L6lUOS7zu66C2SRBpAiNWiuUs6lpFwyN9zi6+HI4VYL209VWP7shs5qtwYSeMJ4+GYxs Zh/OcwPNDp/EuetU8ED9nuUztc0uXT/bmA+uA/bo6DsHQQ0JtpxjkgIzqLLlnXeoJ9GI yN3F87PE/Y2mUuuTx54nNHnI+bzfpo4ykfi4ocvpYgEP8Lk+OQBH8r8K0gpEeCHYI4cs NsihyPg+T4oQ9MQrPAJVKrxksiTR0EmvcqsGHzoioVi7OrfB1gXeNqVQoP5JHYbx+Mm4 NeGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=QFzOjjw6Ls0OcJzw5JuhqTbQjg8RHaD1PzgICbRrVMo=; b=cINYtTUxryFsMyh1I9ZZ7Oqa4hxl233hVXpV5SgRVuq0LaCRW1OaYVajDSG4VGJGa9 61W09LTNRfNQTzWRsk62JNt4I2CdaVz8Hjgxz2BdAruaWlaNLdp6bsaHBKXFkzXO9AxZ dkaPju8ERGjcVrnVPYZl229Lb0e7VrQutNnYaHj+q9R0QQ+ms4YhNRBRp8Th2CjVV8ou M5lYKVnw6PtfQ+j9PjWpzUndelvELu/f2nEQ97QpbZa6W5olOydyioDPKt8a3WRPhzoz qje4CNGoA69BShcOvSF/MxS4lOPkWLxuHQAeWbJjPQMr0Kr+PmulbkTXYdeYQDVoKPX2 hzng== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=jqSfUOqe; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 44si9606682edt.374.2018.01.19.11.47.40; Fri, 19 Jan 2018 11:47:40 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=jqSfUOqe; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 517B9C21F9E; Fri, 19 Jan 2018 19:45:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1BD87C21F9A; Fri, 19 Jan 2018 19:43:54 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 75B08C21F91; Fri, 19 Jan 2018 19:43:45 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 9CAFDC21DDF for ; Fri, 19 Jan 2018 19:43:41 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 141so5659369wme.3 for ; Fri, 19 Jan 2018 11:43:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VfQzZRzM3DQYXdLJBCX//TaVWV5MboWeZdKPbCHr1qE=; b=jqSfUOqeD0EEL5+mn0x1rdfji4Y2m6p4kFEaxfkQWjV4AzrzxeEcLQJhBeCdvPY7E2 mhy17I0xrtmUnE33KfC0ssPbemxIEbsXoBssY8owsaIbjtWQUY6Qd1jpVE+VH8+HkOWq lKJn7GfHaxUyehmkBIXpQkzsFhIgmLMymmiR0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VfQzZRzM3DQYXdLJBCX//TaVWV5MboWeZdKPbCHr1qE=; b=WyROJEca+pQ+ZdmOSYo6NtmCXZhelKuc/Sm8bwrAQm/hXzz6dsKyipey43xb7z/GFi lZ2Sfw8QgWRnXuZHKxvV7eUQvD7vTqC0PjtU4H0o0KIgBKzlYNNTfbJq9XawaMfhFaIs zWPMmZfvRQp195dMsPHXAlqt4V5A/1cILYSYQGKOtLQjOpQFmCHF/NjktVeuNun/TUIP ARWu7C0QvVVy/fDH8j2U+5UUkAQDmDuHkXG5/2Vkelo7L/UQxaQny3WDjj5HXtZzeyv/ guJTYlcrTdBz2K08YJ3WXEzmb/vsXtsoKioQWHVam9WIiAL/0nkAeI2kKpV2y3imr7al 6caA== X-Gm-Message-State: AKwxytduKJPQBBJ/B9GfCo7BEU4uJ7T809sVUWIixN4DIHF0l5uvkOLv +wJrR7op7xVuwRFaICtVjRQ7IIFLeyY= X-Received: by 10.80.208.145 with SMTP id v17mr56081edd.182.1516391021065; Fri, 19 Jan 2018 11:43:41 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id p6sm5936051edh.68.2018.01.19.11.43.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 11:43:40 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com Date: Fri, 19 Jan 2018 19:43:26 +0000 Message-Id: <1516391006-22483-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> References: <1516391006-22483-1-git-send-email-bryan.odonoghue@linaro.org> Cc: harinarayan@ti.com Subject: [U-Boot] [PATCH v2 9/9] bootm: optee: Add mechanism to validate an OPTEE image before boot X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch makes it possible to verify the contents and location of an OPTEE image in DRAM prior to handing off control to that image. If image verification fails we won't try to boot any further. Signed-off-by: Bryan O'Donoghue Cc: Harinarayan Bhatta Cc: Andrew F. Davis Cc: Tom Rini Cc: Kever Yang Cc: Philipp Tomsich Cc: Peng Fan Tested-by: Peng Fan --- common/bootm.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/common/bootm.c b/common/bootm.c index adb1213..d528844 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -19,6 +19,7 @@ #include #include #include +#include #if defined(CONFIG_CMD_USB) #include #endif @@ -201,6 +202,12 @@ static int bootm_find_os(cmd_tbl_t *cmdtp, int flag, int argc, if (images.os.type == IH_TYPE_KERNEL_NOLOAD) { images.os.load = images.os.image_start; images.ep += images.os.load; + } else if (images.os.type == IH_TYPE_OPTEE) { + ret = optee_verify_bootm_image(images.os.image_start, + images.os.load, + images.os.image_len); + if (ret) + return ret; } images.os.start = map_to_sysmem(os_hdr); @@ -275,7 +282,8 @@ static int bootm_find_other(cmd_tbl_t *cmdtp, int flag, int argc, { if (((images.os.type == IH_TYPE_KERNEL) || (images.os.type == IH_TYPE_KERNEL_NOLOAD) || - (images.os.type == IH_TYPE_MULTI)) && + (images.os.type == IH_TYPE_MULTI) || + (images.os.type == IH_TYPE_OPTEE)) && (images.os.os == IH_OS_LINUX || images.os.os == IH_OS_VXWORKS)) return bootm_find_images(flag, argc, argv); @@ -827,6 +835,7 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc, switch (image_get_type(hdr)) { case IH_TYPE_KERNEL: case IH_TYPE_KERNEL_NOLOAD: + case IH_TYPE_OPTEE: *os_data = image_get_data(hdr); *os_len = image_get_data_size(hdr); break;