[U-Boot] [PATCH] Support i.MX6 High Assurance Boot (HAB) authentication of images
nitin.garg at freescale.com
nitin.garg at freescale.com
Sun Aug 31 22:16:19 CEST 2014
From: Nitin Garg <nitin.garg at freescale.com>
Add hab_auth_img u-boot command which can be used for HAB authentication
of images.
Signed-off-by: Nitin Garg <nitin.garg at freescale.com>
---
arch/arm/cpu/armv7/mx6/clock.c | 40 ++++++-
arch/arm/cpu/armv7/mx6/hab.c | 180 ++++++++++++++++++++++++++++-
arch/arm/cpu/armv7/mx6/soc.c | 15 +++
arch/arm/include/asm/arch-mx6/clock.h | 6 +
arch/arm/include/asm/arch-mx6/sys_proto.h | 4 +-
5 files changed, 242 insertions(+), 3 deletions(-)
diff --git a/arch/arm/cpu/armv7/mx6/clock.c b/arch/arm/cpu/armv7/mx6/clock.c
index 820b8d5..62de8c9 100644
--- a/arch/arm/cpu/armv7/mx6/clock.c
+++ b/arch/arm/cpu/armv7/mx6/clock.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010-2011 Freescale Semiconductor, Inc.
+ * Copyright (C) 2010-2014 Freescale Semiconductor, Inc.
*
* SPDX-License-Identifier: GPL-2.0+
*/
@@ -543,6 +543,44 @@ int enable_pcie_clock(void)
BM_ANADIG_PLL_ENET_ENABLE_PCIE);
}
+#ifdef CONFIG_SECURE_BOOT
+void hab_caam_clock_enable(void)
+{
+ struct mxc_ccm_reg *ccm_regs = (struct mxc_ccm_reg *)CCM_BASE_ADDR;
+ u32 reg = 0;
+
+ /*CG4 ~ CG6, enable CAAM clocks*/
+ reg = readl(&ccm_regs->CCGR0);
+ reg |= (MXC_CCM_CCGR0_CAAM_WRAPPER_IPG_MASK |
+ MXC_CCM_CCGR0_CAAM_WRAPPER_ACLK_MASK |
+ MXC_CCM_CCGR0_CAAM_SECURE_MEM_MASK);
+ writel(reg, &ccm_regs->CCGR0);
+
+ /* Enable EMI slow clk */
+ reg = readl(&ccm_regs->CCGR6);
+ reg |= MXC_CCM_CCGR6_EMI_SLOW_MASK;
+ writel(reg, &ccm_regs->CCGR6);
+}
+
+void hab_caam_clock_disable(void)
+{
+ struct mxc_ccm_reg *ccm_regs = (struct mxc_ccm_reg *)CCM_BASE_ADDR;
+ u32 reg = 0;
+
+ /*CG4 ~ CG6, disable CAAM clocks*/
+ reg = readl(&ccm_regs->CCGR0);
+ reg &= ~(MXC_CCM_CCGR0_CAAM_WRAPPER_IPG_MASK |
+ MXC_CCM_CCGR0_CAAM_WRAPPER_ACLK_MASK |
+ MXC_CCM_CCGR0_CAAM_SECURE_MEM_MASK);
+ writel(reg, &ccm_regs->CCGR0);
+
+ /* Disable EMI slow clk */
+ reg = readl(&ccm_regs->CCGR6);
+ reg &= ~MXC_CCM_CCGR6_EMI_SLOW_MASK;
+ writel(reg, &ccm_regs->CCGR6);
+}
+#endif
+
unsigned int mxc_get_clock(enum mxc_clock clk)
{
switch (clk) {
diff --git a/arch/arm/cpu/armv7/mx6/hab.c b/arch/arm/cpu/armv7/mx6/hab.c
index f6810a6..55780b8 100644
--- a/arch/arm/cpu/armv7/mx6/hab.c
+++ b/arch/arm/cpu/armv7/mx6/hab.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010-2013 Freescale Semiconductor, Inc.
+ * Copyright (C) 2010-2014 Freescale Semiconductor, Inc.
*
* SPDX-License-Identifier: GPL-2.0+
*/
@@ -7,8 +7,12 @@
#include <common.h>
#include <asm/io.h>
#include <asm/arch/hab.h>
+#include <asm/arch/clock.h>
#include <asm/arch/sys_proto.h>
+/* enable HAB (High Assurance Boot) debug */
+/* #define DEBUG_AUTHENTICATE_IMAGE */
+
/* -------- start of HAB API updates ------------*/
#define hab_rvt_report_event_p \
@@ -71,6 +75,41 @@
((hab_rvt_exit_t *)HAB_RVT_EXIT) \
)
+#define IVT_SIZE 0x20
+#define ALIGN_SIZE 0x1000
+#define CSF_PAD_SIZE 0x2000
+
+/*
+ * +------------+ 0x0 (DDR_UIMAGE_START) -
+ * | Header | |
+ * +------------+ 0x40 |
+ * | | |
+ * | | |
+ * | | |
+ * | | |
+ * | Image Data | |
+ * . | |
+ * . | > Stuff to be authenticated ----+
+ * . | | |
+ * | | | |
+ * | | | |
+ * +------------+ | |
+ * | | | |
+ * | Fill Data | | |
+ * | | | |
+ * +------------+ Align to ALIGN_SIZE | |
+ * | IVT | | |
+ * +------------+ + IVT_SIZE - |
+ * | | |
+ * | CSF DATA | <---------------------------------------------------------+
+ * | |
+ * +------------+
+ * | |
+ * | Fill Data |
+ * | |
+ * +------------+ + CSF_PAD_SIZE
+ */
+
bool is_hab_enabled(void)
{
struct ocotp_regs *ocotp = (struct ocotp_regs *)OCOTP_BASE_ADDR;
@@ -144,6 +183,120 @@ int get_hab_status(void)
return 0;
}
+#ifdef DEBUG_AUTHENTICATE_IMAGE
+void dump_mem(uint32_t addr, int size)
+{
+ int i;
+
+ for (i = 0; i < size; i += 4) {
+ if (i != 0) {
+ if (i % 16 == 0)
+ printf("\n");
+ else
+ printf(" ");
+ }
+
+ printf("0x%08x", *(uint32_t *)addr);
+ addr += 4;
+ }
+
+ printf("\n");
+
+ return;
+}
+#endif
+
+uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size)
+{
+ uint32_t load_addr = 0;
+ size_t bytes;
+ ptrdiff_t ivt_offset = 0;
+ int result = 0;
+ ulong start;
+ hab_rvt_authenticate_image_t *hab_rvt_authenticate_image;
+ hab_rvt_entry_t *hab_rvt_entry;
+ hab_rvt_exit_t *hab_rvt_exit;
+
+ hab_rvt_authenticate_image = hab_rvt_authenticate_image_p;
+ hab_rvt_entry = hab_rvt_entry_p;
+ hab_rvt_exit = hab_rvt_exit_p;
+
+ if (is_hab_enabled()) {
+ printf("\nAuthenticate uImage from DDR location 0x%x...\n",
+ ddr_start);
+
+ hab_caam_clock_enable();
+
+ if (hab_rvt_entry() == HAB_SUCCESS) {
+ /* If not already aligned, Align to ALIGN_SIZE */
+ ivt_offset = (image_size + ALIGN_SIZE - 1) &
+ ~(ALIGN_SIZE - 1);
+
+ start = ddr_start;
+ bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE;
+
+#ifdef DEBUG_AUTHENTICATE_IMAGE
+ printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n",
+ ivt_offset, ddr_start + ivt_offset);
+ printf("Dumping IVT\n");
+ dump_mem(ddr_start + ivt_offset, 0x20);
+
+ printf("Dumping CSF Header\n");
+ dump_mem(ddr_start + ivt_offset + 0x20, 0x40);
+
+ get_hab_status();
+
+ printf("\nCalling authenticate_image in ROM\n");
+ printf("\tivt_offset = 0x%x\n\tstart = 0x%08x"
+ "\n\tbytes = 0x%x\n", ivt_offset, start, bytes);
+#endif
+ /*
+ * If the MMU is enabled, we have to notify the ROM
+ * code, or it won't flush the caches when needed.
+ * This is done, by setting the "pu_irom_mmu_enabled"
+ * word to 1. You can find its address by looking in
+ * the ROM map. This is critical for
+ * authenticate_image(). If MMU is enabled, without
+ * setting this but, authentication will fail and may
+ * crash.
+ */
+ if (is_cpu_type(MXC_CPU_MX6Q) ||
+ is_cpu_type(MXC_CPU_MX6D)) {
+ /*
+ * This won't work on Rev 1.0.0 of i.MX6Q/D,
+ * since their ROM doesn't do cache flushes.
+ * I don't think any exist, so we ignore them.
+ */
+ writel(1, 0x009024a8);
+ } else if (is_cpu_type(MXC_CPU_MX6DL) ||
+ is_cpu_type(MXC_CPU_MX6SOLO)) {
+ writel(1, 0x00901dd0);
+ } else if (is_cpu_type(MXC_CPU_MX6SL)) {
+ writel(1, 0x00900a18);
+ }
+
+ load_addr = (uint32_t)hab_rvt_authenticate_image(
+ HAB_CID_UBOOT,
+ ivt_offset, (void **)&start,
+ (size_t *)&bytes, NULL);
+ if (hab_rvt_exit() != HAB_SUCCESS) {
+ printf("hab exit function fail\n");
+ load_addr = 0;
+ }
+ } else
+ printf("hab entry function fail\n");
+
+ hab_caam_clock_disable();
+
+ get_hab_status();
+ }
+
+ if ((!is_hab_enabled()) || (load_addr != 0))
+ result = 1;
+
+ return result;
+}
+
int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
{
if ((argc != 1)) {
@@ -156,8 +309,33 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
return 0;
}
+static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ ulong addr, ivt_offset;
+ int rcode = 0;
+
+ if (argc < 3)
+ return CMD_RET_USAGE;
+
+ addr = simple_strtoul(argv[1], NULL, 16);
+ ivt_offset = simple_strtoul(argv[2], NULL, 16);
+
+ rcode = authenticate_image(addr, ivt_offset);
+
+ return rcode;
+}
+
U_BOOT_CMD(
hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status,
"display HAB status",
""
);
+
+U_BOOT_CMD(
+ hab_auth_img, 3, 1, do_authenticate_image,
+ "authenticate image via HAB",
+ "addr ivt_offset\n"
+ "addr - image hex address\n"
+ "ivt_offset - hex offset of IVT in the image"
+ );
diff --git a/arch/arm/cpu/armv7/mx6/soc.c b/arch/arm/cpu/armv7/mx6/soc.c
index 8aacdaf..4cb46a8 100644
--- a/arch/arm/cpu/armv7/mx6/soc.c
+++ b/arch/arm/cpu/armv7/mx6/soc.c
@@ -408,10 +408,25 @@ int board_postclk_init(void)
#ifndef CONFIG_SYS_DCACHE_OFF
void enable_caches(void)
{
+#if defined(CONFIG_SYS_ARM_CACHE_WRITETHROUGH)
+ enum dcache_option option = DCACHE_WRITETHROUGH;
+#else
+ enum dcache_option option = DCACHE_WRITEBACK;
+#endif
+
/* Avoid random hang when download by usb */
invalidate_dcache_all();
+
/* Enable D-cache. I-cache is already enabled in start.S */
dcache_enable();
+
+ /* Enable caching on OCRAM and ROM */
+ mmu_set_region_dcache_behaviour(ROMCP_ARB_BASE_ADDR,
+ ROMCP_ARB_END_ADDR,
+ option);
+ mmu_set_region_dcache_behaviour(IRAM_BASE_ADDR,
+ IRAM_SIZE,
+ option);
}
#endif
diff --git a/arch/arm/include/asm/arch-mx6/clock.h b/arch/arm/include/asm/arch-mx6/clock.h
index 339c789..b7c36e5 100644
--- a/arch/arm/include/asm/arch-mx6/clock.h
+++ b/arch/arm/include/asm/arch-mx6/clock.h
@@ -2,6 +2,8 @@
* (C) Copyright 2009
* Stefano Babic, DENX Software Engineering, sbabic at denx.de.
*
+ * (C) Copyright 2014 Freescale Semiconductor, Inc.
+ *
* SPDX-License-Identifier: GPL-2.0+
*/
@@ -60,4 +62,8 @@ int enable_i2c_clk(unsigned char enable, unsigned i2c_num);
int enable_spi_clk(unsigned char enable, unsigned spi_num);
void enable_ipu_clock(void);
int enable_fec_anatop_clock(enum enet_freq freq);
+#ifdef CONFIG_SECURE_BOOT
+void hab_caam_clock_enable(void);
+void hab_caam_clock_disable(void);
+#endif
#endif /* __ASM_ARCH_CLOCK_H */
diff --git a/arch/arm/include/asm/arch-mx6/sys_proto.h b/arch/arm/include/asm/arch-mx6/sys_proto.h
index 306d699..2bbb86e 100644
--- a/arch/arm/include/asm/arch-mx6/sys_proto.h
+++ b/arch/arm/include/asm/arch-mx6/sys_proto.h
@@ -2,6 +2,8 @@
* (C) Copyright 2009
* Stefano Babic, DENX Software Engineering, sbabic at denx.de.
*
+ * (C) Copyright 2014 Freescale Semiconductor, Inc.
+ *
* SPDX-License-Identifier: GPL-2.0+
*/
@@ -11,7 +13,7 @@
#include <asm/imx-common/regs-common.h>
#include "../arch-imx/cpu.h"
-#define soc_rev() (get_cpu_rev() & 0xFF)
+#define soc_rev() ((int)(get_cpu_rev() & 0xFF))
#define is_soc_rev(rev) (soc_rev() - rev)
u32 get_nr_cpus(void);
--
1.7.9.5
More information about the U-Boot
mailing list