[U-Boot] [PATCH 4/4] SECURE BOOT: support for validation of dynamic image

Ruchika Gupta ruchika.gupta at nxp.com
Fri Jan 15 08:08:18 CET 2016 

> -----Original Message-----
> From: Aneesh Bansal
> Sent: Tuesday, December 08, 2015 2:14 PM
> To: u-boot at lists.denx.de
> Cc: Yusong Sun <yorksun at freescale.com>; Ruchika Gupta
> <ruchika.gupta at freescale.com>; Prabhakar Kushwaha
> <prabhakar at freescale.com>; Aneesh Bansal
> <aneesh.bansal at freescale.com>; Saksham Jain <saksham at freescale.com>
> Subject: [PATCH 4/4] SECURE BOOT: support for validation of dynamic image
> 
> Some images to be validated are relocated to a dynamic address at run time.
> So, these addresses cannot be known befor hand while signing the images
> and creating the header offline.
> So, support is required to pass the image address to the validate function as
> an argument.
> If an address is provided to the function, the address field in Header is not
> read and is treated as a reserved field.
> 
> Signed-off-by: Saksham Jain <saksham at freescale.com>
> Signed-off-by: Aneesh Bansal <aneesh.bansal at freescale.com>
> ---
>  board/freescale/common/cmd_esbc_validate.c | 10 ++++++---
>  board/freescale/common/fsl_validate.c      | 33 ++++++++++++++++++---------
> ---
>  include/fsl_validate.h                     |  7 +++++--
>  3 files changed, 32 insertions(+), 18 deletions(-)
> 
> diff --git a/board/freescale/common/cmd_esbc_validate.c
> b/board/freescale/common/cmd_esbc_validate.c
> index ae6a9af..ca7c737 100644
> --- a/board/freescale/common/cmd_esbc_validate.c
> +++ b/board/freescale/common/cmd_esbc_validate.c
> @@ -22,7 +22,7 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
>  				char * const argv[])
>  {
>  	char *hash_str = NULL;
> -	ulong haddr;
> +	uintptr_t haddr;
>  	int ret;
> 
>  	if (argc < 2)
> @@ -32,9 +32,13 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag,
> int argc,
>  		hash_str = argv[2];
> 
>  	/* First argument - header address -32/64bit */
> -	haddr = simple_strtoul(argv[1], NULL, 16);
> +	haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);
> 
> -	ret = fsl_secboot_validate(haddr, hash_str);
> +	/* With esbc_validate command, Image address must be
> +	 * part of header. So, the function is called
> +	 * by passing this argument as 0.
> +	 */
> +	ret = fsl_secboot_validate(haddr, hash_str, 0);
>  	if (ret)
>  		return 1;
> 
> diff --git a/board/freescale/common/fsl_validate.c
> b/board/freescale/common/fsl_validate.c
> index 08a2f79..de40081 100644
> --- a/board/freescale/common/fsl_validate.c
> +++ b/board/freescale/common/fsl_validate.c
> @@ -536,13 +536,8 @@ static int calc_esbchdr_esbc_hash(struct
> fsl_secboot_img_priv *img)
>  		return ret;
> 
>  	/* Update hash for actual Image */
> -#ifdef CONFIG_ESBC_ADDR_64BIT
>  	ret = algo->hash_update(algo, ctx,
> -		(u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1);
> -#else
> -	ret = algo->hash_update(algo, ctx,
> -		(u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1);
> -#endif
> +		(u8 *)img->img_addr, img->img_size, 1);
>  	if (ret)
>  		return ret;
> 
> @@ -632,16 +627,25 @@ static int read_validate_esbc_client_header(struct
> fsl_secboot_img_priv *img)
>  	if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
>  		return ERROR_ESBC_CLIENT_HEADER_BARKER;
> 
> -#ifdef CONFIG_ESBC_ADDR_64BIT
> -	sprintf(buf, "%llx", hdr->pimg64);
> -#else
> -	sprintf(buf, "%x", hdr->pimg);
> -#endif
> +	/* If Image Address is not passed as argument to function,
> +	 * then Address and Size must be read from the Header.
> +	 */
> +	if (img->img_addr == 0) {
> +	#ifdef CONFIG_ESBC_ADDR_64BIT
> +		img->img_addr = hdr->pimg64;
> +	#else
> +		img->img_addr = hdr->pimg;
> +	#endif
> +	}
> +
> +	sprintf(buf, "%lx", img->img_addr);
>  	setenv("img_addr", buf);
> 
>  	if (!hdr->img_size)
>  		return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
> 
> +	img->img_size = hdr->img_size;
> +
>  	/* Key checking*/
>  #ifdef CONFIG_KEY_REVOCATION
>  	if (check_srk(img)) {
> @@ -774,7 +778,8 @@ static int calculate_cmp_img_sig(struct
> fsl_secboot_img_priv *img)
>  	return 0;
>  }
> 
> -int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
> +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
> +			uintptr_t img_addr)
>  {
>  	struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
>  	ulong hash[SHA256_BYTES/sizeof(ulong)]; @@ -824,9 +829,11 @@
> int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
> 
>  	memset(img, 0, sizeof(struct fsl_secboot_img_priv));
> 
> +	/* Update the information in Private Struct */
>  	hdr = &img->hdr;
>  	img->ehdrloc = haddr;
> -	esbc = (u8 *)(uintptr_t)img->ehdrloc;
> +	img->img_addr = img_addr;
> +	esbc = (u8 *)img->ehdrloc;
> 
>  	memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
> 
> diff --git a/include/fsl_validate.h b/include/fsl_validate.h index
> bda802f..ad14867 100644
> --- a/include/fsl_validate.h
> +++ b/include/fsl_validate.h
> @@ -193,10 +193,13 @@ struct fsl_secboot_img_priv {
>  						 */
> 
>  	struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES];	/* SG table */
> -	ulong ehdrloc;		/* ESBC client location */
> +	uintptr_t ehdrloc;	/* ESBC Header location */
> +	uintptr_t img_addr;	/* ESBC Image Location */
> +	uint32_t img_size;	/* ESBC Image Size */
>  };
> 
> -int fsl_secboot_validate(ulong haddr, char *arg_hash_str);
> +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
> +	uintptr_t img_loc);
>  int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
>  	char * const argv[]);
>  int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,
> --
> 1.8.1.4
Acked-by: Ruchika Gupta <ruchika.gupta at nxp.com>

More information about the U-Boot mailing list