[U-Boot] [RFC 7/9] arm: am4x: add secure ROM signature verify API

Andreas Dannenberg dannenberg at ti.com
Wed Jun 15 21:26:39 CEST 2016 

From: Madan Srinivas <madans at ti.com>

Adds an API that verifies a signature attached to an image (binary
blob). This API is basically a entry to a secure ROM service provided by
the device and accessed via an SMC call, using a particular calling
convention. This API is common across AM3x HS and AM4x HS devices.

Signed-off-by: Madan Srinivas <madans at ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg at ti.com>
---
 arch/arm/cpu/armv7/am33xx/Makefile           |  2 +
 arch/arm/cpu/armv7/am33xx/sec_fxns.c         | 90 ++++++++++++++++++++++++++++
 arch/arm/include/asm/arch-am33xx/sys_proto.h |  6 +-
 3 files changed, 97 insertions(+), 1 deletion(-)
 create mode 100644 arch/arm/cpu/armv7/am33xx/sec_fxns.c

diff --git a/arch/arm/cpu/armv7/am33xx/Makefile b/arch/arm/cpu/armv7/am33xx/Makefile
index 6fda482..d2b3e37 100644
--- a/arch/arm/cpu/armv7/am33xx/Makefile
+++ b/arch/arm/cpu/armv7/am33xx/Makefile
@@ -20,3 +20,5 @@ obj-y	+= board.o
 obj-y	+= mux.o
 
 obj-$(CONFIG_CLOCK_SYNTHESIZER)	+= clk_synthesizer.o
+
+obj-$(CONFIG_TI_SECURE_DEVICE) += sec_fxns.o
diff --git a/arch/arm/cpu/armv7/am33xx/sec_fxns.c b/arch/arm/cpu/armv7/am33xx/sec_fxns.c
new file mode 100644
index 0000000..560297c
--- /dev/null
+++ b/arch/arm/cpu/armv7/am33xx/sec_fxns.c
@@ -0,0 +1,90 @@
+/*
+ * sec_fxns.c
+ *
+ * Common security functions for AMxx devices that rely
+ * on secure ROM services.
+ *
+ * Copyright (C) 2013, Texas Instruments, Incorporated - http://www.ti.com/
+ *
+ * SPDX-License-Identifier:	GPL-2.0+
+ */
+
+#include <common.h>
+#include <asm/arch/sys_proto.h>
+#include <asm/omap_common.h>
+
+/* Index for signature verify ROM API*/
+#define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX	(0x0000000E)
+
+static u32 find_sig_start(char *image, size_t size)
+{
+	char *image_end = image + size;
+	char *sig_start_magic = "CERT_";
+	int magic_str_len = strlen(sig_start_magic);
+	char *ch;
+
+	while (--image_end > image) {
+		if (*image_end == '_') {
+			ch = image_end - magic_str_len + 1;
+			if (!strncmp(ch, sig_start_magic, magic_str_len))
+				return (u32)ch;
+		}
+	}
+	return 0;
+}
+
+int secure_boot_verify_image(void **image, size_t *size)
+{
+	int result = 1;
+	u32 cert_addr, sig_addr;
+	size_t cert_size;
+
+#ifndef CONFIG_SYS_DCACHE_OFF
+	/* Perform cache writeback on input buffer */
+	flush_dcache_range(
+		(u32)*image,
+		(u32)*image + roundup(*size, ARCH_DMA_MINALIGN));
+#endif
+	cert_addr = (uint32_t)*image;
+	sig_addr = find_sig_start((char *)*image, *size);
+
+	if (sig_addr == 0) {
+		puts("No signature found in image.\n");
+		result = 1;
+		goto auth_exit;
+	}
+
+	*size = sig_addr - cert_addr;	/* Subtract out the signature size */
+	cert_size = *size;
+
+	/* Check if image load address is 32-bit aligned */
+	if (0 != (0x3 & cert_addr)) {
+		puts("Image is not 4-byte aligned.\n");
+		result = 1;
+		goto auth_exit;
+	}
+
+	/* Image size also should be multiple of 4 */
+	if (0 != (0x3 & cert_size)) {
+		puts("Image size is not 4-byte aligned.\n");
+		result = 1;
+		goto auth_exit;
+	}
+
+	/* Call ROM HAL API to verify certificate signature */
+	debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__,
+	      cert_addr, cert_size, sig_addr);
+
+	result = secure_rom_call(
+		API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
+		4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
+auth_exit:
+	if (result != 0) {
+		puts("Authentication failed!\n");
+		printf("Return Value = %08X\n", result);
+		hang();
+	}
+
+	printf("Authentication passed: %s\n", (char *)sig_addr);
+	return result;
+}
diff --git a/arch/arm/include/asm/arch-am33xx/sys_proto.h b/arch/arm/include/asm/arch-am33xx/sys_proto.h
index 8f573d2..f5fc916 100644
--- a/arch/arm/include/asm/arch-am33xx/sys_proto.h
+++ b/arch/arm/include/asm/arch-am33xx/sys_proto.h
@@ -41,7 +41,11 @@ void enable_norboot_pin_mux(void);
 void am33xx_spl_board_init(void);
 int am335x_get_efuse_mpu_max_freq(struct ctrl_dev *cdev);
 int am335x_get_tps65910_mpu_vdd(int sil_rev, int frequency);
-#endif
 
 void enable_usb_clocks(int index);
 void disable_usb_clocks(int index);
+
+#ifdef CONFIG_TI_SECURE_DEVICE
+int secure_boot_verify_image(void **p_image, size_t *p_size);
+#endif
+#endif
-- 
2.6.4

More information about the U-Boot mailing list