[PATCH v2 4/4] arm64: zynqmp: Add support for saving sha3 key to different address

Michal Simek michal.simek at xilinx.com
Tue Oct 20 08:33:45 CEST 2020 

By default 48B sha3 hash value is written to srcaddr which is not the best
solution in case of that you want to use data for other operations. That's
why add key_addr optional parameters which enables to write 48B sha3 hash
value to specified address.

Signed-off-by: Michal Simek <michal.simek at xilinx.com>
Tested-by: Ashok Reddy Soma <ashok.reddy.soma at xilinx.com>
---

Changes in v2:
- Include to "arm: zynqmp: Add zynqmp specific command for security
  features" series
- Rebase with new - in help

 board/xilinx/zynqmp/cmds.c | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/board/xilinx/zynqmp/cmds.c b/board/xilinx/zynqmp/cmds.c
index b1dc98d076d0..cf63ad97fab7 100644
--- a/board/xilinx/zynqmp/cmds.c
+++ b/board/xilinx/zynqmp/cmds.c
@@ -285,11 +285,11 @@ static int do_zynqmp_rsa(struct cmd_tbl *cmdtp, int flag, int argc,
 static int do_zynqmp_sha3(struct cmd_tbl *cmdtp, int flag,
 			  int argc, char * const argv[])
 {
-	u64 srcaddr;
+	u64 srcaddr, hashaddr;
 	u32 srclen, ret_payload[PAYLOAD_ARG_CNT];
 	int ret;
 
-	if (argc != cmdtp->maxargs)
+	if (argc > cmdtp->maxargs || argc < (cmdtp->maxargs - 1))
 		return CMD_RET_USAGE;
 
 	if (zynqmp_firmware_version() <= PMUFW_V1_0) {
@@ -302,6 +302,15 @@ static int do_zynqmp_sha3(struct cmd_tbl *cmdtp, int flag,
 	srcaddr = simple_strtoul(argv[2], NULL, 16);
 	srclen = simple_strtoul(argv[3], NULL, 16);
 
+	if (argc == 5) {
+		hashaddr = simple_strtoul(argv[4], NULL, 16);
+		flush_dcache_range(hashaddr,
+				   hashaddr + roundup(ZYNQMP_SHA3_SIZE,
+						      ARCH_DMA_MINALIGN));
+	} else {
+		hashaddr = srcaddr;
+	}
+
 	/* Check srcaddr or srclen != 0 */
 	if (!srcaddr || !srclen) {
 		puts("ERR: srcaddr & srclen should not be 0\n");
@@ -328,9 +337,10 @@ static int do_zynqmp_sha3(struct cmd_tbl *cmdtp, int flag,
 		return CMD_RET_FAILURE;
 	}
 
-	ret = xilinx_pm_request(PM_SECURE_SHA, upper_32_bits((ulong)srcaddr),
-				lower_32_bits((ulong)srcaddr), ZYNQMP_SHA3_SIZE,
-				ZYNQMP_SHA3_FINAL, ret_payload);
+	ret = xilinx_pm_request(PM_SECURE_SHA, upper_32_bits((ulong)hashaddr),
+				lower_32_bits((ulong)hashaddr),
+				ZYNQMP_SHA3_SIZE, ZYNQMP_SHA3_FINAL,
+				ret_payload);
 	if (ret || ret_payload[1]) {
 		printf("Failed: SHA FINAL status:0x%x, errcode:0x%x\n",
 		       ret, ret_payload[1]);
@@ -347,7 +357,7 @@ static struct cmd_tbl cmd_zynqmp_sub[] = {
 	U_BOOT_CMD_MKENT(mmio_write, 5, 0, do_zynqmp_mmio_write, "", ""),
 	U_BOOT_CMD_MKENT(aes, 9, 0, do_zynqmp_aes, "", ""),
 	U_BOOT_CMD_MKENT(rsa, 7, 0, do_zynqmp_rsa, "", ""),
-	U_BOOT_CMD_MKENT(sha3, 4, 0, do_zynqmp_sha3, "", ""),
+	U_BOOT_CMD_MKENT(sha3, 5, 0, do_zynqmp_sha3, "", ""),
 #ifdef CONFIG_DEFINE_TCM_OCM_MMAP
 	U_BOOT_CMD_MKENT(tcminit, 3, 0, do_zynqmp_tcm_init, "", ""),
 #endif
@@ -415,9 +425,10 @@ static char zynqmp_help_text[] =
 	"	exp :	private key exponent for RSA decryption(4096 bits)\n"
 	"		public key exponent for RSA encryption(32 bits)\n"
 	"	rsaop :	0 for RSA Decryption, 1 for RSA Encryption\n"
-	"zynqmp sha3 srcaddr srclen -\n"
+	"zynqmp sha3 srcaddr srclen [key_addr] -\n"
 	"	Generates sha3 hash value for data blob at srcaddr and puts\n"
 	"	48 bytes hash value into srcaddr\n"
+	"	Optional key_addr can be specified for saving sha3 hash value\n"
 	"	Note: srcaddr/srclen should not be 0\n"
 	;
 #endif
-- 
2.28.0

More information about the U-Boot mailing list