[PATCH 1/4] ARM: stm32: Fix ECDSA authentication with Dcache enabled

Tue Dec 6 10:13:49 CET 2022

Hi Marek,

On 12/6/22 03:33, Marek Vasut wrote:
> In case Dcache is enabled while the ECDSA authentication function is
> called via BootROM ROM API, the CRYP DMA might pick stale version of
> data from DRAM. Disable Dcache around the BootROM call to avoid this
> issue.
>
> Signed-off-by: Marek Vasut <marex at denx.de>
> ---
> Cc: Alexandru Gagniuc <mr.nuke.me at gmail.com>
> Cc: Patrice Chotard <patrice.chotard at foss.st.com>
> Cc: Patrick Delaunay <patrick.delaunay at foss.st.com>
> ---
>   arch/arm/mach-stm32mp/ecdsa_romapi.c | 14 ++++++++++++++
>   1 file changed, 14 insertions(+)
>
> diff --git a/arch/arm/mach-stm32mp/ecdsa_romapi.c b/arch/arm/mach-stm32mp/ecdsa_romapi.c
> index a2f63ff879f..72b87bf2c64 100644
> --- a/arch/arm/mach-stm32mp/ecdsa_romapi.c
> +++ b/arch/arm/mach-stm32mp/ecdsa_romapi.c
> @@ -64,6 +64,7 @@ static int romapi_ecdsa_verify(struct udevice *dev,
>   			       const void *signature, size_t sig_len)
>   {
>   	struct ecdsa_rom_api rom;
> +	bool reenable_dcache;
>   	uint8_t raw_key[64];
>   	uint32_t rom_ret;
>   	int algo;
> @@ -81,8 +82,21 @@ static int romapi_ecdsa_verify(struct udevice *dev,
>   	memcpy(raw_key + 32, pubkey->y, 32);
>   
>   	stm32mp_rom_get_ecdsa_functions(&rom);
> +
> +	/*
> +	 * Disable D-cache before calling into BootROM, else CRYP DMA
> +	 * may fail to pick up the correct data.
> +	 */
> +	if (dcache_status()) {
> +		dcache_disable();
> +		reenable_dcache = true;
> +	}
> +
>   	rom_ret = rom.ecdsa_verify_signature(hash, raw_key, signature, algo);

so the signature verification (the code execution) is done with dcache 
OFF....

flush the input data should be enought for DMA operation ?

=> call flush_dcache_all() or flush_dcache_range()

for example:

if (dcache_status())
	flush_dcache_all();

>   
> +	if (reenable_dcache)
> +		dcache_enable();
> +
>   	return rom_ret == ROM_API_SUCCESS ? 0 : -EPERM;
>   }
>   

Regards

Patrick