[PATCH V2 12/30] imx: ele_api: add DEK Blob generation
Peng Fan (OSS)
peng.fan at oss.nxp.com
Thu Jun 15 12:09:09 CEST 2023
From: Peng Fan <peng.fan at nxp.com>
- Add crc computation.
- Add ele_generate_dek_blob API for encrypted boot support.
Signed-off-by: Clement Faure <clement.faure at nxp.com>
Signed-off-by: Peng Fan <peng.fan at nxp.com>
---
arch/arm/include/asm/mach-imx/ele_api.h | 2 +-
drivers/misc/imx_ele/ele_api.c | 44 +++++++++++++++++++++++++
2 files changed, 45 insertions(+), 1 deletion(-)
diff --git a/arch/arm/include/asm/mach-imx/ele_api.h b/arch/arm/include/asm/mach-imx/ele_api.h
index 477cfe73ab0..053a23f030b 100644
--- a/arch/arm/include/asm/mach-imx/ele_api.h
+++ b/arch/arm/include/asm/mach-imx/ele_api.h
@@ -142,11 +142,11 @@ int ele_read_common_fuse(u16 fuse_id, u32 *fuse_words, u32 fuse_num, u32 *respon
int ele_release_caam(u32 core_did, u32 *response);
int ele_get_fw_version(u32 *fw_version, u32 *sha1, u32 *response);
int ele_get_events(u32 *events, u32 *events_cnt, u32 *response);
+int ele_generate_dek_blob(u32 key_id, u32 src_paddr, u32 dst_paddr, u32 max_output_size);
int ele_dump_buffer(u32 *buffer, u32 buffer_length);
int ele_get_info(struct ele_get_info_data *info, u32 *response);
int ele_get_fw_status(u32 *status, u32 *response);
int ele_release_m33_trout(void);
int ele_write_secure_fuse(ulong signed_msg_blk, u32 *response);
int ele_return_lifecycle_update(ulong signed_msg_blk, u32 *response);
-
#endif
diff --git a/drivers/misc/imx_ele/ele_api.c b/drivers/misc/imx_ele/ele_api.c
index 0ca0a94f08c..8a14cf6aa92 100644
--- a/drivers/misc/imx_ele/ele_api.c
+++ b/drivers/misc/imx_ele/ele_api.c
@@ -14,6 +14,18 @@
DECLARE_GLOBAL_DATA_PTR;
+static u32 compute_crc(const struct ele_msg *msg)
+{
+ u32 crc = 0;
+ size_t i = 0;
+ u32 *data = (u32 *)msg;
+
+ for (i = 0; i < (msg->size - 1); i++)
+ crc ^= data[i];
+
+ return crc;
+}
+
int ele_release_rdc(u8 core_id, u8 xrdc, u32 *response)
{
struct udevice *dev = gd->arch.ele_dev;
@@ -552,3 +564,35 @@ int ele_return_lifecycle_update(ulong signed_msg_blk, u32 *response)
return ret;
}
+
+int ele_generate_dek_blob(u32 key_id, u32 src_paddr, u32 dst_paddr, u32 max_output_size)
+{
+ struct udevice *dev = gd->arch.ele_dev;
+ int size = sizeof(struct ele_msg);
+ struct ele_msg msg;
+ int ret;
+
+ if (!dev) {
+ printf("ele dev is not initialized\n");
+ return -ENODEV;
+ }
+
+ msg.version = ELE_VERSION;
+ msg.tag = ELE_CMD_TAG;
+ msg.size = 8;
+ msg.command = ELE_GENERATE_DEK_BLOB;
+ msg.data[0] = key_id;
+ msg.data[1] = 0x0;
+ msg.data[2] = src_paddr;
+ msg.data[3] = 0x0;
+ msg.data[4] = dst_paddr;
+ msg.data[5] = max_output_size;
+ msg.data[6] = compute_crc(&msg);
+
+ ret = misc_call(dev, false, &msg, size, &msg, size);
+ if (ret)
+ printf("Error: %s: ret 0x%x, response 0x%x\n",
+ __func__, ret, msg.data[0]);
+
+ return ret;
+}
--
2.40.0
More information about the U-Boot
mailing list