[U-Boot] [PATCH 5/9] arm: omap-common: secure ROM signature verify API

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Lokesh Vutla <lokeshvutla@ti.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 5/9] arm: omap-common: secure ROM signature verify API
Date: Wed, 22 Jun 2016 15:13:04 +0530	[thread overview]
Message-ID: <576A5DA8.90605@ti.com> (raw)
In-Reply-To: <20160621235647.GC19080@bill-the-cat>



On Wednesday 22 June 2016 05:26 AM, Tom Rini wrote:
> On Tue, Jun 21, 2016 at 10:01:54AM +0530, Lokesh Vutla wrote:
>>
>>
>> On Tuesday 21 June 2016 09:04 AM, Andreas Dannenberg wrote:
>>> Adds an API that verifies a signature attached to an image (binary
>>> blob). This API is basically a entry to a secure ROM service provided by
>>> the device and accessed via an SMC call, using a particular calling
>>> convention.
>>>
>>> Signed-off-by: Daniel Allred <d-allred@ti.com>
>>> Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
>>> ---
>>>  arch/arm/cpu/armv7/omap-common/sec-common.c | 76 +++++++++++++++++++++++++++++
>>>  arch/arm/include/asm/omap_common.h          |  9 ++++
>>>  2 files changed, 85 insertions(+)
>>>
>>> diff --git a/arch/arm/cpu/armv7/omap-common/sec-common.c b/arch/arm/cpu/armv7/omap-common/sec-common.c
>>> index b9c0a42..dbb9078 100644
>>> --- a/arch/arm/cpu/armv7/omap-common/sec-common.c
>>> +++ b/arch/arm/cpu/armv7/omap-common/sec-common.c
>>> @@ -16,6 +16,9 @@
>>>  #include <asm/arch/sys_proto.h>
>>>  #include <asm/omap_common.h>
>>>  
>>> +/* Index for signature verify ROM API */
>>> +#define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX	(0x0000000E)
>>> +
>>>  static uint32_t secure_rom_call_args[5] __aligned(ARCH_DMA_MINALIGN);
>>>  
>>>  u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...)
>>> @@ -47,3 +50,76 @@ u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...)
>>>  
>>>  	return omap_smc_sec(service, proc_id, flag, secure_rom_call_args);
>>>  }
>>> +
>>> +static u32 find_sig_start(char *image, size_t size)
>>> +{
>>> +	char *image_end = image + size;
>>> +	char *sig_start_magic = "CERT_";
>>> +	int magic_str_len = strlen(sig_start_magic);
>>> +	char *ch;
>>> +
>>> +	while (--image_end > image) {
>>> +		if (*image_end == '_') {
>>> +			ch = image_end - magic_str_len + 1;
>>> +			if (!strncmp(ch, sig_start_magic, magic_str_len))
>>> +				return (u32)ch;
>>> +		}
>>> +	}
>>> +	return 0;
>>> +}
>>> +
>>> +int secure_boot_verify_image(void **image, size_t *size)
>>> +{
>>> +	int result = 1;
>>> +	u32 cert_addr, sig_addr;
>>> +	size_t cert_size;
>>> +
>>> +	/* Perform cache writeback on input buffer */
>>> +	flush_dcache_range(
>>> +		(u32)*image,
>>> +		(u32)*image + roundup(*size, ARCH_DMA_MINALIGN));
>>> +
>>> +	cert_addr = (uint32_t)*image;
>>> +	sig_addr = find_sig_start((char *)*image, *size);
>>> +
>>> +	if (sig_addr == 0) {
>>> +		printf("No signature found in image.\n");
>>> +		result = 1;
>>> +		goto auth_exit;
>>> +	}
>>> +
>>> +	*size = sig_addr - cert_addr;	/* Subtract out the signature size */
>>> +	cert_size = *size;
>>> +
>>> +	/* Check if image load address is 32-bit aligned */
>>> +	if (0 != (0x3 & cert_addr)) {
>>
>> 	if (!IS_ALIGNED(cert_addr, 4)) { ?
>>
>>> +		printf("Image is not 4-byte aligned.\n");
>>> +		result = 1;
>>> +		goto auth_exit;
>>> +	}
>>> +
>>> +	/* Image size also should be multiple of 4 */
>>> +	if (0 != (0x3 & cert_size)) {
>>
>> 	if (!IS_ALIGNED(cert_size, 4)) { ?
>>
>>> +		printf("Image size is not 4-byte aligned.\n");
>>> +		result = 1;
>>> +		goto auth_exit;
>>> +	}
>>> +
>>> +	/* Call ROM HAL API to verify certificate signature */
>>> +	debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__,
>>> +	      cert_addr, cert_size, sig_addr);
>>> +
>>> +	result = secure_rom_call(
>>> +		API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
>>> +		4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
>>> +auth_exit:
>>> +	if (result != 0) {
>>> +		printf("Authentication failed!\n");
>>> +		printf("Return Value = %08X\n", result);
>>> +		hang();
>>> +	}
>>> +
>>> +	printf("Authentication passed: %s\n", (char *)sig_addr);
>>
>> Uart boot will break because of these prints during the FIT loading. Can
>> you make this as debug?
> 
> Are you sure it will break?  There's usually a print in between loading
> SPL via UART and then U-Boot itself via UART and Y-MODEM is smart enough
> to re-transmit.
> 

Yes, if the print is in between while Y-MODEM is transferring. The above
print falls in this case.

Thanks and regards,
Lokesh

next prev parent reply	other threads:[~2016-06-22  9:43 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-06-21  3:34 [U-Boot] [PATCH 0/9] Secure Boot by Authenticating/Decrypting SPL FIT blobs Andreas Dannenberg
2016-06-21  3:34 ` [U-Boot] [PATCH 1/9] arm: cache: add missing dummy functions for when dcache disabled Andreas Dannenberg
2016-06-21  3:34 ` [U-Boot] [PATCH 2/9] spl: fit: add support for post-processing of images Andreas Dannenberg
2016-06-21 23:57   ` Tom Rini
2016-06-23  2:38   ` Masahiro Yamada
2016-06-23 13:25     ` Andreas Dannenberg
2016-06-23 13:57   ` Simon Glass
2016-06-23 14:19     ` Andreas Dannenberg
2016-06-23 14:45       ` Simon Glass
2016-06-23 15:00         ` Andreas Dannenberg
2016-06-21  3:34 ` [U-Boot] [PATCH 3/9] arm: omap-common: add secure smc entry Andreas Dannenberg
2016-06-21 23:57   ` Tom Rini
2016-06-21  3:34 ` [U-Boot] [PATCH 4/9] arm: omap-common: add secure rom call API for secure devices Andreas Dannenberg
2016-06-21 23:56   ` Tom Rini
2016-06-21  3:34 ` [U-Boot] [PATCH 5/9] arm: omap-common: secure ROM signature verify API Andreas Dannenberg
2016-06-21  4:31   ` Lokesh Vutla
2016-06-21  5:02     ` Andreas Dannenberg
2016-06-21  5:16       ` Lokesh Vutla
2016-06-21 23:56     ` Tom Rini
2016-06-22  9:43       ` Lokesh Vutla [this message]
2016-06-22 14:21         ` Andreas Dannenberg
2016-06-22 14:36           ` Tom Rini
2016-06-22 14:49             ` Andreas Dannenberg
2016-06-21  3:34 ` [U-Boot] [PATCH 6/9] arm: omap-common: Update to generate secure U-Boot FIT blob Andreas Dannenberg
2016-06-21  3:34 ` [U-Boot] [PATCH 7/9] arm: omap5: add U-Boot FIT signing and SPL image post-processing Andreas Dannenberg
2016-06-21 23:57   ` Tom Rini
2016-06-21  3:34 ` [U-Boot] [PATCH 8/9] arm: am4x: " Andreas Dannenberg
2016-06-21 23:57   ` Tom Rini
2016-06-21  3:34 ` [U-Boot] [PATCH 9/9] doc: Update info on using secure devices from TI Andreas Dannenberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=576A5DA8.90605@ti.com \
    --to=lokeshvutla@ti.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.