[PATCH] arm: mach-k3: security: separate out validating binary logic

[PATCH] arm: mach-k3: security: separate out validating binary logic

[Manorit Chawdhry]

K3 GP devices allows booting the secure binaries on them by bypassing
the x509 header on them.

ATF and OPTEE firewalling required the rproc_load to be called before
authentication. This change caused the failure for GP devices that
strips off the headers. The boot vector had been set before the headers
were stripped off causing the runtime stripping to fail and stripping
becoming in-effective.

Separate out the secure binary check on GP/HS devices so that the
boot_vector could be stripped before calling rproc_load. This allows
keeping the authentication later when the cluster is on along with
allowing the stripping of the binaries in case of gp devices.

Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee")

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
---
 arch/arm/mach-k3/common.c   |  5 +++++
 arch/arm/mach-k3/common.h   |  1 +
 arch/arm/mach-k3/security.c | 32 ++++++++++++++++++++++++--------
 3 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
index 3c85caee579d..34737a43aa08 100644
--- a/arch/arm/mach-k3/common.c
+++ b/arch/arm/mach-k3/common.c
@@ -347,8 +347,13 @@ void board_fit_image_post_process(const void *fit, int node, void **p_image,
 	if ((i != IMAGE_ID_ATF) && (i != IMAGE_ID_OPTEE))
 #endif
 	{
+		ti_secure_image_check_binary(p_image, p_size);
 		ti_secure_image_post_process(p_image, p_size);
 	}
+#if IS_ENABLED(CONFIG_SYS_K3_SPL_ATF)
+	else
+		ti_secure_image_check_binary(p_image, p_size);
+#endif
 }
 #endif
 
diff --git a/arch/arm/mach-k3/common.h b/arch/arm/mach-k3/common.h
index e7e59f533b70..899be64a50cb 100644
--- a/arch/arm/mach-k3/common.h
+++ b/arch/arm/mach-k3/common.h
@@ -41,3 +41,4 @@ enum k3_device_type get_device_type(void);
 void ti_secure_image_post_process(void **p_image, size_t *p_size);
 struct ti_sci_handle *get_ti_sci_handle(void);
 void do_board_detect(void);
+void ti_secure_image_check_binary(void **p_image, size_t *p_size);
diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index 6179f7373aa7..02a2c12dbd6f 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -38,19 +38,16 @@ static size_t ti_secure_cert_length(void *p_image)
 	return seq_length + 4;
 }
 
-void ti_secure_image_post_process(void **p_image, size_t *p_size)
+void ti_secure_image_check_binary(void **p_image, size_t *p_size)
 {
-	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
-	struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
-	size_t cert_length;
-	u64 image_addr;
 	u32 image_size;
-	int ret;
-
+	size_t cert_length;
 	image_size = *p_size;
 
-	if (!image_size)
+	if (!image_size) {
+		debug("%s: Image size is %d\n", __func__, image_size);
 		return;
+	}
 
 	if (get_device_type() == K3_DEVICE_TYPE_GP) {
 		if (ti_secure_cert_detected(*p_image)) {
@@ -78,6 +75,25 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
 		       "This will fail on Security Enforcing(HS-SE) devices\n");
 		return;
 	}
+}
+
+void ti_secure_image_post_process(void **p_image, size_t *p_size)
+{
+	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
+	struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
+	u64 image_addr;
+	u32 image_size;
+	int ret;
+
+	image_size = *p_size;
+	if (!image_size) {
+		debug("%s: Image size is %d\n", __func__, image_size);
+		return;
+	}
+
+	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
+	    get_device_type() != K3_DEVICE_TYPE_HS_FS)
+		return;
 
 	/* Clean out image so it can be seen by system firmware */
 	image_addr = dma_map_single(*p_image, *p_size, DMA_BIDIRECTIONAL);

---
base-commit: 0a9a4384c1483a88776bca38e28f09be51161034
change-id: 20230512-b4-upstream-atf-optee-am62-gp-20bfcb479ac4

Best regards,
-- 
Manorit Chawdhry <m-chawdhry@ti.com>

Re: [PATCH] arm: mach-k3: security: separate out validating binary logic

[Manorit Chawdhry]

Hi Tom,

On 18/05/23 12:44, Manorit Chawdhry wrote:
> K3 GP devices allows booting the secure binaries on them by bypassing
> the x509 header on them.
>
> ATF and OPTEE firewalling required the rproc_load to be called before
> authentication. This change caused the failure for GP devices that
> strips off the headers. The boot vector had been set before the headers
> were stripped off causing the runtime stripping to fail and stripping
> becoming in-effective.
>
> Separate out the secure binary check on GP/HS devices so that the
> boot_vector could be stripped before calling rproc_load. This allows
> keeping the authentication later when the cluster is on along with
> allowing the stripping of the binaries in case of gp devices.
>
> Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee")
>
> Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
> ---
>   arch/arm/mach-k3/common.c   |  5 +++++
>   arch/arm/mach-k3/common.h   |  1 +
>   arch/arm/mach-k3/security.c | 32 ++++++++++++++++++++++++--------
>   3 files changed, 30 insertions(+), 8 deletions(-)
>
> diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
> index 3c85caee579d..34737a43aa08 100644
> --- a/arch/arm/mach-k3/common.c
> +++ b/arch/arm/mach-k3/common.c
> @@ -347,8 +347,13 @@ void board_fit_image_post_process(const void *fit, int node, void **p_image,
>   	if ((i != IMAGE_ID_ATF) && (i != IMAGE_ID_OPTEE))
>   #endif
>   	{
> +		ti_secure_image_check_binary(p_image, p_size);
>   		ti_secure_image_post_process(p_image, p_size);
>   	}
> +#if IS_ENABLED(CONFIG_SYS_K3_SPL_ATF)
> +	else
> +		ti_secure_image_check_binary(p_image, p_size);
> +#endif
>   }
>   #endif
>   
> diff --git a/arch/arm/mach-k3/common.h b/arch/arm/mach-k3/common.h
> index e7e59f533b70..899be64a50cb 100644
> --- a/arch/arm/mach-k3/common.h
> +++ b/arch/arm/mach-k3/common.h
> @@ -41,3 +41,4 @@ enum k3_device_type get_device_type(void);
>   void ti_secure_image_post_process(void **p_image, size_t *p_size);
>   struct ti_sci_handle *get_ti_sci_handle(void);
>   void do_board_detect(void);
> +void ti_secure_image_check_binary(void **p_image, size_t *p_size);
> diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
> index 6179f7373aa7..02a2c12dbd6f 100644
> --- a/arch/arm/mach-k3/security.c
> +++ b/arch/arm/mach-k3/security.c
> @@ -38,19 +38,16 @@ static size_t ti_secure_cert_length(void *p_image)
>   	return seq_length + 4;
>   }
>   
> -void ti_secure_image_post_process(void **p_image, size_t *p_size)
> +void ti_secure_image_check_binary(void **p_image, size_t *p_size)
>   {
> -	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
> -	struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
> -	size_t cert_length;
> -	u64 image_addr;
>   	u32 image_size;
> -	int ret;
> -
> +	size_t cert_length;
>   	image_size = *p_size;
>   
> -	if (!image_size)
> +	if (!image_size) {
> +		debug("%s: Image size is %d\n", __func__, image_size);
>   		return;
> +	}
>   
>   	if (get_device_type() == K3_DEVICE_TYPE_GP) {
>   		if (ti_secure_cert_detected(*p_image)) {
> @@ -78,6 +75,25 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
>   		       "This will fail on Security Enforcing(HS-SE) devices\n");
>   		return;
>   	}
> +}
> +
> +void ti_secure_image_post_process(void **p_image, size_t *p_size)
> +{
> +	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
> +	struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
> +	u64 image_addr;
> +	u32 image_size;
> +	int ret;
> +
> +	image_size = *p_size;
> +	if (!image_size) {
> +		debug("%s: Image size is %d\n", __func__, image_size);
> +		return;
> +	}
> +
> +	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
> +	    get_device_type() != K3_DEVICE_TYPE_HS_FS)
> +		return;
>   
>   	/* Clean out image so it can be seen by system firmware */
>   	image_addr = dma_map_single(*p_image, *p_size, DMA_BIDIRECTIONAL);
>
> ---
> base-commit: 0a9a4384c1483a88776bca38e28f09be51161034
> change-id: 20230512-b4-upstream-atf-optee-am62-gp-20bfcb479ac4
>
> Best regards,

Please hold this patch.

Regards,

Manorit

Re: [PATCH] arm: mach-k3: security: separate out validating binary logic

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 971 bytes --]

On Thu, May 18, 2023 at 12:44:17PM +0530, Manorit Chawdhry wrote:

> K3 GP devices allows booting the secure binaries on them by bypassing
> the x509 header on them.
> 
> ATF and OPTEE firewalling required the rproc_load to be called before
> authentication. This change caused the failure for GP devices that
> strips off the headers. The boot vector had been set before the headers
> were stripped off causing the runtime stripping to fail and stripping
> becoming in-effective.
> 
> Separate out the secure binary check on GP/HS devices so that the
> boot_vector could be stripped before calling rproc_load. This allows
> keeping the authentication later when the cluster is on along with
> allowing the stripping of the binaries in case of gp devices.
> 
> Fixes: 1e00e9be62e5 ("arm: mach-k3: common: re-locate authentication for atf/optee")
> 
> Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]