[U-Boot] [PATCH v2 4/6] arm: omap5: Add TEE loading support

[Andrew F. Davis <afd@ti.com>]

From: Harinarayan Bhatta <harinarayan@ti.com>

secure_tee_install is used to install and initialize a secure TEE OS such as
Linaro OP-TEE into the secure world. This function takes in the address
where the signed TEE image is loaded as an argument. The signed TEE image
consists of a header (struct tee_header), TEE code+data followed by the
signature generated using image signing tool from TI security development
package (SECDEV). Refer to README.ti-secure for more information.

This function uses 2 new secure APIs.

1. PPA_SERV_HAL_TEE_LOAD_MASTER - Must be called on CPU Core 0. Protected
   memory for TEE must be reserved before calling this function. This API
   needs arguments filled into struct ppa_tee_load_info. The TEE image is
   authenticated and if there are no errors, the control passes to the TEE
   entry point.

2. PPA_SERV_HAL_TEE_LOAD_SLAVE - Called on other CPU cores only after
   a TEE_LOAD_MASTER call. Takes no arguments. Checks if TEE was
   successfully loaded (on core 0) and transfers control to the same TEE
   entry point.

The code at TEE entry point is expected perform OS initialization steps
and return back to non-secure world (U-Boot).

Signed-off-by: Harinarayan Bhatta <harinarayan@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
---
 arch/arm/include/asm/omap_sec_common.h |   6 ++
 arch/arm/mach-omap2/omap5/sec-fxns.c   | 114 +++++++++++++++++++++++++++++++++
 2 files changed, 120 insertions(+)

diff --git a/arch/arm/include/asm/omap_sec_common.h b/arch/arm/include/asm/omap_sec_common.h
index 4bde93f..79f1fbd 100644
--- a/arch/arm/include/asm/omap_sec_common.h
+++ b/arch/arm/include/asm/omap_sec_common.h
@@ -51,4 +51,10 @@ int secure_emif_reserve(void);
  */
 int secure_emif_firewall_lock(void);
 
+/*
+ * Invoke a secure HAL API to authenticate and install a Trusted Execution
+ * Environment (TEE) image.
+ */
+int secure_tee_install(u32 tee_image);
+
 #endif /* _OMAP_SEC_COMMON_H_ */
diff --git a/arch/arm/mach-omap2/omap5/sec-fxns.c b/arch/arm/mach-omap2/omap5/sec-fxns.c
index 33d4ea4..6f1f0ac 100644
--- a/arch/arm/mach-omap2/omap5/sec-fxns.c
+++ b/arch/arm/mach-omap2/omap5/sec-fxns.c
@@ -19,13 +19,42 @@
 #include <asm/omap_sec_common.h>
 #include <asm/spl.h>
 #include <spl.h>
+#include <asm/cache.h>
+#include <mapmem.h>
 
 /* Index for signature PPA-based TI HAL APIs */
 #define PPA_HAL_SERVICES_START_INDEX        (0x200)
+#define PPA_SERV_HAL_TEE_LOAD_MASTER        (PPA_HAL_SERVICES_START_INDEX + 23)
+#define PPA_SERV_HAL_TEE_LOAD_SLAVE         (PPA_HAL_SERVICES_START_INDEX + 24)
 #define PPA_SERV_HAL_SETUP_SEC_RESVD_REGION (PPA_HAL_SERVICES_START_INDEX + 25)
 #define PPA_SERV_HAL_SETUP_EMIF_FW_REGION   (PPA_HAL_SERVICES_START_INDEX + 26)
 #define PPA_SERV_HAL_LOCK_EMIF_FW           (PPA_HAL_SERVICES_START_INDEX + 27)
 
+int tee_loaded = 0;
+
+/* TEE header (From OPTEE) */
+struct tee_header {
+	u32 magic;
+	u8 version;
+	u8 arch;
+	u16 flags;
+	u32 init_size;
+	u32 loadaddr_hi;
+	u32 loadaddr_lo;
+	u32 init_mem_usage;
+	u32 paged_size;
+};
+
+/* Argument for PPA_SERV_HAL_TEE_LOAD_MASTER */
+struct ppa_tee_load_info {
+	u32 tee_sec_mem_start; /* Physical start address reserved for TEE */
+	u32 tee_sec_mem_size;  /* Size of the memory reserved for TEE */
+	u32 tee_cert_start;    /* Address where signed TEE binary is loaded */
+	u32 tee_cert_size;     /* Size of TEE certificate (signed binary) */
+	u32 tee_jump_addr;     /* Address to jump to start TEE execution */
+	u32 tee_arg0;          /* argument to TEE jump function, in r0 */
+};
+
 static u32 get_sec_mem_start(void)
 {
 	u32 sec_mem_start = CONFIG_TI_SECURE_EMIF_REGION_START;
@@ -124,3 +153,88 @@ int secure_emif_firewall_lock(void)
 
 	return result;
 }
+
+static struct ppa_tee_load_info tee_info __aligned(ARCH_DMA_MINALIGN);
+
+int secure_tee_install(u32 addr)
+{
+	struct tee_header *hdr;
+	void *loadptr;
+	u32 tee_file_size;
+	u32 sec_mem_start = get_sec_mem_start();
+	const u32 size = CONFIG_TI_SECURE_EMIF_PROTECTED_REGION_SIZE;
+	u32 *smc_cpu1_params;
+
+	/* If there is no protected region, there is no place to put the TEE */
+	if (size == 0) {
+		printf("Error loading TEE, no protected memory region available\n");
+		return -ENOBUFS;
+	}
+
+	hdr = (struct tee_header *)map_sysmem(addr, sizeof(struct tee_header));
+	/* 280 bytes = size of signature */
+	tee_file_size = hdr->init_size + hdr->paged_size +
+		sizeof(struct tee_header) + 280;
+
+	if ((hdr->magic != 0x4554504f) ||
+	    (hdr->version != 1) ||
+	    (hdr->loadaddr_hi != 0) ||
+	    (hdr->loadaddr_lo < (sec_mem_start + sizeof(struct tee_header))) ||
+	    (tee_file_size > size) ||
+	    ((hdr->loadaddr_lo + tee_file_size - 1) >
+	     (sec_mem_start + size - 1))) {
+		printf("Error in TEE header. Check load address and sizes\n");
+		unmap_sysmem(hdr);
+		return CMD_RET_FAILURE;
+	}
+
+	tee_info.tee_sec_mem_start = sec_mem_start;
+	tee_info.tee_sec_mem_size = size;
+	tee_info.tee_jump_addr = hdr->loadaddr_lo;
+	tee_info.tee_cert_start = addr;
+	tee_info.tee_cert_size = tee_file_size;
+	tee_info.tee_arg0 = hdr->init_size + tee_info.tee_jump_addr;
+	unmap_sysmem(hdr);
+	loadptr = map_sysmem(addr, tee_file_size);
+
+	debug("tee_info.tee_sec_mem_start= %08X\n", tee_info.tee_sec_mem_start);
+	debug("tee_info.tee_sec_mem_size = %08X\n", tee_info.tee_sec_mem_size);
+	debug("tee_info.tee_jump_addr = %08X\n", tee_info.tee_jump_addr);
+	debug("tee_info.tee_cert_start = %08X\n", tee_info.tee_cert_start);
+	debug("tee_info.tee_cert_size = %08X\n", tee_info.tee_cert_size);
+	debug("tee_info.tee_arg0 = %08X\n", tee_info.tee_arg0);
+	debug("tee_file_size = %d\n", tee_file_size);
+
+#if !defined(CONFIG_SYS_DCACHE_OFF)
+	flush_dcache_range(
+		rounddown((u32)loadptr, ARCH_DMA_MINALIGN),
+		roundup((u32)loadptr + tee_file_size, ARCH_DMA_MINALIGN));
+
+	flush_dcache_range((u32)&tee_info, (u32)&tee_info +
+			roundup(sizeof(tee_info), ARCH_DMA_MINALIGN));
+#endif
+	unmap_sysmem(loadptr);
+
+	/* The return value is ignored. If something went wrong, the function
+	 * would probably not return at all
+	 */
+	(void)secure_rom_call(PPA_SERV_HAL_TEE_LOAD_MASTER, 0, 0, 1, &tee_info);
+	printf("TEE_LOAD_MASTER Done\n");
+
+	if (!is_dra72x()) {
+		/* Reuse the tee_info buffer for SMC params */
+		smc_cpu1_params = (u32 *)&tee_info;
+		smc_cpu1_params[0] = 0;
+#if !defined(CONFIG_SYS_DCACHE_OFF)
+		flush_dcache_range((u32)smc_cpu1_params, (u32)smc_cpu1_params +
+				roundup(sizeof(u32), ARCH_DMA_MINALIGN));
+#endif
+		(void)omap_smc_sec_cpu1(PPA_SERV_HAL_TEE_LOAD_SLAVE, 0, 0,
+				smc_cpu1_params);
+		printf("TEE_LOAD_SLAVE Done\n");
+	}
+
+	tee_loaded = 1;
+
+	return 0;
+}
-- 
2.10.2