[PATCH 1/4] arm: mach-k3: Add support for device type detection

[PATCH 1/4] arm: mach-k3: Add support for device type detection

[Andrew Davis]

K3 SoCs are available in a number of device types such as
GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
and should print this out as part of the SoC information line.
We add this as part of the common.c file as it will be used
to also modify our security state early in the device boot.

Signed-off-by: Andrew Davis <afd@ti.com>
---
 arch/arm/mach-k3/common.c                | 51 +++++++++++++++++++++++-
 arch/arm/mach-k3/common.h                | 10 +++++
 arch/arm/mach-k3/include/mach/hardware.h | 10 +++++
 3 files changed, 70 insertions(+), 1 deletion(-)

diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
index 70f6444e79..ac14975694 100644
--- a/arch/arm/mach-k3/common.c
+++ b/arch/arm/mach-k3/common.c
@@ -396,7 +396,54 @@ void reset_cpu(void)
 }
 #endif
 
+enum k3_device_type get_device_type(void)
+{
+	u32 sys_status = readl(K3_SEC_MGR_SYS_STATUS);
+
+	u32 sys_dev_type = (sys_status & SYS_STATUS_DEV_TYPE_MASK) >>
+			SYS_STATUS_DEV_TYPE_SHIFT;
+
+	u32 sys_sub_type = (sys_status & SYS_STATUS_SUB_TYPE_MASK) >>
+			SYS_STATUS_SUB_TYPE_SHIFT;
+
+	switch (sys_dev_type) {
+	case SYS_STATUS_DEV_TYPE_GP:
+		return K3_DEVICE_TYPE_GP;
+	case SYS_STATUS_DEV_TYPE_TEST:
+		return K3_DEVICE_TYPE_TEST;
+	case SYS_STATUS_DEV_TYPE_EMU:
+		return K3_DEVICE_TYPE_EMU;
+	case SYS_STATUS_DEV_TYPE_HS:
+		if (sys_sub_type == SYS_STATUS_SUB_TYPE_VAL_FS)
+			return K3_DEVICE_TYPE_HS_FS;
+		else
+			return K3_DEVICE_TYPE_HS_SE;
+	default:
+		return K3_DEVICE_TYPE_BAD;
+	}
+}
+
 #if defined(CONFIG_DISPLAY_CPUINFO)
+static const char *get_device_type_name(void)
+{
+	enum k3_device_type type = get_device_type();
+
+	switch (type) {
+	case K3_DEVICE_TYPE_GP:
+		return "GP";
+	case K3_DEVICE_TYPE_TEST:
+		return "TEST";
+	case K3_DEVICE_TYPE_EMU:
+		return "EMU";
+	case K3_DEVICE_TYPE_HS_FS:
+		return "HS-FS";
+	case K3_DEVICE_TYPE_HS_SE:
+		return "HS-SE";
+	default:
+		return "BAD";
+	}
+}
+
 int print_cpuinfo(void)
 {
 	struct udevice *soc;
@@ -418,9 +465,11 @@ int print_cpuinfo(void)
 
 	ret = soc_get_revision(soc, name, 64);
 	if (!ret) {
-		printf("%s\n", name);
+		printf("%s ", name);
 	}
 
+	printf("%s\n", get_device_type_name());
+
 	return 0;
 }
 #endif
diff --git a/arch/arm/mach-k3/common.h b/arch/arm/mach-k3/common.h
index e81b70d7c3..8f38fcef7f 100644
--- a/arch/arm/mach-k3/common.h
+++ b/arch/arm/mach-k3/common.h
@@ -18,6 +18,15 @@ struct fwl_data {
 	u16 regions;
 };
 
+enum k3_device_type {
+	K3_DEVICE_TYPE_BAD,
+	K3_DEVICE_TYPE_GP,
+	K3_DEVICE_TYPE_TEST,
+	K3_DEVICE_TYPE_EMU,
+	K3_DEVICE_TYPE_HS_FS,
+	K3_DEVICE_TYPE_HS_SE,
+};
+
 void setup_k3_mpu_regions(void);
 int early_console_init(void);
 void disable_linefill_optimization(void);
@@ -27,4 +36,5 @@ void k3_sysfw_print_ver(void);
 void spl_enable_dcache(void);
 void mmr_unlock(phys_addr_t base, u32 partition);
 bool is_rom_loaded_sysfw(struct rom_extended_boot_data *data);
+enum k3_device_type get_device_type(void);
 void ti_secure_image_post_process(void **p_image, size_t *p_size);
diff --git a/arch/arm/mach-k3/include/mach/hardware.h b/arch/arm/mach-k3/include/mach/hardware.h
index 7c6928d5da..73dc2d2d98 100644
--- a/arch/arm/mach-k3/include/mach/hardware.h
+++ b/arch/arm/mach-k3/include/mach/hardware.h
@@ -32,6 +32,16 @@
 #define JTAG_ID_VARIANT_MASK	(0xf << 28)
 #define JTAG_ID_PARTNO_SHIFT	12
 #define JTAG_ID_PARTNO_MASK	(0xffff << 12)
+#define K3_SEC_MGR_SYS_STATUS		0x44234100
+#define SYS_STATUS_DEV_TYPE_SHIFT	0
+#define SYS_STATUS_DEV_TYPE_MASK	(0xf)
+#define SYS_STATUS_DEV_TYPE_GP		0x3
+#define SYS_STATUS_DEV_TYPE_TEST	0x5
+#define SYS_STATUS_DEV_TYPE_EMU		0x9
+#define SYS_STATUS_DEV_TYPE_HS		0xa
+#define SYS_STATUS_SUB_TYPE_SHIFT	8
+#define SYS_STATUS_SUB_TYPE_MASK	(0xf << 8)
+#define SYS_STATUS_SUB_TYPE_VAL_FS	0xa
 
 #define K3_ROM_BOOT_HEADER_MAGIC	"EXTBOOT"
 
-- 
2.36.1

[PATCH 2/4] arm: mach-k3: security: Allow signing bypass if type is HS-FS

[Andrew Davis]

On HS-FS devices signing boot images is optional. To ease use
we check if we are HS-FS and if no certificate is attached
to the image we skip the authentication step with a warning
that this will fail when the device is set to security enforcing.

Signed-off-by: Andrew Davis <afd@ti.com>
---
 arch/arm/mach-k3/security.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index 8de9739a40..5bfcecd44d 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -2,10 +2,11 @@
 /*
  * K3: Security functions
  *
- * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com/
+ * Copyright (C) 2018-2022 Texas Instruments Incorporated - http://www.ti.com/
  *	Andrew F. Davis <afd@ti.com>
  */
 
+#include <asm/io.h>
 #include <common.h>
 #include <cpu_func.h>
 #include <dm.h>
@@ -18,6 +19,17 @@
 #include <spl.h>
 #include <asm/arch/sys_proto.h>
 
+#include "common.h"
+
+static bool ti_secure_cert_detected(void *p_image)
+{
+	/* Primitive certificate detection, check for DER starting with
+	 * two 4-Octet SEQUENCE tags
+	 */
+	return (((u8 *)p_image)[0] == 0x30 && ((u8 *)p_image)[1] == 0x82 &&
+		((u8 *)p_image)[4] == 0x30 && ((u8 *)p_image)[5] == 0x82);
+}
+
 void ti_secure_image_post_process(void **p_image, size_t *p_size)
 {
 	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
@@ -29,6 +41,14 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
 	image_addr = (uintptr_t)*p_image;
 	image_size = *p_size;
 
+	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
+	    !ti_secure_cert_detected(*p_image)) {
+		printf("Warning: Did not detect image signing certificate. "
+		       "Skipping authentication to prevent boot failure. "
+		       "This will fail on Security Enforcing(HS-SE) devices\n");
+		return;
+	}
+
 	debug("Authenticating image at address 0x%016llx\n", image_addr);
 	debug("Authenticating image of size %d bytes\n", image_size);
 
-- 
2.36.1

Re: [PATCH 2/4] arm: mach-k3: security: Allow signing bypass if type is HS-FS

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 421 bytes --]

On Fri, Jul 15, 2022 at 11:34:33AM -0500, Andrew Davis wrote:

> On HS-FS devices signing boot images is optional. To ease use
> we check if we are HS-FS and if no certificate is attached
> to the image we skip the authentication step with a warning
> that this will fail when the device is set to security enforcing.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

[PATCH 3/4] arm: mach-k3: security: Bypass image signing at runtime for GP devices

[Andrew Davis]

We can skip the image authentication check at runtime if the device is GP.
This reduces the delta between GP and HS U-Boot builds. End goal is
to re-unify the two build types into one build that can run on all
device types.

Signed-off-by: Andrew Davis <afd@ti.com>
---
 arch/arm/mach-k3/Makefile   | 3 +--
 arch/arm/mach-k3/common.c   | 2 --
 arch/arm/mach-k3/security.c | 3 +++
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/arch/arm/mach-k3/Makefile b/arch/arm/mach-k3/Makefile
index 8459bef93b..1c4a328af7 100644
--- a/arch/arm/mach-k3/Makefile
+++ b/arch/arm/mach-k3/Makefile
@@ -10,9 +10,8 @@ obj-$(CONFIG_SOC_K3_AM642) += am642_init.o
 obj-$(CONFIG_SOC_K3_AM625) += am625_init.o am62x/
 obj-$(CONFIG_ARM64) += arm64-mmu.o
 obj-$(CONFIG_CPU_V7R) += r5_mpu.o lowlevel_init.o
-obj-$(CONFIG_TI_SECURE_DEVICE) += security.o
 obj-$(CONFIG_ARM64) += cache.o
 ifeq ($(CONFIG_SPL_BUILD),y)
 obj-$(CONFIG_K3_LOAD_SYSFW) += sysfw-loader.o
 endif
-obj-y += common.o
+obj-y += common.o security.o
diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
index ac14975694..3962f2800f 100644
--- a/arch/arm/mach-k3/common.c
+++ b/arch/arm/mach-k3/common.c
@@ -290,9 +290,7 @@ void board_fit_image_post_process(const void *fit, int node, void **p_image,
 	}
 #endif
 
-#if IS_ENABLED(CONFIG_TI_SECURE_DEVICE)
 	ti_secure_image_post_process(p_image, p_size);
-#endif
 }
 #endif
 
diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index 5bfcecd44d..add7f413a4 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -41,6 +41,9 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
 	image_addr = (uintptr_t)*p_image;
 	image_size = *p_size;
 
+	if (!image_size || get_device_type() == K3_DEVICE_TYPE_GP)
+		return;
+
 	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
 	    !ti_secure_cert_detected(*p_image)) {
 		printf("Warning: Did not detect image signing certificate. "
-- 
2.36.1

Re: [PATCH 3/4] arm: mach-k3: security: Bypass image signing at runtime for GP devices

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 398 bytes --]

On Fri, Jul 15, 2022 at 11:34:34AM -0500, Andrew Davis wrote:

> We can skip the image authentication check at runtime if the device is GP.
> This reduces the delta between GP and HS U-Boot builds. End goal is
> to re-unify the two build types into one build that can run on all
> device types.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

[PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device

[Andrew Davis]

If the device is a GP and we detect a signing certificate then remove it.
It would fail to authenticate otherwise as the device is GP and has no
secure authentication services in SYSFW.

This shouldn't happen often as trying to boot signed images on GP devices
doesn't make much sense, but if we run into a signed image we should at
least try to ignore the certificate and boot the image anyway. This could
help with users of GP devices who only have HS images available.

If this does happen, print a nice big warning.

Signed-off-by: Andrew Davis <afd@ti.com>
---
 arch/arm/mach-k3/security.c | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index add7f413a4..d8d41ec515 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -30,10 +30,19 @@ static bool ti_secure_cert_detected(void *p_image)
 		((u8 *)p_image)[4] == 0x30 && ((u8 *)p_image)[5] == 0x82);
 }
 
+/* Primitive certificate length, assumes one 2-Octet sized SEQUENCE */
+static size_t ti_secure_cert_length(void *p_image)
+{
+	size_t seq_length = be16_to_cpu(readw_relaxed(p_image + 2));
+	/* Add 4 for the SEQUENCE tag length */
+	return seq_length + 4;
+}
+
 void ti_secure_image_post_process(void **p_image, size_t *p_size)
 {
 	struct ti_sci_handle *ti_sci = get_ti_sci_handle();
 	struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
+	size_t cert_length;
 	u64 image_addr;
 	u32 image_size;
 	int ret;
@@ -41,9 +50,28 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
 	image_addr = (uintptr_t)*p_image;
 	image_size = *p_size;
 
-	if (!image_size || get_device_type() == K3_DEVICE_TYPE_GP)
+	if (!image_size)
 		return;
 
+	if (get_device_type() == K3_DEVICE_TYPE_GP) {
+		if (ti_secure_cert_detected(*p_image)) {
+			printf("Warning: Detected image signing certificate on GP device. "
+			       "Skipping certificate to prevent boot failure. "
+			       "This will fail if the image was also encrypted\n");
+
+			cert_length = ti_secure_cert_length(*p_image);
+			if (cert_length > *p_size) {
+				printf("Invalid signing certificate size\n");
+				return;
+			}
+
+			*p_image += cert_length;
+			*p_size -= cert_length;
+		}
+
+		return;
+	}
+
 	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
 	    !ti_secure_cert_detected(*p_image)) {
 		printf("Warning: Did not detect image signing certificate. "
-- 
2.36.1

Re: [PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 721 bytes --]

On Fri, Jul 15, 2022 at 11:34:35AM -0500, Andrew Davis wrote:

> If the device is a GP and we detect a signing certificate then remove it.
> It would fail to authenticate otherwise as the device is GP and has no
> secure authentication services in SYSFW.
> 
> This shouldn't happen often as trying to boot signed images on GP devices
> doesn't make much sense, but if we run into a signed image we should at
> least try to ignore the certificate and boot the image anyway. This could
> help with users of GP devices who only have HS images available.
> 
> If this does happen, print a nice big warning.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>

Reviewed-by: Tom Rini <trini@konsulko.com>

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

Re: [PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 758 bytes --]

On Fri, Jul 15, 2022 at 11:34:35AM -0500, Andrew Davis wrote:

> If the device is a GP and we detect a signing certificate then remove it.
> It would fail to authenticate otherwise as the device is GP and has no
> secure authentication services in SYSFW.
> 
> This shouldn't happen often as trying to boot signed images on GP devices
> doesn't make much sense, but if we run into a signed image we should at
> least try to ignore the certificate and boot the image anyway. This could
> help with users of GP devices who only have HS images available.
> 
> If this does happen, print a nice big warning.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

Re: [PATCH 1/4] arm: mach-k3: Add support for device type detection

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 493 bytes --]

On Fri, Jul 15, 2022 at 11:34:32AM -0500, Andrew Davis wrote:

> K3 SoCs are available in a number of device types such as
> GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
> and should print this out as part of the SoC information line.
> We add this as part of the common.c file as it will be used
> to also modify our security state early in the device boot.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>

Reviewed-by: Tom Rini <trini@konsulko.com>

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

Re: [PATCH 1/4] arm: mach-k3: Add support for device type detection

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 992 bytes --]

On Fri, Jul 15, 2022 at 11:34:32AM -0500, Andrew Davis wrote:

> K3 SoCs are available in a number of device types such as
> GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
> and should print this out as part of the SoC information line.
> We add this as part of the common.c file as it will be used
> to also modify our security state early in the device boot.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> ---
>  arch/arm/mach-k3/common.c                | 51 +++++++++++++++++++++++-
>  arch/arm/mach-k3/common.h                | 10 +++++
>  arch/arm/mach-k3/include/mach/hardware.h | 10 +++++
>  3 files changed, 70 insertions(+), 1 deletion(-)

When applying the whole series, am65x_hs_evm_r5 goes over size
limitations at patch 2/4.  I'm going to set this aside for the moment as
I'm applying a number of your other patches and maybe I just missed
something else that needs to come in too.

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

Re: [PATCH 1/4] arm: mach-k3: Add support for device type detection

[Andrew Davis]

On 7/25/22 11:57 AM, Tom Rini wrote:
> On Fri, Jul 15, 2022 at 11:34:32AM -0500, Andrew Davis wrote:
> 
>> K3 SoCs are available in a number of device types such as
>> GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
>> and should print this out as part of the SoC information line.
>> We add this as part of the common.c file as it will be used
>> to also modify our security state early in the device boot.
>>
>> Signed-off-by: Andrew Davis <afd@ti.com>
>> Reviewed-by: Tom Rini <trini@konsulko.com>
>> ---
>>   arch/arm/mach-k3/common.c                | 51 +++++++++++++++++++++++-
>>   arch/arm/mach-k3/common.h                | 10 +++++
>>   arch/arm/mach-k3/include/mach/hardware.h | 10 +++++
>>   3 files changed, 70 insertions(+), 1 deletion(-)
> 
> When applying the whole series, am65x_hs_evm_r5 goes over size
> limitations at patch 2/4.  I'm going to set this aside for the moment as
> I'm applying a number of your other patches and maybe I just missed
> something else that needs to come in too.
> 

Hmm, okay looks like AM65x SPL is right up against the SRAM limits. I've
gone and made a quick attempt at giving us some more free space here[0].
Should be more than enough room after that to get this series in.

[0] https://lore.kernel.org/u-boot/20220726012506.19368-1-afd@ti.com/

Re: [PATCH 1/4] arm: mach-k3: Add support for device type detection

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 530 bytes --]

On Fri, Jul 15, 2022 at 11:34:32AM -0500, Andrew Davis wrote:

> K3 SoCs are available in a number of device types such as
> GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
> and should print this out as part of the SoC information line.
> We add this as part of the common.c file as it will be used
> to also modify our security state early in the device boot.
> 
> Signed-off-by: Andrew Davis <afd@ti.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]