Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / f2ee497576ef27ab588ce69006694258feeb26e1 / . / drivers / nxp / auth / csf_hdr_parser / cot.c
blob: 4502ed690d9776ca5cd97632188d2514bb5cde6e [file] [log] [blame]
Pankaj Gupta9247b402020-12-09 14:02:39 +0530[diff] [blame]1/*
2 * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
3 *
4 * Copyright 2020 NXP
5 *
6 * SPDX-License-Identifier: BSD-3-Clause
7 */
8
9#include <stddef.h>
10
11#include <drivers/auth/auth_mod.h>
12
13#if USE_TBBR_DEFS
14#include <tools_share/tbbr_oid.h>
15#else
16#include <platform_oid.h>
17#endif
18
19
20static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC(
21 AUTH_PARAM_SIG, 0);
22static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC(
23 AUTH_PARAM_SIG_ALG, 0);
24static auth_param_type_desc_t sig_hash = AUTH_PARAM_TYPE_DESC(
25 AUTH_PARAM_HASH, 0);
26
27static auth_param_type_desc_t non_trusted_world_pk = AUTH_PARAM_TYPE_DESC(
28 AUTH_PARAM_PUB_KEY, NON_TRUSTED_WORLD_PK_OID);
29
30/*
31 * TBBR Chain of trust definition
32 */
33static const auth_img_desc_t bl31_image = {
34 .img_id = BL31_IMAGE_ID,
35 .img_type = IMG_PLAT,
36 .parent = NULL,
37 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
38 [0] = {
39 .type = AUTH_METHOD_SIG,
40 .param.sig = {
41 .pk = &non_trusted_world_pk,
42 .sig = &sig,
43 .alg = &sig_alg,
44 .data = &sig_hash
45 }
46 }
47 }
48};
49static const auth_img_desc_t scp_bl2_image = {
50 .img_id = SCP_BL2_IMAGE_ID,
51 .img_type = IMG_PLAT,
52 .parent = NULL,
53 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
54 [0] = {
55 .type = AUTH_METHOD_SIG,
56 .param.sig = {
57 .pk = &non_trusted_world_pk,
58 .sig = &sig,
59 .alg = &sig_alg,
60 .data = &sig_hash
61 }
62 }
63 }
64};
65static const auth_img_desc_t bl32_image = {
66 .img_id = BL32_IMAGE_ID,
67 .img_type = IMG_PLAT,
68 .parent = NULL,
69 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
70 [0] = {
71 .type = AUTH_METHOD_SIG,
72 .param.sig = {
73 .pk = &non_trusted_world_pk,
74 .sig = &sig,
75 .alg = &sig_alg,
76 .data = &sig_hash
77 }
78 }
79 }
80};
81static const auth_img_desc_t bl33_image = {
82 .img_id = BL33_IMAGE_ID,
83 .img_type = IMG_PLAT,
84 .parent = NULL,
85 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
86 [0] = {
87 .type = AUTH_METHOD_SIG,
88 .param.sig = {
89 .pk = &non_trusted_world_pk,
90 .sig = &sig,
91 .alg = &sig_alg,
92 .data = &sig_hash
93 }
94 }
95 }
96};
97#ifdef POLICY_FUSE_PROVISION
98static const auth_img_desc_t fuse_prov_img = {
99 .img_id = FUSE_PROV_IMAGE_ID,
100 .img_type = IMG_PLAT,
101 .parent = NULL,
102 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
103 [0] = {
104 .type = AUTH_METHOD_SIG,
105 .param.sig = {
106 .pk = &non_trusted_world_pk,
107 .sig = &sig,
108 .alg = &sig_alg,
109 .data = &sig_hash
110 }
111 }
112 }
113};
114static const auth_img_desc_t fuse_upgrade_img = {
115 .img_id = FUSE_UP_IMAGE_ID,
116 .img_type = IMG_PLAT,
117 .parent = NULL,
118 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
119 [0] = {
120 .type = AUTH_METHOD_SIG,
121 .param.sig = {
122 .pk = &non_trusted_world_pk,
123 .sig = &sig,
124 .alg = &sig_alg,
125 .data = &sig_hash
126 }
127 }
128 }
129};
130#endif
131#ifdef CONFIG_DDR_FIP_IMAGE
132static const auth_img_desc_t ddr_imem_udimm_1d_img = {
133 .img_id = DDR_IMEM_UDIMM_1D_IMAGE_ID,
134 .img_type = IMG_PLAT,
135 .parent = NULL,
136 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
137 [0] = {
138 .type = AUTH_METHOD_SIG,
139 .param.sig = {
140 .pk = &non_trusted_world_pk,
141 .sig = &sig,
142 .alg = &sig_alg,
143 .data = &sig_hash
144 }
145 }
146 }
147};
148static const auth_img_desc_t ddr_imem_udimm_2d_img = {
149 .img_id = DDR_IMEM_UDIMM_2D_IMAGE_ID,
150 .img_type = IMG_PLAT,
151 .parent = NULL,
152 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
153 [0] = {
154 .type = AUTH_METHOD_SIG,
155 .param.sig = {
156 .pk = &non_trusted_world_pk,
157 .sig = &sig,
158 .alg = &sig_alg,
159 .data = &sig_hash
160 }
161 }
162 }
163};
164static const auth_img_desc_t ddr_dmem_udimm_1d_img = {
165 .img_id = DDR_DMEM_UDIMM_1D_IMAGE_ID,
166 .img_type = IMG_PLAT,
167 .parent = NULL,
168 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
169 [0] = {
170 .type = AUTH_METHOD_SIG,
171 .param.sig = {
172 .pk = &non_trusted_world_pk,
173 .sig = &sig,
174 .alg = &sig_alg,
175 .data = &sig_hash
176 }
177 }
178 }
179};
180static const auth_img_desc_t ddr_dmem_udimm_2d_img = {
181 .img_id = DDR_DMEM_UDIMM_2D_IMAGE_ID,
182 .img_type = IMG_PLAT,
183 .parent = NULL,
184 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
185 [0] = {
186 .type = AUTH_METHOD_SIG,
187 .param.sig = {
188 .pk = &non_trusted_world_pk,
189 .sig = &sig,
190 .alg = &sig_alg,
191 .data = &sig_hash
192 }
193 }
194 }
195};
196static const auth_img_desc_t ddr_imem_rdimm_1d_img = {
197 .img_id = DDR_IMEM_RDIMM_1D_IMAGE_ID,
198 .img_type = IMG_PLAT,
199 .parent = NULL,
200 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
201 [0] = {
202 .type = AUTH_METHOD_SIG,
203 .param.sig = {
204 .pk = &non_trusted_world_pk,
205 .sig = &sig,
206 .alg = &sig_alg,
207 .data = &sig_hash
208 }
209 }
210 }
211};
212static const auth_img_desc_t ddr_imem_rdimm_2d_img = {
213 .img_id = DDR_IMEM_RDIMM_2D_IMAGE_ID,
214 .img_type = IMG_PLAT,
215 .parent = NULL,
216 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
217 [0] = {
218 .type = AUTH_METHOD_SIG,
219 .param.sig = {
220 .pk = &non_trusted_world_pk,
221 .sig = &sig,
222 .alg = &sig_alg,
223 .data = &sig_hash
224 }
225 }
226 }
227};
228static const auth_img_desc_t ddr_dmem_rdimm_1d_img = {
229 .img_id = DDR_DMEM_RDIMM_1D_IMAGE_ID,
230 .img_type = IMG_PLAT,
231 .parent = NULL,
232 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
233 [0] = {
234 .type = AUTH_METHOD_SIG,
235 .param.sig = {
236 .pk = &non_trusted_world_pk,
237 .sig = &sig,
238 .alg = &sig_alg,
239 .data = &sig_hash
240 }
241 }
242 }
243};
244static const auth_img_desc_t ddr_dmem_rdimm_2d_img = {
245 .img_id = DDR_DMEM_RDIMM_2D_IMAGE_ID,
246 .img_type = IMG_PLAT,
247 .parent = NULL,
248 .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
249 [0] = {
250 .type = AUTH_METHOD_SIG,
251 .param.sig = {
252 .pk = &non_trusted_world_pk,
253 .sig = &sig,
254 .alg = &sig_alg,
255 .data = &sig_hash
256 }
257 }
258 }
259};
260#endif
261
262static const auth_img_desc_t * const cot_desc[] = {
263 [BL31_IMAGE_ID] = &bl31_image,
264 [SCP_BL2_IMAGE_ID] = &scp_bl2_image,
265 [BL32_IMAGE_ID] = &bl32_image,
266 [BL33_IMAGE_ID] = &bl33_image,
267#ifdef POLICY_FUSE_PROVISION
268 [FUSE_PROV_IMAGE_ID] = &fuse_prov_img,
269 [FUSE_UP_IMAGE_ID] = &fuse_upgrade_img,
270#endif
271#ifdef CONFIG_DDR_FIP_IMAGE
272 [DDR_IMEM_UDIMM_1D_IMAGE_ID] = &ddr_imem_udimm_1d_img,
273 [DDR_IMEM_UDIMM_2D_IMAGE_ID] = &ddr_imem_udimm_2d_img,
274 [DDR_DMEM_UDIMM_1D_IMAGE_ID] = &ddr_dmem_udimm_1d_img,
275 [DDR_DMEM_UDIMM_2D_IMAGE_ID] = &ddr_dmem_udimm_2d_img,
276 [DDR_IMEM_RDIMM_1D_IMAGE_ID] = &ddr_imem_rdimm_1d_img,
277 [DDR_IMEM_RDIMM_2D_IMAGE_ID] = &ddr_imem_rdimm_2d_img,
278 [DDR_DMEM_RDIMM_1D_IMAGE_ID] = &ddr_dmem_rdimm_1d_img,
279 [DDR_DMEM_RDIMM_2D_IMAGE_ID] = &ddr_dmem_rdimm_2d_img,
280#endif
281};
282
283/* Register the CoT in the authentication module */
284REGISTER_COT(cot_desc);