Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
| 2 | /* |
| 3 | * K3: Security functions |
| 4 | * |
Andrew Davis | e74e3bb | 2022-07-15 11:34:33 -0500 | [diff] [blame] | 5 | * Copyright (C) 2018-2022 Texas Instruments Incorporated - http://www.ti.com/ |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 6 | * Andrew F. Davis <afd@ti.com> |
| 7 | */ |
| 8 | |
Andrew Davis | e74e3bb | 2022-07-15 11:34:33 -0500 | [diff] [blame] | 9 | #include <asm/io.h> |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 10 | #include <common.h> |
Andrew F. Davis | 2dc1e6e | 2020-01-07 18:22:29 -0500 | [diff] [blame] | 11 | #include <cpu_func.h> |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 12 | #include <dm.h> |
Simon Glass | f11478f | 2019-12-28 10:45:07 -0700 | [diff] [blame] | 13 | #include <hang.h> |
Simon Glass | 2dc9c34 | 2020-05-10 11:40:01 -0600 | [diff] [blame] | 14 | #include <image.h> |
Simon Glass | 0f2af88 | 2020-05-10 11:40:05 -0600 | [diff] [blame] | 15 | #include <log.h> |
Simon Glass | 274e0b0 | 2020-05-10 11:39:56 -0600 | [diff] [blame] | 16 | #include <asm/cache.h> |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 17 | #include <linux/soc/ti/ti_sci_protocol.h> |
| 18 | #include <mach/spl.h> |
| 19 | #include <spl.h> |
Andrew Davis | d95fcd8 | 2022-10-07 12:12:29 -0500 | [diff] [blame] | 20 | #include <linux/dma-mapping.h> |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 21 | |
Andrew Davis | e74e3bb | 2022-07-15 11:34:33 -0500 | [diff] [blame] | 22 | #include "common.h" |
| 23 | |
| 24 | static bool ti_secure_cert_detected(void *p_image) |
| 25 | { |
| 26 | /* Primitive certificate detection, check for DER starting with |
| 27 | * two 4-Octet SEQUENCE tags |
| 28 | */ |
| 29 | return (((u8 *)p_image)[0] == 0x30 && ((u8 *)p_image)[1] == 0x82 && |
| 30 | ((u8 *)p_image)[4] == 0x30 && ((u8 *)p_image)[5] == 0x82); |
| 31 | } |
| 32 | |
Andrew Davis | 0ce8543 | 2022-07-15 11:34:35 -0500 | [diff] [blame] | 33 | /* Primitive certificate length, assumes one 2-Octet sized SEQUENCE */ |
| 34 | static size_t ti_secure_cert_length(void *p_image) |
| 35 | { |
| 36 | size_t seq_length = be16_to_cpu(readw_relaxed(p_image + 2)); |
| 37 | /* Add 4 for the SEQUENCE tag length */ |
| 38 | return seq_length + 4; |
| 39 | } |
| 40 | |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 41 | void ti_secure_image_check_binary(void **p_image, size_t *p_size) |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 42 | { |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 43 | u32 image_size; |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 44 | size_t cert_length; |
Andrew F. Davis | 2dc1e6e | 2020-01-07 18:22:29 -0500 | [diff] [blame] | 45 | image_size = *p_size; |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 46 | |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 47 | if (!image_size) { |
| 48 | debug("%s: Image size is %d\n", __func__, image_size); |
Andrew Davis | 0ce8543 | 2022-07-15 11:34:35 -0500 | [diff] [blame] | 49 | return; |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 50 | } |
Andrew Davis | 0ce8543 | 2022-07-15 11:34:35 -0500 | [diff] [blame] | 51 | |
| 52 | if (get_device_type() == K3_DEVICE_TYPE_GP) { |
| 53 | if (ti_secure_cert_detected(*p_image)) { |
| 54 | printf("Warning: Detected image signing certificate on GP device. " |
| 55 | "Skipping certificate to prevent boot failure. " |
| 56 | "This will fail if the image was also encrypted\n"); |
| 57 | |
| 58 | cert_length = ti_secure_cert_length(*p_image); |
| 59 | if (cert_length > *p_size) { |
| 60 | printf("Invalid signing certificate size\n"); |
| 61 | return; |
| 62 | } |
| 63 | |
| 64 | *p_image += cert_length; |
| 65 | *p_size -= cert_length; |
| 66 | } |
| 67 | |
Andrew Davis | 2045cf1 | 2022-07-15 11:34:34 -0500 | [diff] [blame] | 68 | return; |
Andrew Davis | 0ce8543 | 2022-07-15 11:34:35 -0500 | [diff] [blame] | 69 | } |
Andrew Davis | 2045cf1 | 2022-07-15 11:34:34 -0500 | [diff] [blame] | 70 | |
Andrew Davis | e74e3bb | 2022-07-15 11:34:33 -0500 | [diff] [blame] | 71 | if (get_device_type() != K3_DEVICE_TYPE_HS_SE && |
| 72 | !ti_secure_cert_detected(*p_image)) { |
| 73 | printf("Warning: Did not detect image signing certificate. " |
| 74 | "Skipping authentication to prevent boot failure. " |
| 75 | "This will fail on Security Enforcing(HS-SE) devices\n"); |
| 76 | return; |
| 77 | } |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 78 | } |
| 79 | |
| 80 | void ti_secure_image_post_process(void **p_image, size_t *p_size) |
| 81 | { |
| 82 | struct ti_sci_handle *ti_sci = get_ti_sci_handle(); |
| 83 | struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops; |
| 84 | u64 image_addr; |
| 85 | u32 image_size; |
| 86 | int ret; |
| 87 | |
| 88 | image_size = *p_size; |
| 89 | if (!image_size) { |
| 90 | debug("%s: Image size is %d\n", __func__, image_size); |
| 91 | return; |
| 92 | } |
Andrew Davis | e74e3bb | 2022-07-15 11:34:33 -0500 | [diff] [blame] | 93 | |
Manorit Chawdhry | e6ab91c | 2023-07-14 11:22:24 +0530 | [diff] [blame] | 94 | if (get_device_type() == K3_DEVICE_TYPE_GP && |
| 95 | (get_device_type() != K3_DEVICE_TYPE_HS_SE && |
| 96 | !ti_secure_cert_detected(*p_image))) |
Manorit Chawdhry | db01bcc | 2023-05-18 12:44:17 +0530 | [diff] [blame] | 97 | return; |
| 98 | |
Andrew Davis | d95fcd8 | 2022-10-07 12:12:29 -0500 | [diff] [blame] | 99 | /* Clean out image so it can be seen by system firmware */ |
| 100 | image_addr = dma_map_single(*p_image, *p_size, DMA_BIDIRECTIONAL); |
| 101 | |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 102 | debug("Authenticating image at address 0x%016llx\n", image_addr); |
Andrew F. Davis | 2dc1e6e | 2020-01-07 18:22:29 -0500 | [diff] [blame] | 103 | debug("Authenticating image of size %d bytes\n", image_size); |
| 104 | |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 105 | /* Authenticate image */ |
| 106 | ret = proc_ops->proc_auth_boot_image(ti_sci, &image_addr, &image_size); |
| 107 | if (ret) { |
| 108 | printf("Authentication failed!\n"); |
| 109 | hang(); |
| 110 | } |
| 111 | |
Andrew Davis | d95fcd8 | 2022-10-07 12:12:29 -0500 | [diff] [blame] | 112 | /* Invalidate any stale lines over data written by system firmware */ |
Andrew F. Davis | 2dc1e6e | 2020-01-07 18:22:29 -0500 | [diff] [blame] | 113 | if (image_size) |
Andrew Davis | d95fcd8 | 2022-10-07 12:12:29 -0500 | [diff] [blame] | 114 | dma_unmap_single(image_addr, image_size, DMA_BIDIRECTIONAL); |
Andrew F. Davis | 2dc1e6e | 2020-01-07 18:22:29 -0500 | [diff] [blame] | 115 | |
Andrew F. Davis | 2ed4107 | 2019-04-12 12:54:45 -0400 | [diff] [blame] | 116 | /* |
| 117 | * The image_size returned may be 0 when the authentication process has |
| 118 | * moved the image. When this happens no further processing on the |
| 119 | * image is needed or often even possible as it may have also been |
| 120 | * placed behind a firewall when moved. |
| 121 | */ |
| 122 | *p_size = image_size; |
| 123 | |
| 124 | /* |
| 125 | * Output notification of successful authentication to re-assure the |
| 126 | * user that the secure code is being processed as expected. However |
| 127 | * suppress any such log output in case of building for SPL and booting |
| 128 | * via YMODEM. This is done to avoid disturbing the YMODEM serial |
| 129 | * protocol transactions. |
| 130 | */ |
| 131 | if (!(IS_ENABLED(CONFIG_SPL_BUILD) && |
| 132 | IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) && |
| 133 | spl_boot_device() == BOOT_DEVICE_UART)) |
| 134 | printf("Authentication passed\n"); |
| 135 | } |