blob: 81009848d033afd0def2aa06305f6b73f1acb7bf [file] [log] [blame]
Tom Rini108ee582016-03-16 09:10:08 -04001/*
2 * K2HK: secure kernel command file
3 *
4 * (C) Copyright 2012-2014
5 * Texas Instruments Incorporated, <www.ti.com>
6 *
7 * SPDX-License-Identifier: GPL-2.0+
8 */
9
10#include <common.h>
11#include <command.h>
12#include <mach/mon.h>
Vitaly Andrianov1b3b2442017-04-07 10:00:03 -050013#include <spl.h>
Tom Rini108ee582016-03-16 09:10:08 -040014asm(".arch_extension sec\n\t");
15
16int mon_install(u32 addr, u32 dpsc, u32 freq)
17{
18 int result;
19
20 __asm__ __volatile__ (
21 "stmfd r13!, {lr}\n"
22 "mov r0, %1\n"
23 "mov r1, %2\n"
24 "mov r2, %3\n"
25 "blx r0\n"
26 "ldmfd r13!, {lr}\n"
27 : "=&r" (result)
28 : "r" (addr), "r" (dpsc), "r" (freq)
29 : "cc", "r0", "r1", "r2", "memory");
30 return result;
31}
32
33int mon_power_on(int core_id, void *ep)
34{
35 int result;
36
37 asm volatile (
38 "stmfd r13!, {lr}\n"
39 "mov r1, %1\n"
40 "mov r2, %2\n"
41 "mov r0, #0\n"
42 "smc #0\n"
43 "ldmfd r13!, {lr}\n"
44 : "=&r" (result)
45 : "r" (core_id), "r" (ep)
46 : "cc", "r0", "r1", "r2", "memory");
47 return result;
48}
49
50int mon_power_off(int core_id)
51{
52 int result;
53
54 asm volatile (
55 "stmfd r13!, {lr}\n"
56 "mov r1, %1\n"
57 "mov r0, #1\n"
58 "smc #1\n"
59 "ldmfd r13!, {lr}\n"
60 : "=&r" (result)
61 : "r" (core_id)
62 : "cc", "r0", "r1", "memory");
63 return result;
64}
Vitaly Andrianov1b3b2442017-04-07 10:00:03 -050065
66#ifdef CONFIG_TI_SECURE_DEVICE
67#define KS2_HS_SEC_HEADER_LEN 0x60
68#define KS2_HS_SEC_TAG_OFFSET 0x34
69#define KS2_AUTH_CMD 130
70
71/**
72 * k2_hs_bm_auth() - Invokes security functions using a
73 * proprietary TI interface. This binary and source for
74 * this is available in the secure development package or
75 * SECDEV. For details on how to access this please refer
76 * doc/README.ti-secure
77 *
78 * @cmd: Secure monitor command
79 * @arg1: Argument for command
80 *
81 * returns non-zero value on success, zero on error
82 */
83static int k2_hs_bm_auth(int cmd, void *arg1)
84{
85 int result;
86
87 asm volatile (
88 "stmfd r13!, {r4-r12, lr}\n"
89 "mov r0, %1\n"
90 "mov r1, %2\n"
91 "smc #2\n"
92 "ldmfd r13!, {r4-r12, lr}\n"
93 : "=&r" (result)
94 : "r" (cmd), "r" (arg1)
95 : "cc", "r0", "r1", "memory");
96
97 return result;
98}
99
100void board_fit_image_post_process(void **p_image, size_t *p_size)
101{
102 int result = 0;
103 void *image = *p_image;
104
105 if (strncmp(image + KS2_HS_SEC_TAG_OFFSET, "KEYS", 4)) {
106 printf("No signature found in image!\n");
107 hang();
108 }
109
110 result = k2_hs_bm_auth(KS2_AUTH_CMD, image);
111 if (result == 0) {
112 printf("Authentication failed!\n");
113 hang();
114 }
115
116 /*
117 * Overwrite the image headers after authentication
118 * and decryption. Update size to reflect removal
119 * of header.
120 */
121 memcpy(image, image + KS2_HS_SEC_HEADER_LEN, *p_size);
122 *p_size -= KS2_HS_SEC_HEADER_LEN;
123
124 /*
125 * Output notification of successful authentication to re-assure the
126 * user that the secure code is being processed as expected. However
127 * suppress any such log output in case of building for SPL and booting
128 * via YMODEM. This is done to avoid disturbing the YMODEM serial
129 * protocol transactions.
130 */
131 if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
132 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
133 spl_boot_device() == BOOT_DEVICE_UART))
134 printf("Authentication passed\n");
135}
136#endif