xref: /openbmc/u-boot/arch/arm/mach-keystone/mon.c (revision 83f1c2ef)
1 /*
2  * K2HK: secure kernel command file
3  *
4  * (C) Copyright 2012-2014
5  *     Texas Instruments Incorporated, <www.ti.com>
6  *
7  * SPDX-License-Identifier:     GPL-2.0+
8  */
9 
10 #include <common.h>
11 #include <command.h>
12 #include <mach/mon.h>
13 #include <spl.h>
14 asm(".arch_extension sec\n\t");
15 
16 int mon_install(u32 addr, u32 dpsc, u32 freq)
17 {
18 	int result;
19 
20 	__asm__ __volatile__ (
21 		"stmfd r13!, {lr}\n"
22 		"mov r0, %1\n"
23 		"mov r1, %2\n"
24 		"mov r2, %3\n"
25 		"blx r0\n"
26 		"ldmfd r13!, {lr}\n"
27 		: "=&r" (result)
28 		: "r" (addr), "r" (dpsc), "r" (freq)
29 		: "cc", "r0", "r1", "r2", "memory");
30 	return result;
31 }
32 
33 int mon_power_on(int core_id, void *ep)
34 {
35 	int result;
36 
37 	asm volatile (
38 		"stmfd  r13!, {lr}\n"
39 		"mov r1, %1\n"
40 		"mov r2, %2\n"
41 		"mov r0, #0\n"
42 		"smc	#0\n"
43 		"ldmfd  r13!, {lr}\n"
44 		: "=&r" (result)
45 		: "r" (core_id), "r" (ep)
46 		: "cc", "r0", "r1", "r2", "memory");
47 	return  result;
48 }
49 
50 int mon_power_off(int core_id)
51 {
52 	int result;
53 
54 	asm volatile (
55 		"stmfd  r13!, {lr}\n"
56 		"mov r1, %1\n"
57 		"mov r0, #1\n"
58 		"smc	#1\n"
59 		"ldmfd  r13!, {lr}\n"
60 		: "=&r" (result)
61 		: "r" (core_id)
62 		: "cc", "r0", "r1", "memory");
63 	return  result;
64 }
65 
66 #ifdef CONFIG_TI_SECURE_DEVICE
67 #define KS2_HS_SEC_HEADER_LEN	0x60
68 #define KS2_HS_SEC_TAG_OFFSET	0x34
69 #define KS2_AUTH_CMD		130
70 
71 /**
72  * k2_hs_bm_auth() - Invokes security functions using a
73  * proprietary TI interface. This binary and source for
74  * this is available in the secure development package or
75  * SECDEV. For details on how to access this please refer
76  * doc/README.ti-secure
77  *
78  * @cmd: Secure monitor command
79  * @arg1: Argument for command
80  *
81  * returns non-zero value on success, zero on error
82  */
83 static int k2_hs_bm_auth(int cmd, void *arg1)
84 {
85 	int result;
86 
87 	asm volatile (
88 		"stmfd  r13!, {r4-r12, lr}\n"
89 		"mov r0, %1\n"
90 		"mov r1, %2\n"
91 		"smc #2\n"
92 		"ldmfd r13!, {r4-r12, lr}\n"
93 		: "=&r" (result)
94 		: "r" (cmd), "r" (arg1)
95 		: "cc", "r0", "r1", "memory");
96 
97 	return  result;
98 }
99 
100 void board_fit_image_post_process(void **p_image, size_t *p_size)
101 {
102 	int result = 0;
103 	void *image = *p_image;
104 
105 	if (strncmp(image + KS2_HS_SEC_TAG_OFFSET, "KEYS", 4)) {
106 		printf("No signature found in image!\n");
107 		hang();
108 	}
109 
110 	result = k2_hs_bm_auth(KS2_AUTH_CMD, image);
111 	if (result == 0) {
112 		printf("Authentication failed!\n");
113 		hang();
114 	}
115 
116 	/*
117 	* Overwrite the image headers after authentication
118 	* and decryption. Update size to reflect removal
119 	* of header.
120 	*/
121 	memcpy(image, image + KS2_HS_SEC_HEADER_LEN, *p_size);
122 	*p_size -= KS2_HS_SEC_HEADER_LEN;
123 
124 	/*
125 	 * Output notification of successful authentication to re-assure the
126 	 * user that the secure code is being processed as expected. However
127 	 * suppress any such log output in case of building for SPL and booting
128 	 * via YMODEM. This is done to avoid disturbing the YMODEM serial
129 	 * protocol transactions.
130 	 */
131 	if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
132 	      IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
133 	      spl_boot_device() == BOOT_DEVICE_UART))
134 		printf("Authentication passed\n");
135 }
136 #endif
137