1 /* 2 * 3 * Common security related functions for OMAP devices 4 * 5 * (C) Copyright 2016 6 * Texas Instruments, <www.ti.com> 7 * 8 * Daniel Allred <d-allred@ti.com> 9 * Andreas Dannenberg <dannenberg@ti.com> 10 * 11 * SPDX-License-Identifier: GPL-2.0+ 12 */ 13 14 #include <common.h> 15 #include <stdarg.h> 16 17 #include <asm/arch/sys_proto.h> 18 #include <asm/omap_common.h> 19 #include <asm/omap_sec_common.h> 20 #include <asm/spl.h> 21 #include <spl.h> 22 23 /* Index for signature verify ROM API */ 24 #ifdef CONFIG_AM33XX 25 #define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000C) 26 #else 27 #define API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX (0x0000000E) 28 #endif 29 30 static uint32_t secure_rom_call_args[5] __aligned(ARCH_DMA_MINALIGN); 31 32 u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...) 33 { 34 int i; 35 u32 num_args; 36 va_list ap; 37 38 va_start(ap, flag); 39 40 num_args = va_arg(ap, u32); 41 42 if (num_args > 4) { 43 va_end(ap); 44 return 1; 45 } 46 47 /* Copy args to aligned args structure */ 48 for (i = 0; i < num_args; i++) 49 secure_rom_call_args[i + 1] = va_arg(ap, u32); 50 51 secure_rom_call_args[0] = num_args; 52 53 va_end(ap); 54 55 /* if data cache is enabled, flush the aligned args structure */ 56 flush_dcache_range( 57 (unsigned int)&secure_rom_call_args[0], 58 (unsigned int)&secure_rom_call_args[0] + 59 roundup(sizeof(secure_rom_call_args), ARCH_DMA_MINALIGN)); 60 61 return omap_smc_sec(service, proc_id, flag, secure_rom_call_args); 62 } 63 64 static u32 find_sig_start(char *image, size_t size) 65 { 66 char *image_end = image + size; 67 char *sig_start_magic = "CERT_"; 68 int magic_str_len = strlen(sig_start_magic); 69 char *ch; 70 71 while (--image_end > image) { 72 if (*image_end == '_') { 73 ch = image_end - magic_str_len + 1; 74 if (!strncmp(ch, sig_start_magic, magic_str_len)) 75 return (u32)ch; 76 } 77 } 78 return 0; 79 } 80 81 int secure_boot_verify_image(void **image, size_t *size) 82 { 83 int result = 1; 84 u32 cert_addr, sig_addr; 85 size_t cert_size; 86 87 /* Perform cache writeback on input buffer */ 88 flush_dcache_range( 89 (u32)*image, 90 (u32)*image + roundup(*size, ARCH_DMA_MINALIGN)); 91 92 cert_addr = (uint32_t)*image; 93 sig_addr = find_sig_start((char *)*image, *size); 94 95 if (sig_addr == 0) { 96 printf("No signature found in image!\n"); 97 result = 1; 98 goto auth_exit; 99 } 100 101 *size = sig_addr - cert_addr; /* Subtract out the signature size */ 102 cert_size = *size; 103 104 /* Check if image load address is 32-bit aligned */ 105 if (!IS_ALIGNED(cert_addr, 4)) { 106 printf("Image is not 4-byte aligned!\n"); 107 result = 1; 108 goto auth_exit; 109 } 110 111 /* Image size also should be multiple of 4 */ 112 if (!IS_ALIGNED(cert_size, 4)) { 113 printf("Image size is not 4-byte aligned!\n"); 114 result = 1; 115 goto auth_exit; 116 } 117 118 /* Call ROM HAL API to verify certificate signature */ 119 debug("%s: load_addr = %x, size = %x, sig_addr = %x\n", __func__, 120 cert_addr, cert_size, sig_addr); 121 122 result = secure_rom_call( 123 API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0, 124 4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF); 125 126 /* Perform cache writeback on output buffer */ 127 flush_dcache_range( 128 (u32)*image, 129 (u32)*image + roundup(*size, ARCH_DMA_MINALIGN)); 130 131 auth_exit: 132 if (result != 0) { 133 printf("Authentication failed!\n"); 134 printf("Return Value = %08X\n", result); 135 hang(); 136 } 137 138 /* 139 * Output notification of successful authentication as well the name of 140 * the signing certificate used to re-assure the user that the secure 141 * code is being processed as expected. However suppress any such log 142 * output in case of building for SPL and booting via YMODEM. This is 143 * done to avoid disturbing the YMODEM serial protocol transactions. 144 */ 145 if (!(IS_ENABLED(CONFIG_SPL_BUILD) && 146 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) && 147 spl_boot_device() == BOOT_DEVICE_UART)) 148 printf("Authentication passed: %s\n", (char *)sig_addr); 149 150 return result; 151 } 152