1// SPDX-License-Identifier: GPL-2.0 2/* 3 * K3: Security functions 4 * 5 * Copyright (C) 2018-2022 Texas Instruments Incorporated - https://www.ti.com/ 6 * Andrew F. Davis <afd@ti.com> 7 */ 8 9#include <asm/io.h> 10#include <cpu_func.h> 11#include <dm.h> 12#include <hang.h> 13#include <image.h> 14#include <log.h> 15#include <asm/cache.h> 16#include <linux/soc/ti/ti_sci_protocol.h> 17#include <mach/spl.h> 18#include <spl.h> 19#include <linux/dma-mapping.h> 20 21#include "common.h" 22 23static bool ti_secure_cert_detected(void *p_image) 24{ 25 /* Primitive certificate detection, check for DER starting with 26 * two 4-Octet SEQUENCE tags 27 */ 28 return (((u8 *)p_image)[0] == 0x30 && ((u8 *)p_image)[1] == 0x82 && 29 ((u8 *)p_image)[4] == 0x30 && ((u8 *)p_image)[5] == 0x82); 30} 31 32/* Primitive certificate length, assumes one 2-Octet sized SEQUENCE */ 33static size_t ti_secure_cert_length(void *p_image) 34{ 35 size_t seq_length = be16_to_cpu(readw_relaxed(p_image + 2)); 36 /* Add 4 for the SEQUENCE tag length */ 37 return seq_length + 4; 38} 39 40void ti_secure_image_check_binary(void **p_image, size_t *p_size) 41{ 42 u32 image_size; 43 size_t cert_length; 44 image_size = *p_size; 45 46 if (!image_size) { 47 debug("%s: Image size is %d\n", __func__, image_size); 48 return; 49 } 50 51 if (get_device_type() == K3_DEVICE_TYPE_GP) { 52 if (ti_secure_cert_detected(*p_image)) { 53 debug("Warning: Detected image signing certificate on GP device. " 54 "Skipping certificate to prevent boot failure. " 55 "This will fail if the image was also encrypted\n"); 56 57 cert_length = ti_secure_cert_length(*p_image); 58 if (cert_length > *p_size) { 59 printf("Invalid signing certificate size\n"); 60 return; 61 } 62 63 printf("Skipping authentication on GP device\n"); 64 *p_image += cert_length; 65 *p_size -= cert_length; 66 } 67 68 return; 69 } 70} 71 72void ti_secure_image_post_process(void **p_image, size_t *p_size) 73{ 74 struct ti_sci_handle *ti_sci = get_ti_sci_handle(); 75 struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops; 76 u64 image_addr; 77 u32 image_size; 78 int ret; 79 80 image_size = *p_size; 81 if (!image_size) { 82 debug("%s: Image size is %d\n", __func__, image_size); 83 return; 84 } 85 86 if (get_device_type() == K3_DEVICE_TYPE_GP) 87 return; 88 89 if (get_device_type() != K3_DEVICE_TYPE_HS_SE && 90 !ti_secure_cert_detected(*p_image)) { 91 printf("Warning: Did not detect image signing certificate. " 92 "Skipping authentication to prevent boot failure. " 93 "This will fail on Security Enforcing(HS-SE) devices\n"); 94 return; 95 } 96 97 /* Clean out image so it can be seen by system firmware */ 98 image_addr = dma_map_single(*p_image, *p_size, DMA_BIDIRECTIONAL); 99 100 debug("Authenticating image at address 0x%016llx\n", image_addr); 101 debug("Authenticating image of size %d bytes\n", image_size); 102 103 /* Authenticate image */ 104 ret = proc_ops->proc_auth_boot_image(ti_sci, &image_addr, &image_size); 105 if (ret) { 106 printf("Authentication failed!\n"); 107 hang(); 108 } 109 110 /* Invalidate any stale lines over data written by system firmware */ 111 if (image_size) 112 dma_unmap_single(image_addr, image_size, DMA_BIDIRECTIONAL); 113 114 /* 115 * The image_size returned may be 0 when the authentication process has 116 * moved the image. When this happens no further processing on the 117 * image is needed or often even possible as it may have also been 118 * placed behind a firewall when moved. 119 */ 120 *p_size = image_size; 121 122 /* 123 * Output notification of successful authentication to re-assure the 124 * user that the secure code is being processed as expected. However 125 * suppress any such log output in case of building for SPL and booting 126 * via YMODEM. This is done to avoid disturbing the YMODEM serial 127 * protocol transactions. 128 */ 129 if (!(IS_ENABLED(CONFIG_SPL_BUILD) && 130 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) && 131 spl_boot_device() == BOOT_DEVICE_UART)) 132 printf("Authentication passed\n"); 133} 134