On 23.11.2016 16:12, Mario Six wrote:
The patch implements secure booting for the mvebu architecture.
This includes:
- The addition of secure headers and all needed signatures and keys in mkimage
- Commands capable of writing the board's efuses to both write the needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary commands to write the efuses
The KAK and CSK keys are expected to reside in the files kwb_kak.key and kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.
Signed-off-by: Reinhard Pfau reinhard.pfau@gdsys.cc Signed-off-by: Mario Six mario.six@gdsys.cc
Thanks Mario, I have to admit that I'm pretty new to this secure booting support on A38x. So I can't really comment much on the technical details. I would very much like to see some documentation being added for this secure boot support on A38x (doc/...). With a more detailed explanation of this procedure and best one exmaple on how this is done in practice.
Please find some more comments below.
Makefile | 3 +- arch/arm/mach-mvebu/Kconfig | 20 + arch/arm/mach-mvebu/Makefile | 1 + arch/arm/mach-mvebu/efuse.c | 293 ++++++++++++ arch/arm/mach-mvebu/include/mach/cpu.h | 2 + arch/arm/mach-mvebu/include/mach/efuse.h | 71 +++ tools/Makefile | 6 +- tools/kwbimage.c | 744 ++++++++++++++++++++++++++++++- tools/kwbimage.h | 37 ++ 9 files changed, 1169 insertions(+), 8 deletions(-) create mode 100644 arch/arm/mach-mvebu/efuse.c create mode 100644 arch/arm/mach-mvebu/include/mach/efuse.h
diff --git a/Makefile b/Makefile index 96ddc59..05a38af 100644 --- a/Makefile +++ b/Makefile @@ -938,7 +938,8 @@ MKIMAGEFLAGS_u-boot.kwb = -n $(srctree)/$(CONFIG_SYS_KWD_CONFIG:"%"=%) \ -T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE)
MKIMAGEFLAGS_u-boot-spl.kwb = -n $(srctree)/$(CONFIG_SYS_KWD_CONFIG:"%"=%) \
- -T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE)
- -T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE) \
- $(if $(KEYDIR),-k $(KEYDIR))
MKIMAGEFLAGS_u-boot.pbl = -n $(srctree)/$(CONFIG_SYS_FSL_PBL_RCW:"%"=%) \ -R $(srctree)/$(CONFIG_SYS_FSL_PBL_PBI:"%"=%) -T pblimage diff --git a/arch/arm/mach-mvebu/Kconfig b/arch/arm/mach-mvebu/Kconfig index 6e8026b..1ca7b52 100644 --- a/arch/arm/mach-mvebu/Kconfig +++ b/arch/arm/mach-mvebu/Kconfig @@ -1,5 +1,9 @@ if ARCH_MVEBU
+config HAVE_MVEBU_EFUSE
- bool
- default n
config ARMADA_32BIT bool select CPU_V7 @@ -21,6 +25,7 @@ config ARMADA_375 config ARMADA_38X bool select ARMADA_32BIT
- select HAVE_MVEBU_EFUSE
Do you know if this secure boot support provided in this patch (and the one before it) also supports the Armada XP SoCs?
config ARMADA_XP bool @@ -136,4 +141,19 @@ config SYS_VENDOR config SYS_SOC default "mvebu"
+config MVEBU_EFUSE
- bool "Enable eFuse support"
- default n
- depends on HAVE_MVEBU_EFUSE
Is this Kconfig option enabled in your board support patch? I can't find it there. And could you please add a help text to this option as well?
+config MVEBU_EFUSE_FAKE
- bool "Fake eFuse access (dry run)"
- default n
- depends on MVEBU_EFUSE
- help
This enables a "dry run" mode where eFuses are not really programmed.Instead the eFuse accesses are emulated by writing to and readingfrom a memory block.This is can be used for testing prog scripts.endif diff --git a/arch/arm/mach-mvebu/Makefile b/arch/arm/mach-mvebu/Makefile index 65e90c4..d4210af 100644 --- a/arch/arm/mach-mvebu/Makefile +++ b/arch/arm/mach-mvebu/Makefile @@ -27,6 +27,7 @@ ifndef CONFIG_SPL_BUILD obj-$(CONFIG_ARMADA_375) += ../../../drivers/ddr/marvell/axp/xor.o obj-$(CONFIG_ARMADA_38X) += ../../../drivers/ddr/marvell/a38x/xor.o obj-$(CONFIG_ARMADA_XP) += ../../../drivers/ddr/marvell/axp/xor.o +obj-$(CONFIG_MVEBU_EFUSE) += efuse.o endif # CONFIG_SPL_BUILD obj-y += gpio.o obj-y += mbus.o diff --git a/arch/arm/mach-mvebu/efuse.c b/arch/arm/mach-mvebu/efuse.c new file mode 100644 index 0000000..c8d04bf --- /dev/null +++ b/arch/arm/mach-mvebu/efuse.c @@ -0,0 +1,293 @@ +/*
- Copyright (C) 2015-2016 Reinhard Pfau reinhard.pfau@gdsys.cc
- SPDX-License-Identifier: GPL-2.0+
- */
+#include <config.h> +#include <common.h> +#include <errno.h> +#include <asm/io.h> +#include <asm/arch/cpu.h> +#include <asm/arch/efuse.h> +#include <asm/arch/soc.h> +#include <linux/mbus.h>
+#if defined(CONFIG_MVEBU_EFUSE)
This check should not be needed, as this file only gets compiled if CONFIG_MVEBU_EFUSE is defined.
+#if defined(CONFIG_MVEBU_EFUSE_FAKE) +#define DRY_RUN +#else +#undef DRY_RUN +#endif
+#define MBUS_EFUSE_BASE 0xF6000000 +#define MBUS_EFUSE_SIZE BIT(20)
+#define MVEBU_EFUSE_CONTROL (MVEBU_REGISTER(0xE4008))
+enum {
- MVEBU_EFUSE_CTRL_PROGRAM_ENABLE = (1 << 31),
+};
+struct mvebu_hd_efuse {
- u32 bits_31_0;
- u32 bits_63_32;
- u32 bit64;
- u32 reserved0;
+};
+#ifndef DRY_RUN +static struct mvebu_hd_efuse *efuses =
- (struct mvebu_hd_efuse *)(MBUS_EFUSE_BASE + 0xF9000);
+#else +static struct mvebu_hd_efuse efuses[EFUSE_LINE_MAX + 1]; +#endif
+static int efuse_initialised;
+static struct mvebu_hd_efuse *get_efuse_line(int nr) +{
- if (nr < 0 || nr > 63 || !efuse_initialised)
return NULL;- return efuses + nr;
+}
+static void enable_efuse_program(void) +{ +#ifndef DRY_RUN
- setbits_le32(MVEBU_EFUSE_CONTROL, MVEBU_EFUSE_CTRL_PROGRAM_ENABLE);
+#endif +}
+static void disable_efuse_program(void) +{ +#ifndef DRY_RUN
- u32 reg = readl(MVEBU_EFUSE_CONTROL);
- reg &= ~MVEBU_EFUSE_CTRL_PROGRAM_ENABLE;
- writel(MVEBU_EFUSE_CONTROL, reg);
clrbits_le32() please.
+#endif +}
+static int do_prog_efuse(struct mvebu_hd_efuse *efuse,
struct efuse_val *new_val, u32 mask0, u32 mask1)+{
- struct efuse_val val;
- val.dwords.d[0] = readl(&efuse->bits_31_0);
- val.dwords.d[1] = readl(&efuse->bits_63_32);
- val.lock = readl(&efuse->bit64);
- if (val.lock & 1)
return -EPERM;- val.dwords.d[0] |= (new_val->dwords.d[0] & mask0);
- val.dwords.d[1] |= (new_val->dwords.d[1] & mask1);
- val.lock |= new_val->lock;
- writel(val.dwords.d[0], &efuse->bits_31_0);
- mdelay(1);
- writel(val.dwords.d[1], &efuse->bits_63_32);
- mdelay(1);
- writel(val.lock, &efuse->bit64);
- mdelay(5);
- return 0;
+}
+static int prog_efuse(int nr, struct efuse_val *new_val, u32 mask0, u32 mask1) +{
- struct mvebu_hd_efuse *efuse;
- int res = 0;
- res = mvebu_efuse_init_hw();
- if (res)
return res;- efuse = get_efuse_line(nr);
- if (!efuse)
return -ENODEV;- if (!new_val)
return -EINVAL;- /* only write a fuse line with lock bit */
- if (!new_val->lock)
return -EINVAL;- /* according to specs ECC protection bits must be 0 on write */
- if (new_val->bytes.d[7] & 0xFE)
return -EINVAL;- if (!new_val->dwords.d[0] && !new_val->dwords.d[1] && (mask0 | mask1))
return 0;- enable_efuse_program();
- res = do_prog_efuse(efuse, new_val, mask0, mask1);
- disable_efuse_program();
- return res;
+}
+int mvebu_efuse_init_hw(void) +{
- int ret;
- if (efuse_initialised)
return 0;- ret = mvebu_mbus_add_window_by_id(
CPU_TARGET_SATA23_DFX, 0xA, MBUS_EFUSE_BASE, MBUS_EFUSE_SIZE);- if (ret)
return ret;- efuse_initialised = 1;
- return 0;
+}
+int mvebu_read_efuse(int nr, struct efuse_val *val) +{
- struct mvebu_hd_efuse *efuse;
- int res;
- res = mvebu_efuse_init_hw();
- if (res)
return res;- efuse = get_efuse_line(nr);
- if (!efuse)
return -ENODEV;- if (!val)
return -EINVAL;- val->dwords.d[0] = readl(&efuse->bits_31_0);
- val->dwords.d[1] = readl(&efuse->bits_63_32);
- val->lock = readl(&efuse->bit64);
- return 0;
+}
+int mvebu_write_efuse(int nr, struct efuse_val *val) +{
- return prog_efuse(nr, val, ~0, ~0);
+}
+int mvebu_lock_efuse(int nr) +{
- struct efuse_val val = {
.lock = 1,- };
- return prog_efuse(nr, &val, 0, 0);
+}
+#else
+int mvebu_efuse_init_hw(void) +{
- return -ENODEV;
+}
+int mvebu_read_efuse(int nr, struct efuse_val *val) +{
- return -ENODEV;
+}
+int mvebu_write_efuse(int nr, struct efuse_val *val) +{
- return -ENODEV;
+}
+int mvebu_lock_efuse(int nr) +{
- return -ENODEV;
+}
+#endif
+/*
- wrapper funcs providing the fuse API
- we use the following mapping:
- "bank" -> eFuse line
- "word" -> 0: bits 0-31
1: bits 32-63
2: bit 64 (lock)- */
+static struct efuse_val prog_val; +static int valid_prog_words;
+int fuse_read(u32 bank, u32 word, u32 *val) +{
- struct efuse_val fuse_line;
- int res;
- if (bank < EFUSE_LINE_MIN || bank > EFUSE_LINE_MAX || word > 2)
return -EINVAL;- res = mvebu_read_efuse(bank, &fuse_line);
- if (res)
return res;- if (word < 2)
*val = fuse_line.dwords.d[word];- else
*val = fuse_line.lock;- return res;
+}
+int fuse_sense(u32 bank, u32 word, u32 *val) +{
- /* not supported */
- return -ENOSYS;
+}
+int fuse_prog(u32 bank, u32 word, u32 val) +{
- int res = 0;
- /*
* NOTE: Fuse line should be written as whole.* So how can we do that with this API?* For now: remember values for word == 0 and word == 1 and write the* whole line when word == 2.* This implies that we always require all 3 fuse prog cmds (one for* for each word) to write a single fuse line.* Exception is a single write to word 2 which will lock the fuse line.** Hope that will be OK.*/- if (bank < EFUSE_LINE_MIN || bank > EFUSE_LINE_MAX || word > 2)
return -EINVAL;- if (word < 2) {
prog_val.dwords.d[word] = val;valid_prog_words |= (1 << word);- } else if ((valid_prog_words & 3) == 0 && val) {
res = mvebu_lock_efuse(bank);valid_prog_words = 0;- } else if ((valid_prog_words & 3) != 3 || !val) {
res = -EINVAL;- } else {
prog_val.lock = val != 0;res = mvebu_write_efuse(bank, &prog_val);valid_prog_words = 0;- }
- return res;
+}
+int fuse_override(u32 bank, u32 word, u32 val) +{
- /* not supported */
- return -ENOSYS;
+} diff --git a/arch/arm/mach-mvebu/include/mach/cpu.h b/arch/arm/mach-mvebu/include/mach/cpu.h index 66f7680..d241eea 100644 --- a/arch/arm/mach-mvebu/include/mach/cpu.h +++ b/arch/arm/mach-mvebu/include/mach/cpu.h @@ -36,7 +36,9 @@ enum cpu_target { CPU_TARGET_ETH01 = 0x7, CPU_TARGET_PCIE13 = 0x8, CPU_TARGET_SASRAM = 0x9,
- CPU_TARGET_SATA01 = 0xa, /* A38X */ CPU_TARGET_NAND = 0xd,
- CPU_TARGET_SATA23_DFX = 0xe, /* A38X */
};
This looks like an unrelated change, perhaps better moved into a separate patch?
enum cpu_attrib { diff --git a/arch/arm/mach-mvebu/include/mach/efuse.h b/arch/arm/mach-mvebu/include/mach/efuse.h new file mode 100644 index 0000000..454f6b8 --- /dev/null +++ b/arch/arm/mach-mvebu/include/mach/efuse.h @@ -0,0 +1,71 @@ +/*
- Copyright (C) 2015 Reinhard Pfau reinhard.pfau@gdsys.cc
Only 2015? This might need to get changed in more files, I didn't check closely.
- SPDX-License-Identifier: GPL-2.0+
- */
+#ifndef _MVEBU_EFUSE_H +#define _MVEBU_EFUSE_H
+#include <common.h>
+struct efuse_val {
- union {
struct {u8 d[8];} bytes;struct {u16 d[4];} words;struct {u32 d[2];} dwords;- };
- u32 lock;
+};
+#if defined(CONFIG_ARMADA_38X)
+enum efuse_line {
- EFUSE_LINE_SECURE_BOOT = 24,
- EFUSE_LINE_PUBKEY_DIGEST_0 = 26,
- EFUSE_LINE_PUBKEY_DIGEST_1 = 27,
- EFUSE_LINE_PUBKEY_DIGEST_2 = 28,
- EFUSE_LINE_PUBKEY_DIGEST_3 = 29,
- EFUSE_LINE_PUBKEY_DIGEST_4 = 30,
- EFUSE_LINE_CSK_0_VALID = 31,
- EFUSE_LINE_CSK_1_VALID = 32,
- EFUSE_LINE_CSK_2_VALID = 33,
- EFUSE_LINE_CSK_3_VALID = 34,
- EFUSE_LINE_CSK_4_VALID = 35,
- EFUSE_LINE_CSK_5_VALID = 36,
- EFUSE_LINE_CSK_6_VALID = 37,
- EFUSE_LINE_CSK_7_VALID = 38,
- EFUSE_LINE_CSK_8_VALID = 39,
- EFUSE_LINE_CSK_9_VALID = 40,
- EFUSE_LINE_CSK_10_VALID = 41,
- EFUSE_LINE_CSK_11_VALID = 42,
- EFUSE_LINE_CSK_12_VALID = 43,
- EFUSE_LINE_CSK_13_VALID = 44,
- EFUSE_LINE_CSK_14_VALID = 45,
- EFUSE_LINE_CSK_15_VALID = 46,
- EFUSE_LINE_FLASH_ID = 47,
- EFUSE_LINE_BOX_ID = 48,
- EFUSE_LINE_MIN = 0,
- EFUSE_LINE_MAX = 63,
+};
+#endif
+int mvebu_efuse_init_hw(void);
+int mvebu_read_efuse(int nr, struct efuse_val *val);
+int mvebu_write_efuse(int nr, struct efuse_val *val);
+int mvebu_lock_efuse(int nr);
Double empty line not needed.
+#endif diff --git a/tools/Makefile b/tools/Makefile index 9edb504..887ef77 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -141,8 +141,12 @@ ifdef CONFIG_SYS_U_BOOT_OFFS HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS) endif
+ifneq ($(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X),) +HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE +endif
# MXSImage needs LibSSL -ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_FIT_SIGNATURE),) +ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE),) HOSTLOADLIBES_mkimage += \ $(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto")
diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 1bc0102..2d40594 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -1,30 +1,47 @@ /*
- Image manipulator for Marvell SoCs
- supports Kirkwood, Dove, Armada 370, and Armada XP
- supports Kirkwood, Dove, Armada 370, Armada XP, and Armada 38x
- (C) Copyright 2013 Thomas Petazzoni
- thomas.petazzoni@free-electrons.com
- SPDX-License-Identifier: GPL-2.0+
- Not implemented: support for the register headers and secure
- headers in v1 images
*/
- Not implemented: support for the register headers in v1 images
#include "imagetool.h" #include <limits.h> #include <image.h> +#include <stdarg.h> #include <stdint.h> #include "kwbimage.h"
+#ifdef CONFIG_KWB_SECURE +#include <openssl/rsa.h> +#include <openssl/pem.h> +#include <openssl/err.h> +#include <openssl/evp.h> +#endif
static struct image_cfg_element *image_cfg; static int cfgn; +#ifdef CONFIG_KWB_SECURE +static int verbose_mode; +#endif
struct boot_mode { unsigned int id; const char *name; };
+/*
- SHA2-256 hash
- */
+struct hash_v1 {
- uint8_t hash[32];
+};
struct boot_mode boot_modes[] = { { 0x4D, "i2c" }, { 0x5A, "spi" }, @@ -68,6 +85,16 @@ enum image_cfg_type { IMAGE_CFG_BINARY, IMAGE_CFG_PAYLOAD, IMAGE_CFG_DATA,
IMAGE_CFG_KAK,
IMAGE_CFG_CSK,
IMAGE_CFG_CSK_INDEX,
IMAGE_CFG_JTAG_DELAY,
IMAGE_CFG_BOX_ID,
IMAGE_CFG_FLASH_ID,
IMAGE_CFG_SEC_COMMON_IMG,
IMAGE_CFG_SEC_SPECIALIZED_IMG,
IMAGE_CFG_SEC_BOOT_DEV,
IMAGE_CFG_SEC_FUSE_DUMP,
IMAGE_CFG_COUNT
} type; @@ -84,6 +111,16 @@ static const char * const id_strs[] = { [IMAGE_CFG_BINARY] = "BINARY", [IMAGE_CFG_PAYLOAD] = "PAYLOAD", [IMAGE_CFG_DATA] = "DATA",
- [IMAGE_CFG_KAK] = "KAK",
- [IMAGE_CFG_CSK] = "CSK",
- [IMAGE_CFG_CSK_INDEX] = "CSK_INDEX",
- [IMAGE_CFG_JTAG_DELAY] = "JTAG_DELAY",
- [IMAGE_CFG_BOX_ID] = "BOX_ID",
- [IMAGE_CFG_FLASH_ID] = "FLASH_ID",
- [IMAGE_CFG_SEC_COMMON_IMG] = "SEC_COMMON_IMG",
- [IMAGE_CFG_SEC_SPECIALIZED_IMG] = "SEC_SPECIALIZED_IMG",
- [IMAGE_CFG_SEC_BOOT_DEV] = "SEC_BOOT_DEV",
- [IMAGE_CFG_SEC_FUSE_DUMP] = "SEC_FUSE_DUMP"
};
struct image_cfg_element { @@ -104,6 +141,14 @@ struct image_cfg_element { unsigned int nandeccmode; unsigned int nandpagesz; struct ext_hdr_v0_reg regdata;
const char *key_name;int csk_idx;uint8_t jtag_delay;uint32_t boxid;uint32_t flashid;bool sec_specialized_img;unsigned int sec_boot_dev;const char *name;};
@@ -172,6 +217,32 @@ image_count_options(unsigned int optiontype) return count; }
+#if defined(CONFIG_KWB_SECURE)
+static int image_get_csk_index(void) +{
- struct image_cfg_element *e;
- e = image_find_option(IMAGE_CFG_CSK_INDEX);
- if (!e)
return -1;- return e->csk_idx;
+}
+static bool image_get_spezialized_img(void) +{
- struct image_cfg_element *e;
- e = image_find_option(IMAGE_CFG_SEC_SPECIALIZED_IMG);
- if (!e)
return false;- return e->sec_specialized_img;
+}
+#endif
/*
- Compute a 8-bit checksum of a memory area. This algorithm follows
- the requirements of the Marvell SoC BootROM specifications.
@@ -217,6 +288,493 @@ static uint32_t image_checksum32(void *start, uint32_t len) return csum; }
+#if defined(CONFIG_KWB_SECURE) +static void kwb_msg(const char *fmt, ...) +{
- if (verbose_mode) {
va_list ap;va_start(ap, fmt);vfprintf(stdout, fmt, ap);va_end(ap);- }
+}
+static int openssl_err(const char *msg) +{
- unsigned long ssl_err = ERR_get_error();
- fprintf(stderr, "%s", msg);
- fprintf(stderr, ": %s\n",
ERR_error_string(ssl_err, 0));- return -1;
+}
+static int kwb_load_rsa_key(const char *keydir, const char *name, RSA **p_rsa) +{
- char path[PATH_MAX];
- RSA *rsa;
- FILE *f;
- if (!keydir)
keydir = ".";- snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
- f = fopen(path, "r");
- if (!f) {
fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",path, strerror(errno));return -ENOENT;- }
- rsa = PEM_read_RSAPrivateKey(f, 0, NULL, "");
- if (!rsa) {
openssl_err("Failure reading private key");fclose(f);return -EPROTO;- }
- fclose(f);
- *p_rsa = rsa;
- return 0;
+}
+static int kwb_load_cfg_key(struct image_tool_params *params,
unsigned int cfg_option, const char *key_name,RSA **p_key)+{
- struct image_cfg_element *e_key;
- RSA *key;
- int res;
- *p_key = NULL;
- e_key = image_find_option(cfg_option);
- if (!e_key) {
fprintf(stderr, "%s not configured\n", key_name);return -ENOENT;- }
- res = kwb_load_rsa_key(params->keydir, e_key->key_name, &key);
- if (res < 0) {
fprintf(stderr, "Failed to load %s\n", key_name);return -ENOENT;- }
- *p_key = key;
- return 0;
+}
+static int kwb_load_kak(struct image_tool_params *params, RSA **p_kak) +{
- return kwb_load_cfg_key(params, IMAGE_CFG_KAK, "KAK", p_kak);
+}
+static int kwb_load_csk(struct image_tool_params *params, RSA **p_csk) +{
- return kwb_load_cfg_key(params, IMAGE_CFG_CSK, "CSK", p_csk);
+}
+static int kwb_compute_pubkey_hash(struct pubkey_der_v1 *pk,
struct hash_v1 *hash)+{
- EVP_MD_CTX *ctx;
- unsigned int key_size;
- unsigned int hash_size;
- int ret = 0;
- if (!pk || !hash || pk->key[0] != 0x30 || pk->key[1] != 0x82)
return -EINVAL;- key_size = (pk->key[2] << 8) + pk->key[3] + 4;
- ctx = EVP_MD_CTX_create();
- if (!ctx)
return openssl_err("EVP context creation failed");- EVP_MD_CTX_init(ctx);
- if (!EVP_DigestInit(ctx, EVP_sha256())) {
ret = openssl_err("Digest setup failed");goto hash_err_ctx;- }
- if (!EVP_DigestUpdate(ctx, pk->key, key_size)) {
ret = openssl_err("Hashing data failed");goto hash_err_ctx;- }
- if (!EVP_DigestFinal(ctx, hash->hash, &hash_size)) {
ret = openssl_err("Could not obtain hash");goto hash_err_ctx;- }
- EVP_MD_CTX_cleanup(ctx);
+hash_err_ctx:
- EVP_MD_CTX_destroy(ctx);
- return ret;
+}
+static int kwb_import_pubkey(RSA **key, struct pubkey_der_v1 *src, char *keyname) +{
- RSA *rsa;
- const unsigned char *ptr;
- if (!key || !src)
goto fail;- ptr = src->key;
- rsa = d2i_RSAPublicKey(key, &ptr, sizeof(src->key));
- if (!rsa) {
openssl_err("error decoding public key");goto fail;- }
- return 0;
+fail:
- fprintf(stderr, "Failed to decode %s pubkey\n", keyname);
- return -EINVAL;
+}
+static int kwb_export_pubkey(RSA *key, struct pubkey_der_v1 *dst, FILE *hashf,
char *keyname)+{
- int size_exp, size_mod, size_seq;
- uint8_t *cur;
- char *errmsg = "Failed to encode %s\n";
- if (!key || !key->e || !key->n || !dst) {
fprintf(stderr, "export pk failed: (%p, %p, %p, %p)",key, key->e, key->n, dst);fprintf(stderr, errmsg, keyname);return -EINVAL;- }
- /*
* According to the specs, the key should be PKCS#1 DER encoded.* But unfortunately the really required encoding seems to be different;* it violates DER...! (But it still conformes to BER.)* (Length always in long form w/ 2 byte length code; no leading zero* when MSB of first byte is set...)* So we cannot use the encoding func provided by OpenSSL and have to* do the encoding manually.*/- size_exp = BN_num_bytes(key->e);
- size_mod = BN_num_bytes(key->n);
- size_seq = 4 + size_mod + 4 + size_exp;
- if (size_mod > 256) {
fprintf(stderr, "export pk failed: wrong mod size: %d\n",size_mod);fprintf(stderr, errmsg, keyname);return -EINVAL;- }
- if (4 + size_seq > sizeof(dst->key)) {
fprintf(stderr, "export pk failed: seq too large (%d, %lu)\n",4 + size_seq, sizeof(dst->key));fprintf(stderr, errmsg, keyname);return -ENOBUFS;- }
- cur = dst->key;
- /* PKCS#1 (RFC3447) RSAPublicKey structure */
- *cur++ = 0x30; /* SEQUENCE */
- *cur++ = 0x82;
- *cur++ = (size_seq >> 8) & 0xFF;
- *cur++ = size_seq & 0xFF;
- /* Modulus */
- *cur++ = 0x02; /* INTEGER */
- *cur++ = 0x82;
- *cur++ = (size_mod >> 8) & 0xFF;
- *cur++ = size_mod & 0xFF;
- BN_bn2bin(key->n, cur);
- cur += size_mod;
- /* Exponent */
- *cur++ = 0x02; /* INTEGER */
- *cur++ = 0x82;
- *cur++ = (size_exp >> 8) & 0xFF;
- *cur++ = size_exp & 0xFF;
- BN_bn2bin(key->e, cur);
- if (hashf) {
struct hash_v1 pk_hash;int i;int ret = 0;ret = kwb_compute_pubkey_hash(dst, &pk_hash);if (ret < 0) {fprintf(stderr, errmsg, keyname);return ret;}fprintf(hashf, "SHA256 = ");for (i = 0 ; i < sizeof(pk_hash.hash); ++i)fprintf(hashf, "%02X", pk_hash.hash[i]);fprintf(hashf, "\n");- }
- return 0;
+}
+int kwb_sign(RSA *key, void *data, int datasz, struct sig_v1 *sig, char *signame) +{
- EVP_PKEY *evp_key;
- EVP_MD_CTX *ctx;
- unsigned int sig_size;
- int size;
- int ret = 0;
- evp_key = EVP_PKEY_new();
- if (!evp_key)
return openssl_err("EVP_PKEY object creation failed");- if (!EVP_PKEY_set1_RSA(evp_key, key)) {
ret = openssl_err("EVP key setup failed");goto err_key;- }
- size = EVP_PKEY_size(evp_key);
- if (size > sizeof(sig->sig)) {
fprintf(stderr, "Buffer to small for signature (%d bytes)\n",size);ret = -ENOBUFS;goto err_key;- }
- ctx = EVP_MD_CTX_create();
- if (!ctx) {
ret = openssl_err("EVP context creation failed");goto err_key;- }
- EVP_MD_CTX_init(ctx);
- if (!EVP_SignInit(ctx, EVP_sha256())) {
ret = openssl_err("Signer setup failed");goto err_ctx;- }
- if (!EVP_SignUpdate(ctx, data, datasz)) {
ret = openssl_err("Signing data failed");goto err_ctx;- }
- if (!EVP_SignFinal(ctx, sig->sig, &sig_size, evp_key)) {
ret = openssl_err("Could not obtain signature");goto err_ctx;- }
- EVP_MD_CTX_cleanup(ctx);
- EVP_MD_CTX_destroy(ctx);
- EVP_PKEY_free(evp_key);
- return 0;
+err_ctx:
- EVP_MD_CTX_destroy(ctx);
+err_key:
- EVP_PKEY_free(evp_key);
- fprintf(stderr, "Failed to create %s signature\n", signame);
- return ret;
+}
+int kwb_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
char *signame)+{
- EVP_PKEY *evp_key;
- EVP_MD_CTX *ctx;
- int size;
- int ret = 0;
- evp_key = EVP_PKEY_new();
- if (!evp_key)
return openssl_err("EVP_PKEY object creation failed");- if (!EVP_PKEY_set1_RSA(evp_key, key)) {
ret = openssl_err("EVP key setup failed");goto err_key;- }
- size = EVP_PKEY_size(evp_key);
- if (size > sizeof(sig->sig)) {
fprintf(stderr, "Invalid signature size (%d bytes)\n",size);ret = -EINVAL;goto err_key;- }
- ctx = EVP_MD_CTX_create();
- if (!ctx) {
ret = openssl_err("EVP context creation failed");goto err_key;- }
- EVP_MD_CTX_init(ctx);
- if (!EVP_VerifyInit(ctx, EVP_sha256())) {
ret = openssl_err("Verifier setup failed");goto err_ctx;- }
- if (!EVP_VerifyUpdate(ctx, data, datasz)) {
ret = openssl_err("Hashing data failed");goto err_ctx;- }
- if (!EVP_VerifyFinal(ctx, sig->sig, sizeof(sig->sig), evp_key)) {
ret = openssl_err("Could not verify signature");goto err_ctx;- }
- EVP_MD_CTX_cleanup(ctx);
- EVP_MD_CTX_destroy(ctx);
- EVP_PKEY_free(evp_key);
- return 0;
+err_ctx:
- EVP_MD_CTX_destroy(ctx);
+err_key:
- EVP_PKEY_free(evp_key);
- fprintf(stderr, "Failed to verify %s signature\n", signame);
- return ret;
+}
+int kwb_sign_and_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
char *signame)+{
- if (kwb_sign(key, data, datasz, sig, signame) < 0)
return -1;- if (kwb_verify(key, data, datasz, sig, signame) < 0)
return -1;- return 0;
+}
+int kwb_dump_fuse_cmds_38x(FILE *out, struct secure_hdr_v1 *sec_hdr) +{
- struct hash_v1 kak_pub_hash;
- struct image_cfg_element *e;
- unsigned int fuse_line;
- int i, idx;
- uint8_t *ptr;
- uint32_t val;
- int ret = 0;
- if (!out || !sec_hdr)
return -EINVAL;- ret = kwb_compute_pubkey_hash(&sec_hdr->kak, &kak_pub_hash);
- if (ret < 0)
goto done;- fprintf(out, "# burn KAK pub key hash\n");
- ptr = kak_pub_hash.hash;
- for (fuse_line = 26; fuse_line <= 30; ++fuse_line) {
fprintf(out, "fuse prog -y %u 0 ", fuse_line);for (i = 4; i-- > 0;)fprintf(out, "%02hx", (ushort)ptr[i]);ptr += 4;fprintf(out, " 00");if (fuse_line < 30) {for (i = 3; i-- > 0;)fprintf(out, "%02hx", (ushort)ptr[i]);ptr += 3;} else {fprintf(out, "000000");}fprintf(out, " 1\n");- }
- fprintf(out, "# burn CSK selection\n");
- idx = image_get_csk_index();
- if (idx < 0 || idx > 15) {
ret = -EINVAL;goto done;- }
- if (idx > 0) {
for (fuse_line = 31; fuse_line < 31 + idx; ++fuse_line)fprintf(out, "fuse prog -y %u 0 00000001 00000000 1\n",fuse_line);- } else {
fprintf(out, "# CSK index is 0; no mods needed\n");- }
- e = image_find_option(IMAGE_CFG_BOX_ID);
- if (e) {
fprintf(out, "# set box ID\n");fprintf(out, "fuse prog -y 48 0 %08x 00000000 1\n", e->boxid);- }
- e = image_find_option(IMAGE_CFG_FLASH_ID);
- if (e) {
fprintf(out, "# set flash ID\n");fprintf(out, "fuse prog -y 47 0 %08x 00000000 1\n", e->flashid);- }
- fprintf(out, "# enable secure mode ");
- fprintf(out, "(must be the last fuse line written)\n");
- val = 1;
- e = image_find_option(IMAGE_CFG_SEC_BOOT_DEV);
- if (!e) {
fprintf(stderr, "ERROR: secured mode boot device not given\n");ret = -EINVAL;goto done;- }
- if (e->sec_boot_dev > 0xff) {
fprintf(stderr, "ERROR: secured mode boot device invalid\n");ret = -EINVAL;goto done;- }
- val |= (e->sec_boot_dev << 8);
- fprintf(out, "fuse prog -y 24 0 %08x 0103e0a9 1\n", val);
- fprintf(out, "# lock (unused) fuse lines (0-23)s\n");
- for (fuse_line = 0; fuse_line < 24; ++fuse_line)
fprintf(out, "fuse prog -y %u 2 1\n", fuse_line);- fprintf(out, "# OK, that's all :-)\n");
+done:
- return ret;
+}
+static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr) +{
- int ret = 0;
- struct image_cfg_element *e;
- e = image_find_option(IMAGE_CFG_SEC_FUSE_DUMP);
- if (!e)
return 0;- if (!strcmp(e->name, "a38x")) {
FILE *out = fopen("kwb_fuses_a38x.txt", "w+");kwb_dump_fuse_cmds_38x(out, sec_hdr);fclose(out);goto done;- }
- ret = -ENOSYS;
+done:
- return ret;
+}
+#endif
static void *image_create_v0(size_t *imagesz, struct image_tool_params *params, int payloadsz) { @@ -353,6 +911,14 @@ static size_t image_headersz_v1(int *hasext) *hasext = 1; }
+#if defined(CONFIG_KWB_SECURE)
- if (image_get_csk_index() >= 0) {
headersz += sizeof(struct secure_hdr_v1);if (hasext)*hasext = 1;- }
+#endif
#if defined(CONFIG_SYS_U_BOOT_OFFS) if (headersz > CONFIG_SYS_U_BOOT_OFFS) { fprintf(stderr, @@ -448,14 +1014,129 @@ int add_binary_header_v1(uint8_t *cur) return 0; }
+#if defined(CONFIG_KWB_SECURE)
+int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr) +{
- FILE *hashf;
- int res;
- hashf = fopen("pub_kak_hash.txt", "w");
- res = kwb_export_pubkey(kak, &secure_hdr->kak, hashf, "KAK");
- fclose(hashf);
- return res < 0 ? 1 : 0;
+}
+int kwb_sign_csk_with_kak(struct image_tool_params *params,
struct secure_hdr_v1 *secure_hdr, RSA *csk)+{
- RSA *kak = NULL;
- RSA *kak_pub = NULL;
- int csk_idx = image_get_csk_index();
- struct sig_v1 tmp_sig;
- if (csk_idx >= 16) {
fprintf(stderr, "Invalid CSK index %d\n", csk_idx);return 1;- }
- if (kwb_load_kak(params, &kak) < 0)
return 1;- if (export_pub_kak_hash(kak, secure_hdr))
return 1;- if (kwb_import_pubkey(&kak_pub, &secure_hdr->kak, "KAK") < 0)
return 1;- if (kwb_export_pubkey(csk, &secure_hdr->csk[csk_idx], NULL, "CSK") < 0)
return 1;- if (kwb_sign_and_verify(kak, &secure_hdr->csk,
sizeof(secure_hdr->csk) +sizeof(secure_hdr->csksig),&tmp_sig, "CSK") < 0)return 1;- if (kwb_verify(kak_pub, &secure_hdr->csk,
sizeof(secure_hdr->csk) +sizeof(secure_hdr->csksig),&tmp_sig, "CSK (2)") < 0)return 1;- secure_hdr->csksig = tmp_sig;
- return 0;
+}
+int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
int payloadsz, size_t headersz, uint8_t *image,struct secure_hdr_v1 *secure_hdr)+{
- struct image_cfg_element *e_jtagdelay;
- struct image_cfg_element *e_boxid;
- struct image_cfg_element *e_flashid;
- RSA *csk = NULL;
- unsigned char *image_ptr;
- size_t image_size;
- struct sig_v1 tmp_sig;
- bool specialized_img = image_get_spezialized_img();
- kwb_msg("Create secure header content\n");
- e_jtagdelay = image_find_option(IMAGE_CFG_JTAG_DELAY);
- e_boxid = image_find_option(IMAGE_CFG_BOX_ID);
- e_flashid = image_find_option(IMAGE_CFG_FLASH_ID);
- if (kwb_load_csk(params, &csk) < 0)
return 1;- secure_hdr->headertype = OPT_HDR_V1_SECURE_TYPE;
- secure_hdr->headersz_msb = 0;
- secure_hdr->headersz_lsb = cpu_to_le16(sizeof(struct secure_hdr_v1));
- if (e_jtagdelay)
secure_hdr->jtag_delay = e_jtagdelay->jtag_delay;- if (e_boxid && specialized_img)
secure_hdr->boxid = cpu_to_le32(e_boxid->boxid);- if (e_flashid && specialized_img)
secure_hdr->flashid = cpu_to_le32(e_flashid->flashid);- if (kwb_sign_csk_with_kak(params, secure_hdr, csk))
return 1;- image_ptr = ptr + headersz;
- image_size = payloadsz - headersz;
- if (kwb_sign_and_verify(csk, image_ptr, image_size,
&secure_hdr->imgsig, "image") < 0)return 1;- if (kwb_sign_and_verify(csk, image, headersz, &tmp_sig, "header") < 0)
return 1;- secure_hdr->hdrsig = tmp_sig;
- kwb_dump_fuse_cmds(secure_hdr);
- return 0;
+} +#endif
static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
int payloadsz)
uint8_t *ptr, int payloadsz){ struct image_cfg_element *e; struct main_hdr_v1 *main_hdr; +#if defined(CONFIG_KWB_SECURE)
- struct secure_hdr_v1 *secure_hdr = NULL;
+#endif size_t headersz; uint8_t *image, *cur; int hasext = 0;
uint8_t *next_ext = NULL;
/*
- Calculate the size of the header and the size of the
@@ -474,7 +1155,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, memset(image, 0, headersz);
main_hdr = (struct main_hdr_v1 *)image;
- cur = image + sizeof(struct main_hdr_v1);
cur = image;
cur += sizeof(struct main_hdr_v1);
next_ext = &main_hdr->ext;
/* Fill the main header */ main_hdr->blocksize =
@@ -497,9 +1180,28 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, if (e) main_hdr->nandbadblklocation = e->nandbadblklocation;
+#if defined(CONFIG_KWB_SECURE)
- if (image_get_csk_index() >= 0) {
/** only reserve the space here; we fill the header later since* we need the header to be complete to compute the signatures*/secure_hdr = (struct secure_hdr_v1 *)cur;cur += sizeof(struct secure_hdr_v1);next_ext = &secure_hdr->next;- }
+#endif
- *next_ext = 1;
- if (add_binary_header_v1(cur)) return NULL;
+#if defined(CONFIG_KWB_SECURE)
- if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
headersz, image, secure_hdr))return NULL;+#endif
- /* Calculate and set the header checksum */ main_hdr->checksum = image_checksum8(main_hdr, headersz);
@@ -605,6 +1307,36 @@ static int image_create_config_parse_oneline(char *line, el->regdata.raddr = strtoul(value1, NULL, 16); el->regdata.rdata = strtoul(value2, NULL, 16); break;
- case IMAGE_CFG_KAK:
el->key_name = strdup(value1);break;- case IMAGE_CFG_CSK:
el->key_name = strdup(value1);break;- case IMAGE_CFG_CSK_INDEX:
el->csk_idx = strtol(value1, NULL, 0);break;- case IMAGE_CFG_JTAG_DELAY:
el->jtag_delay = strtoul(value1, NULL, 0);break;- case IMAGE_CFG_BOX_ID:
el->boxid = strtoul(value1, NULL, 0);break;- case IMAGE_CFG_FLASH_ID:
el->flashid = strtoul(value1, NULL, 0);break;- case IMAGE_CFG_SEC_SPECIALIZED_IMG:
el->sec_specialized_img = true;break;- case IMAGE_CFG_SEC_COMMON_IMG:
el->sec_specialized_img = false;break;- case IMAGE_CFG_SEC_BOOT_DEV:
el->sec_boot_dev = strtoul(value1, NULL, 0);break;- case IMAGE_CFG_SEC_FUSE_DUMP:
el->name = strdup(value1);break;@@ -764,7 +1496,7 @@ static void kwbimage_set_header(void *ptr, struct stat *sbuf, int ifd, break;
case 1:
image = image_create_v1(&headersz, params, sbuf->st_size);
image = image_create_v1(&headersz, params, ptr, sbuf->st_size);break;
default:
diff --git a/tools/kwbimage.h b/tools/kwbimage.h index e6e3d1d..c31755c 100644 --- a/tools/kwbimage.h +++ b/tools/kwbimage.h @@ -102,6 +102,43 @@ struct opt_hdr_v1 { };
/*
- Public Key data in DER format
- */
+struct pubkey_der_v1 {
- uint8_t key[524];
+};
+/*
- Signature (RSA 2048)
- */
+struct sig_v1 {
- uint8_t sig[256];
+};
+/*
- Structure of secure header (Armada 38x)
- */
+struct secure_hdr_v1 {
- uint8_t headertype; /* 0x0 */
- uint8_t headersz_msb; /* 0x1 */
- uint16_t headersz_lsb; /* 0x2 - 0x3 */
- uint32_t reserved1; /* 0x4 - 0x7 */
- struct pubkey_der_v1 kak; /* 0x8 - 0x213 */
- uint8_t jtag_delay; /* 0x214 */
- uint8_t reserved2; /* 0x215 */
- uint16_t reserved3; /* 0x216 - 0x217 */
- uint32_t boxid; /* 0x218 - 0x21B */
- uint32_t flashid; /* 0x21C - 0x21F */
- struct sig_v1 hdrsig; /* 0x220 - 0x31F */
- struct sig_v1 imgsig; /* 0x320 - 0x41F */
- struct pubkey_der_v1 csk[16]; /* 0x420 - 0x24DF */
- struct sig_v1 csksig; /* 0x24E0 - 0x25DF */
- uint8_t next; /* 0x25E0 */
- uint8_t reserved4; /* 0x25E1 */
- uint16_t reserved5; /* 0x25E2 - 0x25E3 */
+};
+/*
- Various values for the opt_hdr_v1->headertype field, describing the
- different types of optional headers. The "secure" header contains
- informations related to secure boot (encryption keys, etc.). The
Thanks, Stefan