[U-Boot] [PATCH v2 1/3] fsl-ppa: Kconfig: Support to load PPA hdr from eMMC/SD and NAND Flash
Add support to load PPA hdr from eMMC/SD and NAND Flash in Kconfig
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com ---
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/Kconfig b/arch/arm/cpu/armv8/fsl-layerscape/Kconfig index 9fb76f0..4c9b6ce 100644 --- a/arch/arm/cpu/armv8/fsl-layerscape/Kconfig +++ b/arch/arm/cpu/armv8/fsl-layerscape/Kconfig @@ -179,12 +179,22 @@ config SYS_LS_PPA_ESBC_ADDR default 0x40740000 if SYS_LS_PPA_FW_IN_XIP && ARCH_LS1046A default 0x40480000 if SYS_LS_PPA_FW_IN_XIP && ARCH_LS1012A default 0x580c40000 if SYS_LS_PPA_FW_IN_XIP && FSL_LSCH3 + default 0x700000 if SYS_LS_PPA_FW_IN_MMC + default 0x700000 if SYS_LS_PPA_FW_IN_NAND help If the PPA header firmware locate at XIP flash, such as NOR or QSPI flash, this address is a directly memory-mapped. If it is in a serial accessed flash, such as NAND and SD card, it is a byte offset.
+config LS_PPA_ESBC_HDR_SIZE + hex "Length of PPA ESBC header" + depends on FSL_LS_PPA && CHAIN_OF_TRUST && !SYS_LS_PPA_FW_IN_XIP + default 0x2000 + help + Length (in bytes) of PPA ESBC header to be copied from MMC/SD or + NAND to memory to validate PPA image. + endmenu
config SYS_FSL_ERRATUM_A010315
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com ---
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/ppa.c | 72 ++++++++++++++++++++++++++++++++- 1 file changed, 70 insertions(+), 2 deletions(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/ppa.c b/arch/arm/cpu/armv8/fsl-layerscape/ppa.c index 7f87bb8..26c47a1 100644 --- a/arch/arm/cpu/armv8/fsl-layerscape/ppa.c +++ b/arch/arm/cpu/armv8/fsl-layerscape/ppa.c @@ -37,13 +37,20 @@ int ppa_init(void) int ret;
#ifdef CONFIG_CHAIN_OF_TRUST - uintptr_t ppa_esbc_hdr = CONFIG_SYS_LS_PPA_ESBC_ADDR; + uintptr_t ppa_esbc_hdr = 0; uintptr_t ppa_img_addr = 0; +#if defined(CONFIG_SYS_LS_PPA_FW_IN_MMC) || \ + defined(CONFIG_SYS_LS_PPA_FW_IN_NAND) + void *ppa_hdr_ddr; +#endif #endif
#ifdef CONFIG_SYS_LS_PPA_FW_IN_XIP ppa_fit_addr = (void *)CONFIG_SYS_LS_PPA_FW_ADDR; debug("%s: PPA image load from XIP\n", __func__); +#ifdef CONFIG_CHAIN_OF_TRUST + ppa_esbc_hdr = CONFIG_SYS_LS_PPA_ESBC_ADDR; +#endif #else /* !CONFIG_SYS_LS_PPA_FW_IN_XIP */ size_t fw_length, fdt_header_len = sizeof(struct fdt_header);
@@ -53,7 +60,7 @@ int ppa_init(void) int dev = CONFIG_SYS_MMC_ENV_DEV; struct fdt_header *fitp; u32 cnt; - u32 blk = CONFIG_SYS_LS_PPA_FW_ADDR / 512; + u32 blk;
debug("%s: PPA image load from eMMC/SD\n", __func__);
@@ -81,6 +88,7 @@ int ppa_init(void) return -ENOMEM; }
+ blk = CONFIG_SYS_LS_PPA_FW_ADDR / 512; cnt = DIV_ROUND_UP(fdt_header_len, 512); debug("%s: MMC read PPA FIT header: dev # %u, block # %u, count %u\n", __func__, dev, blk, cnt); @@ -102,6 +110,29 @@ int ppa_init(void) return ret; }
+#ifdef CONFIG_CHAIN_OF_TRUST + ppa_hdr_ddr = malloc(CONFIG_LS_PPA_ESBC_HDR_SIZE); + if (!ppa_hdr_ddr) { + printf("PPA: malloc failed for PPA header\n"); + return -ENOMEM; + } + + blk = CONFIG_SYS_LS_PPA_ESBC_ADDR >> 9; + cnt = DIV_ROUND_UP(CONFIG_LS_PPA_ESBC_HDR_SIZE, 512); + ret = mmc->block_dev.block_read(&mmc->block_dev, blk, cnt, ppa_hdr_ddr); + if (ret != cnt) { + free(ppa_hdr_ddr); + printf("MMC/SD read of PPA header failed\n"); + return -EIO; + } + debug("Read PPA header to 0x%p\n", ppa_hdr_ddr); + + /* flush cache after read */ + flush_cache((ulong)ppa_hdr_ddr, cnt * 512); + + ppa_esbc_hdr = (uintptr_t)ppa_hdr_ddr; +#endif + fw_length = fdt_totalsize(fitp); free(fitp);
@@ -113,6 +144,7 @@ int ppa_init(void) return -ENOMEM; }
+ blk = CONFIG_SYS_LS_PPA_FW_ADDR / 512; cnt = DIV_ROUND_UP(fw_length, 512); debug("%s: MMC read PPA FIT image: dev # %u, block # %u, count %u\n", __func__, dev, blk, cnt); @@ -148,6 +180,31 @@ int ppa_init(void) return ret; }
+#ifdef CONFIG_CHAIN_OF_TRUST + ppa_hdr_ddr = malloc(CONFIG_LS_PPA_ESBC_HDR_SIZE); + if (!ppa_hdr_ddr) { + printf("PPA: malloc failed for PPA header\n"); + return -ENOMEM; + } + + fw_length = CONFIG_LS_PPA_ESBC_HDR_SIZE; + + ret = nand_read(nand_info[0], (loff_t)CONFIG_SYS_LS_PPA_ESBC_ADDR, + &fw_length, (u_char *)ppa_hdr_ddr); + if (ret == -EUCLEAN) { + free(ppa_hdr_ddr); + printf("NAND read of PPA firmware at offset 0x%x failed\n", + CONFIG_SYS_LS_PPA_FW_ADDR); + return -EIO; + } + debug("Read PPA header to 0x%p\n", ppa_hdr_ddr); + + /* flush cache after read */ + flush_cache((ulong)ppa_hdr_ddr, fw_length); + + ppa_esbc_hdr = (uintptr_t)ppa_hdr_ddr; +#endif + fw_length = fdt_totalsize(&fit);
ppa_fit_addr = malloc(fw_length); @@ -177,6 +234,13 @@ int ppa_init(void) #ifdef CONFIG_CHAIN_OF_TRUST ppa_img_addr = (uintptr_t)ppa_fit_addr; if (fsl_check_boot_mode_secure() != 0) { + /* + * In case of failure in validation, fsl_secboot_validate + * would not return back in case of Production environment + * with ITS=1. In Development environment (ITS=0 and + * SB_EN=1), the function may return back in case of + * non-fatal failures. + */ ret = fsl_secboot_validate(ppa_esbc_hdr, PPA_KEY_HASH, &ppa_img_addr); @@ -185,6 +249,10 @@ int ppa_init(void) else printf("PPA validation Successful\n"); } +#if defined(CONFIG_SYS_LS_PPA_FW_IN_MMC) || \ + defined(CONFIG_SYS_LS_PPA_FW_IN_NAND) + free(ppa_hdr_ddr); +#endif #endif
#ifdef CONFIG_FSL_LSCH3
On 04/19/2017 05:16 AM, Sumit Garg wrote:
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/ppa.c | 72 ++++++++++++++++++++++++++++++++- 1 file changed, 70 insertions(+), 2 deletions(-)
<snip>
#ifdef CONFIG_CHAIN_OF_TRUST ppa_img_addr = (uintptr_t)ppa_fit_addr; if (fsl_check_boot_mode_secure() != 0) {
/** In case of failure in validation, fsl_secboot_validate* would not return back in case of Production environment* with ITS=1. In Development environment (ITS=0 and* SB_EN=1), the function may return back in case of* non-fatal failures.*/@@ -185,6 +249,10 @@ int ppa_init(void) else printf("PPA validation Successful\n"); } +#if defined(CONFIG_SYS_LS_PPA_FW_IN_MMC) || \
- defined(CONFIG_SYS_LS_PPA_FW_IN_NAND)
- free(ppa_hdr_ddr);
+#endif #endif
#ifdef CONFIG_FSL_LSCH3
Do we want to return from this function if any error happens with CONFIG_CHAIN_OF_TRUST enabled?
York
-----Original Message----- From: York Sun [mailto:york.sun@nxp.com] Sent: Saturday, April 22, 2017 1:03 AM To: Sumit Garg sumit.garg@nxp.com; u-boot@lists.denx.de Cc: Ruchika Gupta ruchika.gupta@nxp.com; Prabhakar Kushwaha prabhakar.kushwaha@nxp.com; Vini Pillai vinitha.pillai@nxp.com; Udit Agarwal udit.agarwal@nxp.com Subject: Re: [PATCH v2 2/3] fsl: PPA: add support PPA image validation from NAND and SD
On 04/19/2017 05:16 AM, Sumit Garg wrote:
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/ppa.c | 72 ++++++++++++++++++++++++++++++++- 1 file changed, 70 insertions(+), 2 deletions(-)
<snip>
#ifdef CONFIG_CHAIN_OF_TRUST ppa_img_addr = (uintptr_t)ppa_fit_addr; if (fsl_check_boot_mode_secure() != 0) {
/** In case of failure in validation, fsl_secboot_validate* would not return back in case of Production environment* with ITS=1. In Development environment (ITS=0 and* SB_EN=1), the function may return back in case of* non-fatal failures.*/@@ -185,6 +249,10 @@ int ppa_init(void) else printf("PPA validation Successful\n"); } +#if defined(CONFIG_SYS_LS_PPA_FW_IN_MMC) || \
- defined(CONFIG_SYS_LS_PPA_FW_IN_NAND)
- free(ppa_hdr_ddr);
+#endif #endif
#ifdef CONFIG_FSL_LSCH3
Do we want to return from this function if any error happens with CONFIG_CHAIN_OF_TRUST enabled?
York
There are two scenarios in Secure boot validation, either there could be non-fatal or fatal errors. In case of fatal error " fsl_secboot_validate" function will not return. In case of non-fatal error " fsl_secboot_validate" func. will return and booting should continue. So in case of Production environment, all errors are fatal failures so function will not pass control back. But in case of Development environment there is possibility of non-fatal error, so function returns back and booting should continue.
Sumit
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com ---
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 1 + configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 1 + configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 1 + 3 files changed, 3 insertions(+)
diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig index 66c89fa..70f28d8 100644 --- a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig +++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig @@ -10,6 +10,7 @@ CONFIG_SPL_WATCHDOG_SUPPORT=y CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y +CONFIG_FSL_LS_PPA=y CONFIG_OF_BOARD_SETUP=y CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,NAND_BOOT" CONFIG_NAND_BOOT=y diff --git a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig index 3f35d64..5f9b21d 100644 --- a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig +++ b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig @@ -10,6 +10,7 @@ CONFIG_SPL_WATCHDOG_SUPPORT=y CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1043a-rdb" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y +CONFIG_FSL_LS_PPA=y CONFIG_OF_BOARD_SETUP=y CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL,SD_BOOT" CONFIG_SECURE_BOOT=y diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig index a41ec80..1e32023 100644 --- a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig +++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig @@ -3,6 +3,7 @@ CONFIG_TARGET_LS1046ARDB=y CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1046a-rdb" CONFIG_FIT=y CONFIG_FIT_VERBOSE=y +CONFIG_FSL_LS_PPA=y CONFIG_OF_BOARD_SETUP=y CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,SPL_FSL_PBL" CONFIG_SECURE_BOOT=y
On 04/19/2017 05:16 AM, Sumit Garg wrote:
Add support to load PPA hdr from eMMC/SD and NAND Flash in Kconfig
Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Udit Agarwal udit.agarwal@nxp.com Tested-by: Vinitha Pillai vinitha.pillai@nxp.com
Changes in v2: Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+)
This set is applied to fsl-qoriq master with minor change in subject.
York
participants (2)
-
Sumit Garg -
York Sun