Browse Source
This patch is used to implement VAB to support for Agilex5 SoC FPGA. Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com> Change-Id: I421f11225cd549f35f06e87b8ad2c44b716b2a78pull/1999/head
Jit Loon Lim
2 years ago
2 changed files with 214 additions and 0 deletions
@ -0,0 +1,54 @@ |
|||
/*
|
|||
* Copyright (c) 2020-2023, Intel Corporation. All rights reserved. |
|||
* |
|||
* SPDX-License-Identifier: BSD-3-Clause |
|||
*/ |
|||
|
|||
#ifndef SOCFPGA_VAB_H |
|||
#define SOCFPGA_VAB_H |
|||
|
|||
|
|||
#include <stdlib.h> |
|||
#include "socfpga_fcs.h" |
|||
|
|||
struct fcs_hps_vab_certificate_data { |
|||
uint32_t vab_cert_magic_num; /* offset 0x10 */ |
|||
uint32_t flags; |
|||
uint8_t rsvd0_1[8]; |
|||
uint8_t fcs_sha384[FCS_SHA384_WORD_SIZE]; /* offset 0x20 */ |
|||
}; |
|||
|
|||
struct fcs_hps_vab_certificate_header { |
|||
uint32_t cert_magic_num; /* offset 0 */ |
|||
uint32_t cert_data_sz; |
|||
uint32_t cert_ver; |
|||
uint32_t cert_type; |
|||
struct fcs_hps_vab_certificate_data d; /* offset 0x10 */ |
|||
/* keychain starts at offset 0x50 */ |
|||
}; |
|||
|
|||
/* Macros */ |
|||
#define IS_BYTE_ALIGNED(x, a) (((x) & ((typeof(x))(a) - 1)) == 0) |
|||
#define BYTE_ALIGN(x, a) __ALIGN_MASK((x), (typeof(x))(a)-1) |
|||
#define __ALIGN_MASK(x, mask) (((x)+(mask))&~(mask)) |
|||
#define VAB_CERT_HEADER_SIZE sizeof(struct fcs_hps_vab_certificate_header) |
|||
#define VAB_CERT_MAGIC_OFFSET offsetof(struct fcs_hps_vab_certificate_header, d) |
|||
#define VAB_CERT_FIT_SHA384_OFFSET offsetof(struct fcs_hps_vab_certificate_data, fcs_sha384[0]) |
|||
#define SDM_CERT_MAGIC_NUM 0x25D04E7F |
|||
#define CHUNKSZ_PER_WD_RESET (256 * 1024) |
|||
|
|||
/* SHA related return Macro */ |
|||
#define ENOVABIMG 1 /* VAB certificate not available */ |
|||
#define EIMGERR 2 /* Image format/size not valid */ |
|||
#define ETIMEOUT 3 /* Execution timeout */ |
|||
#define EPROCESS 4 /* Process error */ |
|||
#define EKEYREJECTED 5/* Key was rejected by service */ |
|||
|
|||
/* Function Definitions */ |
|||
static size_t get_img_size(uint8_t *img_buf, size_t img_buf_sz); |
|||
int socfpga_vendor_authentication(void **p_image, size_t *p_size); |
|||
static uint32_t get_unaligned_le32(const void *p); |
|||
void sha384_csum_wd(const unsigned char *input, unsigned int ilen, |
|||
unsigned char *output, unsigned int chunk_sz); |
|||
|
|||
#endif |
|||
@ -0,0 +1,160 @@ |
|||
/*
|
|||
* Copyright (c) 2019, ARM Limited and Contributors. All rights reserved. |
|||
* Copyright (c) 2019-2023, Intel Corporation. All rights reserved. |
|||
* |
|||
* SPDX-License-Identifier: BSD-3-Clause |
|||
*/ |
|||
|
|||
#include <assert.h> |
|||
#include <errno.h> |
|||
|
|||
#include <arch_helpers.h> |
|||
#include <common/debug.h> |
|||
#include <common/tbbr/tbbr_img_def.h> |
|||
#include <drivers/delay_timer.h> |
|||
#include <lib/mmio.h> |
|||
#include <lib/utils.h> |
|||
#include <tools_share/firmware_image_package.h> |
|||
|
|||
#include "socfpga_mailbox.h" |
|||
#include "socfpga_vab.h" |
|||
|
|||
static size_t get_img_size(uint8_t *img_buf, size_t img_buf_sz) |
|||
{ |
|||
uint8_t *img_buf_end = img_buf + img_buf_sz; |
|||
uint32_t cert_sz = get_unaligned_le32(img_buf_end - sizeof(uint32_t)); |
|||
uint8_t *p = img_buf_end - cert_sz - sizeof(uint32_t); |
|||
|
|||
/* Ensure p is pointing within the img_buf */ |
|||
if (p < img_buf || p > (img_buf_end - VAB_CERT_HEADER_SIZE)) |
|||
return 0; |
|||
|
|||
if (get_unaligned_le32(p) == SDM_CERT_MAGIC_NUM) |
|||
return (size_t)(p - img_buf); |
|||
|
|||
return 0; |
|||
} |
|||
|
|||
|
|||
|
|||
int socfpga_vendor_authentication(void **p_image, size_t *p_size) |
|||
{ |
|||
int retry_count = 20; |
|||
uint8_t hash384[FCS_SHA384_WORD_SIZE]; |
|||
uint64_t img_addr, mbox_data_addr; |
|||
uint32_t img_sz, mbox_data_sz; |
|||
uint8_t *cert_hash_ptr, *mbox_relocate_data_addr; |
|||
uint32_t resp = 0, resp_len = 1; |
|||
int ret = 0; |
|||
|
|||
img_addr = (uintptr_t)*p_image; |
|||
img_sz = get_img_size((uint8_t *)img_addr, *p_size); |
|||
|
|||
if (!img_sz) { |
|||
NOTICE("VAB certificate not found in image!\n"); |
|||
return -ENOVABIMG; |
|||
} |
|||
|
|||
if (!IS_BYTE_ALIGNED(img_sz, sizeof(uint32_t))) { |
|||
NOTICE("Image size (%d bytes) not aliged to 4 bytes!\n", img_sz); |
|||
return -EIMGERR; |
|||
} |
|||
|
|||
/* Generate HASH384 from the image */ |
|||
/* TODO: This part need to cross check !!!!!! */ |
|||
sha384_csum_wd((uint8_t *)img_addr, img_sz, hash384, CHUNKSZ_PER_WD_RESET); |
|||
cert_hash_ptr = (uint8_t *)(img_addr + img_sz + |
|||
VAB_CERT_MAGIC_OFFSET + VAB_CERT_FIT_SHA384_OFFSET); |
|||
|
|||
/*
|
|||
* Compare the SHA384 found in certificate against the SHA384 |
|||
* calculated from image |
|||
*/ |
|||
if (memcmp(hash384, cert_hash_ptr, FCS_SHA384_WORD_SIZE)) { |
|||
NOTICE("SHA384 does not match!\n"); |
|||
return -EKEYREJECTED; |
|||
} |
|||
|
|||
|
|||
mbox_data_addr = img_addr + img_sz - sizeof(uint32_t); |
|||
/* Size in word (32bits) */ |
|||
mbox_data_sz = (BYTE_ALIGN(*p_size - img_sz, sizeof(uint32_t))) >> 2; |
|||
|
|||
NOTICE("mbox_data_addr = %lx mbox_data_sz = %d\n", mbox_data_addr, mbox_data_sz); |
|||
|
|||
/* TODO: This part need to cross check !!!!!! */ |
|||
// mbox_relocate_data_addr = (uint8_t *)malloc(mbox_data_sz * sizeof(uint32_t));
|
|||
// if (!mbox_relocate_data_addr) {
|
|||
// NOTICE("Cannot allocate memory for VAB certificate relocation!\n");
|
|||
// return -ENOMEM;
|
|||
// }
|
|||
|
|||
memcpy(mbox_relocate_data_addr, (uint8_t *)mbox_data_addr, mbox_data_sz * sizeof(uint32_t)); |
|||
*(uint32_t *)mbox_relocate_data_addr = 0; |
|||
|
|||
do { |
|||
/* Invoke SMC call to ATF to send the VAB certificate to SDM */ |
|||
ret = mailbox_send_cmd(MBOX_JOB_ID, MBOX_CMD_VAB_SRC_CERT, |
|||
(uint32_t *)mbox_relocate_data_addr, mbox_data_sz, 0, &resp, &resp_len); |
|||
|
|||
/* If SDM is not available, just delay 50ms and retry again */ |
|||
/* 0x1FF = The device is busy */ |
|||
if (ret == MBOX_RESP_ERR(0x1FF)) { |
|||
mdelay(50); |
|||
} else { |
|||
break; |
|||
} |
|||
} while (--retry_count); |
|||
|
|||
/* Free the relocate certificate memory space */ |
|||
zeromem((void *)&mbox_relocate_data_addr, sizeof(uint32_t)); |
|||
|
|||
|
|||
/* Exclude the size of the VAB certificate from image size */ |
|||
*p_size = img_sz; |
|||
|
|||
if (ret) { |
|||
/*
|
|||
* Unsupported mailbox command or device not in the |
|||
* owned/secure state |
|||
*/ |
|||
/* 0x85 = Not allowed under current security setting */ |
|||
if (ret == MBOX_RESP_ERR(0x85)) { |
|||
/* SDM bypass authentication */ |
|||
NOTICE("Image Authentication bypassed at address\n"); |
|||
return 0; |
|||
} |
|||
NOTICE("VAB certificate authentication failed in SDM\n"); |
|||
/* 0x1FF = The device is busy */ |
|||
if (ret == MBOX_RESP_ERR(0x1FF)) { |
|||
NOTICE("Operation timed out\n"); |
|||
return -ETIMEOUT; |
|||
} else if (ret == MBOX_WRONG_ID) { |
|||
NOTICE("No such process\n"); |
|||
return -EPROCESS; |
|||
} |
|||
} else { |
|||
/* If Certificate Process Status has error */ |
|||
if (resp) { |
|||
NOTICE("VAB certificate execution format error\n"); |
|||
return -EIMGERR; |
|||
} |
|||
} |
|||
|
|||
NOTICE("Image Authentication bypassed at address\n"); |
|||
return ret; |
|||
|
|||
} |
|||
|
|||
static uint32_t get_unaligned_le32(const void *p) |
|||
{ |
|||
/* TODO: Temp for testing */ |
|||
//return le32_to_cpup((__le32 *)p);
|
|||
return 0; |
|||
} |
|||
|
|||
void sha384_csum_wd(const unsigned char *input, unsigned int ilen, |
|||
unsigned char *output, unsigned int chunk_sz) |
|||
{ |
|||
/* TODO: Update sha384 start, update and finish */ |
|||
} |
|||
Loading…
Reference in new issue