brain-hackers_pepepper-mirror/u-boot-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/u-boot-brain synced 2024-08-07 02:33:44 +09:00
Code Issues Projects Releases Wiki Activity
c8ac644979
u-boot-brain/arch/arm/imx-common/spl.c
Sven Ebenfeld 15b505b055 arm: imx: add HAB authentication of image to SPL boot 
When using HAB as secure boot mechanism on Wandboard, the chain of
trust breaks immediately after the SPL. As this is not checking
the authenticity of the loaded image before jumping to it.

The HAB status output will not be implemented in SPL as it adds
a lot of strings that are only required in debug cases. With those
it exceeds the maximum size of the available OCRAM (69 KiB).

The SPL MISC driver support must be enabled, so that the driver can use OTP fuse
to check if HAB is enabled.

Cc: sbabic@denx.de

v2-Changes: None

Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
2017-01-02 17:04:38 +01:00

118 lines
2.9 KiB
C
Raw Blame History

/*
* Copyright (C) 2014 Gateworks Corporation
* Copyright (C) 2011-2012 Freescale Semiconductor, Inc.
*
* Author: Tim Harvey <tharvey@gateworks.com>
*
* SPDX-License-Identifier: GPL-2.0+
*/
#include <common.h>
#include <asm/io.h>
#include <asm/arch/imx-regs.h>
#include <asm/spl.h>
#include <spl.h>
#include <asm/imx-common/hab.h>
#if defined(CONFIG_MX6)
/* determine boot device from SRC_SBMR1 (BOOT_CFG[4:1]) or SRC_GPR9 register */
u32 spl_boot_device(void)
{
struct src *psrc = (struct src *)SRC_BASE_ADDR;
unsigned int gpr10_boot = readl(&psrc->gpr10) & (1 << 28);
unsigned reg = gpr10_boot ? readl(&psrc->gpr9) : readl(&psrc->sbmr1);
unsigned int bmode = readl(&psrc->sbmr2);
/*
* Check for BMODE if serial downloader is enabled
* BOOT_MODE - see IMX6DQRM Table 8-1
*/
if ((((bmode >> 24) & 0x03) == 0x01) || /* Serial Downloader */
(gpr10_boot && (reg == 1)))
return BOOT_DEVICE_UART;
/* BOOT_CFG1[7:4] - see IMX6DQRM Table 8-8 */
switch ((reg & 0x000000FF) >> 4) {
/* EIM: See 8.5.1, Table 8-9 */
case 0x0:
/* BOOT_CFG1[3]: NOR/OneNAND Selection */
if ((reg & 0x00000008) >> 3)
return BOOT_DEVICE_ONENAND;
else
return BOOT_DEVICE_NOR;
break;
/* SATA: See 8.5.4, Table 8-20 */
case 0x2:
return BOOT_DEVICE_SATA;
/* Serial ROM: See 8.5.5.1, Table 8-22 */
case 0x3:
/* BOOT_CFG4[2:0] */
switch ((reg & 0x07000000) >> 24) {
case 0x0 ... 0x4:
return BOOT_DEVICE_SPI;
case 0x5 ... 0x7:
return BOOT_DEVICE_I2C;
}
break;
/* SD/eSD: 8.5.3, Table 8-15 */
case 0x4:
case 0x5:
return BOOT_DEVICE_MMC1;
/* MMC/eMMC: 8.5.3 */
case 0x6:
case 0x7:
return BOOT_DEVICE_MMC1;
/* NAND Flash: 8.5.2 */
case 0x8 ... 0xf:
return BOOT_DEVICE_NAND;
}
return BOOT_DEVICE_NONE;
}
#endif
#if defined(CONFIG_SPL_MMC_SUPPORT)
/* called from spl_mmc to see type of boot mode for storage (RAW or FAT) */
u32 spl_boot_mode(const u32 boot_device)
{
switch (spl_boot_device()) {
/* for MMC return either RAW or FAT mode */
case BOOT_DEVICE_MMC1:
case BOOT_DEVICE_MMC2:
#if defined(CONFIG_SPL_FAT_SUPPORT)
return MMCSD_MODE_FS;
#elif defined(CONFIG_SUPPORT_EMMC_BOOT)
return MMCSD_MODE_EMMCBOOT;
#else
return MMCSD_MODE_RAW;
#endif
break;
default:
puts("spl: ERROR: unsupported device\n");
hang();
}
}
#endif
#if defined(CONFIG_SECURE_BOOT)
__weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image)
{
typedef void __noreturn (*image_entry_noargs_t)(void);
image_entry_noargs_t image_entry =
(image_entry_noargs_t)(unsigned long)spl_image->entry_point;
debug("image entry point: 0x%X\n", spl_image->entry_point);
/* HAB looks for the CSF at the end of the authenticated data therefore,
* we need to subtract the size of the CSF from the actual filesize */
if (authenticate_image(spl_image->load_addr,
spl_image->size - CONFIG_CSF_SIZE)) {
image_entry();
} else {
puts("spl: ERROR: image authentication unsuccessful\n");
hang();
}
}
#endif
Reference in New Issue View Git Blame Copy Permalink