1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
// SPDX-License-Identifier: GPL-2.0
/*
* Copyright (C) 2020 Intel Corporation <www.intel.com>
*
*/
#include <asm/arch/mailbox_s10.h>
#include <asm/arch/secure_vab.h>
#include <asm/arch/smc_api.h>
#include <asm/unaligned.h>
#include <common.h>
#include <exports.h>
#include <linux/errno.h>
#include <linux/intel-smc.h>
#include <log.h>
#define CHUNKSZ_PER_WD_RESET (256 * SZ_1K)
/*
* Read the length of the VAB certificate from the end of image
* and calculate the actual image size (excluding the VAB certificate).
*/
static size_t get_img_size(u8 *img_buf, size_t img_buf_sz)
{
u8 *img_buf_end = img_buf + img_buf_sz;
u32 cert_sz = get_unaligned_le32(img_buf_end - sizeof(u32));
u8 *p = img_buf_end - cert_sz - sizeof(u32);
/* Ensure p is pointing within the img_buf */
if (p < img_buf || p > (img_buf_end - VAB_CERT_HEADER_SIZE))
return 0;
if (get_unaligned_le32(p) == SDM_CERT_MAGIC_NUM)
return (size_t)(p - img_buf);
return 0;
}
/*
* Vendor Authorized Boot (VAB) is a security feature for authenticating
* the images such as U-Boot, ARM trusted Firmware, Linux kernel,
* device tree blob and etc loaded from FIT. User can also trigger
* the VAB authentication from U-Boot command.
*
* This function extracts the VAB certificate and signature block
* appended at the end of the image, then send to Secure Device Manager
* (SDM) for authentication. This function will validate the SHA384
* of the image against the SHA384 hash stored in the VAB certificate
* before sending the VAB certificate to SDM for authentication.
*
* RETURN
* 0 if authentication success or
* if authentication is not required and bypassed on a non-secure device
* negative error code if authentication fail
*/
int socfpga_vendor_authentication(void **p_image, size_t *p_size)
{
int retry_count = 20;
u8 hash384[SHA384_SUM_LEN];
u64 img_addr, mbox_data_addr;
size_t img_sz, mbox_data_sz;
u8 *cert_hash_ptr, *mbox_relocate_data_addr;
u32 resp = 0, resp_len = 1;
int ret;
img_addr = (uintptr_t)*p_image;
debug("Authenticating image at address 0x%016llx (%ld bytes)\n",
img_addr, *p_size);
img_sz = get_img_size((u8 *)img_addr, *p_size);
debug("img_sz = %ld\n", img_sz);
if (!img_sz) {
puts("VAB certificate not found in image!\n");
return -ENOKEY;
}
if (!IS_ALIGNED(img_sz, sizeof(u32))) {
printf("Image size (%ld bytes) not aliged to 4 bytes!\n",
img_sz);
return -EBFONT;
}
/* Generate HASH384 from the image */
sha384_csum_wd((u8 *)img_addr, img_sz, hash384, CHUNKSZ_PER_WD_RESET);
cert_hash_ptr = (u8 *)(img_addr + img_sz + VAB_CERT_MAGIC_OFFSET +
VAB_CERT_FIT_SHA384_OFFSET);
/*
* Compare the SHA384 found in certificate against the SHA384
* calculated from image
*/
if (memcmp(hash384, cert_hash_ptr, SHA384_SUM_LEN)) {
puts("SHA384 not match!\n");
return -EKEYREJECTED;
}
mbox_data_addr = img_addr + img_sz - sizeof(u32);
/* Size in word (32bits) */
mbox_data_sz = (ALIGN(*p_size - img_sz, sizeof(u32))) >> 2;
debug("mbox_data_addr = 0x%016llx\n", mbox_data_addr);
debug("mbox_data_sz = %ld words\n", mbox_data_sz);
/*
* Relocate certificate to first memory block before trigger SMC call
* to send mailbox command because ATF only able to access first
* memory block.
*/
mbox_relocate_data_addr = (u8 *)malloc(mbox_data_sz * sizeof(u32));
if (!mbox_relocate_data_addr) {
puts("Out of memory for VAB certificate relocation!\n");
return -ENOMEM;
}
memcpy(mbox_relocate_data_addr, (u8 *)mbox_data_addr, mbox_data_sz * sizeof(u32));
*(u32 *)mbox_relocate_data_addr = 0;
debug("mbox_relocate_data_addr = 0x%p\n", mbox_relocate_data_addr);
do {
if (!IS_ENABLED(CONFIG_SPL_BUILD) && IS_ENABLED(CONFIG_SPL_ATF)) {
/* Invoke SMC call to ATF to send the VAB certificate to SDM */
ret = smc_send_mailbox(MBOX_VAB_SRC_CERT, mbox_data_sz,
(u32 *)mbox_relocate_data_addr, 0, &resp_len,
&resp);
} else {
/* Send the VAB certficate to SDM for authentication */
ret = mbox_send_cmd(MBOX_ID_UBOOT, MBOX_VAB_SRC_CERT,
MBOX_CMD_DIRECT, mbox_data_sz,
(u32 *)mbox_relocate_data_addr, 0, &resp_len,
&resp);
}
/* If SDM is not available, just delay 50ms and retry again */
if (ret == MBOX_RESP_DEVICE_BUSY)
mdelay(50);
else
break;
} while (--retry_count);
/* Free the relocate certificate memory space */
free(mbox_relocate_data_addr);
/* Exclude the size of the VAB certificate from image size */
*p_size = img_sz;
debug("ret = 0x%08x, resp = 0x%08x, resp_len = %d\n", ret, resp,
resp_len);
if (ret) {
/*
* Unsupported mailbox command or device not in the
* owned/secure state
*/
if (ret == MBOX_RESP_NOT_ALLOWED_UNDER_SECURITY_SETTINGS) {
/* SDM bypass authentication */
printf("%s 0x%016llx (%ld bytes)\n",
"Image Authentication bypassed at address",
img_addr, img_sz);
return 0;
}
puts("VAB certificate authentication failed in SDM");
if (ret == MBOX_RESP_DEVICE_BUSY) {
puts(" (SDM busy timeout)\n");
return -ETIMEDOUT;
} else if (ret == MBOX_RESP_UNKNOWN) {
puts(" (Not supported)\n");
return -ESRCH;
}
puts("\n");
return -EKEYREJECTED;
} else {
/* If Certificate Process Status has error */
if (resp) {
puts("VAB certificate process failed\n");
return -ENOEXEC;
}
}
printf("%s 0x%016llx (%ld bytes)\n",
"Image Authentication passed at address", img_addr, img_sz);
return 0;
}
|