Commit a1b6b0a9 authored by Mario Six's avatar Mario Six Committed by Stefan Roese

arm: mvebu: Implement secure boot

The patch implements secure booting for the mvebu architecture.

This includes:
- The addition of secure headers and all needed signatures and keys in
  mkimage
- Commands capable of writing the board's efuses to both write the
  needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
  commands to write the efuses

The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.
Signed-off-by: 's avatarReinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: 's avatarMario Six <mario.six@gdsys.cc>
Reviewed-by: 's avatarStefan Roese <sr@denx.de>
Reviewed-by: 's avatarSimon Glass <sjg@chromium.org>
Signed-off-by: 's avatarStefan Roese <sr@denx.de>
parent 4991b4f7
......@@ -957,7 +957,8 @@ MKIMAGEFLAGS_u-boot.kwb = -n $(srctree)/$(CONFIG_SYS_KWD_CONFIG:"%"=%) \
-T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE)
MKIMAGEFLAGS_u-boot-spl.kwb = -n $(srctree)/$(CONFIG_SYS_KWD_CONFIG:"%"=%) \
-T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE)
-T kwbimage -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE) \
$(if $(KEYDIR),-k $(KEYDIR))
MKIMAGEFLAGS_u-boot.pbl = -n $(srctree)/$(CONFIG_SYS_FSL_PBL_RCW:"%"=%) \
-R $(srctree)/$(CONFIG_SYS_FSL_PBL_PBI:"%"=%) -T pblimage
......
if ARCH_MVEBU
config HAVE_MVEBU_EFUSE
bool
default n
config ARMADA_32BIT
bool
select CPU_V7
......@@ -23,6 +27,7 @@ config ARMADA_375
config ARMADA_38X
bool
select ARMADA_32BIT
select HAVE_MVEBU_EFUSE
config ARMADA_XP
bool
......@@ -146,4 +151,34 @@ config SYS_VENDOR
config SYS_SOC
default "mvebu"
config MVEBU_EFUSE
bool "Enable eFuse support"
default n
depends on HAVE_MVEBU_EFUSE
help
Enable support for reading and writing eFuses on mvebu SoCs.
config MVEBU_EFUSE_FAKE
bool "Fake eFuse access (dry run)"
default n
depends on MVEBU_EFUSE
help
This enables a "dry run" mode where eFuses are not really programmed.
Instead the eFuse accesses are emulated by writing to and reading
from a memory block.
This is can be used for testing prog scripts.
config SECURED_MODE_IMAGE
bool "Build image for trusted boot"
default false
depends on 88F6820
help
Build an image that employs the ARMADA SoC's trusted boot framework
for securely booting images.
config SECURED_MODE_CSK_INDEX
int "Index of active CSK"
default 0
depends on SECURED_MODE_IMAGE
endif
......@@ -27,6 +27,7 @@ ifndef CONFIG_SPL_BUILD
obj-$(CONFIG_ARMADA_375) += ../../../drivers/ddr/marvell/axp/xor.o
obj-$(CONFIG_ARMADA_38X) += ../../../drivers/ddr/marvell/a38x/xor.o
obj-$(CONFIG_ARMADA_XP) += ../../../drivers/ddr/marvell/axp/xor.o
obj-$(CONFIG_MVEBU_EFUSE) += efuse.o
endif # CONFIG_SPL_BUILD
obj-y += gpio.o
obj-y += mbus.o
......
/*
* Copyright (C) 2015-2016 Reinhard Pfau <reinhard.pfau@gdsys.cc>
*
* SPDX-License-Identifier: GPL-2.0+
*/
#include <config.h>
#include <common.h>
#include <errno.h>
#include <asm/io.h>
#include <asm/arch/cpu.h>
#include <asm/arch/efuse.h>
#include <asm/arch/soc.h>
#include <linux/mbus.h>
#if defined(CONFIG_MVEBU_EFUSE_FAKE)
#define DRY_RUN
#else
#undef DRY_RUN
#endif
#define MBUS_EFUSE_BASE 0xF6000000
#define MBUS_EFUSE_SIZE BIT(20)
#define MVEBU_EFUSE_CONTROL (MVEBU_REGISTER(0xE4008))
enum {
MVEBU_EFUSE_CTRL_PROGRAM_ENABLE = (1 << 31),
};
struct mvebu_hd_efuse {
u32 bits_31_0;
u32 bits_63_32;
u32 bit64;
u32 reserved0;
};
#ifndef DRY_RUN
static struct mvebu_hd_efuse *efuses =
(struct mvebu_hd_efuse *)(MBUS_EFUSE_BASE + 0xF9000);
#else
static struct mvebu_hd_efuse efuses[EFUSE_LINE_MAX + 1];
#endif
static int efuse_initialised;
static struct mvebu_hd_efuse *get_efuse_line(int nr)
{
if (nr < 0 || nr > 63 || !efuse_initialised)
return NULL;
return efuses + nr;
}
static void enable_efuse_program(void)
{
#ifndef DRY_RUN
setbits_le32(MVEBU_EFUSE_CONTROL, MVEBU_EFUSE_CTRL_PROGRAM_ENABLE);
#endif
}
static void disable_efuse_program(void)
{
#ifndef DRY_RUN
clrbits_le32(MVEBU_EFUSE_CONTROL, MVEBU_EFUSE_CTRL_PROGRAM_ENABLE);
#endif
}
static int do_prog_efuse(struct mvebu_hd_efuse *efuse,
struct efuse_val *new_val, u32 mask0, u32 mask1)
{
struct efuse_val val;
val.dwords.d[0] = readl(&efuse->bits_31_0);
val.dwords.d[1] = readl(&efuse->bits_63_32);
val.lock = readl(&efuse->bit64);
if (val.lock & 1)
return -EPERM;
val.dwords.d[0] |= (new_val->dwords.d[0] & mask0);
val.dwords.d[1] |= (new_val->dwords.d[1] & mask1);
val.lock |= new_val->lock;
writel(val.dwords.d[0], &efuse->bits_31_0);
mdelay(1);
writel(val.dwords.d[1], &efuse->bits_63_32);
mdelay(1);
writel(val.lock, &efuse->bit64);
mdelay(5);
return 0;
}
static int prog_efuse(int nr, struct efuse_val *new_val, u32 mask0, u32 mask1)
{
struct mvebu_hd_efuse *efuse;
int res = 0;
res = mvebu_efuse_init_hw();
if (res)
return res;
efuse = get_efuse_line(nr);
if (!efuse)
return -ENODEV;
if (!new_val)
return -EINVAL;
/* only write a fuse line with lock bit */
if (!new_val->lock)
return -EINVAL;
/* according to specs ECC protection bits must be 0 on write */
if (new_val->bytes.d[7] & 0xFE)
return -EINVAL;
if (!new_val->dwords.d[0] && !new_val->dwords.d[1] && (mask0 | mask1))
return 0;
enable_efuse_program();
res = do_prog_efuse(efuse, new_val, mask0, mask1);
disable_efuse_program();
return res;
}
int mvebu_efuse_init_hw(void)
{
int ret;
if (efuse_initialised)
return 0;
ret = mvebu_mbus_add_window_by_id(
CPU_TARGET_SATA23_DFX, 0xA, MBUS_EFUSE_BASE, MBUS_EFUSE_SIZE);
if (ret)
return ret;
efuse_initialised = 1;
return 0;
}
int mvebu_read_efuse(int nr, struct efuse_val *val)
{
struct mvebu_hd_efuse *efuse;
int res;
res = mvebu_efuse_init_hw();
if (res)
return res;
efuse = get_efuse_line(nr);
if (!efuse)
return -ENODEV;
if (!val)
return -EINVAL;
val->dwords.d[0] = readl(&efuse->bits_31_0);
val->dwords.d[1] = readl(&efuse->bits_63_32);
val->lock = readl(&efuse->bit64);
return 0;
}
int mvebu_write_efuse(int nr, struct efuse_val *val)
{
return prog_efuse(nr, val, ~0, ~0);
}
int mvebu_lock_efuse(int nr)
{
struct efuse_val val = {
.lock = 1,
};
return prog_efuse(nr, &val, 0, 0);
}
/*
* wrapper funcs providing the fuse API
*
* we use the following mapping:
* "bank" -> eFuse line
* "word" -> 0: bits 0-31
* 1: bits 32-63
* 2: bit 64 (lock)
*/
static struct efuse_val prog_val;
static int valid_prog_words;
int fuse_read(u32 bank, u32 word, u32 *val)
{
struct efuse_val fuse_line;
int res;
if (bank < EFUSE_LINE_MIN || bank > EFUSE_LINE_MAX || word > 2)
return -EINVAL;
res = mvebu_read_efuse(bank, &fuse_line);
if (res)
return res;
if (word < 2)
*val = fuse_line.dwords.d[word];
else
*val = fuse_line.lock;
return res;
}
int fuse_sense(u32 bank, u32 word, u32 *val)
{
/* not supported */
return -ENOSYS;
}
int fuse_prog(u32 bank, u32 word, u32 val)
{
int res = 0;
/*
* NOTE: Fuse line should be written as whole.
* So how can we do that with this API?
* For now: remember values for word == 0 and word == 1 and write the
* whole line when word == 2.
* This implies that we always require all 3 fuse prog cmds (one for
* for each word) to write a single fuse line.
* Exception is a single write to word 2 which will lock the fuse line.
*
* Hope that will be OK.
*/
if (bank < EFUSE_LINE_MIN || bank > EFUSE_LINE_MAX || word > 2)
return -EINVAL;
if (word < 2) {
prog_val.dwords.d[word] = val;
valid_prog_words |= (1 << word);
} else if ((valid_prog_words & 3) == 0 && val) {
res = mvebu_lock_efuse(bank);
valid_prog_words = 0;
} else if ((valid_prog_words & 3) != 3 || !val) {
res = -EINVAL;
} else {
prog_val.lock = val != 0;
res = mvebu_write_efuse(bank, &prog_val);
valid_prog_words = 0;
}
return res;
}
int fuse_override(u32 bank, u32 word, u32 val)
{
/* not supported */
return -ENOSYS;
}
......@@ -36,7 +36,9 @@ enum cpu_target {
CPU_TARGET_ETH01 = 0x7,
CPU_TARGET_PCIE13 = 0x8,
CPU_TARGET_SASRAM = 0x9,
CPU_TARGET_SATA01 = 0xa, /* A38X */
CPU_TARGET_NAND = 0xd,
CPU_TARGET_SATA23_DFX = 0xe, /* A38X */
};
enum cpu_attrib {
......
/*
* Copyright (C) 2015 Reinhard Pfau <reinhard.pfau@gdsys.cc>
*
* SPDX-License-Identifier: GPL-2.0+
*/
#ifndef _MVEBU_EFUSE_H
#define _MVEBU_EFUSE_H
#include <common.h>
struct efuse_val {
union {
struct {
u8 d[8];
} bytes;
struct {
u16 d[4];
} words;
struct {
u32 d[2];
} dwords;
};
u32 lock;
};
#if defined(CONFIG_ARMADA_38X)
enum efuse_line {
EFUSE_LINE_SECURE_BOOT = 24,
EFUSE_LINE_PUBKEY_DIGEST_0 = 26,
EFUSE_LINE_PUBKEY_DIGEST_1 = 27,
EFUSE_LINE_PUBKEY_DIGEST_2 = 28,
EFUSE_LINE_PUBKEY_DIGEST_3 = 29,
EFUSE_LINE_PUBKEY_DIGEST_4 = 30,
EFUSE_LINE_CSK_0_VALID = 31,
EFUSE_LINE_CSK_1_VALID = 32,
EFUSE_LINE_CSK_2_VALID = 33,
EFUSE_LINE_CSK_3_VALID = 34,
EFUSE_LINE_CSK_4_VALID = 35,
EFUSE_LINE_CSK_5_VALID = 36,
EFUSE_LINE_CSK_6_VALID = 37,
EFUSE_LINE_CSK_7_VALID = 38,
EFUSE_LINE_CSK_8_VALID = 39,
EFUSE_LINE_CSK_9_VALID = 40,
EFUSE_LINE_CSK_10_VALID = 41,
EFUSE_LINE_CSK_11_VALID = 42,
EFUSE_LINE_CSK_12_VALID = 43,
EFUSE_LINE_CSK_13_VALID = 44,
EFUSE_LINE_CSK_14_VALID = 45,
EFUSE_LINE_CSK_15_VALID = 46,
EFUSE_LINE_FLASH_ID = 47,
EFUSE_LINE_BOX_ID = 48,
EFUSE_LINE_MIN = 0,
EFUSE_LINE_MAX = 63,
};
#endif
int mvebu_efuse_init_hw(void);
int mvebu_read_efuse(int nr, struct efuse_val *val);
int mvebu_write_efuse(int nr, struct efuse_val *val);
int mvebu_lock_efuse(int nr);
#endif
This diff is collapsed.
......@@ -142,8 +142,12 @@ ifdef CONFIG_SYS_U_BOOT_OFFS
HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS)
endif
ifneq ($(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X),)
HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE
endif
# MXSImage needs LibSSL
ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_FIT_SIGNATURE),)
ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE),)
HOSTLOADLIBES_mkimage += \
$(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto")
......
This diff is collapsed.
......@@ -113,6 +113,43 @@ struct opt_hdr_v1 {
char data[0];
};
/*
* Public Key data in DER format
*/
struct pubkey_der_v1 {
uint8_t key[524];
};
/*
* Signature (RSA 2048)
*/
struct sig_v1 {
uint8_t sig[256];
};
/*
* Structure of secure header (Armada 38x)
*/
struct secure_hdr_v1 {
uint8_t headertype; /* 0x0 */
uint8_t headersz_msb; /* 0x1 */
uint16_t headersz_lsb; /* 0x2 - 0x3 */
uint32_t reserved1; /* 0x4 - 0x7 */
struct pubkey_der_v1 kak; /* 0x8 - 0x213 */
uint8_t jtag_delay; /* 0x214 */
uint8_t reserved2; /* 0x215 */
uint16_t reserved3; /* 0x216 - 0x217 */
uint32_t boxid; /* 0x218 - 0x21B */
uint32_t flashid; /* 0x21C - 0x21F */
struct sig_v1 hdrsig; /* 0x220 - 0x31F */
struct sig_v1 imgsig; /* 0x320 - 0x41F */
struct pubkey_der_v1 csk[16]; /* 0x420 - 0x24DF */
struct sig_v1 csksig; /* 0x24E0 - 0x25DF */
uint8_t next; /* 0x25E0 */
uint8_t reserved4; /* 0x25E1 */
uint16_t reserved5; /* 0x25E2 - 0x25E3 */
};
/*
* Various values for the opt_hdr_v1->headertype field, describing the
* different types of optional headers. The "secure" header contains
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment