- 09 4月, 2021 7 次提交
-
-
由 Peng Fan 提交于
Update doc after switch to binman to pack images Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Peng Fan 提交于
Use binman to pack images Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
Previous patch "MLK-18044-4: crypto: caam: Fix pointer size to 32bit for i.MX8M" breaks the 64 bits CAAM. Since i.MX CAAM are all 32 bits no matter the ARM arch (32 or 64), to adapt and not break 64 bits CAAM support, add a new config CONFIG_CAAM_64BIT and new relevant type "caam_dma_addr_t". This config is default enabled when CONFIG_PHYS_64BIT is set except for iMX8M. Signed-off-by: NYe Li <ye.li@nxp.com> Reviewed-by: NHoria Geantă <horia.geanta@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
The signature is generated using manufacturing protection private key. Fix typo in fsl_mfgprot.c. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Clement Faure 提交于
Add DEK encapsulation support for imx8. The DEK blob is generated by the SECO through the SCFW API. Signed-off-by: NClement Faure <clement.faure@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Clement Faure 提交于
Add DEK blob encapsulation support for IMX8M through "dek_blob" command. On ARMv8, u-boot runs in non-secure, thus cannot encapsulate a DEK blob for encrypted boot. The DEK blob is encapsulated by OP-TEE through a trusted application call. U-boot sends and receives the DEK and the DEK blob binaries through OP-TEE dynamic shared memory. To enable the DEK blob encapsulation, add to the defconfig: CONFIG_SECURE_BOOT=y CONFIG_FAT_WRITE=y CONFIG_CMD_DEKBLOB=y Signed-off-by: NClement Faure <clement.faure@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Clement Le Marquis 提交于
It is highly recommended to set the PRIBLOB bitfield to 0x3 once your encrypted boot image has booted up, this prevents the generation of new blobs that can be used to decrypt an encrypted boot image. The PRIBLOB is a sticky type bit and cannot be changed until the next power on reset. Add the set_priblob_bitfield U-Boot command to prevent the generation of new blobs. Signed-off-by: NClement Le Marquis <clement.lemarquis@nxp.com> Acked-by: NYe Li <Ye.Li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
- 08 4月, 2021 33 次提交
-
-
由 Aymen Sghaier 提交于
In i.MX8M platforms the secure memory block has a newer version than those used in i.MX6/7 platforms, this patch update the driver to use the correct registers offsets. Signed-off-by: NAymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Aymen Sghaier 提交于
The CAAM block used in i.MX8M is 32 bits address size but when the flag PHYS_64BIT is enabled for armv8, the CAAM driver will try to use a wrong pointer size. This patch fixes this issue. Signed-off-by: NAymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Aymen Sghaier 提交于
This patch enable blob command for mScale platforms. Signed-off-by: NAymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Aymen Sghaier 提交于
Enabling CAAM driver for i.MX8M platforms, a 64 bits architecture, lead to casting warnings: from/to pointer to/from integer with different size. This patch fix these warnings Signed-off-by: NAymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Aymen Sghaier 提交于
This patch enable CAAM support for i.MX8M platforms. Signed-off-by: NAymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Franck LENORMAND 提交于
Signed-off-by: NFranck LENORMAND <franck.lenormand@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Franck LENORMAND 提交于
Signed-off-by: NFranck LENORMAND <franck.lenormand@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Franck LENORMAND 提交于
Signed-off-by: NFranck LENORMAND <franck.lenormand@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
U-Boot can instantiate CAAM RNG if needed by crypto operations. Call sec_init() prior running a blob operation to ensure RNG is correctly instantiated. Make sure CAAM clock is enabled and check if a job ring is available for that operation. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
In order to build CMD_BLOB on i.MX CAAM supported devices it's necessary to select IMX_HAB. Add IMX_HAB and CAAM supported SoCs as dependency. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
Since commit 8891410c729b ("MLK-19848 mx6dq: Fix chip version issue for rev1.3") it's not possible to call the HAB API functions on i.MX6DQ SoC Rev 1.3: Authenticate image from DDR location 0x12000000... undefined instruction pc : [<412c00dc>] lr : [<8ff560bc>] reloc pc : [<c8b6d0dc>] lr : [<178030bc>] sp : 8ef444a8 ip : 126e8068 fp : 8ff59aa8 r10: 8ffd51e4 r9 : 8ef50eb0 r8 : 006e8000 r7 : 00000000 r6 : 126ea01f r5 : 0000002b r4 : 126e8000 r3 : 412c00dd r2 : 00000001 r1 : 00000001 r0 : 00000063 Flags: nzCv IRQs off FIQs off Mode SVC_32 Resetting CPU ... resetting ... The hab.h code is defining the HAB API base address according to the old SoC revision number, thus failing when calling the HAB API authenticate_image() function. Fix this issue by using mx6dq rev 1.3 instead of mx6dq rev 1.5. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
Since cmd_dek is using CAAM JR, so enable the CMD_DEK only when HAS_CAAM is set Signed-off-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
Add some SOC level codes and build configurations to use HAB lib for CONFIG_IMX_HAB (secure boot), like adding the SEC_CONFIG fuse, enable fuse driver, CAAM clock function, and add CAAM secure RAM to MMU table. The FSL_CAAM is temporally not enabled for iMX8M when CONFIG_IMX_HAB is set, because we don't need the CAAM driver for SPL. Signed-off-by: NYe Li <ye.li@nxp.com> Reviewed-by: NPeng Fan <peng.fan@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
The blob command is not working on i.MX7D, i.MX8MQ and i.MX8MM devices. Due to different cache management it's necessary to flush dcache range for destination address so data can be available in memory. Add necessary operations in blob_encap() and blob_decap() functions. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
The imx8mm has changed the address of rvt_hab, use new address for imx8mm. The authentication procedure is same as imx8mq. In u-boot, the authentication uses SIP call to trap ATF to run HAB authenticate. Users need to add CONFIG_SECURE_BOOT=y to defconfig to enable the feature. Signed-off-by: NYe Li <ye.li@nxp.com> Acked-by: NPeng Fan <peng.fan@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
When building 32-bit targets with CONFIG_SECURE_BOOT and DEBUG enabled the following warnings are displayed: arch/arm/mach-imx/hab.c:840:41: warning: format '%lx' expects argument \ of type 'long unsigned int', but argument 3 has type 'uint32_t \ {aka unsigned int}' [-Wformat=] printf("HAB check target 0x%08x-0x%08lx fail\n", ~~~~^ %08x ddr_start, ddr_start + bytes); arch/arm/mach-imx/hab.c:845:45: warning: format '%x' expects argument \ of type 'unsigned int', but argument 3 has type 'ulong \ {aka long unsigned int}' [-Wformat=] printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); ~^ %lx Fix warnings by providing the correct data type. Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NBreno Lima <breno.lima@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
When booting in low power or dual boot modes the M4 binary is authenticated by the M4 ROM code. Add an option in hab_status command so users can retrieve M4 HAB failure and warning events. => hab_status m4 Secure boot disabled HAB Configuration: 0xf0, HAB State: 0x66 No HAB Events Found! Add command documentation in mx6_mx7_secure_boot.txt guide. As HAB M4 API cannot be called from A7 core the code is parsing the M4 HAB persistent memory region. The HAB persistent memory stores HAB events, public keys and others HAB related information. The HAB persistent memory region addresses and sizes can be found in AN12263 "HABv4 RVT Guidelines and Recommendations". Reviewed-by: NUtkarsh Gupta <utkarsh.gupta@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NBreno Lima <breno.lima@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
The HABv4 implementation in ROM checks if HAB major version in IVT header is 4.x. The current implementation in hab.c code is only validating HAB v4.0 and HAB v4.1 and may be incompatible with newer HABv4 versions. Modify verify_ivt_header() function to align with HABv4 implementation in ROM code. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Utkarsh Gupta 提交于
Add ability for hab_status command to show All HAB events and not just HAB failure events Signed-off-by: NUtkarsh Gupta <utkarsh.gupta@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
Currently it's not possible to authenticate additional boot images in HAB open configuration. The hab.c code is checking if the SEC_CONFIG[1] fuse is programmed prior to calling the hab_authenticate_image() API function. Users cannot check if their additional boot images has been correctly signed prior to closing their device. Enable hab.c to authenticate additional boot images in open mode so HAB events can be retrieved through get_hab_status() function. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
Modify to use hab_rvt_failsafe function for failsafe ROM API, not directly call its ROM address. This function will wrap the sip call for iMX8M platforms. Signed-off-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Utkarsh Gupta 提交于
Calling csf_is_valid() with an un-signed image may lead to data abort as the CSF pointer could be pointing to a garbage address when accessed in HAB_HDR_LEN(*(const struct hab_hdr *)(ulong)ivt_initial->csf). Authenticate image from DDR location 0x80800000... Check CSF for Write Data command before authenticating image data abort pc : [<fff5494c>] lr : [<fff54910>] reloc pc : [<8780294c>] lr : [<87802910>] sp : fdf45dc8 ip : 00000214 fp : 00000000 r10: fffb6170 r9 : fdf4fec0 r8 : 00722020 r7 : 80f20000 r6 : 80800000 r5 : 80800000 r4 : 00720000 r3 : 17a5aca3 r2 : 00000000 r1 : 80f2201f r0 : 00000019 Flags: NzcV IRQs off FIQs off Mode SVC_32 Resetting CPU ... resetting ... To avoid such errors during authentication process, validate IVT structure by calling validate_ivt function which checks the following values in an IVT: IVT_HEADER = 0x4X2000D1 ENTRY != 0x0 RES1 = 0x0 DCD = 0x0 /* Recommended */ SELF != 0x0 /* Absoulute address of IVT */ CSF != 0x0 RES2 = 0x0 This commit also checks if Image's start address is 4 byte aligned. commit "0088d127 MLK-14945 HAB: Check if IVT valid before authenticating image" removed as this patch addresses the issue. Signed-off-by: NUtkarsh Gupta <utkarsh.gupta@nxp.com> Signed-off-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Peng Fan 提交于
There are some changes to support ARM64 i.MX8M platform in this patches: 1. The hab_rvt base and function vectors are different as i.MX6/7 2. Need to bypass an workaround for i.MX6 to fix problem in MMU. 3. The x18 register needed save & restore before calling any HAB API. According to ARM procedure call spec, the x18 is caller saved when it is used as temporary register. So calling HAB API may scratch this register, and cause crash once accessing the gd pointer. On ARMv7, the r9 is callee saved when it is used as variable register. So no need to save & restore it. 4. Add SEC_CONFIG fuse for iMX8M When current EL is not EL3, the direct calling to HAB will fail because CAAM/SNVS can't initialize at non-secure mode. In this case, we use SIP call to run the HAB in ATF. Signed-off-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
When loading kernel image, the image size is parsed from header, so it does not include the CSF and IVT. Add back the authenticate_image function to wrap the imx_hab_authenticate_image with calculating IVT offset and full image size. Signed-off-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
Prior instantiating RNG we have to ensure if the CAAM job rings are available. Avoid hardcoded job ring max size and use the definition at fsl_sec.h Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
Prior calling sec_in32() we have to ensure CAAM clock is enabled, the function sec_in32() is reading CAAM registers and if CAAM clock is disabled the system will hang. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
The CAAM output ring size register offset is currently defined in fsl_sec.h as FSL_CAAM_ORSR_JRa_OFFSET, use this definition to avoid hardcoded value in i.MX common code. Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Breno Lima 提交于
This code was originally developed by Raul Cardenas <raul.casas@nxp.com> and modified to be applied in U-Boot imx_v2017.03. More information about the initial submission can be seen in the link below: https://lists.denx.de/pipermail/u-boot/2016-February/245273.html i.MX7D has an a protection feature for Manufacturing process. This feature uses asymmetric encryption to sign and verify authenticated software handled between parties. This command enables the use of such feature. The private key is unique and generated once per device. And it is stored in secure memory and only accessible by CAAM. Therefore, the public key generation and signature functions are the only functions available for the user. The manufacturing-protection authentication process can be used to authenticate the chip to the OEM's server. Command usage: Print the public key for the device. - mfgprot pubk Generates Signature over given data. - mfgprot sign <data_address> <data_size> Signed-off-by: NRaul Ulises Cardenas <raul.casas@nxp.com> Signed-off-by: NBreno Lima <breno.lima@nxp.com> Reviewed-by: NFabio Estevam <fabio.estevam@nxp.com> Reviewed-by: NYe Li <ye.li@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Peng Fan 提交于
Add regs used by CAAM Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Peng 提交于
Add imx8mn_evk_defconfig to be maintained Typo fix Signed-off-by: NPeng <peng.fan@nxp.com>
-
由 Ye Li 提交于
Both i.MX8MQ B1 and B2 should use default LPDDR4 script, while B0 has another dedicated script. Signed-off-by: NYe Li <ye.li@nxp.com> Reviewed-by: NPeng Fan <peng.fan@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
i.MX8MQ B2 also has fixed value in OCOTP_READ_FUSE_DATA register, so it does not support "fuse sense" command like B1. Signed-off-by: NYe Li <ye.li@nxp.com> Reviewed-by: NPeng Fan <peng.fan@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-
由 Ye Li 提交于
i.MX8MQ B2 is using same value in OCOTP_READ_FUSE_DATA like B1, so we have to check the ROM verision to distinguish the revision. As we have checked the B1 rev for sticky bits work around in secure boot. So it won't apply on B2. Signed-off-by: NYe Li <ye.li@nxp.com> Reviewed-by: NPeng Fan <peng.fan@nxp.com> Signed-off-by: NPeng Fan <peng.fan@nxp.com>
-