diff options
author | Tom Rini <trini@konsulko.com> | 2021-08-16 09:31:00 -0400 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2021-08-16 09:31:00 -0400 |
commit | 5a221adb2f593fc0661b50801109f00041a26f1e (patch) | |
tree | 6a8466dfda239447062b9df2fcf104d09f2b494e | |
parent | fdc4fda33051bcb9eb782001afe2bdd3c0d09eae (diff) | |
parent | 46a738a4ec81959c7545a4bb07e4f5232bbcfefe (diff) | |
download | u-boot-5a221adb2f593fc0661b50801109f00041a26f1e.zip u-boot-5a221adb2f593fc0661b50801109f00041a26f1e.tar.gz u-boot-5a221adb2f593fc0661b50801109f00041a26f1e.tar.bz2 |
Merge https://source.denx.de/u-boot/custodians/u-boot-stm
Highlights:
- Handle TF-A boot with FIP for STM32MP1
- Fix board_get_usable_ram_top(0) for STM32MP1
- DT alignement with kernel v5.14 for STM32MP1
- SPI-NOR DT update for DHSOM
- Add UCLASS API for ECDSA singnature and implement it for STM32MP1
37 files changed, 887 insertions, 133 deletions
diff --git a/arch/arm/dts/stm32mp15-pinctrl.dtsi b/arch/arm/dts/stm32mp15-pinctrl.dtsi index 060baa8..5b60ecb 100644 --- a/arch/arm/dts/stm32mp15-pinctrl.dtsi +++ b/arch/arm/dts/stm32mp15-pinctrl.dtsi @@ -118,6 +118,39 @@ }; }; + dcmi_pins_b: dcmi-1 { + pins { + pinmux = <STM32_PINMUX('A', 4, AF13)>,/* DCMI_HSYNC */ + <STM32_PINMUX('B', 7, AF13)>,/* DCMI_VSYNC */ + <STM32_PINMUX('A', 6, AF13)>,/* DCMI_PIXCLK */ + <STM32_PINMUX('C', 6, AF13)>,/* DCMI_D0 */ + <STM32_PINMUX('H', 10, AF13)>,/* DCMI_D1 */ + <STM32_PINMUX('H', 11, AF13)>,/* DCMI_D2 */ + <STM32_PINMUX('E', 1, AF13)>,/* DCMI_D3 */ + <STM32_PINMUX('E', 11, AF13)>,/* DCMI_D4 */ + <STM32_PINMUX('D', 3, AF13)>,/* DCMI_D5 */ + <STM32_PINMUX('E', 13, AF13)>,/* DCMI_D6 */ + <STM32_PINMUX('B', 9, AF13)>;/* DCMI_D7 */ + bias-disable; + }; + }; + + dcmi_sleep_pins_b: dcmi-sleep-1 { + pins { + pinmux = <STM32_PINMUX('A', 4, ANALOG)>,/* DCMI_HSYNC */ + <STM32_PINMUX('B', 7, ANALOG)>,/* DCMI_VSYNC */ + <STM32_PINMUX('A', 6, ANALOG)>,/* DCMI_PIXCLK */ + <STM32_PINMUX('C', 6, ANALOG)>,/* DCMI_D0 */ + <STM32_PINMUX('H', 10, ANALOG)>,/* DCMI_D1 */ + <STM32_PINMUX('H', 11, ANALOG)>,/* DCMI_D2 */ + <STM32_PINMUX('E', 1, ANALOG)>,/* DCMI_D3 */ + <STM32_PINMUX('E', 11, ANALOG)>,/* DCMI_D4 */ + <STM32_PINMUX('D', 3, ANALOG)>,/* DCMI_D5 */ + <STM32_PINMUX('E', 13, ANALOG)>,/* DCMI_D6 */ + <STM32_PINMUX('B', 9, ANALOG)>;/* DCMI_D7 */ + }; + }; + ethernet0_rgmii_pins_a: rgmii-0 { pins1 { pinmux = <STM32_PINMUX('G', 5, AF11)>, /* ETH_RGMII_CLK125 */ diff --git a/arch/arm/dts/stm32mp151.dtsi b/arch/arm/dts/stm32mp151.dtsi index 177927d..8e0a0bc 100644 --- a/arch/arm/dts/stm32mp151.dtsi +++ b/arch/arm/dts/stm32mp151.dtsi @@ -1399,8 +1399,8 @@ reg = <0x58003000 0x1000>, <0x70000000 0x10000000>; reg-names = "qspi", "qspi_mm"; interrupts = <GIC_SPI 92 IRQ_TYPE_LEVEL_HIGH>; - dmas = <&mdma1 22 0x2 0x100002 0x0 0x0>, - <&mdma1 22 0x2 0x100008 0x0 0x0>; + dmas = <&mdma1 22 0x2 0x10100002 0x0 0x0>, + <&mdma1 22 0x2 0x10100008 0x0 0x0>; dma-names = "tx", "rx"; clocks = <&rcc QSPI_K>; resets = <&rcc QSPI_R>; @@ -1446,12 +1446,6 @@ status = "disabled"; }; - stmmac_axi_config_0: stmmac-axi-config { - snps,wr_osr_lmt = <0x7>; - snps,rd_osr_lmt = <0x7>; - snps,blen = <0 0 0 0 16 8 4>; - }; - ethernet0: ethernet@5800a000 { compatible = "st,stm32mp1-dwmac", "snps,dwmac-4.20a"; reg = <0x5800a000 0x2000>; @@ -1477,6 +1471,12 @@ snps,axi-config = <&stmmac_axi_config_0>; snps,tso; status = "disabled"; + + stmmac_axi_config_0: stmmac-axi-config { + snps,wr_osr_lmt = <0x7>; + snps,rd_osr_lmt = <0x7>; + snps,blen = <0 0 0 0 16 8 4>; + }; }; usbh_ohci: usb@5800c000 { diff --git a/arch/arm/dts/stm32mp157a-dk1-u-boot.dtsi b/arch/arm/dts/stm32mp157a-dk1-u-boot.dtsi index a8e15ad..0101962 100644 --- a/arch/arm/dts/stm32mp157a-dk1-u-boot.dtsi +++ b/arch/arm/dts/stm32mp157a-dk1-u-boot.dtsi @@ -15,12 +15,18 @@ config { u-boot,boot-led = "heartbeat"; u-boot,error-led = "error"; - u-boot,mmc-env-partition = "ssbl"; + u-boot,mmc-env-partition = "fip"; st,adc_usb_pd = <&adc1 18>, <&adc1 19>; st,fastboot-gpios = <&gpioa 13 (GPIO_ACTIVE_LOW | GPIO_PULL_UP)>; st,stm32prog-gpios = <&gpioa 14 (GPIO_ACTIVE_LOW | GPIO_PULL_UP)>; }; +#ifdef CONFIG_STM32MP15x_STM32IMAGE + config { + u-boot,mmc-env-partition = "ssbl"; + }; + + /* only needed for boot with TF-A, witout FIP support */ firmware { optee { compatible = "linaro,optee-tz"; @@ -37,6 +43,7 @@ u-boot,dm-spl; }; }; +#endif led { red { diff --git a/arch/arm/dts/stm32mp157a-microgea-stm32mp1-microdev2.0-of7.dts b/arch/arm/dts/stm32mp157a-microgea-stm32mp1-microdev2.0-of7.dts index 674b2d3..5670b23 100644 --- a/arch/arm/dts/stm32mp157a-microgea-stm32mp1-microdev2.0-of7.dts +++ b/arch/arm/dts/stm32mp157a-microgea-stm32mp1-microdev2.0-of7.dts @@ -89,7 +89,7 @@ }; &pinctrl { - ltdc_pins: ltdc { + ltdc_pins: ltdc-0 { pins { pinmux = <STM32_PINMUX('G', 10, AF14)>, /* LTDC_B2 */ <STM32_PINMUX('H', 12, AF14)>, /* LTDC_R6 */ diff --git a/arch/arm/dts/stm32mp157c-ed1-u-boot.dtsi b/arch/arm/dts/stm32mp157c-ed1-u-boot.dtsi index fc6066a..3277738 100644 --- a/arch/arm/dts/stm32mp157c-ed1-u-boot.dtsi +++ b/arch/arm/dts/stm32mp157c-ed1-u-boot.dtsi @@ -15,11 +15,17 @@ config { u-boot,boot-led = "heartbeat"; u-boot,error-led = "error"; - u-boot,mmc-env-partition = "ssbl"; + u-boot,mmc-env-partition = "fip"; st,fastboot-gpios = <&gpioa 13 (GPIO_ACTIVE_LOW | GPIO_PULL_UP)>; st,stm32prog-gpios = <&gpioa 14 (GPIO_ACTIVE_LOW | GPIO_PULL_UP)>; }; +#ifdef CONFIG_STM32MP15x_STM32IMAGE + config { + u-boot,mmc-env-partition = "ssbl"; + }; + + /* only needed for boot with TF-A, witout FIP support */ firmware { optee { compatible = "linaro,optee-tz"; @@ -33,6 +39,7 @@ no-map; }; }; +#endif led { red { diff --git a/arch/arm/dts/stm32mp15xx-dhcor-io3v3.dtsi b/arch/arm/dts/stm32mp15xx-dhcor-io3v3.dtsi index 64299df..94cf80d 100644 --- a/arch/arm/dts/stm32mp15xx-dhcor-io3v3.dtsi +++ b/arch/arm/dts/stm32mp15xx-dhcor-io3v3.dtsi @@ -198,7 +198,7 @@ compatible = "jedec,spi-nor"; reg = <0>; spi-rx-bus-width = <4>; - spi-max-frequency = <108000000>; + spi-max-frequency = <50000000>; #address-cells = <1>; #size-cells = <1>; }; diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig index ace07fd..5d7eca6 100644 --- a/arch/arm/mach-stm32mp/Kconfig +++ b/arch/arm/mach-stm32mp/Kconfig @@ -56,6 +56,13 @@ config STM32MP15x dual core A7 for STM32MP157/3, monocore for STM32MP151 target all the STMicroelectronics board with SOC STM32MP1 family +config STM32MP15x_STM32IMAGE + bool "Support STM32 image for generated U-Boot image" + depends on STM32MP15x && TFABOOT + help + Support of STM32 image generation for SOC STM32MP15x + for TF-A boot when FIP container is not used + choice prompt "STM32MP15x board select" optional @@ -172,6 +179,15 @@ config STM32_ETZPC help Say y to enable STM32 Extended TrustZone Protection +config STM32_ECDSA_VERIFY + bool "STM32 ECDSA verification via the ROM API" + depends on SPL_ECDSA_VERIFY + default y + help + Say y to enable the uclass driver for ECDSA verification using the + ROM API provided on STM32MP. + The ROM API is only available during SPL for now. + config CMD_STM32KEY bool "command stm32key to fuse public key hash" default n diff --git a/arch/arm/mach-stm32mp/Makefile b/arch/arm/mach-stm32mp/Makefile index 879c196..391b47c 100644 --- a/arch/arm/mach-stm32mp/Makefile +++ b/arch/arm/mach-stm32mp/Makefile @@ -11,6 +11,7 @@ obj-y += bsec.o ifdef CONFIG_SPL_BUILD obj-y += spl.o obj-y += tzc400.o +obj-$(CONFIG_STM32_ECDSA_VERIFY) += ecdsa_romapi.o else obj-y += cmd_stm32prog/ obj-$(CONFIG_CMD_STM32KEY) += cmd_stm32key.o diff --git a/arch/arm/mach-stm32mp/cmd_stm32prog/cmd_stm32prog.c b/arch/arm/mach-stm32mp/cmd_stm32prog/cmd_stm32prog.c index be53a52..41452b5 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32prog/cmd_stm32prog.c +++ b/arch/arm/mach-stm32mp/cmd_stm32prog/cmd_stm32prog.c @@ -185,6 +185,7 @@ U_BOOT_CMD(stm32prog, 5, 0, do_stm32prog, " <size> = size of flashlayout (optional for image with STM32 header)\n" ); +#ifdef CONFIG_STM32MP15x_STM32IMAGE bool stm32prog_get_tee_partitions(void) { if (stm32prog_data) @@ -192,6 +193,7 @@ bool stm32prog_get_tee_partitions(void) return false; } +#endif bool stm32prog_get_fsbl_nor(void) { diff --git a/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.c b/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.c index 26fe8b6..3b6ca4e 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.c +++ b/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.c @@ -824,7 +824,9 @@ static int treat_partition_list(struct stm32prog_data *data) INIT_LIST_HEAD(&data->dev[j].part_list); } +#ifdef CONFIG_STM32MP15x_STM32IMAGE data->tee_detected = false; +#endif data->fsbl_nor_detected = false; for (i = 0; i < data->part_nb; i++) { part = &data->part_array[i]; @@ -878,10 +880,12 @@ static int treat_partition_list(struct stm32prog_data *data) /* fallthrough */ case STM32PROG_NAND: case STM32PROG_SPI_NAND: +#ifdef CONFIG_STM32MP15x_STM32IMAGE if (!data->tee_detected && !strncmp(part->name, "tee", 3)) data->tee_detected = true; break; +#endif default: break; } diff --git a/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.h b/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.h index 9d58cf0..240c5c4 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.h +++ b/arch/arm/mach-stm32mp/cmd_stm32prog/stm32prog.h @@ -122,7 +122,9 @@ struct stm32prog_data { struct stm32prog_dev_t dev[STM32PROG_MAX_DEV]; /* array of device */ int part_nb; /* nb of partition */ struct stm32prog_part_t *part_array; /* array of partition */ +#ifdef CONFIG_STM32MP15x_STM32IMAGE bool tee_detected; +#endif bool fsbl_nor_detected; /* command internal information */ diff --git a/arch/arm/mach-stm32mp/config.mk b/arch/arm/mach-stm32mp/config.mk index c30bf48..f7f5b77 100644 --- a/arch/arm/mach-stm32mp/config.mk +++ b/arch/arm/mach-stm32mp/config.mk @@ -4,7 +4,7 @@ # ifndef CONFIG_SPL -INPUTS-y += u-boot.stm32 +INPUTS-$(CONFIG_STM32MP15x_STM32IMAGE) += u-boot.stm32 else ifdef CONFIG_SPL_BUILD INPUTS-y += u-boot-spl.stm32 diff --git a/arch/arm/mach-stm32mp/dram_init.c b/arch/arm/mach-stm32mp/dram_init.c index 3c09702..94f25f3 100644 --- a/arch/arm/mach-stm32mp/dram_init.c +++ b/arch/arm/mach-stm32mp/dram_init.c @@ -46,6 +46,9 @@ ulong board_get_usable_ram_top(ulong total_size) phys_addr_t reg; struct lmb lmb; + if (!total_size) + return gd->ram_base + gd->ram_size; + /* found enough not-reserved memory to relocated U-Boot */ lmb_init(&lmb); lmb_add(&lmb, gd->ram_base, gd->ram_size); diff --git a/arch/arm/mach-stm32mp/ecdsa_romapi.c b/arch/arm/mach-stm32mp/ecdsa_romapi.c new file mode 100644 index 0000000..a2f63ff --- /dev/null +++ b/arch/arm/mach-stm32mp/ecdsa_romapi.c @@ -0,0 +1,102 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * STM32MP ECDSA verification via the ROM API + * + * Implements ECDSA signature verification via the STM32MP ROM. + */ +#include <asm/system.h> +#include <dm/device.h> +#include <linux/types.h> +#include <u-boot/ecdsa.h> +#include <crypto/ecdsa-uclass.h> +#include <linux/libfdt.h> +#include <dm/platdata.h> + +#define ROM_API_SUCCESS 0x77 +#define ROM_API_ECDSA_ALGO_PRIME_256V1 1 +#define ROM_API_ECDSA_ALGO_BRAINPOOL_256 2 + +#define ROM_API_OFFSET_ECDSA_VERIFY 0x60 + +struct ecdsa_rom_api { + uint32_t (*ecdsa_verify_signature)(const void *hash, const void *pubkey, + const void *signature, + uint32_t ecc_algo); +}; + +/* + * Without forcing the ".data" section, this would get saved in ".bss". BSS + * will be cleared soon after, so it's not suitable. + */ +static uintptr_t rom_api_loc __section(".data"); + +/* + * The ROM gives us the API location in r0 when starting. This is only available + * during SPL, as there isn't (yet) a mechanism to pass this on to u-boot. + */ +void save_boot_params(unsigned long r0, unsigned long r1, unsigned long r2, + unsigned long r3) +{ + rom_api_loc = r0; + save_boot_params_ret(); +} + +static void stm32mp_rom_get_ecdsa_functions(struct ecdsa_rom_api *rom) +{ + uintptr_t verify_ptr = rom_api_loc + ROM_API_OFFSET_ECDSA_VERIFY; + + rom->ecdsa_verify_signature = *(void **)verify_ptr; +} + +static int ecdsa_key_algo(const char *curve_name) +{ + if (!strcmp(curve_name, "prime256v1")) + return ROM_API_ECDSA_ALGO_PRIME_256V1; + else if (!strcmp(curve_name, "brainpool256")) + return ROM_API_ECDSA_ALGO_BRAINPOOL_256; + else + return -ENOPROTOOPT; +} + +static int romapi_ecdsa_verify(struct udevice *dev, + const struct ecdsa_public_key *pubkey, + const void *hash, size_t hash_len, + const void *signature, size_t sig_len) +{ + struct ecdsa_rom_api rom; + uint8_t raw_key[64]; + uint32_t rom_ret; + int algo; + + /* The ROM API can only handle 256-bit ECDSA keys. */ + if (sig_len != 64 || hash_len != 32 || pubkey->size_bits != 256) + return -EINVAL; + + algo = ecdsa_key_algo(pubkey->curve_name); + if (algo < 0) + return algo; + + /* The ROM API wants the (X, Y) coordinates concatenated. */ + memcpy(raw_key, pubkey->x, 32); + memcpy(raw_key + 32, pubkey->y, 32); + + stm32mp_rom_get_ecdsa_functions(&rom); + rom_ret = rom.ecdsa_verify_signature(hash, raw_key, signature, algo); + + return rom_ret == ROM_API_SUCCESS ? 0 : -EPERM; +} + +static const struct ecdsa_ops rom_api_ops = { + .verify = romapi_ecdsa_verify, +}; + +U_BOOT_DRIVER(stm32mp_rom_api_ecdsa) = { + .name = "stm32mp_rom_api_ecdsa", + .id = UCLASS_ECDSA, + .ops = &rom_api_ops, + .flags = DM_FLAG_PRE_RELOC, +}; + +U_BOOT_DRVINFO(stm32mp_rom_api_ecdsa) = { + .name = "stm32mp_rom_api_ecdsa", +}; diff --git a/arch/arm/mach-stm32mp/fdt.c b/arch/arm/mach-stm32mp/fdt.c index ce2fe02..a19e954 100644 --- a/arch/arm/mach-stm32mp/fdt.c +++ b/arch/arm/mach-stm32mp/fdt.c @@ -332,7 +332,16 @@ int ft_system_setup(void *blob, struct bd_info *bd) "st,package", pkg, false); } - if (!CONFIG_IS_ENABLED(OPTEE) || + /* + * TEMP: remove OP-TEE nodes in kernel device tree + * copied from U-Boot device tree by optee_copy_fdt_nodes + * when OP-TEE is not detected (probe failed) + * these OP-TEE nodes are present in <board>-u-boot.dtsi + * under CONFIG_STM32MP15x_STM32IMAGE only for compatibility + * when FIP is not used by TF-A + */ + if (CONFIG_IS_ENABLED(STM32MP15x_STM32IMAGE) && + CONFIG_IS_ENABLED(OPTEE) && !tee_find_device(NULL, NULL, NULL, NULL)) stm32_fdt_disable_optee(blob); diff --git a/arch/arm/mach-stm32mp/include/mach/stm32prog.h b/arch/arm/mach-stm32mp/include/mach/stm32prog.h index c080b9c..99be4e1 100644 --- a/arch/arm/mach-stm32mp/include/mach/stm32prog.h +++ b/arch/arm/mach-stm32mp/include/mach/stm32prog.h @@ -11,6 +11,8 @@ int stm32prog_read_medium_virt(struct dfu_entity *dfu, u64 offset, void *buf, long *len); int stm32prog_get_medium_size_virt(struct dfu_entity *dfu, u64 *size); +#ifdef CONFIG_STM32MP15x_STM32IMAGE bool stm32prog_get_tee_partitions(void); +#endif bool stm32prog_get_fsbl_nor(void); diff --git a/board/st/common/Kconfig b/board/st/common/Kconfig index ddcf33a..2f57118 100644 --- a/board/st/common/Kconfig +++ b/board/st/common/Kconfig @@ -8,18 +8,22 @@ config CMD_STBOARD config MTDPARTS_NAND0_BOOT string "mtd boot partitions for nand0" - default "2m(fsbl),2m(ssbl1),2m(ssbl2)" + default "2m(fsbl),2m(ssbl1),2m(ssbl2)" if STM32MP15x_STM32IMAGE || \ + !TFABOOT + default "2m(fsbl),4m(fip1),4m(fip2)" depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP help This define the partitions of nand0 used to build mtparts dynamically for boot from nand0. Each partition need to be aligned with the device erase block size, 512KB is the max size for the NAND supported by stm32mp1 platform. + The fsbl partition support multiple copy of the same binary, one by + erase block. config MTDPARTS_NAND0_TEE string "mtd tee partitions for nand0" default "512k(teeh),512k(teed),512k(teex)" - depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP + depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP && STM32MP15x_STM32IMAGE help This define the tee partitions added in mtparts dynamically when tee is supported with boot from nand0. @@ -28,7 +32,9 @@ config MTDPARTS_NAND0_TEE config MTDPARTS_NOR0_BOOT string "mtd boot partitions for nor0" - default "256k(fsbl1),256k(fsbl2),2m(ssbl),512k(u-boot-env)" + default "256k(fsbl1),256k(fsbl2),2m(ssbl),512k(u-boot-env)" if STM32MP15x_STM32IMAGE || \ + !TFABOOT + default "256k(fsbl1),256k(fsbl2),4m(fip),512k(u-boot-env)" depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP help This define the partitions of nand0 used to build mtparts dynamically @@ -40,24 +46,27 @@ config MTDPARTS_NOR0_BOOT config MTDPARTS_NOR0_TEE string "mtd tee partitions for nor0" default "256k(teeh),512k(teed),256k(teex)" - depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP + depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP && STM32MP15x_STM32IMAGE help This define the tee partitions added in mtparts dynamically when tee is supported with boot from nor0. config MTDPARTS_SPINAND0_BOOT string "mtd boot partitions for spi-nand0" - default "2m(fsbl),2m(ssbl1),2m(ssbl2)" + default "2m(fsbl),2m(ssbl1),2m(ssbl2)" if STM32MP15x_STM32IMAGE || !TFABOOT + default "2m(fsbl),4m(fip1),4m(fip2)" depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP help This define the partitions of nand0 used to build mtparts dynamically for boot from spi-nand0, 512KB is the max size for the NAND supported by stm32mp1 platform. + The fsbl partition support multiple copy of the same binary, one by + erase block. config MTDPARTS_SPINAND0_TEE string "mtd tee partitions for spi-nand0" default "512k(teeh),512k(teed),512k(teex)" - depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP + depends on SYS_MTDPARTS_RUNTIME && ARCH_STM32MP && STM32MP15x_STM32IMAGE help This define the tee partitions added in mtparts dynamically when tee is supported with boot from spi-nand0, diff --git a/board/st/common/stm32mp_mtdparts.c b/board/st/common/stm32mp_mtdparts.c index f074fc1..8b636d6 100644 --- a/board/st/common/stm32mp_mtdparts.c +++ b/board/st/common/stm32mp_mtdparts.c @@ -11,7 +11,9 @@ #include <log.h> #include <mtd.h> #include <mtd_node.h> +#ifdef CONFIG_STM32MP15x_STM32IMAGE #include <tee.h> +#endif #include <asm/arch/stm32prog.h> #include <asm/arch/sys_proto.h> #include <asm/global_data.h> @@ -31,7 +33,9 @@ static void board_set_mtdparts(const char *dev, char *mtdids, char *mtdparts, const char *boot, +#ifdef CONFIG_STM32MP15x_STM32IMAGE const char *tee, +#endif const char *user) { /* mtdids: "<dev>=<dev>, ...." */ @@ -55,10 +59,12 @@ static void board_set_mtdparts(const char *dev, strncat(mtdparts, ",", MTDPARTS_LEN); } +#ifdef CONFIG_STM32MP15x_STM32IMAGE if (tee) { strncat(mtdparts, tee, MTDPARTS_LEN); strncat(mtdparts, ",", MTDPARTS_LEN); } +#endif strncat(mtdparts, user, MTDPARTS_LEN); } @@ -70,7 +76,10 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) static char parts[3 * MTDPARTS_LEN + 1]; static char ids[MTDIDS_LEN + 1]; static bool mtd_initialized; - bool tee, nor, nand, spinand, serial; + bool nor, nand, spinand, serial; +#ifdef CONFIG_STM32MP15x_STM32IMAGE + bool tee = false; +#endif if (mtd_initialized) { *mtdids = ids; @@ -78,7 +87,6 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) return; } - tee = false; nor = false; nand = false; spinand = false; @@ -89,7 +97,9 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) case BOOT_SERIAL_USB: serial = true; if (CONFIG_IS_ENABLED(CMD_STM32PROG)) { +#ifdef CONFIG_STM32MP15x_STM32IMAGE tee = stm32prog_get_tee_partitions(); +#endif nor = stm32prog_get_fsbl_nor(); } nand = true; @@ -108,9 +118,11 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) break; } +#ifdef CONFIG_STM32MP15x_STM32IMAGE if (!serial && CONFIG_IS_ENABLED(OPTEE) && tee_find_device(NULL, NULL, NULL, NULL)) tee = true; +#endif memset(parts, 0, sizeof(parts)); memset(ids, 0, sizeof(ids)); @@ -125,10 +137,11 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) if (nand) { mtd = get_mtd_device_nm("nand0"); if (!IS_ERR_OR_NULL(mtd)) { - const char *mtd_tee = CONFIG_MTDPARTS_NAND0_TEE; board_set_mtdparts("nand0", ids, parts, CONFIG_MTDPARTS_NAND0_BOOT, - !nor && tee ? mtd_tee : NULL, +#ifdef CONFIG_STM32MP15x_STM32IMAGE + !nor && tee ? CONFIG_MTDPARTS_NAND0_TEE : NULL, +#endif "-(UBI)"); put_mtd_device(mtd); } @@ -137,10 +150,11 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) if (spinand) { mtd = get_mtd_device_nm("spi-nand0"); if (!IS_ERR_OR_NULL(mtd)) { - const char *mtd_tee = CONFIG_MTDPARTS_SPINAND0_TEE; board_set_mtdparts("spi-nand0", ids, parts, CONFIG_MTDPARTS_SPINAND0_BOOT, - !nor && tee ? mtd_tee : NULL, +#ifdef CONFIG_STM32MP15x_STM32IMAGE + !nor && tee ? CONFIG_MTDPARTS_SPINAND0_TEE : NULL, +#endif "-(UBI)"); put_mtd_device(mtd); } @@ -148,10 +162,11 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts) if (nor) { if (!uclass_get_device(UCLASS_SPI_FLASH, 0, &dev)) { - const char *mtd_tee = CONFIG_MTDPARTS_NOR0_TEE; board_set_mtdparts("nor0", ids, parts, CONFIG_MTDPARTS_NOR0_BOOT, - tee ? mtd_tee : NULL, +#ifdef CONFIG_STM32MP15x_STM32IMAGE + tee ? CONFIG_MTDPARTS_NOR0_TEE : NULL, +#endif "-(nor_user)"); } } diff --git a/board/st/stm32mp1/MAINTAINERS b/board/st/stm32mp1/MAINTAINERS index fe8fc6f..0e6d80f 100644 --- a/board/st/stm32mp1/MAINTAINERS +++ b/board/st/stm32mp1/MAINTAINERS @@ -5,6 +5,7 @@ T: git https://source.denx.de/u-boot/custodians/u-boot-stm.git S: Maintained F: arch/arm/dts/stm32mp15* F: board/st/stm32mp1/ +F: configs/stm32mp15_defconfig F: configs/stm32mp15_basic_defconfig F: configs/stm32mp15_trusted_defconfig F: include/configs/stm32mp1.h diff --git a/board/st/stm32mp1/stm32mp1.c b/board/st/stm32mp1/stm32mp1.c index 59fb6e5..032f08d 100644 --- a/board/st/stm32mp1/stm32mp1.c +++ b/board/st/stm32mp1/stm32mp1.c @@ -105,10 +105,14 @@ int checkboard(void) const char *fdt_compat; int fdt_compat_len; - if (IS_ENABLED(CONFIG_TFABOOT)) - mode = "trusted"; - else + if (IS_ENABLED(CONFIG_TFABOOT)) { + if (IS_ENABLED(CONFIG_STM32MP15x_STM32IMAGE)) + mode = "trusted - stm32image"; + else + mode = "trusted"; + } else { mode = "basic"; + } fdt_compat = fdt_getprop(gd->fdt_blob, 0, "compatible", &fdt_compat_len); diff --git a/common/Kconfig.boot b/common/Kconfig.boot index f39df04..0d4c384 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -76,8 +76,8 @@ config FIT_SIGNATURE bool "Enable signature verification of FIT uImages" depends on DM select HASH - select RSA - select RSA_VERIFY + imply RSA + imply RSA_VERIFY select IMAGE_SIGN_INFO select FIT_FULL_CHECK help @@ -186,8 +186,8 @@ config SPL_FIT_SIGNATURE select SPL_FIT select SPL_CRYPTO select SPL_HASH_SUPPORT - select SPL_RSA - select SPL_RSA_VERIFY + imply SPL_RSA + imply SPL_RSA_VERIFY select SPL_IMAGE_SIGN_INFO select SPL_FIT_FULL_CHECK diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index bcd82f7..8bb981d 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -299,3 +299,5 @@ CONFIG_TEST_FDTDEC=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y +CONFIG_ECDSA=y +CONFIG_ECDSA_VERIFY=y diff --git a/configs/stm32mp15_defconfig b/configs/stm32mp15_defconfig new file mode 100644 index 0000000..b11da7d --- /dev/null +++ b/configs/stm32mp15_defconfig @@ -0,0 +1,158 @@ +CONFIG_ARM=y +CONFIG_ARCH_STM32MP=y +CONFIG_TFABOOT=y +CONFIG_SYS_MALLOC_F_LEN=0x3000 +CONFIG_SYS_MEMTEST_START=0xc0000000 +CONFIG_SYS_MEMTEST_END=0xc4000000 +CONFIG_ENV_OFFSET=0x480000 +CONFIG_ENV_SECT_SIZE=0x40000 +CONFIG_DEFAULT_DEVICE_TREE="stm32mp157c-ev1" +CONFIG_TARGET_ST_STM32MP15x=y +CONFIG_CMD_STM32KEY=y +CONFIG_CMD_STM32PROG=y +CONFIG_ENV_OFFSET_REDUND=0x4C0000 +CONFIG_TYPEC_STUSB160X=y +CONFIG_DISTRO_DEFAULTS=y +CONFIG_FIT=y +CONFIG_BOOTDELAY=1 +CONFIG_BOOTCOMMAND="run bootcmd_stm32mp" +CONFIG_SYS_PROMPT="STM32MP> " +CONFIG_CMD_ADTIMG=y +CONFIG_CMD_ERASEENV=y +CONFIG_CMD_NVEDIT_EFI=y +CONFIG_CMD_MEMINFO=y +CONFIG_CMD_MEMTEST=y +CONFIG_CMD_UNZIP=y +CONFIG_CMD_ADC=y +CONFIG_CMD_CLK=y +CONFIG_CMD_DFU=y +CONFIG_CMD_FUSE=y +CONFIG_CMD_GPIO=y +CONFIG_CMD_I2C=y +CONFIG_CMD_MMC=y +CONFIG_CMD_REMOTEPROC=y +CONFIG_CMD_SPI=y +CONFIG_CMD_USB=y +CONFIG_CMD_USB_MASS_STORAGE=y +CONFIG_CMD_BMP=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EFIDEBUG=y +CONFIG_CMD_TIME=y +CONFIG_CMD_RNG=y +CONFIG_CMD_TIMER=y +CONFIG_CMD_PMIC=y +CONFIG_CMD_REGULATOR=y +CONFIG_CMD_EXT4_WRITE=y +CONFIG_CMD_MTDPARTS=y +CONFIG_CMD_LOG=y +CONFIG_CMD_UBI=y +CONFIG_OF_LIVE=y +CONFIG_ENV_IS_NOWHERE=y +CONFIG_ENV_IS_IN_MMC=y +CONFIG_ENV_IS_IN_SPI_FLASH=y +CONFIG_ENV_IS_IN_UBI=y +CONFIG_SYS_REDUNDAND_ENVIRONMENT=y +CONFIG_ENV_UBI_PART="UBI" +CONFIG_ENV_UBI_VOLUME="uboot_config" +CONFIG_ENV_UBI_VOLUME_REDUND="uboot_config_r" +CONFIG_SYS_RELOC_GD_ENV_ADDR=y +CONFIG_SYS_MMC_ENV_DEV=-1 +CONFIG_STM32_ADC=y +CONFIG_CLK_SCMI=y +CONFIG_SET_DFU_ALT_INFO=y +CONFIG_USB_FUNCTION_FASTBOOT=y +CONFIG_FASTBOOT_BUF_ADDR=0xC0000000 +CONFIG_FASTBOOT_BUF_SIZE=0x02000000 +CONFIG_FASTBOOT_USB_DEV=1 +CONFIG_FASTBOOT_FLASH=y +CONFIG_FASTBOOT_FLASH_MMC_DEV=1 +CONFIG_FASTBOOT_MMC_BOOT_SUPPORT=y +CONFIG_FASTBOOT_MMC_BOOT1_NAME="mmc1boot0" +CONFIG_FASTBOOT_MMC_BOOT2_NAME="mmc1boot1" +CONFIG_FASTBOOT_MMC_USER_SUPPORT=y +CONFIG_FASTBOOT_MMC_USER_NAME="mmc1" +CONFIG_FASTBOOT_CMD_OEM_FORMAT=y +CONFIG_FASTBOOT_CMD_OEM_PARTCONF=y +CONFIG_FASTBOOT_CMD_OEM_BOOTBUS=y +CONFIG_GPIO_HOG=y +CONFIG_DM_HWSPINLOCK=y +CONFIG_HWSPINLOCK_STM32=y +CONFIG_DM_I2C=y +CONFIG_SYS_I2C_STM32F7=y +CONFIG_LED=y +CONFIG_LED_GPIO=y +CONFIG_DM_MAILBOX=y +CONFIG_STM32_IPCC=y +CONFIG_STM32_FMC2_EBI=y +CONFIG_SUPPORT_EMMC_BOOT=y +CONFIG_STM32_SDMMC2=y +CONFIG_MTD=y +CONFIG_DM_MTD=y +CONFIG_SYS_MTDPARTS_RUNTIME=y +CONFIG_MTD_RAW_NAND=y +CONFIG_NAND_STM32_FMC2=y +CONFIG_MTD_SPI_NAND=y +CONFIG_DM_SPI_FLASH=y +CONFIG_SPI_FLASH_MACRONIX=y +CONFIG_SPI_FLASH_SPANSION=y +CONFIG_SPI_FLASH_STMICRO=y +CONFIG_SPI_FLASH_WINBOND=y +# CONFIG_SPI_FLASH_USE_4K_SECTORS is not set +CONFIG_SPI_FLASH_MTD=y +CONFIG_PHY_REALTEK=y +CONFIG_DM_ETH=y +CONFIG_DWC_ETH_QOS=y +CONFIG_PHY=y +CONFIG_PHY_STM32_USBPHYC=y +CONFIG_PINCONF=y +CONFIG_PINCTRL_STMFX=y +CONFIG_DM_PMIC=y +CONFIG_PMIC_STPMIC1=y +CONFIG_DM_REGULATOR=y +CONFIG_DM_REGULATOR_FIXED=y +CONFIG_DM_REGULATOR_GPIO=y +CONFIG_DM_REGULATOR_STM32_VREFBUF=y +CONFIG_DM_REGULATOR_STPMIC1=y +CONFIG_REMOTEPROC_STM32_COPRO=y +CONFIG_RESET_SCMI=y +CONFIG_DM_RNG=y +CONFIG_RNG_STM32MP1=y +CONFIG_DM_RTC=y +CONFIG_RTC_STM32=y +CONFIG_SERIAL_RX_BUFFER=y +CONFIG_SPI=y +CONFIG_DM_SPI=y +CONFIG_STM32_QSPI=y +CONFIG_STM32_SPI=y +CONFIG_TEE=y +CONFIG_OPTEE=y +# CONFIG_OPTEE_TA_AVB is not set +CONFIG_USB=y +CONFIG_DM_USB=y +CONFIG_DM_USB_GADGET=y +CONFIG_USB_EHCI_HCD=y +CONFIG_USB_EHCI_GENERIC=y +CONFIG_USB_GADGET=y +CONFIG_USB_GADGET_MANUFACTURER="STMicroelectronics" +CONFIG_USB_GADGET_VENDOR_NUM=0x0483 +CONFIG_USB_GADGET_PRODUCT_NUM=0x5720 +CONFIG_USB_GADGET_DWC2_OTG=y +CONFIG_DM_VIDEO=y +CONFIG_BACKLIGHT_GPIO=y +CONFIG_VIDEO_LCD_ORISETECH_OTM8009A=y +CONFIG_VIDEO_LCD_RAYDIUM_RM68200=y +CONFIG_VIDEO_STM32=y +CONFIG_VIDEO_STM32_DSI=y +CONFIG_VIDEO_STM32_MAX_XRES=1280 +CONFIG_VIDEO_STM32_MAX_YRES=800 +CONFIG_VIDEO_BMP_RLE8=y +CONFIG_BMP_16BPP=y +CONFIG_BMP_24BPP=y +CONFIG_BMP_32BPP=y +CONFIG_WDT=y +CONFIG_WDT_STM32MP=y +CONFIG_ERRNO_STR=y +CONFIG_FDT_FIXUP_PARTITIONS=y +# CONFIG_LMB_USE_MAX_REGIONS is not set +CONFIG_LMB_MEMORY_REGIONS=2 +CONFIG_LMB_RESERVED_REGIONS=16 diff --git a/configs/stm32mp15_dhcom_basic_defconfig b/configs/stm32mp15_dhcom_basic_defconfig index be92226..c2227c0 100644 --- a/configs/stm32mp15_dhcom_basic_defconfig +++ b/configs/stm32mp15_dhcom_basic_defconfig @@ -4,6 +4,7 @@ CONFIG_SYS_MALLOC_F_LEN=0x3000 CONFIG_SYS_MEMTEST_START=0xc0000000 CONFIG_SYS_MEMTEST_END=0xc4000000 CONFIG_ENV_SIZE=0x4000 +CONFIG_ENV_SECT_SIZE=0x1000 CONFIG_SPL_DM_SPI=y CONFIG_DEFAULT_DEVICE_TREE="stm32mp15xx-dhcom-pdk2" CONFIG_SPL_TEXT_BASE=0x2FFC2500 @@ -102,7 +103,6 @@ CONFIG_SPI_FLASH_MACRONIX=y CONFIG_SPI_FLASH_SPANSION=y CONFIG_SPI_FLASH_STMICRO=y CONFIG_SPI_FLASH_WINBOND=y -# CONFIG_SPI_FLASH_USE_4K_SECTORS is not set CONFIG_SPI_FLASH_MTD=y CONFIG_DM_ETH=y CONFIG_DWC_ETH_QOS=y diff --git a/configs/stm32mp15_dhcor_basic_defconfig b/configs/stm32mp15_dhcor_basic_defconfig index ecc0ae0..11750cb 100644 --- a/configs/stm32mp15_dhcor_basic_defconfig +++ b/configs/stm32mp15_dhcor_basic_defconfig @@ -2,6 +2,7 @@ CONFIG_ARM=y CONFIG_ARCH_STM32MP=y CONFIG_SYS_MALLOC_F_LEN=0x3000 CONFIG_ENV_SIZE=0x4000 +CONFIG_ENV_SECT_SIZE=0x1000 CONFIG_SPL_DM_SPI=y CONFIG_DEFAULT_DEVICE_TREE="stm32mp15xx-dhcor-avenger96" CONFIG_SPL_TEXT_BASE=0x2FFC2500 @@ -97,7 +98,6 @@ CONFIG_SPI_FLASH_MACRONIX=y CONFIG_SPI_FLASH_SPANSION=y CONFIG_SPI_FLASH_STMICRO=y CONFIG_SPI_FLASH_WINBOND=y -# CONFIG_SPI_FLASH_USE_4K_SECTORS is not set CONFIG_SPI_FLASH_MTD=y CONFIG_DM_ETH=y CONFIG_DWC_ETH_QOS=y diff --git a/configs/stm32mp15_trusted_defconfig b/configs/stm32mp15_trusted_defconfig index 1671cb2..2e2f0c7 100644 --- a/configs/stm32mp15_trusted_defconfig +++ b/configs/stm32mp15_trusted_defconfig @@ -7,6 +7,7 @@ CONFIG_SYS_MEMTEST_END=0xc4000000 CONFIG_ENV_OFFSET=0x280000 CONFIG_ENV_SECT_SIZE=0x40000 CONFIG_DEFAULT_DEVICE_TREE="stm32mp157c-ev1" +CONFIG_STM32MP15x_STM32IMAGE=y CONFIG_TARGET_ST_STM32MP15x=y CONFIG_CMD_STM32KEY=y CONFIG_CMD_STM32PROG=y diff --git a/doc/board/st/stm32mp1.rst b/doc/board/st/stm32mp1.rst index f0c2b09..42bb941 100644 --- a/doc/board/st/stm32mp1.rst +++ b/doc/board/st/stm32mp1.rst @@ -6,6 +6,8 @@ STM32MP15x boards This is a quick instruction for setup STM32MP15x boards. +Futher information can be found in STMicrolectronics STM32 WIKI_. + Supported devices ----------------- @@ -60,7 +62,7 @@ Currently the following boards are supported: Boot Sequences -------------- -3 boot configurations are supported with: +2 boot configurations are supported with: +----------+------------------------+-------------------------+--------------+ | **ROM** | **FSBL** | **SSBL** | **OS** | @@ -70,32 +72,37 @@ Boot Sequences | | embedded RAM | DDR | +----------+------------------------+-------------------------+--------------+ -The **Trusted** boot chain -`````````````````````````` - -defconfig_file : stm32mp15_trusted_defconfig +The **Trusted** boot chain with TF-A_ +````````````````````````````````````` - +-------------+-------------------------+------------+-------+ - | ROM code | FSBL | SSBL | OS | - + +-------------------------+------------+-------+ - | |Trusted Firmware-A (TF-A)| U-Boot | Linux | - +-------------+-------------------------+------------+-------+ - | TrustZone |secure monitor | - +-------------+-------------------------+------------+-------+ +defconfig_file : + + **stm32mp15_defconfig** (for TF-A_ with FIP support) + + **stm32mp15_trusted_defconfig** (for TF-A_ without FIP support) -TF-A performs a full initialization of Secure peripherals and installs a -secure monitor, BL32: + +-------------+--------------------------+------------+-------+ + | ROM code | FSBL | SSBL | OS | + + +--------------------------+------------+-------+ + | |Trusted Firmware-A (TF-A_)| U-Boot | Linux | + +-------------+--------------------------+------------+-------+ + | TrustZone |secure monitor = SPMin or OP-TEE_ | + +-------------+--------------------------+------------+-------+ - * SPMin provided by TF-A or - * OP-TEE from specific partitions (teeh, teed, teex). +TF-A_ and OP-TEE_ are 2 separate projects, with their git repository; +they are compiled separately. -U-Boot is running in normal world and uses the secure monitor to access -to secure resources. +TF-A_ (BL2) initialize the DDR and loads the next stage binaries from a FIP file: + + BL32: a secure monitor BL32 = SPMin provided by TF-A_ or OP-TEE_ : + performs a full initialization of Secure peripherals and provides service + to normal world + + BL33: a non-trusted firmware = U-Boot, running in normal world and uses + the secure monitor to access to secure resources. + + HW_CONFIG: The hardware configuration file = the U-Boot device tree -The **Basic** boot chain -```````````````````````` +The **Basic** boot chain with SPL +````````````````````````````````` -defconfig_file : stm32mp15_basic_defconfig +defconfig_file : + + **stm32mp15_basic_defconfig** +-------------+------------+------------+-------+ | ROM code | FSBL | SSBL | OS | @@ -105,7 +112,7 @@ defconfig_file : stm32mp15_basic_defconfig | TrustZone | | PSCI from U-Boot | +-------------+------------+------------+-------+ -SPL has limited security initialization +SPL has limited security initialization. U-Boot is running in secure mode and provide a secure monitor to the kernel with only PSCI support (Power State Coordination Interface defined by ARM). @@ -163,12 +170,13 @@ Build Procedure for example: use one output directory for each configuration:: + # export KBUILD_OUTPUT=stm32mp15 # export KBUILD_OUTPUT=stm32mp15_trusted # export KBUILD_OUTPUT=stm32mp15_basic you can build outside of code directory:: - # export KBUILD_OUTPUT=../build/stm32mp15_trusted + # export KBUILD_OUTPUT=../build/stm32mp15 4. Configure U-Boot:: @@ -176,7 +184,8 @@ Build Procedure with <defconfig_file>: - - For **trusted** boot mode : **stm32mp15_trusted_defconfig** + - For **trusted** boot mode : **stm32mp15_defconfig** or + stm32mp15_trusted_defconfig - For basic boot mode: stm32mp15_basic_defconfig 5. Configure the device-tree and build the U-Boot image:: @@ -185,13 +194,13 @@ Build Procedure Examples: - a) trusted boot on ev1:: + a) trusted boot with FIP on ev1:: - # export KBUILD_OUTPUT=stm32mp15_trusted - # make stm32mp15_trusted_defconfig + # export KBUILD_OUTPUT=stm32mp15 + # make stm32mp15_defconfig # make DEVICE_TREE=stm32mp157c-ev1 all - b) trusted with OP-TEE boot on dk2:: + b) trusted boot without FIP on dk2:: # export KBUILD_OUTPUT=stm32mp15_trusted # make stm32mp15_trusted_defconfig @@ -221,24 +230,74 @@ Build Procedure # make stm32mp15_basic_defconfig # make DEVICE_TREE=stm32mp15xx-dhcor-avenger96 all -6. Output files - - BootRom and TF-A expect binaries with STM32 image header - SPL expects file with U-Boot uImage header +6. U-Boot Output files So in the output directory (selected by KBUILD_OUTPUT), - you can found the needed files: + you can found the needed U-Boot files: + + - stm32mp15_defconfig = **u-boot-nodtb.bin** and **u-boot.dtb** + + - stm32mp15_trusted_defconfig = u-boot.stm32 + + - stm32mp15_basic_defconfig + + - FSBL = spl/u-boot-spl.stm32 + + - SSBL = u-boot.img (without CONFIG_SPL_LOAD_FIT) or + u-boot.itb (with CONFIG_SPL_LOAD_FIT=y) + +7. TF-A_ compilation + + This step is required only for **Trusted** boot (stm32mp15_defconfig and + stm32mp15_trusted_defconfig); see OP-TEE_ and TF-A_ documentation for build + commands. + + - For TF-A_ with FIP support: **stm32mp15_defconfig** + + - with OP-TEE_ support, compile the OP-TEE to generate the binary included + in FIP + + - after TF-A compilation, the used files are: + + - TF-A_ BL2 => FSBL = **tf-a.stm32** + + - FIP => **fip.bin** + + FIP file includes the 2 files given in arguments of TF-A_ compilation: - - For **Trusted** boot (with or without OP-TEE) + - BL33=u-boot-nodtb.bin + - BL33_CFG=u-boot.dtb - - FSBL = **tf-a.stm32** (provided by TF-A compilation) - - SSBL = **u-boot.stm32** + You can also update a existing FIP after U-boot compilation with fiptool, + a tool provided by TF-A_:: - - For Basic boot + # fiptool update --nt-fw u-boot-nodtb.bin --hw-config u-boot.dtb fip-stm32mp157c-ev1.bin + + - For TF-A_ without FIP support : **stm32mp15_trusted_defconfig** + SPMin is used and the used files are: + + - FSBL = **tf-a.stm32** (provided by TF-A_ compilation, contening BL2 and + BL32 = SPMin) + + - SSBL = **u-boot.stm32** used instead of fip.bin in next chapters + +8. The bootloaders files + ++ The **ROM code** expects FSBL binaries with STM32 image header = + tf-a.stm32 or u-boot-spl.stm32 + +According the FSBL / the boot mode: + ++ **TF-A** expect a FIP binary = fip.bin, including the OS monitor (SPMin or + OP-TEE_) and the U-Boot binary + device tree + + or, without FIP support, binaries with STM32 image header: U-Boot + = u-boot.stm32 and eventually OP-TEE files (tee-header.stm32, tee-pageable.stm32, + tee-pager.stm32) + ++ **SPL** expects SSBL = U-Boot with uImage header = u-boot.img + or FIT = u-boot.itb. - - FSBL = spl/u-boot-spl.stm32 - - SSBL = u-boot.img (without CONFIG_SPL_LOAD_FIT) or - u-boot.itb (with CONFIG_SPL_LOAD_FIT=y) Switch Setting for Boot Mode ---------------------------- @@ -299,51 +358,96 @@ Prepare an SD card The minimal requirements for STMP32MP15x boot up to U-Boot are: - GPT partitioning (with gdisk or with sgdisk) -- 2 fsbl partitions, named fsbl1 and fsbl2, size at least 256KiB -- one ssbl partition for U-Boot +- 2 fsbl partitions, named "fsbl1" and "fsbl2", size at least 256KiB +- one partition named "fip" for FIP or U-Boot (TF-A_ search the "fip" + partition and SPL search the 3th partition, because + CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_PARTITION=3) + +The 2 fsbl partitions have the same content and are present to guarantee a +fail-safe update of FSBL; fsbl2 can be omitted if this ROM code feature is +not required. + +Without FIP support in TF-A_, the 3rd partition "fip" for u-boot.stm32 must +be named "ssbl". Then the minimal GPT partition is: - +-------+--------+---------+-------------+ - | *Num* | *Name* | *Size* | *Content* | - +=======+========+=========+=============+ - | 1 | fsbl1 | 256 KiB | TF-A or SPL | - +-------+--------+---------+-------------+ - | 2 | fsbl2 | 256 KiB | TF-A or SPL | - +-------+--------+---------+-------------+ - | 3 | ssbl | enought | U-Boot | - +-------+--------+---------+-------------+ - | 4 | <any> | <any> | Rootfs | - +-------+--------+---------+-------------+ - -Add a 4th partition (Rootfs) marked bootable with a file extlinux.conf +For TF-A_ with FIP support: + + +-------+--------+---------+------------------------+ + | *Num* | *Name* | *Size* | *Content* | + +=======+========+=========+========================+ + | 1 | fsbl1 | 256 KiB | TF-A_ BL2 (tf-a.stm32) | + +-------+--------+---------+------------------------+ + | 2 | fsbl2 | 256 KiB | TF-A_ BL2 (tf-a.stm32) | + +-------+--------+---------+------------------------+ + | 3 | fip | 4MB | fip.bin | + +-------+--------+---------+------------------------+ + | 4 | <any> | <any> | Rootfs | + +-------+--------+---------+------------------------+ + +or: + + +-------+--------+---------+------------------------+------------------------+ + | *Num* | *Name* | *Size* | *Trusted boot content* | *Basic boot content* | + +=======+========+=========+========================+========================+ + | 1 | fsbl1 | 256 KiB | TF-A_ BL2 (tf-a.stm32) | SPL (u-boot-spl.stm32) | + +-------+--------+---------+------------------------+------------------------+ + | 2 | fsbl2 | 256 KiB | TF-A_ BL2 (tf-a.stm32) | SPL (u-boot-spl.stm32) | + +-------+--------+---------+------------------------+------------------------+ + | 3 | ssbl | 2MB | U-Boot (u-boot.stm32) | U-Boot (u-boot.img) | + +-------+--------+---------+------------------------+------------------------+ + | 4 | <any> | <any> | Rootfs | + +-------+--------+---------+------------------------+------------------------+ + +And the 4th partition (Rootfs) is marked bootable with a file extlinux.conf following the Generic Distribution feature (doc/README.distro for use). -According the used card reader select the correct block device -(for example /dev/sdx or /dev/mmcblk0). +The size of fip or ssbl partition must be enough for the associated binary file, +4MB and 2MB are default values. -In the next example, it is /dev/mmcblk0 +According the used card reader select the correct block device +(for example /dev/sdx or /dev/mmcblk0), in the next example, it is /dev/mmcblk0 -For example: with gpt table with 128 entries +For example: a) remove previous formatting:: # sgdisk -o /dev/<SD card dev> -b) create minimal image:: +b) create minimal image for FIP + + For FIP support in TF-A_:: # sgdisk --resize-table=128 -a 1 \ -n 1:34:545 -c 1:fsbl1 \ -n 2:546:1057 -c 2:fsbl2 \ - -n 3:1058:5153 -c 3:ssbl \ - -n 4:5154: -c 4:rootfs \ + -n 3:1058:9249 -c 3:fip \ + -n 4:9250: -c 4:rootfs -A 4:set:2 \ -p /dev/<SD card dev> - With other partition for kernel one partition rootfs for kernel. + With gpt table with 128 entries an the partition 4 marked bootable (bit 2). + + For basic boot mode or without FIP support in TF-A_:: + + # sgdisk --resize-table=128 -a 1 \ + -n 1:34:545 -c 1:fsbl1 \ + -n 2:546:1057 -c 2:fsbl2 \ + -n 3:1058:5153 -c 3:ssbl \ + -n 4:5154: -c 4:rootfs -A 4:set:2 \ + -p /dev/<SD card dev> c) copy the FSBL (2 times) and SSBL file on the correct partition. in this example in partition 1 to 3 + for trusted boot: :: + + # dd if=tf-a.stm32 of=/dev/mmcblk0p1 + # dd if=tf-a.stm32 of=/dev/mmcblk0p2 + # dd if=fip.bin of=/dev/mmcblk0p3 + OR + dd if=u-boot.stm32 of=/dev/mmcblk0p3 # Without FIT support + for basic boot mode : <SD card dev> = /dev/mmcblk0:: # dd if=u-boot-spl.stm32 of=/dev/mmcblk0p1 @@ -352,12 +456,6 @@ c) copy the FSBL (2 times) and SSBL file on the correct partition. OR dd if=u-boot.itb of=/dev/mmcblk0p3 # With CONFIG_SPL_LOAD_FIT=y - for trusted boot mode: :: - - # dd if=tf-a.stm32 of=/dev/mmcblk0p1 - # dd if=tf-a.stm32 of=/dev/mmcblk0p2 - # dd if=u-boot.stm32 of=/dev/mmcblk0p3 - To boot from SD card, select BootPinMode = 1 0 1 and reset. Prepare eMMC @@ -366,34 +464,41 @@ Prepare eMMC You can use U-Boot to copy binary in eMMC. In the next example, you need to boot from SD card and the images -(u-boot-spl.stm32, u-boot.img for systems without CONFIG_SPL_LOAD_FIT -or u-boot.itb for systems with CONFIG_SPL_LOAD_FIT=y) are presents on -SD card (mmc 0) in ext4 partition 4 (bootfs). +(tf-a.stm32, fip.bin / u-boot-spl.stm32, u-boot.img for systems without +CONFIG_SPL_LOAD_FIT or u-boot.itb for systems with CONFIG_SPL_LOAD_FIT=y) are +presents on SD card (mmc 0) in ext4 partition 4 (bootfs) To boot from SD card, select BootPinMode = 1 0 1 and reset. Then you update the eMMC with the next U-Boot command : a) prepare GPT on eMMC, - example with 2 partitions, bootfs and roots:: + example with 3 partitions, fip, bootfs and roots:: - # setenv emmc_part "name=ssbl,size=2MiB;name=bootfs,type=linux,bootable,size=64MiB;name=rootfs,type=linux,size=512" + # setenv emmc_part "name=fip,size=4MiB;name=bootfs,type=linux,bootable,size=64MiB;name=rootfs,type=linux,size=512" # gpt write mmc 1 ${emmc_part} -b) copy SPL on eMMC on firts boot partition +b) copy FSBL, TF-A_ or SPL, on first eMMC boot partition (SPL max size is 256kB, with LBA 512, 0x200):: + # ext4load mmc 0:4 0xC0000000 tf-a.stm32 + or # ext4load mmc 0:4 0xC0000000 u-boot-spl.stm32 + # mmc dev 1 # mmc partconf 1 1 1 1 # mmc write ${fileaddr} 0 200 # mmc partconf 1 1 1 0 -c) copy U-Boot in first GPT partition of eMMC:: +c) copy SSBL, FIP or U-Boot binary, in first GPT partition of eMMC:: + # ext4load mmc 0:4 0xC0000000 fip.bin + or # ext4load mmc 0:4 0xC0000000 u-boot.img # Without CONFIG_SPL_LOAD_FIT - OR - ext4load mmc 0:4 0xC0000000 u-boot.itb # With CONFIG_SPL_LOAD_FIT=y + or + # ext4load mmc 0:4 0xC0000000 u-boot.itb # With CONFIG_SPL_LOAD_FIT=y + + # mmc dev 1 # part start mmc 1 1 partstart # mmc write ${fileaddr} ${partstart} ${filesize} @@ -495,7 +600,8 @@ b) Automatically by using FIT feature and generic DISTRO bootcmd see examples in the board stm32mp1 directory: fit_copro_kernel_dtb.its - Generate FIT including kernel + device tree + M4 firmware with cfg with M4 boot:: + Generate FIT including kernel + device tree + M4 firmware with cfg with M4 + boot:: $> mkimage -f fit_copro_kernel_dtb.its fit_copro_kernel_dtb.itb @@ -517,7 +623,7 @@ The dfu mode is started by the command:: STM32MP> dfu 0 -On EV1 board, booting from SD card, without OP-TEE:: +On EV1 board, booting from SD card, without OP-TEE_:: STM32MP> dfu 0 list DFU alt settings list: @@ -526,14 +632,14 @@ On EV1 board, booting from SD card, without OP-TEE:: dev: RAM alt: 2 name: uramdisk.image.gz layout: RAM_ADDR dev: eMMC alt: 3 name: mmc0_fsbl1 layout: RAW_ADDR dev: eMMC alt: 4 name: mmc0_fsbl2 layout: RAW_ADDR - dev: eMMC alt: 5 name: mmc0_ssbl layout: RAW_ADDR + dev: eMMC alt: 5 name: mmc0_fip layout: RAW_ADDR dev: eMMC alt: 6 name: mmc0_bootfs layout: RAW_ADDR dev: eMMC alt: 7 name: mmc0_vendorfs layout: RAW_ADDR dev: eMMC alt: 8 name: mmc0_rootfs layout: RAW_ADDR dev: eMMC alt: 9 name: mmc0_userfs layout: RAW_ADDR dev: eMMC alt: 10 name: mmc1_boot1 layout: RAW_ADDR dev: eMMC alt: 11 name: mmc1_boot2 layout: RAW_ADDR - dev: eMMC alt: 12 name: mmc1_ssbl layout: RAW_ADDR + dev: eMMC alt: 12 name: mmc1_fip layout: RAW_ADDR dev: eMMC alt: 13 name: mmc1_bootfs layout: RAW_ADDR dev: eMMC alt: 14 name: mmc1_vendorfs layout: RAW_ADDR dev: eMMC alt: 15 name: mmc1_rootfs layout: RAW_ADDR @@ -554,14 +660,14 @@ All the supported device are exported for dfu-util tool:: Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=15, name="mmc1_rootfs", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=14, name="mmc1_vendorfs", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=13, name="mmc1_bootfs", serial="002700333338511934383330" - Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=12, name="mmc1_ssbl", serial="002700333338511934383330" + Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=12, name="mmc1_fip", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=11, name="mmc1_boot2", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=10, name="mmc1_boot1", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=9, name="mmc0_userfs", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=8, name="mmc0_rootfs", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=7, name="mmc0_vendorfs", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=6, name="mmc0_bootfs", serial="002700333338511934383330" - Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=5, name="mmc0_ssbl", serial="002700333338511934383330" + Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=5, name="mmc0_fip", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=4, name="mmc0_fsbl2", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=3, name="mmc0_fsbl1", serial="002700333338511934383330" Found DFU: [0483:df11] ver=9999, devnum=99, cfg=1, intf=0, alt=2, name="uramdisk.image.gz", serial="002700333338511934383330" @@ -572,9 +678,9 @@ You can update the boot device: - SD card (mmc0) :: - $> dfu-util -d 0483:5720 -a 3 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 4 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 5 -D u-boot-stm32mp157c-ev1-trusted.img + $> dfu-util -d 0483:5720 -a 3 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 4 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 5 -D fip-stm32mp157c-ev1.bin $> dfu-util -d 0483:5720 -a 6 -D st-image-bootfs-openstlinux-weston-stm32mp1.ext4 $> dfu-util -d 0483:5720 -a 7 -D st-image-vendorfs-openstlinux-weston-stm32mp1.ext4 $> dfu-util -d 0483:5720 -a 8 -D st-image-weston-openstlinux-weston-stm32mp1.ext4 @@ -582,9 +688,9 @@ You can update the boot device: - EMMC (mmc1):: - $> dfu-util -d 0483:5720 -a 10 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 11 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 12 -D u-boot-stm32mp157c-ev1-trusted.img + $> dfu-util -d 0483:5720 -a 10 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 11 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 12 -D fip-stm32mp157c-ev1.bin $> dfu-util -d 0483:5720 -a 13 -D st-image-bootfs-openstlinux-weston-stm32mp1.ext4 $> dfu-util -d 0483:5720 -a 14 -D st-image-vendorfs-openstlinux-weston-stm32mp1.ext4 $> dfu-util -d 0483:5720 -a 15 -D st-image-weston-openstlinux-weston-stm32mp1.ext4 @@ -601,14 +707,44 @@ only the MTD partition on the boot devices are available, for example: - NOR (nor0 = alt 20) & NAND (nand0 = alt 26) :: - $> dfu-util -d 0483:5720 -a 21 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 23 -D u-boot-stm32mp157c-ev1-trusted.img + $> dfu-util -d 0483:5720 -a 21 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 23 -D fip-stm32mp157c-ev1.bin $> dfu-util -d 0483:5720 -a 27 -D st-image-weston-openstlinux-weston-stm32mp1_nand_4_256_multivolume.ubi - NAND (nand0 = alt 21):: - $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1-trusted.stm32 - $> dfu-util -d 0483:5720 -a 23 -D u-boot-stm32mp157c-ev1-trusted.img - $> dfu-util -d 0483:5720 -a 24 -D u-boot-stm32mp157c-ev1-trusted.img + $> dfu-util -d 0483:5720 -a 22 -D tf-a-stm32mp157c-ev1.stm32 + $> dfu-util -d 0483:5720 -a 23 -D fip-stm32mp157c-ev1.bin + $> dfu-util -d 0483:5720 -a 24 -D fip-stm32mp157c-ev1.bin $> dfu-util -d 0483:5720 -a 25 -D st-image-weston-openstlinux-weston-stm32mp1_nand_4_256_multivolume.ubi + +References +---------- + +.. _WIKI: + +STM32 Arm® Cortex®-based MPUs user guide + + + https://wiki.st.com/ + + https://wiki.st.com/stm32mpu/wiki/Main_Page + +.. _TF-A: + +TF-A = The Trusted Firmware-A project provides a reference implementation of +secure world software for Armv7-A and Armv8-A class processors + + + https://www.trustedfirmware.org/projects/tf-a/ + + https://trustedfirmware-a.readthedocs.io/en/latest/ + + https://trustedfirmware-a.readthedocs.io/en/latest/plat/stm32mp1.html + + https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/ + +.. _OP-TEE: + +OP-TEE = an open source Trusted Execution Environment (TEE) implementing the +Arm TrustZone technology + + + https://www.op-tee.org/ + + https://optee.readthedocs.io/en/latest/ + + https://optee.readthedocs.io/en/latest/building/devices/stm32mp1.html + + https://github.com/OP-TEE/optee_os
\ No newline at end of file diff --git a/drivers/clk/clk_stm32mp1.c b/drivers/clk/clk_stm32mp1.c index da95b1a..114192b 100644 --- a/drivers/clk/clk_stm32mp1.c +++ b/drivers/clk/clk_stm32mp1.c @@ -560,6 +560,7 @@ static const struct stm32mp1_clk_gate stm32mp1_clk_gate[] = { STM32MP1_CLK_SET_CLR(RCC_MP_APB5ENSETR, 2, I2C4_K, _I2C46_SEL), STM32MP1_CLK_SET_CLR(RCC_MP_APB5ENSETR, 3, I2C6_K, _I2C46_SEL), STM32MP1_CLK_SET_CLR(RCC_MP_APB5ENSETR, 8, RTCAPB, _PCLK5), + STM32MP1_CLK_SET_CLR(RCC_MP_APB5ENSETR, 16, BSEC, _UNKNOWN_SEL), STM32MP1_CLK_SET_CLR(RCC_MP_APB5ENSETR, 20, STGEN_K, _STGEN_SEL), STM32MP1_CLK_SET_CLR_F(RCC_MP_AHB2ENSETR, 5, ADC12, _HCLK2), diff --git a/include/crypto/ecdsa-uclass.h b/include/crypto/ecdsa-uclass.h new file mode 100644 index 0000000..1898438 --- /dev/null +++ b/include/crypto/ecdsa-uclass.h @@ -0,0 +1,39 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2020, Alexandru Gagniuc <mr.nuke.me@gmail.com> + */ + +#include <dm/device.h> + +/** + * struct ecdsa_public_key - ECDSA public key properties + * + * The struct has pointers to the (x, y) curve coordinates to an ECDSA public + * key, as well as the name of the ECDSA curve. The size of the key is inferred + * from the 'curve_name' + */ +struct ecdsa_public_key { + const char *curve_name; /* Name of curve, e.g. "prime256v1" */ + const void *x; /* x coordinate of public key */ + const void *y; /* y coordinate of public key */ + unsigned int size_bits; /* key size in bits, derived from curve name */ +}; + +struct ecdsa_ops { + /** + * Verify signature of hash against given public key + * + * @dev: ECDSA Device + * @pubkey: ECDSA public key + * @hash: Hash of binary image + * @hash_len: Length of hash in bytes + * @signature: Signature in a raw (R, S) point pair + * @sig_len: Length of signature in bytes + * + * This function verifies that the 'signature' of the given 'hash' was + * signed by the private key corresponding to 'pubkey'. + */ + int (*verify)(struct udevice *dev, const struct ecdsa_public_key *pubkey, + const void *hash, size_t hash_len, + const void *signature, size_t sig_len); +}; diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index 9d47453..e7edd40 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -47,6 +47,7 @@ enum uclass_id { UCLASS_DSI_HOST, /* Display Serial Interface host */ UCLASS_DMA, /* Direct Memory Access */ UCLASS_DSA, /* Distributed (Ethernet) Switch Architecture */ + UCLASS_ECDSA, /* Elliptic curve cryptographic device */ UCLASS_EFI, /* EFI managed devices */ UCLASS_ETH, /* Ethernet device */ UCLASS_ETH_PHY, /* Ethernet PHY device */ diff --git a/lib/Kconfig b/lib/Kconfig index 7b445d0..c535147 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -303,6 +303,7 @@ config AES supported by the algorithm but only a 128-bit key is supported at present. +source lib/ecdsa/Kconfig source lib/rsa/Kconfig source lib/crypto/Kconfig source lib/crypt/Kconfig diff --git a/lib/Makefile b/lib/Makefile index 07c2ccd..8ba745f 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -60,6 +60,7 @@ endif obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ obj-$(CONFIG_$(SPL_)MD5) += md5.o +obj-$(CONFIG_ECDSA) += ecdsa/ obj-$(CONFIG_$(SPL_)RSA) += rsa/ obj-$(CONFIG_HASH) += hash-checksum.o obj-$(CONFIG_SHA1) += sha1.o diff --git a/lib/ecdsa/Kconfig b/lib/ecdsa/Kconfig new file mode 100644 index 0000000..a95c4ff --- /dev/null +++ b/lib/ecdsa/Kconfig @@ -0,0 +1,23 @@ +config ECDSA + bool "Enable ECDSA support" + depends on DM + help + This enables the ECDSA (elliptic curve signature) algorithm for FIT + image verification in U-Boot. The ECDSA algorithm is implemented + using the driver model, so CONFIG_DM is required by this library. + See doc/uImage.FIT/signature.txt for more details. + ECDSA is enabled for mkimage regardless of this option. + +if ECDSA + +config ECDSA_VERIFY + bool "Enable ECDSA verification support in U-Boot." + help + Allow ECDSA signatures to be recognized and verified in U-Boot. + +config SPL_ECDSA_VERIFY + bool "Enable ECDSA verification support in SPL" + help + Allow ECDSA signatures to be recognized and verified in SPL. + +endif diff --git a/lib/ecdsa/Makefile b/lib/ecdsa/Makefile new file mode 100644 index 0000000..771d6d3 --- /dev/null +++ b/lib/ecdsa/Makefile @@ -0,0 +1 @@ +obj-$(CONFIG_$(SPL_)ECDSA_VERIFY) += ecdsa-verify.o diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c new file mode 100644 index 0000000..0601700 --- /dev/null +++ b/lib/ecdsa/ecdsa-verify.c @@ -0,0 +1,134 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * ECDSA signature verification for u-boot + * + * This implements the firmware-side wrapper for ECDSA verification. It bridges + * the struct crypto_algo API to the ECDSA uclass implementations. + * + * Copyright (c) 2020, Alexandru Gagniuc <mr.nuke.me@gmail.com> + */ + +#include <crypto/ecdsa-uclass.h> +#include <dm/uclass.h> +#include <u-boot/ecdsa.h> + +/* + * Derive size of an ECDSA key from the curve name + * + * While it's possible to extract the key size by using string manipulation, + * use a list of known curves for the time being. + */ +static int ecdsa_key_size(const char *curve_name) +{ + if (!strcmp(curve_name, "prime256v1")) + return 256; + else + return 0; +} + +static int fdt_get_key(struct ecdsa_public_key *key, const void *fdt, int node) +{ + int x_len, y_len; + + key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL); + key->size_bits = ecdsa_key_size(key->curve_name); + if (key->size_bits == 0) { + debug("Unknown ECDSA curve '%s'", key->curve_name); + return -EINVAL; + } + + key->x = fdt_getprop(fdt, node, "ecdsa,x-point", &x_len); + key->y = fdt_getprop(fdt, node, "ecdsa,y-point", &y_len); + + if (!key->x || !key->y) + return -EINVAL; + + if (x_len != (key->size_bits / 8) || y_len != (key->size_bits / 8)) { + printf("%s: node=%d, curve@%p x@%p+%i y@%p+%i\n", __func__, + node, key->curve_name, key->x, x_len, key->y, y_len); + return -EINVAL; + } + + return 0; +} + +static int ecdsa_verify_hash(struct udevice *dev, + const struct image_sign_info *info, + const void *hash, const void *sig, uint sig_len) +{ + const struct ecdsa_ops *ops = device_get_ops(dev); + const struct checksum_algo *algo = info->checksum; + struct ecdsa_public_key key; + int sig_node, key_node, ret; + + if (!ops || !ops->verify) + return -ENODEV; + + if (info->required_keynode > 0) { + ret = fdt_get_key(&key, info->fdt_blob, info->required_keynode); + if (ret < 0) + return ret; + + return ops->verify(dev, &key, hash, algo->checksum_len, + sig, sig_len); + } + + sig_node = fdt_subnode_offset(info->fdt_blob, 0, FIT_SIG_NODENAME); + if (sig_node < 0) + return -ENOENT; + + /* Try all possible keys under the "/signature" node */ + fdt_for_each_subnode(key_node, info->fdt_blob, sig_node) { + ret = fdt_get_key(&key, info->fdt_blob, key_node); + if (ret < 0) + continue; + + ret = ops->verify(dev, &key, hash, algo->checksum_len, + sig, sig_len); + + /* On success, don't worry about remaining keys */ + if (!ret) + return 0; + } + + return -EPERM; +} + +int ecdsa_verify(struct image_sign_info *info, + const struct image_region region[], int region_count, + uint8_t *sig, uint sig_len) +{ + const struct checksum_algo *algo = info->checksum; + uint8_t hash[algo->checksum_len]; + struct udevice *dev; + int ret; + + ret = uclass_first_device_err(UCLASS_ECDSA, &dev); + if (ret) { + debug("ECDSA: Could not find ECDSA implementation: %d\n", ret); + return ret; + } + + ret = algo->calculate(algo->name, region, region_count, hash); + if (ret < 0) + return -EINVAL; + + return ecdsa_verify_hash(dev, info, hash, sig, sig_len); +} + +U_BOOT_CRYPTO_ALGO(ecdsa) = { + .name = "ecdsa256", + .key_len = ECDSA256_BYTES, + .verify = ecdsa_verify, +}; + +/* + * uclass definition for ECDSA API + * + * We don't implement any wrappers around ecdsa_ops->verify() because it's + * trivial to call ops->verify(). + */ +UCLASS_DRIVER(ecdsa) = { + .id = UCLASS_ECDSA, + .name = "ecdsa_verifier", +}; diff --git a/test/dm/Makefile b/test/dm/Makefile index d5c42e7..516f69d 100644 --- a/test/dm/Makefile +++ b/test/dm/Makefile @@ -36,6 +36,7 @@ obj-$(CONFIG_DEVRES) += devres.o obj-$(CONFIG_DMA) += dma.o obj-$(CONFIG_VIDEO_MIPI_DSI) += dsi_host.o obj-$(CONFIG_DM_DSA) += dsa.o +obj-$(CONFIG_ECDSA_VERIFY) += ecdsa.o obj-$(CONFIG_DM_ETH) += eth.o ifneq ($(CONFIG_EFI_PARTITION),) obj-$(CONFIG_FASTBOOT_FLASH_MMC) += fastboot.o diff --git a/test/dm/ecdsa.c b/test/dm/ecdsa.c new file mode 100644 index 0000000..da535c9 --- /dev/null +++ b/test/dm/ecdsa.c @@ -0,0 +1,38 @@ +// SPDX-License-Identifier: GPL-2.0-or-later + +#include <crypto/ecdsa-uclass.h> +#include <dm.h> +#include <dm/test.h> +#include <test/ut.h> +#include <u-boot/ecdsa.h> + +/* + * Basic test of the ECDSA uclass and ecdsa_verify() + * + * ECDSA implementations in u-boot are hardware-dependent. Until we have a + * software implementation that can be compiled into the sandbox, all we can + * test is the uclass support. + * + * The uclass_get() test is redundant since ecdsa_verify() would also fail. We + * run both functions in order to isolate the cause more clearly. i.e. is + * ecdsa_verify() failing because the UCLASS is absent/broken? + */ +static int dm_test_ecdsa_verify(struct unit_test_state *uts) +{ + struct uclass *ucp; + + struct checksum_algo algo = { + .checksum_len = 256, + }; + + struct image_sign_info info = { + .checksum = &algo, + }; + + ut_assertok(uclass_get(UCLASS_ECDSA, &ucp)); + ut_assertnonnull(ucp); + ut_asserteq(-ENODEV, ecdsa_verify(&info, NULL, 0, NULL, 0)); + + return 0; +} +DM_TEST(dm_test_ecdsa_verify, UT_TESTF_SCAN_PDATA | UT_TESTF_SCAN_FDT); |