arm: omap-common: secure ROM signature verify API

Adds an API that verifies a signature attached to an image (binary blob). This API is basically a entry to a secure ROM service provided by the device and accessed via an SMC call, using a particular calling convention. Signed-off-by: Daniel Allred <d-allred@ti.com> Signed-off-by: Andreas Dannenberg <dannenberg@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
author: Andreas Dannenberg <dannenberg@ti.com> 2016-06-27 09:19:19 -0500
committer: Tom Rini <trini@konsulko.com> 2016-07-14 18:22:19 -0400
commit: 1bb0a21b465427088ad623826fe23066399cb2d9 (patch)
tree: 670d33470c8ed147c27d18e8641962e4d1a180bd /arch/arm/include/asm
parent: d86f7afda4e2c8fc6aad3095959bee9b1f46c48b (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/arch/arm/include/asm/omap_sec_common.h b/arch/arm/include/asm/omap_sec_common.h
index 1f50f83ac5..842f2af8d1 100644
--- a/arch/arm/include/asm/omap_sec_common.h
+++ b/arch/arm/include/asm/omap_sec_common.h
@@ -18,4 +18,13 @@
  */
 u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...);
 
+/*
+ * Invoke a secure ROM API on high-secure (HS) device variants that can be used
+ * to verify a secure blob by authenticating and optionally decrypting it. The
+ * exact operation performed depends on how the certificate that was embedded
+ * into the blob during the signing/encryption step when the secure blob was
+ * first created.
+ */
+int secure_boot_verify_image(void **p_image, size_t *p_size);
+
 #endif /* _OMAP_SEC_COMMON_H_ */
author	Andreas Dannenberg <dannenberg@ti.com>	2016-06-27 09:19:19 -0500
committer	Tom Rini <trini@konsulko.com>	2016-07-14 18:22:19 -0400
commit	1bb0a21b465427088ad623826fe23066399cb2d9 (patch)
tree	670d33470c8ed147c27d18e8641962e4d1a180bd /arch/arm/include/asm
parent	d86f7afda4e2c8fc6aad3095959bee9b1f46c48b (diff)