From 1bb0a21b465427088ad623826fe23066399cb2d9 Mon Sep 17 00:00:00 2001 From: Andreas Dannenberg Date: Mon, 27 Jun 2016 09:19:19 -0500 Subject: arm: omap-common: secure ROM signature verify API Adds an API that verifies a signature attached to an image (binary blob). This API is basically a entry to a secure ROM service provided by the device and accessed via an SMC call, using a particular calling convention. Signed-off-by: Daniel Allred Signed-off-by: Andreas Dannenberg Reviewed-by: Tom Rini --- arch/arm/include/asm/omap_sec_common.h | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'arch/arm/include/asm') diff --git a/arch/arm/include/asm/omap_sec_common.h b/arch/arm/include/asm/omap_sec_common.h index 1f50f83ac5..842f2af8d1 100644 --- a/arch/arm/include/asm/omap_sec_common.h +++ b/arch/arm/include/asm/omap_sec_common.h @@ -18,4 +18,13 @@ */ u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...); +/* + * Invoke a secure ROM API on high-secure (HS) device variants that can be used + * to verify a secure blob by authenticating and optionally decrypting it. The + * exact operation performed depends on how the certificate that was embedded + * into the blob during the signing/encryption step when the secure blob was + * first created. + */ +int secure_boot_verify_image(void **p_image, size_t *p_size); + #endif /* _OMAP_SEC_COMMON_H_ */ -- cgit