1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
// SPDX-License-Identifier: GPL-2.0
/*
* (C) Copyright 2018 Xilinx, Inc.
* Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
*/
#include <common.h>
#include <malloc.h>
#include <asm/arch/sys_proto.h>
#include <asm/io.h>
static int zynqmp_verify_secure(u8 *key_ptr, u8 *src_ptr, u32 len)
{
int ret;
u32 src_lo, src_hi;
u32 key_lo = 0;
u32 key_hi = 0;
u32 ret_payload[PAYLOAD_ARG_CNT];
u64 addr;
if ((ulong)src_ptr != ALIGN((ulong)src_ptr,
CONFIG_SYS_CACHELINE_SIZE)) {
printf("Failed: source address not aligned:%p\n", src_ptr);
return -EINVAL;
}
src_lo = lower_32_bits((ulong)src_ptr);
src_hi = upper_32_bits((ulong)src_ptr);
flush_dcache_range((ulong)src_ptr, (ulong)(src_ptr + len));
if (key_ptr) {
key_lo = lower_32_bits((ulong)key_ptr);
key_hi = upper_32_bits((ulong)key_ptr);
flush_dcache_range((ulong)key_ptr,
(ulong)(key_ptr + KEY_PTR_LEN));
}
ret = invoke_smc(ZYNQMP_SIP_SVC_PM_SECURE_IMG_LOAD, src_lo, src_hi,
key_lo, key_hi, ret_payload);
if (ret) {
printf("Failed: secure op status:0x%x\n", ret);
} else {
addr = (u64)ret_payload[1] << 32 | ret_payload[2];
printf("Verified image at 0x%llx\n", addr);
env_set_hex("zynqmp_verified_img_addr", addr);
}
return ret;
}
/**
* do_zynqmp - Handle the "zynqmp" command-line command
* @cmdtp: Command data struct pointer
* @flag: Command flag
* @argc: Command-line argument count
* @argv: Array of command-line arguments
*
* Processes the zynqmp specific commands
*
* Return: return 0 on success and CMD_RET_USAGE incase of misuse and error
*/
static int do_zynqmp(cmd_tbl_t *cmdtp, int flag, int argc,
char *const argv[])
{
u64 src_addr;
u32 len;
u8 *key_ptr = NULL;
u8 *src_ptr;
int ret;
if (argc > 5 || argc < 4 || strncmp(argv[1], "secure", 6))
return CMD_RET_USAGE;
src_addr = simple_strtoull(argv[2], NULL, 16);
len = simple_strtoul(argv[3], NULL, 16);
if (argc > 4)
key_ptr = (uint8_t *)(uintptr_t)simple_strtoull(argv[4],
NULL, 16);
src_ptr = (uint8_t *)(uintptr_t)src_addr;
ret = zynqmp_verify_secure(key_ptr, src_ptr, len);
if (ret)
return CMD_RET_FAILURE;
return CMD_RET_SUCCESS;
}
/***************************************************/
#ifdef CONFIG_SYS_LONGHELP
static char zynqmp_help_text[] =
"secure src len [key_addr] - verifies secure images of $len bytes\n"
" long at address $src. Optional key_addr\n"
" can be specified if user key needs to\n"
" be used for decryption\n";
#endif
U_BOOT_CMD(
zynqmp, 5, 1, do_zynqmp,
"Verify and load secure images",
zynqmp_help_text
)
|