From patchwork Mon Apr 27 10:51:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rayagonda Kokatanur X-Patchwork-Id: 1277609 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=quarantine dis=none) header.from=broadcom.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.a=rsa-sha256 header.s=google header.b=MYOR05x2; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 499kXX1Bfqz9sSK for ; Mon, 27 Apr 2020 22:26:20 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2D2D681ED0; Mon, 27 Apr 2020 14:20:23 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=broadcom.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.b="MYOR05x2"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8C61381E1A; Mon, 27 Apr 2020 13:02:37 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x541.google.com (mail-pg1-x541.google.com [IPv6:2607:f8b0:4864:20::541]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 4739D81E0A for ; Mon, 27 Apr 2020 13:02:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=broadcom.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=rayagonda.kokatanur@broadcom.com Received: by mail-pg1-x541.google.com with SMTP id d3so1292226pgj.6 for ; Mon, 27 Apr 2020 04:02:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=RcZF1OVXUfCf8LuY9yrUmsgi7Dl2TPNbB0Q26iO/Fog=; b=MYOR05x2ntmSk4nONlg+5TzHGBQv5fxwSfpSP4esI5GVAM0QknHN4NBjNV6O2x2rId yuvuU8ZtTtIovKNQ34cc/Rbwn6Ql1cW+B2bB3RkbDqqCckYc0Rmtq1vI47ACJWaU9gcz +YifNXc0yY+pni4gHWysDQw4XXbLpTbay4p3k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=RcZF1OVXUfCf8LuY9yrUmsgi7Dl2TPNbB0Q26iO/Fog=; b=YA2PHf3FAityo4fSafad2KnzKxj4yjmlBxHC3v8fcT+QOFmbsj6jwFOWrQz7hMCs9X zm6jzlOzVkrk65xFWjo3dW1qcPQMNvVMosXYuHUIY5bJKSoDHF+Q1lZOgLW+PHC1+DK6 P1ruHujbdpIirvTb8H2Xd23LTXl3iiAIn3lyEO399O613L295Phiu4dmwE9DnH7nLCsV qydyhCPqbZD9NrKBTlO6gITwKxir/ONB0W7BLEMEghz+9LNM8EOGLxkWKZ8EreBfEgq7 tFcoCqjR80lt0B8EPUF65P6lx6g4myOCDqec0tdsYYmMJbuQMazgTsRGMqiLfk8yo0k4 UF+A== X-Gm-Message-State: AGi0PuYsOraIfi9YTrqC6EImnQteaaXM1raopdDDvwOyUN4aVofKIiwh njsvo9uWikUM6a2Wu6oPyvbMn1a2VD7jN+pFp83BMnermCPjz7JVpxIRJyF+dzrMgN4GGs35uDU C5Fl8b/+/hVRqMxI4u66O6XkNNSiK/ehkefDKYtArK7i3ZQcgBTL/RoTdwSVu58st5AovfR8HaM FLR0c7Fdrr X-Google-Smtp-Source: APiQypLaopjSmpyBidq1wB41oMNkIfDtotMgxIn8otXP1gk0J7r8C6+WKOhMWLHt+xDKuD45b0x93Q== X-Received: by 2002:a63:f509:: with SMTP id w9mr4877742pgh.90.1587985352092; Mon, 27 Apr 2020 04:02:32 -0700 (PDT) Received: from rayagonda.dhcp.broadcom.net ([192.19.234.250]) by smtp.gmail.com with ESMTPSA id u3sm11996430pfn.217.2020.04.27.04.02.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Apr 2020 04:02:31 -0700 (PDT) From: Rayagonda Kokatanur To: u-boot@lists.denx.de, Simon Glass , Kever Yang , Michal Simek , Jagan Teki , Marek Vasut , Fabio Estevam , Baruch Siach , Troy Kisky , Josip Kelecic , Priyanka Jain , Biwen Li , Jason Li , Philippe Reynes , Eddie James , Heinrich Schuchardt , Sam Protsenko , Lukasz Majewski , Miquel Raynal , Ramon Fried , Anup Patel , AKASHI Takahiro , Patrice Chotard , Eugeniu Rosca , Joe Hershberger , Simon Goldschmidt , Boris Brezillon , Simon South , Andy Shevchenko , Marek Bykowski , Lokesh Vutla , Patrick Delaunay , Rajesh Ravi , Abhishek Shah , Vladimir Olovyannikov , Bharat Kumar Reddy Gooty , Srinath Mannam , Pramod Kumar , Ray Jui , Vikas Gupta , Trac Hoang , Corneliu Doban , Sheetal Tigadoli Cc: Rayagonda Kokatanur Subject: [PATCH v1 35/49] board: ns3: add optee based bnxt fw load driver Date: Mon, 27 Apr 2020 16:21:53 +0530 Message-Id: <20200427105207.5659-36-rayagonda.kokatanur@broadcom.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200427105207.5659-1-rayagonda.kokatanur@broadcom.com> References: <20200427105207.5659-1-rayagonda.kokatanur@broadcom.com> X-Mailman-Approved-At: Mon, 27 Apr 2020 14:18:25 +0200 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.30rc1 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.2 at phobos.denx.de X-Virus-Status: Clean From: Vikas Gupta Add optee based bnxt fw load driver. Signed-off-by: Vikas Gupta Signed-off-by: Rayagonda Kokatanur --- board/broadcom/bcmns3/Kconfig | 5 + board/broadcom/bcmns3/Makefile | 1 + board/broadcom/bcmns3/chimp_optee.c | 154 ++++++++++++++++++++++++++++ include/brcm/chimp.h | 40 ++++++++ 4 files changed, 200 insertions(+) create mode 100644 board/broadcom/bcmns3/chimp_optee.c create mode 100644 include/brcm/chimp.h diff --git a/board/broadcom/bcmns3/Kconfig b/board/broadcom/bcmns3/Kconfig index 8ce21f980d..84daad9415 100644 --- a/board/broadcom/bcmns3/Kconfig +++ b/board/broadcom/bcmns3/Kconfig @@ -12,4 +12,9 @@ config SYS_SOC config SYS_CONFIG_NAME default "bcm_ns3" +config CHIMP_OPTEE + bool "Enable secure ChiMP firmware loading" + depends on OPTEE + default y + endif diff --git a/board/broadcom/bcmns3/Makefile b/board/broadcom/bcmns3/Makefile index 3404260148..08e1d7203b 100644 --- a/board/broadcom/bcmns3/Makefile +++ b/board/broadcom/bcmns3/Makefile @@ -3,3 +3,4 @@ # Copyright 2020 Broadcom. obj-y := ns3.o +obj-$(CONFIG_CHIMP_OPTEE) += chimp_optee.o diff --git a/board/broadcom/bcmns3/chimp_optee.c b/board/broadcom/bcmns3/chimp_optee.c new file mode 100644 index 0000000000..edbb7afd91 --- /dev/null +++ b/board/broadcom/bcmns3/chimp_optee.c @@ -0,0 +1,154 @@ +// SPDX-License-Identifier: BSD-2-Clause +/* + * Copyright 2020 Broadcom. + */ + +#include +#include +#include + +#define CHMIP_BOOT_UUID { 0x6272636D, 0x2019, 0x0716, \ + { 0x42, 0x43, 0x4D, 0x5F, 0x53, 0x43, 0x48, 0x49 } } + +enum { + TEE_CHIMP_FASTBOOT = 0, + TEE_CHIMP_HEALTH_STATUS, + TEE_CHIMP_HANDSHAKE_STATUS, +} tee_chmip_cmd; + +struct bcm_chimp_data { + struct udevice *tee; + u32 session; +} chimp_data; + +static int get_open_session(struct bcm_chimp_data *b_data) +{ + struct udevice *tee = NULL; + + while (!b_data->tee) { + const struct tee_optee_ta_uuid uuid = CHMIP_BOOT_UUID; + struct tee_open_session_arg arg; + int rc; + + tee = tee_find_device(tee, NULL, NULL, NULL); + if (!tee) + return -ENODEV; + + memset(&arg, 0, sizeof(arg)); + tee_optee_ta_uuid_to_octets(arg.uuid, &uuid); + rc = tee_open_session(tee, &arg, 0, NULL); + if (!rc) { + b_data->tee = tee; + b_data->session = arg.session; + } + } + + return 0; +} + +int chimp_handshake_status_optee(u32 timeout, u32 *hs) +{ + struct tee_invoke_arg arg; + struct tee_param param[1]; + int ret; + + if (get_open_session(&chimp_data)) + return BCM_CHIMP_FAILURE; + + memset(&arg, 0, sizeof(arg)); + arg.func = TEE_CHIMP_HANDSHAKE_STATUS; + arg.session = chimp_data.session; + + param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_INOUT; + param[0].u.value.a = timeout; + + if (tee_invoke_func(chimp_data.tee, &arg, + ARRAY_SIZE(param), param)) { + printf("Handshake status command failed\n"); + ret = BCM_CHIMP_FAILURE; + goto out; + } + switch (arg.ret) { + case TEE_SUCCESS: + *hs = param[0].u.value.a; + ret = BCM_CHIMP_SUCCESS; + break; + default: + ret = BCM_CHIMP_FAILURE; + break; + } +out: + tee_close_session(chimp_data.tee, chimp_data.session); + chimp_data.tee = NULL; + + return ret; +} + +int chimp_health_status_optee(u32 *health) +{ + struct tee_invoke_arg arg; + struct tee_param param[1]; + int ret; + + if (get_open_session(&chimp_data)) + return BCM_CHIMP_FAILURE; + + memset(&arg, 0, sizeof(arg)); + arg.func = TEE_CHIMP_HEALTH_STATUS; + arg.session = chimp_data.session; + + param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + if (tee_invoke_func(chimp_data.tee, &arg, + ARRAY_SIZE(param), param)) { + printf("Helath status command failed\n"); + ret = BCM_CHIMP_FAILURE; + goto out; + } + switch (arg.ret) { + case TEE_SUCCESS: + *health = param[0].u.value.a; + ret = BCM_CHIMP_SUCCESS; + break; + default: + ret = BCM_CHIMP_FAILURE; + break; + } +out: + tee_close_session(chimp_data.tee, chimp_data.session); + chimp_data.tee = NULL; + + return ret; +} + +int chimp_fastboot_optee(void) +{ + struct tee_invoke_arg arg; + int ret; + + if (get_open_session(&chimp_data)) + return BCM_CHIMP_FAILURE; + + memset(&arg, 0, sizeof(arg)); + arg.func = TEE_CHIMP_FASTBOOT; + arg.session = chimp_data.session; + + if (tee_invoke_func(chimp_data.tee, &arg, 0, NULL)) { + printf("Chimp boot_fail\n"); + ret = BCM_CHIMP_FAILURE; + goto out; + } + switch (arg.ret) { + case TEE_SUCCESS: + ret = BCM_CHIMP_SUCCESS; + break; + default: + ret = BCM_CHIMP_FAILURE; + break; + } +out: + tee_close_session(chimp_data.tee, chimp_data.session); + chimp_data.tee = NULL; + + return ret; +} diff --git a/include/brcm/chimp.h b/include/brcm/chimp.h new file mode 100644 index 0000000000..c3d4594c4b --- /dev/null +++ b/include/brcm/chimp.h @@ -0,0 +1,40 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2020 Broadcom. + * + */ + +#ifndef __CHIMP_H__ +#define __CHIMP_H__ + +#include +#include + +#define BCM_CHIMP_SUCCESS 0 +#define BCM_CHIMP_FAILURE (!BCM_CHIMP_SUCCESS) + +#ifdef CONFIG_CHIMP_OPTEE +int chimp_fastboot_optee(void); +int chimp_health_status_optee(u32 *status); +int chimp_handshake_status_optee(u32 timeout, u32 *hstatus); +#else +static inline int chimp_handshake_status_optee(u32 timeout, u32 *status) +{ + printf("ChiMP handshake status fail (OPTEE not enabled)\n"); + return BCM_CHIMP_FAILURE; +} + +static inline int chimp_health_status_optee(u32 *status) +{ + printf("ChiMP health status fail (OPTEE not enabled)\n"); + return BCM_CHIMP_FAILURE; +} + +static inline int chimp_fastboot_optee(void) +{ + printf("ChiMP secure boot fail (OPTEE not enabled)\n"); + return BCM_CHIMP_FAILURE; +} +#endif + +#endif