1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * K2x: Secure commands file
4 *
5 * Copyright (C) 2012-2019 Texas Instruments Incorporated - http://www.ti.com/
6 */
7
8 #include <hang.h>
9 #include <image.h>
10 #include <asm/unaligned.h>
11 #include <common.h>
12 #include <command.h>
13 #include <mach/mon.h>
14 #include <spl.h>
15 asm(".arch_extension sec\n\t");
16
mon_install(u32 addr,u32 dpsc,u32 freq,u32 bm_addr)17 int mon_install(u32 addr, u32 dpsc, u32 freq, u32 bm_addr)
18 {
19 int result;
20
21 __asm__ __volatile__ (
22 "stmfd r13!, {lr}\n"
23 "mov r0, %1\n"
24 "mov r1, %2\n"
25 "mov r2, %3\n"
26 "mov r3, %4\n"
27 "blx r0\n"
28 "mov %0, r0\n"
29 "ldmfd r13!, {lr}\n"
30 : "=&r" (result)
31 : "r" (addr), "r" (dpsc), "r" (freq), "r" (bm_addr)
32 : "cc", "r0", "r1", "r2", "r3", "memory");
33 return result;
34 }
35
mon_power_on(int core_id,void * ep)36 int mon_power_on(int core_id, void *ep)
37 {
38 int result;
39
40 asm volatile (
41 "stmfd r13!, {lr}\n"
42 "mov r1, %1\n"
43 "mov r2, %2\n"
44 "mov r0, #0\n"
45 "smc #0\n"
46 "mov %0, r0\n"
47 "ldmfd r13!, {lr}\n"
48 : "=&r" (result)
49 : "r" (core_id), "r" (ep)
50 : "cc", "r0", "r1", "r2", "memory");
51 return result;
52 }
53
mon_power_off(int core_id)54 int mon_power_off(int core_id)
55 {
56 int result;
57
58 asm volatile (
59 "stmfd r13!, {lr}\n"
60 "mov r1, %1\n"
61 "mov r0, #1\n"
62 "smc #1\n"
63 "mov %0, r0\n"
64 "ldmfd r13!, {lr}\n"
65 : "=&r" (result)
66 : "r" (core_id)
67 : "cc", "r0", "r1", "memory");
68 return result;
69 }
70
71 #ifdef CONFIG_TI_SECURE_DEVICE
72 #define KS2_HS_SEC_HEADER_LEN 0x60
73 #define KS2_HS_SEC_TAG_OFFSET 0x34
74 #define KS2_AUTH_CMD 130
75
76 /**
77 * k2_hs_bm_auth() - Invokes security functions using a
78 * proprietary TI interface. This binary and source for
79 * this is available in the secure development package or
80 * SECDEV. For details on how to access this please refer
81 * doc/README.ti-secure
82 *
83 * @cmd: Secure monitor command
84 * @arg1: Argument for command
85 *
86 * returns non-zero value on success, zero on error
87 */
k2_hs_bm_auth(int cmd,void * arg1)88 static int k2_hs_bm_auth(int cmd, void *arg1)
89 {
90 int result;
91
92 asm volatile (
93 "stmfd r13!, {r4-r12, lr}\n"
94 "mov r0, %1\n"
95 "mov r1, %2\n"
96 "smc #2\n"
97 "mov %0, r0\n"
98 "ldmfd r13!, {r4-r12, lr}\n"
99 : "=&r" (result)
100 : "r" (cmd), "r" (arg1)
101 : "cc", "r0", "r1", "memory");
102
103 return result;
104 }
105
board_fit_image_post_process(const void * fit,int node,void ** p_image,size_t * p_size)106 void board_fit_image_post_process(const void *fit, int node, void **p_image,
107 size_t *p_size)
108 {
109 int result = 0;
110 void *image = *p_image;
111
112 if (strncmp(image + KS2_HS_SEC_TAG_OFFSET, "KEYS", 4)) {
113 printf("No signature found in image!\n");
114 hang();
115 }
116
117 result = k2_hs_bm_auth(KS2_AUTH_CMD, image);
118 if (result == 0) {
119 printf("Authentication failed!\n");
120 hang();
121 }
122
123 /*
124 * Overwrite the image headers after authentication
125 * and decryption. Update size to reflect removal
126 * of header and restore original file size.
127 */
128 *p_size = get_unaligned_le32(image + (*p_size - 4));
129 memcpy(image, image + KS2_HS_SEC_HEADER_LEN, *p_size);
130
131 /*
132 * Output notification of successful authentication to re-assure the
133 * user that the secure code is being processed as expected. However
134 * suppress any such log output in case of building for SPL and booting
135 * via YMODEM. This is done to avoid disturbing the YMODEM serial
136 * protocol transactions.
137 */
138 if (!(IS_ENABLED(CONFIG_SPL_BUILD) &&
139 IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT) &&
140 spl_boot_device() == BOOT_DEVICE_UART))
141 printf("Authentication passed\n");
142 }
143 #endif
144