aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Davis2022-07-15 11:34:35 -0500
committerTom Rini2022-08-04 15:32:20 -0400
commitb661c1bc92f9ac096ffaf0aec7e60a5413ce8b34 (patch)
tree9e15d9e6ef79fc1dfd4f56e112a81bc25ea6f7b9
parenta0379c6fe3bfac4e0d7633830b9d23166f3edacf (diff)
arm: mach-k3: security: Remove certificate if detected on GP device
If the device is a GP and we detect a signing certificate then remove it. It would fail to authenticate otherwise as the device is GP and has no secure authentication services in SYSFW. This shouldn't happen often as trying to boot signed images on GP devices doesn't make much sense, but if we run into a signed image we should at least try to ignore the certificate and boot the image anyway. This could help with users of GP devices who only have HS images available. If this does happen, print a nice big warning. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
-rw-r--r--arch/arm/mach-k3/security.c30
1 files changed, 29 insertions, 1 deletions
diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index add7f413a4b..d8d41ec5154 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -30,10 +30,19 @@ static bool ti_secure_cert_detected(void *p_image)
((u8 *)p_image)[4] == 0x30 && ((u8 *)p_image)[5] == 0x82);
}
+/* Primitive certificate length, assumes one 2-Octet sized SEQUENCE */
+static size_t ti_secure_cert_length(void *p_image)
+{
+ size_t seq_length = be16_to_cpu(readw_relaxed(p_image + 2));
+ /* Add 4 for the SEQUENCE tag length */
+ return seq_length + 4;
+}
+
void ti_secure_image_post_process(void **p_image, size_t *p_size)
{
struct ti_sci_handle *ti_sci = get_ti_sci_handle();
struct ti_sci_proc_ops *proc_ops = &ti_sci->ops.proc_ops;
+ size_t cert_length;
u64 image_addr;
u32 image_size;
int ret;
@@ -41,9 +50,28 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
image_addr = (uintptr_t)*p_image;
image_size = *p_size;
- if (!image_size || get_device_type() == K3_DEVICE_TYPE_GP)
+ if (!image_size)
return;
+ if (get_device_type() == K3_DEVICE_TYPE_GP) {
+ if (ti_secure_cert_detected(*p_image)) {
+ printf("Warning: Detected image signing certificate on GP device. "
+ "Skipping certificate to prevent boot failure. "
+ "This will fail if the image was also encrypted\n");
+
+ cert_length = ti_secure_cert_length(*p_image);
+ if (cert_length > *p_size) {
+ printf("Invalid signing certificate size\n");
+ return;
+ }
+
+ *p_image += cert_length;
+ *p_size -= cert_length;
+ }
+
+ return;
+ }
+
if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
!ti_secure_cert_detected(*p_image)) {
printf("Warning: Did not detect image signing certificate. "