[PATCH 1/4] optee: move optee_verify_header() to common

[PATCH 1/4] optee: move optee_verify_header() to common

[Rouven Czerwinski]

Subsequent patches will use this to verify the header in the PBL, move
it to common to make it potentially available for both.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
---
 arch/arm/lib32/bootm.c | 12 +++---------
 common/Makefile        |  1 +
 common/optee.c         | 18 ++++++++++++++++++
 include/tee/optee.h    |  5 +++++
 4 files changed, 27 insertions(+), 9 deletions(-)
 create mode 100644 common/optee.c

diff --git a/arch/arm/lib32/bootm.c b/arch/arm/lib32/bootm.c
index 180624445d..d64e705c40 100644
--- a/arch/arm/lib32/bootm.c
+++ b/arch/arm/lib32/bootm.c
@@ -137,16 +137,10 @@ static int get_kernel_addresses(size_t image_size,
 static int optee_verify_header_request_region(struct image_data *data, struct optee_header *hdr)
 {
 	int ret = 0;
-	if (hdr->magic != OPTEE_MAGIC) {
-		pr_err("Invalid header magic 0x%08x, expected 0x%08x\n",
-		       hdr->magic, OPTEE_MAGIC);
-		return -EINVAL;
-	}
 
-	if (hdr->arch != OPTEE_ARCH_ARM32 || hdr->init_load_addr_hi) {
-		pr_err("Only 32bit supported\n");
-		return -EINVAL;
-	}
+	ret = optee_verify_header(hdr);
+	if (ret < 0)
+		return ret;
 
 	data->tee_res = request_sdram_region("TEE", hdr->init_load_addr_lo, hdr->init_size);
 	if (!data->tee_res) {
diff --git a/common/Makefile b/common/Makefile
index 10960169f9..fbdd74a9fd 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -66,6 +66,7 @@ obj-$(CONFIG_BAREBOX_UPDATE_IMX_NAND_FCB) += imx-bbu-nand-fcb.o
 obj-$(CONFIG_BOOT)		+= boot.o
 obj-$(CONFIG_SERIAL_DEV_BUS)	+= serdev.o
 obj-$(CONFIG_USBGADGET_START)	+= usbgadget.o
+obj-$(CONFIG_BOOTM_OPTEE)	+= optee.o
 
 ifdef CONFIG_PASSWORD
 
diff --git a/common/optee.c b/common/optee.c
new file mode 100644
index 0000000000..1516c07db4
--- /dev/null
+++ b/common/optee.c
@@ -0,0 +1,18 @@
+#include <tee/optee.h>
+#include <printk.h>
+#include <asm-generic/errno.h>
+
+int optee_verify_header (struct optee_header *hdr) {
+	if (hdr->magic != OPTEE_MAGIC) {
+		pr_err("Invalid header magic 0x%08x, expected 0x%08x\n",
+			   hdr->magic, OPTEE_MAGIC);
+		return -EINVAL;
+	}
+
+	if (hdr->arch != OPTEE_ARCH_ARM32 || hdr->init_load_addr_hi) {
+		pr_err("Only 32bit supported\n");
+		return -EINVAL;
+	}
+
+	return 0;
+}
diff --git a/include/tee/optee.h b/include/tee/optee.h
index 8cfe06d889..9fb27fcec0 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -10,6 +10,9 @@
 #ifndef _OPTEE_H
 #define _OPTEE_H
 
+#include <types.h>
+#include <asm-generic/errno.h>
+
 #define OPTEE_MAGIC             0x4554504f
 #define OPTEE_VERSION           1
 #define OPTEE_ARCH_ARM32        0
@@ -27,4 +30,6 @@ struct optee_header {
 	uint32_t paged_size;
 };
 
+int optee_verify_header (struct optee_header *hdr);
+
 #endif /* _OPTEE_H */
-- 
2.25.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 2/4] ARM: add optee early loading function

[Rouven Czerwinski]

Add a OP-TEE early loading function which expects a pointer to a valid
tee binary and the device tree. OP-TEE will then be started and barebox
will continue to run in normal mode.

The function start_optee_early should be used in a boards lowlevel.c
file. Ensure that barebox has been relocated and a proper c environment
has been setup beforehand. Depending on the OP-TEE configuration, the
fdt will be modified. If the internal barebox device tree is passed,
OP-TEE will overwrite barebox PBL memory during this modification. Copy
the fdt to a save memory location beforehand to avoid a corruption of
barebox PBL memory.

This also moves the OP-TEE Kconfig symbols into a separate menu.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
---
 arch/arm/lib32/Makefile             |  3 ++
 arch/arm/lib32/optee-early.c        | 29 ++++++++++++++++
 common/Kconfig                      | 54 ++++++++++++++++++-----------
 common/Makefile                     |  1 +
 include/asm-generic/memory_layout.h |  4 +--
 include/tee/optee.h                 |  6 ++++
 6 files changed, 74 insertions(+), 23 deletions(-)
 create mode 100644 arch/arm/lib32/optee-early.c

diff --git a/arch/arm/lib32/Makefile b/arch/arm/lib32/Makefile
index cd43147e66..18f6973fcc 100644
--- a/arch/arm/lib32/Makefile
+++ b/arch/arm/lib32/Makefile
@@ -28,3 +28,6 @@ extra-y += barebox.lds
 pbl-y	+= lib1funcs.o
 pbl-y	+= ashldi3.o
 pbl-y	+= div0.o
+
+pbl-$(CONFIG_PBL_OPTEE)	+= setjmp.o
+pbl-$(CONFIG_PBL_OPTEE)	+= optee-early.o
diff --git a/arch/arm/lib32/optee-early.c b/arch/arm/lib32/optee-early.c
new file mode 100644
index 0000000000..f1755e075f
--- /dev/null
+++ b/arch/arm/lib32/optee-early.c
@@ -0,0 +1,29 @@
+#include <asm/cache.h>
+#include <asm/setjmp.h>
+#include <tee/optee.h>
+#include <debug_ll.h>
+
+jmp_buf tee_buf;
+
+int start_optee_early(void* fdt, void* tee) {
+	void (*tee_start)(void* r0, void* r1, void* r2);
+	struct optee_header *hdr;
+	int ret = 0;
+
+	hdr = tee;
+	ret = optee_verify_header(hdr);
+	if (ret < 0)
+		return ret;
+
+	memcpy((void *)hdr->init_load_addr_lo, tee + sizeof(*hdr), hdr->init_size);
+	tee_start = (void *) hdr->init_load_addr_lo;
+	ret = 1;
+	ret = setjmp(tee_buf);
+	if (ret == 0) {
+		sync_caches_for_execution();
+		tee_start(0, 0, fdt);
+		longjmp(tee_buf, 1);
+	}
+
+	return 0;
+}
diff --git a/common/Kconfig b/common/Kconfig
index 60237d3056..25587d1927 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -643,27 +643,6 @@ config BOOTM_FORCE_SIGNED_IMAGES
 	  are refused to boot. Effectively this means only FIT images can be booted
 	  since they are the only supported image type that support signing.
 
-config BOOTM_OPTEE
-	bool
-	prompt "support booting OP-TEE"
-	depends on BOOTM && ARM
-	help
-	  OP-TEE is a trusted execution environment (TEE). With this option
-	  enabled barebox supports starting optee_os as part of the bootm command.
-	  Instead of the kernel bootm starts the optee_os binary which then starts
-	  the kernel in nonsecure mode. Pass the optee_os binary with the -t option
-	  or in the global.bootm.tee variable.
-
-config BOOTM_OPTEE_SIZE
-	hex
-	default 0x02000000
-	prompt "OP-TEE Memory Size"
-	depends on BOOTM_OPTEE
-	help
-	  Size to reserve in main memory for OP-TEE.
-	  Can be smaller than the actual size used by OP-TEE, this is used to prevent
-	  barebox from allocating memory in this area.
-
 config BLSPEC
 	depends on FLEXIBLE_BOOTARGS
 	depends on !SHELL_NONE
@@ -1000,6 +979,39 @@ config MACHINE_ID
 	  Note: if no hashable information is available no machine id will be passed
 	  to the kernel.
 
+menu "OP-TEE loading"
+
+config OPTEE_SIZE
+	hex
+	default 0x02000000
+	prompt "OP-TEE Memory Size"
+	depends on BOOTM_OPTEE || PBL_OPTEE
+	help
+	  Size to reserve in main memory for OP-TEE.
+	  Can be smaller than the actual size used by OP-TEE, this is used to prevent
+	  barebox from allocating memory in this area.
+
+config BOOTM_OPTEE
+	bool
+	prompt "support booting OP-TEE"
+	depends on BOOTM && ARM
+	help
+	  OP-TEE is a trusted execution environment (TEE). With this option
+	  enabled barebox supports starting optee_os as part of the bootm command.
+	  Instead of the kernel bootm starts the optee_os binary which then starts
+	  the kernel in nonsecure mode. Pass the optee_os binary with the -t option
+	  or in the global.bootm.tee variable.
+
+config PBL_OPTEE
+	bool "Enable OP-TEE early start"
+	depends on ARM
+	depends on !THUMB2_BAREBOX
+	help
+	  Allows starting OP-TEE during lowlevel initialization of the PBL.
+	  Requires explicit support in the boards lowlevel file.
+
+endmenu
+
 endmenu
 
 menu "Debugging"
diff --git a/common/Makefile b/common/Makefile
index fbdd74a9fd..8312e88572 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -66,6 +66,7 @@ obj-$(CONFIG_BAREBOX_UPDATE_IMX_NAND_FCB) += imx-bbu-nand-fcb.o
 obj-$(CONFIG_BOOT)		+= boot.o
 obj-$(CONFIG_SERIAL_DEV_BUS)	+= serdev.o
 obj-$(CONFIG_USBGADGET_START)	+= usbgadget.o
+pbl-$(CONFIG_PBL_OPTEE)		+= optee.o
 obj-$(CONFIG_BOOTM_OPTEE)	+= optee.o
 
 ifdef CONFIG_PASSWORD
diff --git a/include/asm-generic/memory_layout.h b/include/asm-generic/memory_layout.h
index 3f69664aa0..0d7ce3fe02 100644
--- a/include/asm-generic/memory_layout.h
+++ b/include/asm-generic/memory_layout.h
@@ -11,8 +11,8 @@
 #define MALLOC_BASE CONFIG_MALLOC_BASE
 #endif
 
-#ifdef CONFIG_BOOTM_OPTEE_SIZE
-#define OPTEE_SIZE CONFIG_BOOTM_OPTEE_SIZE
+#ifdef CONFIG_OPTEE_SIZE
+#define OPTEE_SIZE CONFIG_OPTEE_SIZE
 #else
 #define OPTEE_SIZE 0
 #endif
diff --git a/include/tee/optee.h b/include/tee/optee.h
index 9fb27fcec0..fa124236ba 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -32,4 +32,10 @@ struct optee_header {
 
 int optee_verify_header (struct optee_header *hdr);
 
+#ifdef __PBL__
+
+int start_optee_early(void* fdt, void* tee);
+
+#endif /* __PBL__ */
+
 #endif /* _OPTEE_H */
-- 
2.25.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 3/4] ARM: mach-imx: OPTEE PBL configures PL210

[Rouven Czerwinski]

If OP-TEE early loading is performed, OP-TEE will configure the PL210
and lock access to the controller from the normal world. Skip the
configuration in this case.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
---
 arch/arm/mach-imx/imx6.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/mach-imx/imx6.c b/arch/arm/mach-imx/imx6.c
index 41e0066add..f2311efd92 100644
--- a/arch/arm/mach-imx/imx6.c
+++ b/arch/arm/mach-imx/imx6.c
@@ -278,7 +278,7 @@ static int imx6_mmu_init(void)
 	void __iomem *l2x0_base = IOMEM(0x00a02000);
 	u32 val, cache_part, cache_rtl;
 
-	if (!cpu_is_mx6())
+	if (!cpu_is_mx6() || IS_ENABLED(CONFIG_PBL_OPTEE))
 		return 0;
 
 	val = readl(l2x0_base + L2X0_CACHE_ID);
-- 
2.25.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 4/4] user: add documentation for OP-TEE loading

[Rouven Czerwinski]

Some rudimentary documentation how to load OP-TEE.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
---
 Documentation/user/optee.rst       | 29 +++++++++++++++++++++++++++++
 Documentation/user/user-manual.rst |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 Documentation/user/optee.rst

diff --git a/Documentation/user/optee.rst b/Documentation/user/optee.rst
new file mode 100644
index 0000000000..950917b446
--- /dev/null
+++ b/Documentation/user/optee.rst
@@ -0,0 +1,29 @@
+
+.. _optee:
+
+OP-TEE
+======
+
+Barebox is able to start the Open Portable Trusted Execution Environment
+(OP-TEE) either before starting the linux kernel or during lowlevel board
+initialization in the Pre Bootloader ``PBL``.
+
+Before Linux start
+------------------
+Enable the `CONFIG_BOOTM_OPTEE` configuration variable and configure the
+`CONFIG_OPTEE_SIZE` variable. This will reserve a memory area at the end
+of memory for OP-TEE to run, usually Barebox would relocate itself there. To
+load OP-TEE before the kernel is started, configure the global ``bootm.tee``
+variable to point to a valid OPTEE v1 binary.
+
+During the PBL
+--------------
+To start OP-TEE during the lowlevel initialization of your board in the ``PBL``,
+enable the ``CONFIG_PBL_OPTEE`` configuration variable. your board should then
+call the function ``start_optee_early(void* tee, void* fdt)`` with a valid tee
+and FDT. Ensure that your OP-TEE is compiled with ``CFG_NS_ENTRY_ADDR`` unset,
+otherwise OP-TEE will not correctly return to barebox after startup.
+Since OP-TEE in the default configuration also modifies the device tree, don't
+pass the barebox internal device tree, instead copy it into a different memory
+location and pass it to OP-TEE afterwards.
+The modified device tree can then be passed to the main barebox start function.
diff --git a/Documentation/user/user-manual.rst b/Documentation/user/user-manual.rst
index 41fdb8805c..827683eaa0 100644
--- a/Documentation/user/user-manual.rst
+++ b/Documentation/user/user-manual.rst
@@ -33,6 +33,7 @@ Contents:
    system-reset
    state
    random
+   optee
    debugging
    watchdog
 
-- 
2.25.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 2/4] ARM: add optee early loading function

[Sascha Hauer]

On Mon, Jan 20, 2020 at 06:03:28AM +0100, Rouven Czerwinski wrote:
> Add a OP-TEE early loading function which expects a pointer to a valid
> tee binary and the device tree. OP-TEE will then be started and barebox
> will continue to run in normal mode.
> 
> The function start_optee_early should be used in a boards lowlevel.c
> file. Ensure that barebox has been relocated and a proper c environment
> has been setup beforehand. Depending on the OP-TEE configuration, the
> fdt will be modified. If the internal barebox device tree is passed,
> OP-TEE will overwrite barebox PBL memory during this modification. Copy
> the fdt to a save memory location beforehand to avoid a corruption of

s/save/safe/

> barebox PBL memory.
> 
> This also moves the OP-TEE Kconfig symbols into a separate menu.
> 
> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
> ---
>  arch/arm/lib32/Makefile             |  3 ++
>  arch/arm/lib32/optee-early.c        | 29 ++++++++++++++++
>  common/Kconfig                      | 54 ++++++++++++++++++-----------
>  common/Makefile                     |  1 +
>  include/asm-generic/memory_layout.h |  4 +--
>  include/tee/optee.h                 |  6 ++++
>  6 files changed, 74 insertions(+), 23 deletions(-)
>  create mode 100644 arch/arm/lib32/optee-early.c
> 
> diff --git a/arch/arm/lib32/Makefile b/arch/arm/lib32/Makefile
> index cd43147e66..18f6973fcc 100644
> --- a/arch/arm/lib32/Makefile
> +++ b/arch/arm/lib32/Makefile
> @@ -28,3 +28,6 @@ extra-y += barebox.lds
>  pbl-y	+= lib1funcs.o
>  pbl-y	+= ashldi3.o
>  pbl-y	+= div0.o
> +
> +pbl-$(CONFIG_PBL_OPTEE)	+= setjmp.o

This should be in the patch adding setjmp/longjmp support. Where is it
btw?

> +pbl-$(CONFIG_PBL_OPTEE)	+= optee-early.o
> diff --git a/arch/arm/lib32/optee-early.c b/arch/arm/lib32/optee-early.c
> new file mode 100644
> index 0000000000..f1755e075f
> --- /dev/null
> +++ b/arch/arm/lib32/optee-early.c
> @@ -0,0 +1,29 @@

spdx?

> +#include <asm/cache.h>
> +#include <asm/setjmp.h>
> +#include <tee/optee.h>
> +#include <debug_ll.h>
> +
> +jmp_buf tee_buf;

static?

> +
> +int start_optee_early(void* fdt, void* tee) {

Coding style nitpick: opening braces of a function should be on the next
line. Also, should be "void *fdt", not "void* fdt"

> +	void (*tee_start)(void* r0, void* r1, void* r2);
> +	struct optee_header *hdr;
> +	int ret = 0;

Unnecessary initialization.

> +
> +	hdr = tee;
> +	ret = optee_verify_header(hdr);
> +	if (ret < 0)
> +		return ret;
> +
> +	memcpy((void *)hdr->init_load_addr_lo, tee + sizeof(*hdr), hdr->init_size);
> +	tee_start = (void *) hdr->init_load_addr_lo;
> +	ret = 1;

Why?

> +	ret = setjmp(tee_buf);
> +	if (ret == 0) {
> +		sync_caches_for_execution();
> +		tee_start(0, 0, fdt);
> +		longjmp(tee_buf, 1);
> +	}

Some comment like "We use setjmp/longjmp here because OP-TEE clobbers
most registers" would be nice here.

Sascha


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox