[PATCH 00/13] am625: support secure loading of full barebox

mail archive of the barebox mailing list
 help / color / mirror / Atom feed

From: Sascha Hauer <s.hauer@pengutronix.de>
To: "open list:BAREBOX" <barebox@lists.infradead.org>
Subject: [PATCH 00/13] am625: support secure loading of full barebox
Date: Fri, 28 Feb 2025 08:16:48 +0100	[thread overview]
Message-ID: <20250228-am625-secure-v1-0-4002488ff5ed@pengutronix.de> (raw)

On K3 SoCs only a small barebox is loaded by the ROM into SRAM. This
barebox then loads the full barebox from SD/eMMC or USB DFU. In a secure
boot environment the full barebox must be authenticated. This series
implements two ways for accomplishing this.

First way is to utilize the ROM API to authenticate images. The other
way is to compile a secure hash into the first stage binary and check
if the full barebox image matches the hash. Using the ROM API means
different first stage and second stage images can be combined whereas
hashing binds specific builds together avoiding mix and match attacks.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
Sascha Hauer (13):
      firmware: always generate sha256sum
      firmware: add function to verify next image
      ARM: k3: r5: drop loading of separate binaries
      ARM: k3: r5: add proper error handling
      fip: rework fip_image_open()
      fip: fix wrong function call
      fip: add function to calculate a sha256 over FIP image
      ARM: am625: support hash verification of full barebox
      ARM: k3: add support for authenticating images against the ROM API
      ARM: k3: r5: delete fip image when it can't be opened
      ARM: k3: r5: Allow to authenticate next image by ROM API
      scripts/k3img: remove temporary files
      scripts: add k3sign

 arch/arm/mach-k3/Kconfig  |  15 ++++
 arch/arm/mach-k3/common.c |  99 ++++++++++++++++++++++
 arch/arm/mach-k3/r5.c     | 206 +++++++++++++++++++++++++---------------------
 firmware/Kconfig          |  23 ++++++
 firmware/Makefile         |   8 +-
 include/fiptool.h         |   3 +
 include/firmware.h        |  28 +++++++
 include/mach/k3/common.h  |   1 +
 lib/fip.c                 | 101 ++++++++++++++---------
 scripts/k3img             |   9 +-
 scripts/k3sign            | 126 ++++++++++++++++++++++++++++
 11 files changed, 478 insertions(+), 141 deletions(-)
---
base-commit: 748ba0627681797b01a94be1b3f879ed2e52a361
change-id: 20250228-am625-secure-49301f641738

Best regards,
-- 
Sascha Hauer <s.hauer@pengutronix.de>

next             reply	other threads:[~2025-02-28  7:18 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-02-28  7:16 Sascha Hauer [this message]
2025-02-28  7:16 ` [PATCH 01/13] firmware: always generate sha256sum Sascha Hauer
2025-02-28  7:16 ` [PATCH 02/13] firmware: add function to verify next image Sascha Hauer
2025-03-10 18:37   ` Marco Felsch
2025-03-11  7:35     ` Sascha Hauer
2025-02-28  7:16 ` [PATCH 03/13] ARM: k3: r5: drop loading of separate binaries Sascha Hauer
2025-03-10 18:44   ` Marco Felsch
2025-02-28  7:16 ` [PATCH 04/13] ARM: k3: r5: add proper error handling Sascha Hauer
2025-03-10 18:52   ` Marco Felsch
2025-03-11  8:24     ` Sascha Hauer
2025-03-11  8:50       ` Marco Felsch
2025-02-28  7:16 ` [PATCH 05/13] fip: rework fip_image_open() Sascha Hauer
2025-02-28  7:16 ` [PATCH 06/13] fip: fix wrong function call Sascha Hauer
2025-02-28  7:16 ` [PATCH 07/13] fip: add function to calculate a sha256 over FIP image Sascha Hauer
2025-02-28  7:16 ` [PATCH 08/13] ARM: am625: support hash verification of full barebox Sascha Hauer
2025-03-10 19:22   ` Marco Felsch
2025-03-11  7:53     ` Sascha Hauer
2025-02-28  7:16 ` [PATCH 09/13] ARM: k3: add support for authenticating images against the ROM API Sascha Hauer
2025-02-28  7:16 ` [PATCH 10/13] ARM: k3: r5: delete fip image when it can't be opened Sascha Hauer
2025-02-28  7:16 ` [PATCH 11/13] ARM: k3: r5: Allow to authenticate next image by ROM API Sascha Hauer
2025-03-10 19:26   ` Marco Felsch
2025-03-11  7:54     ` Sascha Hauer
2025-02-28  7:17 ` [PATCH 12/13] scripts/k3img: remove temporary files Sascha Hauer
2025-02-28  7:17 ` [PATCH 13/13] scripts: add k3sign Sascha Hauer
2025-03-10 17:40 ` [PATCH 00/13] am625: support secure loading of full barebox Marco Felsch
2025-03-11  8:12   ` Sascha Hauer
2025-03-11  8:48     ` Marco Felsch
2025-03-11  9:13       ` Sascha Hauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250228-am625-secure-v1-0-4002488ff5ed@pengutronix.de \
    --to=s.hauer@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox