| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
The caam driver needs the variable habv4_need_rng_software_self_test,
but this is only declared when HABV4 is enabled. Instead of exporting
a variable rather provide a function to test if a software selftest
of the random number generator is needed.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without this building fails with:
drivers/hab/habv3.c:80:12: error: static declaration of 'imx25_hab_get_status' follows non-static declaration
In file included from drivers/hab/habv3.c:14:
include/hab.h:39:5: note: previous declaration of 'imx25_hab_get_status' was here
drivers/hab/habv3.c:87:1: warning: data definition has no type or storage class
drivers/hab/habv3.c:87:1: warning: type defaults to 'int' in declaration of 'postmmu_initcall' [-Wimplicit-int]
drivers/hab/habv3.c:87:1: warning: parameter names (without types) in function declaration
drivers/hab/habv3.c:80:12: warning: 'imx25_hab_get_status' defined but not used [-Wunused-function]
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
| |
Currently, board code needs to call habv4_get_status() explicitely, but
there is no reason that it cannot be called automatically at startup
when HABv4 is enabled. This way the call cannot be forgotten and we can
make sure to report all potentially occuring HAB warnings and errors.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is based on a vendor patch in U-Boot, taken from
https://portland.source.codeaurora.org/patches/external/imxsupport/uboot-imx/imx_v2016.03_4.1.15_2.0.0_ga/HAB-238-Run-RNG-self-test-for-impacted-i.MX-chips.zip
| HAB-238 Run RNG self test for impacted i.MX chips
|
| Patch is only applicable to imx_v2016.03_4.1.15_2.0.0_ga branch of u-boot.
| Please adapt the patch for your respective release version.
|
| Background:
| Few i.MX chips which have HAB 4.2.3 or beyond, have oberserved following
| warning message generated by HAB due to incorrect implementation of drng
| self test in boot ROM.
|
| Event |0xdb|0x0024|0x42| SRCE Field: 69 30 e1 1d
| | | | | STS = HAB_WARNING (0x69)
| | | | | RSN = HAB_ENG_FAIL (0x30)
| | | | | CTX = HAB_CTX_ENTRY (0xE1)
| | | | | ENG = HAB_ENG_CAAM (0x1D)
| | | | | Evt Data (hex):
| | | | | 00 08 00 02 40 00 36 06 55 55 00 03 00 00 00 00
| | | | | 00 00 00 00 00 00 00 00 00 00 00 01
|
| It is recommended to run this rng self test before any RNG related crypto
| implementations are done.
|
[...]
|
| Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Currently known impacted chips, as determined by NXP, include:
* i.MX6DQ+ silicon revision 1.1
* i.MX6DQ silicon revision 1.6
* i.MX6DLS silicon revision 1.4
* i.MX6SX silicon revision 1.4
* i.MX6UL silicon revision 1.2
* i.MX67SD silicon revision 1.3
Port the RNG software self-test from this patch to barebox. It can be
enabled by selecting CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST in Kconfig.
The original patch included a command line utility to run the self-test,
but we choose a different approach here, and run the software self-test
automatically when the respective HAB events indicating a RNG ROM
self-test failure are found when running habv4_get_status(). Note that
habv4_get_status() must be called by the board code before the CAAM
device driver is probed for this mechanism to work.
Until now there are at least two such known events. The first event was
observed on an i.MX6Solo, silicon revision 1.4; the second event is
mentioned in the original patch description given above. When an event
occured, habv4_get_status() tests if it is one of those known events,
and if so, indicates to the CAAM driver to run the software self-test.
In this case, printing the respective HAB warning is suppressed to
prevent confusion; the software self-test itself will error out in case
of recurring RNG self-test failure.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The code was leveraged from u-boot commit:
29067abfaf39 iMX: adding parsing to hab_status command
by: Ulises Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current code only retrieves the HAB errors from the ROM. If there are HAB
warnings during startup, the code throws this wrong error message.
> HABv4: ERROR: Recompile with larger event data buffer (at least 36 bytes)
The correct solution is to retrieve the warnings from the ROM, too.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
to pr_err()
This way the events will be printed into the dmesg buffer,
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| | |
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
|
| |
This is now recommended for all systems. Especially for the HAB usecase
disallowing alternative boot selection after WDOG reset is essential.
Signed-off-by: Bastian Stender <bst@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Secure boot with HAB requires handling of the super root key hash
and actually locking down the device. The related information is
stored in the i.MX fusebox device (IIM on older SoCs, OCOTP on newer
SoCs). This patch adds several convenience functions to store and
read the super root key hash and to lock down a SoC. Also we add
a command to do this from the command line.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
The RVT table contains the pointers to the HAB API functions and is
located at 0x00000100.
Signed-off-by: Jan Remmet <j.remmet@phytec.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
| |
Newer i.MX SoCs have the RVT at 0x98, not at 0x94 any more.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The HABv4 functions need access a part of the ROM which is
located in the zero page. This must be done early, before the
MMU has been configured and the zero page has been set to faulting.
The HAB functions currently use cpu_is_imxxy(). At the stage where
HAB is called the i.MX CPU type variable is not yet initialized,
so this code only works when only one i.MX type is enabled and
cpu_is_imxxy() are compile time constants.
To fix HAB support when more than one i.MX type is enabled make the
HAB status function SoC specific so that we can drop the use of
cpu_is_imxxy().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
Status reporting for HABv3 is different from HABv4. Add a status
report function for HABv3.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
There's not only HABv4 but also HABv3. No need to put the corresponding
code in separate directories, so rename the habv4 directory to hab.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|