From patchwork Fri Jan 19 06:19:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jamin Lin X-Patchwork-Id: 38042 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 75716C47DD6 for ; Fri, 19 Jan 2024 06:19:45 +0000 (UTC) Received: from TWMBX01.aspeed.com (TWMBX01.aspeed.com [211.20.114.70]) by mx.groups.io with SMTP id smtpd.web10.16005.1705645182890444594 for ; Thu, 18 Jan 2024 22:19:43 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=fail (domain: aspeedtech.com, ip: 211.20.114.70, mailfrom: jamin_lin@aspeedtech.com) Received: from TWMBX03.aspeed.com (192.168.0.62) by TWMBX01.aspeed.com (192.168.0.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.1258.12; Fri, 19 Jan 2024 14:20:04 +0800 Received: from TWMBX02.aspeed.com (192.168.0.24) by TWMBX03.aspeed.com (192.168.0.62) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 19 Jan 2024 14:20:05 +0800 Received: from twmbx02.aspeed.com (192.168.10.10) by TWMBX02.aspeed.com (192.168.0.24) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 19 Jan 2024 14:19:40 +0800 From: Jamin Lin To: Subject: [PATCH v2 1/4] uboot-sign: set load address and entrypoint Date: Fri, 19 Jan 2024 14:19:34 +0800 Message-ID: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 19 Jan 2024 06:19:45 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/194010 According to the design of uboot-sign.bbclass and kernel-fitimage.bbclass, both of them use an UBOOT_LOADADDRESS variable to set the load address of kernel and u-boot image and use an UBOOT_ENTRYPOINT variable to set the entry address of kernel and u-boot image. However, users may want to set the different load address of u-boot and kernel image. Therefore, adds UBOOT_FIT_UBOOT_LOADADDRESS and UBOOT_FIT_UBOOT_ENTRYPOINT variables to set the load address and entry point of u-boot image, respectively. The value of UBOOT_FIT_UBOOT_ENTRYPOINT is UBOOT_LOADADDRESS by default. The value of UBOOT_FIT_UBOOT_ENTRYPOINT is UBOOT_ENTRYPOINT by default. Signed-off-by: Jamin Lin --- meta/classes-recipe/uboot-sign.bbclass | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index ad04c82378..abde0bc61c 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass @@ -88,6 +88,9 @@ UBOOT_FIT_ADDRESS_CELLS ?= "1" # This is only necessary for determining the signing configuration KERNEL_PN = "${PREFERRED_PROVIDER_virtual/kernel}" +UBOOT_FIT_UBOOT_LOADADDRESS ?= "${UBOOT_LOADADDRESS}" +UBOOT_FIT_UBOOT_ENTRYPOINT ?= "${UBOOT_ENTRYPOINT}" + python() { # We need u-boot-tools-native if we're creating a U-Boot fitImage sign = d.getVar('UBOOT_SIGN_ENABLE') == '1' @@ -248,8 +251,8 @@ uboot_fitimage_assemble() { os = "u-boot"; arch = "${UBOOT_ARCH}"; compression = "none"; - load = <${UBOOT_LOADADDRESS}>; - entry = <${UBOOT_ENTRYPOINT}>; + load = <${UBOOT_FIT_UBOOT_LOADADDRESS}>; + entry = <${UBOOT_FIT_UBOOT_ENTRYPOINT}>; EOF if [ "${SPL_SIGN_ENABLE}" = "1" ] ; then From patchwork Fri Jan 19 06:19:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jamin Lin X-Patchwork-Id: 38044 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D012C47DD3 for ; Fri, 19 Jan 2024 06:19:45 +0000 (UTC) Received: from TWMBX02.aspeed.com (TWMBX02.aspeed.com [211.20.114.72]) by mx.groups.io with SMTP id smtpd.web10.16006.1705645183191773477 for ; Thu, 18 Jan 2024 22:19:43 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: aspeedtech.com, ip: 211.20.114.72, mailfrom: jamin_lin@aspeedtech.com) Received: from TWMBX02.aspeed.com (192.168.0.25) by TWMBX02.aspeed.com (192.168.0.25) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 19 Jan 2024 14:19:42 +0800 Received: from twmbx02.aspeed.com (192.168.10.10) by TWMBX02.aspeed.com (192.168.0.24) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 19 Jan 2024 14:19:42 +0800 From: Jamin Lin To: Subject: [PATCH v2 2/4] uboot-sign: Fix to install nonexistent dtb file Date: Fri, 19 Jan 2024 14:19:35 +0800 Message-ID: <20240119061937.1368163-2-jamin_lin@aspeedtech.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> References: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> MIME-Version: 1.0 Received-SPF: Fail (TWMBX02.aspeed.com: domain of jamin_lin@aspeedtech.com does not designate 192.168.10.10 as permitted sender) receiver=TWMBX02.aspeed.com; client-ip=192.168.10.10; helo=twmbx02.aspeed.com; List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 19 Jan 2024 06:19:45 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/194011 Add to check dtb file exist, then install it. Signed-off-by: Jamin Lin --- meta/classes-recipe/uboot-sign.bbclass | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index abde0bc61c..4b462698f9 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass @@ -318,7 +318,9 @@ EOF ${SPL_MKIMAGE_SIGN_ARGS} fi - cp ${SPL_DIR}/${SPL_DTB_BINARY} ${SPL_DIR}/${SPL_DTB_SIGNED} + if [ -e "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then + cp ${SPL_DIR}/${SPL_DTB_BINARY} ${SPL_DIR}/${SPL_DTB_SIGNED} + fi } uboot_assemble_fitimage_helper() { From patchwork Fri Jan 19 06:19:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jamin Lin X-Patchwork-Id: 38043 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7443BC4725D for ; Fri, 19 Jan 2024 06:19:45 +0000 (UTC) Received: from TWMBX02.aspeed.com (TWMBX02.aspeed.com [211.20.114.72]) by mx.groups.io with SMTP id smtpd.web10.16006.1705645183191773477 for ; Thu, 18 Jan 2024 22:19:44 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: aspeedtech.com, ip: 211.20.114.72, mailfrom: jamin_lin@aspeedtech.com) Received: from TWMBX02.aspeed.com (192.168.0.25) by TWMBX02.aspeed.com (192.168.0.25) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 19 Jan 2024 14:19:43 +0800 Received: from twmbx02.aspeed.com (192.168.10.10) by TWMBX02.aspeed.com (192.168.0.24) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 19 Jan 2024 14:19:43 +0800 From: Jamin Lin To: Subject: [PATCH v2 3/4] u-boot-sign:uboot-config: support to verify signed FIT image Date: Fri, 19 Jan 2024 14:19:36 +0800 Message-ID: <20240119061937.1368163-3-jamin_lin@aspeedtech.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> References: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> MIME-Version: 1.0 Received-SPF: Fail (TWMBX02.aspeed.com: domain of jamin_lin@aspeedtech.com does not designate 192.168.10.10 as permitted sender) receiver=TWMBX02.aspeed.com; client-ip=192.168.10.10; helo=twmbx02.aspeed.com; List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 19 Jan 2024 06:19:45 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/194012 It does not verify the signed FIT image of kernel and uboot. To catch the unexpected errors as far as possible at the build time, add uboot-fit-check-sign tool which is provided by u-boot to verify the signed FIT image. Signed-off-by: Jamin Lin --- meta/classes-recipe/uboot-config.bbclass | 3 +++ meta/classes-recipe/uboot-sign.bbclass | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/meta/classes-recipe/uboot-config.bbclass b/meta/classes-recipe/uboot-config.bbclass index 9be1d64d3e..0c579e8861 100644 --- a/meta/classes-recipe/uboot-config.bbclass +++ b/meta/classes-recipe/uboot-config.bbclass @@ -94,6 +94,9 @@ SPL_MKIMAGE_SIGN_ARGS ?= "" UBOOT_DTB ?= "" UBOOT_DTB_BINARY ??= "" +# uboot-fit_check_sign command +UBOOT_FIT_CHECK_SIGN ?= "uboot-fit_check_sign" + python () { ubootmachine = d.getVar("UBOOT_MACHINE") ubootconfigflags = d.getVarFlags('UBOOT_CONFIG') diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index 4b462698f9..7a0b8047e4 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass @@ -112,6 +112,10 @@ concat_dtb() { -K "${UBOOT_DTB_BINARY}" \ -r ${B}/fitImage-linux \ ${UBOOT_MKIMAGE_SIGN_ARGS} + # Verify the kernel image and u-boot dtb + ${UBOOT_FIT_CHECK_SIGN} \ + -k "${UBOOT_DTB_BINARY}" \ + -f ${B}/fitImage-linux cp ${UBOOT_DTB_BINARY} ${UBOOT_DTB_SIGNED} fi @@ -316,6 +320,12 @@ EOF -K "${SPL_DIR}/${SPL_DTB_BINARY}" \ -r ${UBOOT_FITIMAGE_BINARY} \ ${SPL_MKIMAGE_SIGN_ARGS} + # + # Verify the U-boot FIT image and SPL dtb + # + ${UBOOT_FIT_CHECK_SIGN} \ + -k "${SPL_DIR}/${SPL_DTB_BINARY}" \ + -f ${UBOOT_FITIMAGE_BINARY} fi if [ -e "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then From patchwork Fri Jan 19 06:19:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jamin Lin X-Patchwork-Id: 38045 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E7B7C4725D for ; Fri, 19 Jan 2024 06:19:55 +0000 (UTC) Received: from TWMBX01.aspeed.com (TWMBX01.aspeed.com [211.20.114.70]) by mx.groups.io with SMTP id smtpd.web10.16007.1705645185269314821 for ; Thu, 18 Jan 2024 22:19:45 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=fail (domain: aspeedtech.com, ip: 211.20.114.70, mailfrom: jamin_lin@aspeedtech.com) Received: from TWMBX02.aspeed.com (192.168.0.24) by TWMBX01.aspeed.com (192.168.0.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.1258.12; Fri, 19 Jan 2024 14:20:08 +0800 Received: from twmbx02.aspeed.com (192.168.10.10) by TWMBX02.aspeed.com (192.168.0.24) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 19 Jan 2024 14:19:44 +0800 From: Jamin Lin To: Subject: [PATCH v2 4/4] uboot-sign: support to load optee-os and TFA images Date: Fri, 19 Jan 2024 14:19:37 +0800 Message-ID: <20240119061937.1368163-4-jamin_lin@aspeedtech.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> References: <20240119061937.1368163-1-jamin_lin@aspeedtech.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 19 Jan 2024 06:19:55 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/194013 Currently, u-boot FIT image only support to load u-boot image. To support optee-os and trusted-firmware-a, update ITS file generation scripts, so users are able to use u-boot FIT image to load u-boot, optee-os and treustred-firmware-a images Add a variable "UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A" to enable trusted-firmware-a image and it is disable by default. Add a variable "UBOOT_FIT_OPTEE_OS" to enable optee-os image and it is disable by default. The ITS file creation looks like as following. 1. Both optee-os and trusted-firmware-a are disabled. ''' /dts-v1/; / { images { uboot { }; fdt { }; }; configurations { default = "conf"; conf { loadables = "uboot"; fdt = "fdt"; }; }; }; ''' 2. Only enable optee-os ''' /dts-v1/; / { images { uboot { }; fdt { }; optee { }; }; configurations { default = "conf"; conf { firmware = "optee"; loadables = "uboot"; fdt = "fdt"; }; }; }; ''' 3. Both optee-os and trusted-firmware-a are enabled ''' /dts-v1/; / { images { uboot { }; fdt { }; atf { }; optee { }; }; configurations { default = "conf"; conf { firmware = "atf"; loadables = "uboot", "optee"; fdt = "fdt"; }; }; }; ''' Signed-off-by: Jamin Lin --- meta/classes-recipe/uboot-sign.bbclass | 91 +++++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index 7a0b8047e4..d2b1013b93 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass @@ -91,6 +91,18 @@ KERNEL_PN = "${PREFERRED_PROVIDER_virtual/kernel}" UBOOT_FIT_UBOOT_LOADADDRESS ?= "${UBOOT_LOADADDRESS}" UBOOT_FIT_UBOOT_ENTRYPOINT ?= "${UBOOT_ENTRYPOINT}" +# Trusted Firmware-A (TF-A) provides a reference implementation of +# secure world software for Armv7-A and Armv8-A, +# including a Secure Monitor executing at Exception Level 3 (EL3) +# ATF is used as the initial start code on ARMv8-A cores for all K3 platforms +UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A ?= "0" +UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A_IMAGE ?= "bl31.bin" + +# OP-TEE is a Trusted Execution Environment (TEE) designed as +# companion to a non-secure Linux kernel running on Arm +UBOOT_FIT_OPTEE_OS ?= "0" +UBOOT_FIT_OPTEE_OS_IMAGE ?= "tee-raw.bin" + python() { # We need u-boot-tools-native if we're creating a U-Boot fitImage sign = d.getVar('UBOOT_SIGN_ENABLE') == '1' @@ -237,6 +249,20 @@ addtask uboot_generate_rsa_keys before do_uboot_assemble_fitimage after do_compi # Create a ITS file for the U-boot FIT, for use when # we want to sign it so that the SPL can verify it uboot_fitimage_assemble() { + conf_loadables="\"uboot\"" + conf_firmware="" + + if [ "${UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A}" = "1" ]; then + conf_firmware="\"atf\"" + if [ "${UBOOT_FIT_OPTEE_OS}" = "1" ]; then + conf_loadables="\"uboot\", \"optee\"" + fi + else + if [ "${UBOOT_FIT_OPTEE_OS}" = "1" ]; then + conf_firmware="\"optee\"" + fi + fi + rm -f ${UBOOT_ITS} ${UBOOT_FITIMAGE_BINARY} # First we create the ITS script @@ -289,13 +315,76 @@ EOF cat << EOF >> ${UBOOT_ITS} }; +EOF + if [ "${UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A}" = "1" ] ; then + cat << EOF >> ${UBOOT_ITS} + atf { + description = "ARM Trusted Firmware-A"; + data = /incbin/("${UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A_IMAGE}"); + type = "firmware"; + arch = "${UBOOT_ARCH}"; + os = "arm-trusted-firmware"; + load = <${UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A_LOADADDRESS}>; + entry = <${UBOOT_FIT_ARM_TRUSTED_FIRMWARE_A_ENTRYPOINT}>; + compression = "none"; +EOF + + if [ "${SPL_SIGN_ENABLE}" = "1" ] ; then + cat << EOF >> ${UBOOT_ITS} + signature { + algo = "${UBOOT_FIT_HASH_ALG},${UBOOT_FIT_SIGN_ALG}"; + key-name-hint = "${SPL_SIGN_KEYNAME}"; + }; +EOF + fi + + cat << EOF >> ${UBOOT_ITS} + }; +EOF + fi + + if [ "${UBOOT_FIT_OPTEE_OS}" = "1" ] ; then + cat << EOF >> ${UBOOT_ITS} + optee { + description = "OPTEE OS Image"; + data = /incbin/("${UBOOT_FIT_OPTEE_OS_IMAGE}"); + type = "tee"; + arch = "${UBOOT_ARCH}"; + os = "tee"; + load = <${UBOOT_FIT_OPTEE_OS_LOADADDRESS}>; + entry = <${UBOOT_FIT_OPTEE_OS_ENTRYPOINT}>; + compression = "none"; +EOF + + if [ "${SPL_SIGN_ENABLE}" = "1" ] ; then + cat << EOF >> ${UBOOT_ITS} + signature { + algo = "${UBOOT_FIT_HASH_ALG},${UBOOT_FIT_SIGN_ALG}"; + key-name-hint = "${SPL_SIGN_KEYNAME}"; + }; +EOF + fi + + cat << EOF >> ${UBOOT_ITS} + }; +EOF + fi + + cat << EOF >> ${UBOOT_ITS} }; configurations { default = "conf"; conf { description = "Boot with signed U-Boot FIT"; - loadables = "uboot"; +EOF + if [ -n "${conf_firmware}" ]; then + cat << EOF >> ${UBOOT_ITS} + firmware = ${conf_firmware}; +EOF + fi + cat << EOF >> ${UBOOT_ITS} + loadables = ${conf_loadables}; fdt = "fdt"; }; };