nxp: supports two mode of trusted board boot

NXP SoC supports two TBB mode: - MBED_TLS based -- ROTK key hash is placed as part of the BL2 binary at section: --- .rodata.nxp_rotpk_hash -- Supporting non-volatile counter via SFP. -- platform function used by TFA common authentication code. - NXP CSF based -- ROTK key deployment vary from MBEDTLS Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Ib0f0bf024fd93de906c5d4f609383ae9e02b2fbc

nxp: supports two mode of trusted board boot
NXP SoC supports two TBB mode: - MBED_TLS based -- ROTK key hash is placed as part of the BL2 binary at section: --- .rodata.nxp_rotpk_hash -- Supporting non-volatile counter via SFP. -- platform function used by TFA common authentication code. - NXP CSF based -- ROTK key deployment vary from MBEDTLS Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Ib0f0bf024fd93de906c5d4f609383ae9e02b2fbc
99cd54f3 · Pankaj Gupta · 6df5c0c9 · 99cd54f3 · 99cd54f3 · 99cd54f3
Commit 99cd54f3 authored Dec 09, 2020 by Pankaj Gupta
--- a/plat/nxp/common/tbbr/csf_tbbr.c
+++ b/plat/nxp/common/tbbr/csf_tbbr.c
+/*
+ * Copyright 2018-2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ *
+ */
+#include <errno.h>
+#include <common/debug.h>
+#include <csf_hdr.h>
+#include <dcfg.h>
+#include <drivers/auth/crypto_mod.h>
+#include <snvs.h>
+#include <plat/common/platform.h>
+#include "plat_common.h"
+extern bool rotpk_not_dpld;
+extern uint8_t rotpk_hash_table[MAX_KEY_ENTRIES][SHA256_BYTES];
+extern uint32_t num_rotpk_hash_entries;
+/*
+ * In case of secure boot, return ptr of rotpk_hash table in key_ptr and
+ * number of hashes in key_len
+ */
+int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
+			unsigned int *flags)
+{
+	uint32_t mode = 0U;
+	*flags = ROTPK_NOT_DEPLOYED;
+	/* ROTPK hash table must be available for secure boot */
+	if (rotpk_not_dpld == true) {
+		if (check_boot_mode_secure(&mode) == true) {
+			/* Production mode, don;t continue further */
+			if (mode == 1U) {
+				return -EAUTH;
+			}
+			/* For development mode, rotpk flag false
+			 * indicates that SRK hash comparison might
+			 * have failed. This is not fatal error.
+			 * Continue in this case but transition SNVS
+			 * to non-secure state
+			 */
+			transition_snvs_non_secure();
+			return 0;
+		} else {
+			return 0;
+		}
+	}
+	/*
+	 * We return the complete hash table and number of entries in
+	 * table for NXP platform specific implementation.
+	 * Here hash is always assume as SHA-256
+	 */
+	*key_ptr = rotpk_hash_table;
+	*key_len = num_rotpk_hash_entries;
+	*flags = ROTPK_IS_HASH;
+	return 0;
+}
+int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
+{
+	/*
+	 * No support for non-volatile counter. Update the ROT key to protect
+	 * the system against rollback.
+	 */
+	*nv_ctr = 0U;
+	return 0;
+}
+int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
+{
+	return 0;
+}
--- a/plat/nxp/common/tbbr/nxp_rotpk.S
+++ b/plat/nxp/common/tbbr/nxp_rotpk.S
+/*
+ * Copyright 2018-2020 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ *
+ */
+#ifndef _CSF_HDR_H_
+	.global nxp_rotpk_hash
+	.global nxp_rotpk_hash_end
+	.section .rodata.nxp_rotpk_hash, "a"
+nxp_rotpk_hash:
+	/* DER header */
+	.byte 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48
+	.byte 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
+	/* SHA256 */
+	.incbin ROTPK_HASH
+nxp_rotpk_hash_end:
+#endif
--- a/plat/nxp/common/tbbr/tbbr.mk
+++ b/plat/nxp/common/tbbr/tbbr.mk
+#
+# Copyright 2020 NXP
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# For TRUSTED_BOARD_BOOT platforms need to include this makefile
+# Following definations are to be provided by platform.mk file or
+# by user - BL33_INPUT_FILE, BL32_INPUT_FILE, BL31_INPUT_FILE
+ifeq ($(CHASSIS), 2)
+include $(PLAT_DRIVERS_PATH)/csu/csu.mk
+CSF_FILE		:=	input_blx_ch${CHASSIS}
+BL2_CSF_FILE		:=	input_bl2_ch${CHASSIS}
+else
+ifeq ($(CHASSIS), 3_2)
+CSF_FILE		:=	input_blx_ch3
+BL2_CSF_FILE		:=	input_bl2_ch${CHASSIS}
+PBI_CSF_FILE		:=	input_pbi_ch${CHASSIS}
+$(eval $(call add_define, CSF_HDR_CH3))
+else
+    $(error -> CHASSIS not set!)
+endif
+endif
+PLAT_AUTH_PATH		:=  $(PLAT_DRIVERS_PATH)/auth
+ifeq (${BL2_INPUT_FILE},)
+    BL2_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${BL2_CSF_FILE}
+endif
+ifeq (${PBI_INPUT_FILE},)
+    PBI_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${PBI_CSF_FILE}
+endif
+# If MBEDTLS_DIR is not specified, use CSF Header option
+ifeq (${MBEDTLS_DIR},)
+    # Generic image processing filters to prepend CSF header
+    ifeq (${BL33_INPUT_FILE},)
+    BL33_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${CSF_FILE}
+    endif
+    ifeq (${BL31_INPUT_FILE},)
+    BL31_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${CSF_FILE}
+    endif
+    ifeq (${BL32_INPUT_FILE},)
+    BL32_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${CSF_FILE}
+    endif
+    ifeq (${FUSE_INPUT_FILE},)
+    FUSE_INPUT_FILE	:= $(PLAT_AUTH_PATH)/csf_hdr_parser/${CSF_FILE}
+    endif
+    PLAT_INCLUDES	+= -I$(PLAT_DRIVERS_PATH)/sfp
+    PLAT_TBBR_SOURCES	+= $(PLAT_AUTH_PATH)/csf_hdr_parser/cot.c	\
+			   $(PLAT_COMMON_PATH)/tbbr/csf_tbbr.c
+    # IMG PARSER here is CSF header parser
+    include $(PLAT_DRIVERS_PATH)/auth/csf_hdr_parser/csf_hdr.mk
+    PLAT_TBBR_SOURCES 	+=	$(CSF_HDR_SOURCES)
+    SCP_BL2_PRE_TOOL_FILTER	:= CST_SCP_BL2
+    BL31_PRE_TOOL_FILTER	:= CST_BL31
+    BL32_PRE_TOOL_FILTER	:= CST_BL32
+    BL33_PRE_TOOL_FILTER	:= CST_BL33
+else
+    ifeq (${DISABLE_FUSE_WRITE}, 1)
+        $(eval $(call add_define,DISABLE_FUSE_WRITE))
+    endif
+    # For Mbedtls currently crypto is not supported via CAAM
+    # enable it when that support is there
+    CAAM_INTEG		:= 0
+    KEY_ALG		:= rsa
+    KEY_SIZE		:= 2048
+    $(eval $(call add_define,MBEDTLS_X509))
+    ifeq (${PLAT_DDR_PHY},PHY_GEN2)
+        $(eval $(call add_define,PLAT_DEF_OID))
+    endif
+    include drivers/auth/mbedtls/mbedtls_x509.mk
+    PLAT_TBBR_SOURCES	+= $(PLAT_AUTH_PATH)/tbbr/tbbr_cot.c \
+			   $(PLAT_COMMON_PATH)/tbbr/nxp_rotpk.S \
+			   $(PLAT_COMMON_PATH)/tbbr/x509_tbbr.c
+    #ROTPK key is embedded in BL2 image
+    ifeq (${ROT_KEY},)
+	ROT_KEY		= $(BUILD_PLAT)/rot_key.pem
+    endif
+    ifeq (${SAVE_KEYS},1)
+        ifeq (${TRUSTED_WORLD_KEY},)
+            TRUSTED_WORLD_KEY = ${BUILD_PLAT}/trusted.pem
+        endif
+        ifeq (${NON_TRUSTED_WORLD_KEY},)
+            NON_TRUSTED_WORLD_KEY = ${BUILD_PLAT}/non-trusted.pem
+        endif
+        ifeq (${BL31_KEY},)
+            BL31_KEY = ${BUILD_PLAT}/soc.pem
+        endif
+        ifeq (${BL32_KEY},)
+            BL32_KEY = ${BUILD_PLAT}/trusted_os.pem
+        endif
+        ifeq (${BL33_KEY},)
+            BL33_KEY = ${BUILD_PLAT}/non-trusted_os.pem
+        endif
+    endif
+    ROTPK_HASH		= $(BUILD_PLAT)/rotpk_sha256.bin
+    $(eval $(call add_define_val,ROTPK_HASH,'"$(ROTPK_HASH)"'))
+    $(BUILD_PLAT)/bl2/nxp_rotpk.o: $(ROTPK_HASH)
+    certificates: $(ROT_KEY)
+    $(ROT_KEY): | $(BUILD_PLAT)
+	@echo "  OPENSSL $@"
+	@if [ ! -f $(ROT_KEY) ]; then \
+		openssl genrsa 2048 > $@ 2>/dev/null; \
+	fi
+    $(ROTPK_HASH): $(ROT_KEY)
+	@echo "  OPENSSL $@"
+	$(Q)openssl rsa -in $< -pubout -outform DER 2>/dev/null |\
+	openssl dgst -sha256 -binary > $@ 2>/dev/null
+endif #MBEDTLS_DIR
+PLAT_INCLUDES		+=	-Iinclude/common/tbbr
+# Generic files for authentication framework
+TBBR_SOURCES		+=	drivers/auth/auth_mod.c		\
+				drivers/auth/crypto_mod.c	\
+				drivers/auth/img_parser_mod.c	\
+				plat/common/tbbr/plat_tbbr.c	\
+				${PLAT_TBBR_SOURCES}
+# If CAAM_INTEG is not defined (would be scenario with MBED TLS)
+# include mbedtls_crypto
+ifeq (${CAAM_INTEG},0)
+    include drivers/auth/mbedtls/mbedtls_crypto.mk
+else
+    include $(PLAT_DRIVERS_PATH)/crypto/caam/src/auth/auth.mk
+    TBBR_SOURCES	+= ${AUTH_SOURCES}
+endif
--- a/plat/nxp/common/tbbr/x509_tbbr.c
+++ b/plat/nxp/common/tbbr/x509_tbbr.c
+/*
+ * Copyright 2018-2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#include <assert.h>
+#include <stdint.h>
+#include <string.h>
+#include <common/debug.h>
+#include <lib/cassert.h>
+#include <sfp.h>
+#include <tools_share/tbbr_oid.h>
+#include <plat/common/platform.h>
+#include "plat_common.h"
+extern char nxp_rotpk_hash[], nxp_rotpk_hash_end[];
+int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
+			unsigned int *flags)
+{
+	*key_ptr = nxp_rotpk_hash;
+	*key_len = nxp_rotpk_hash_end - nxp_rotpk_hash;
+	*flags = ROTPK_IS_HASH;
+	return 0;
+}
+int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
+{
+	const char *oid;
+	uint32_t uid_num;
+	uint32_t val = 0U;
+	assert(cookie != NULL);
+	assert(nv_ctr != NULL);
+	oid = (const char *)cookie;
+	if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
+		uid_num = 3U;
+	} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
+		uid_num = 4U;
+	} else {
+		return 1;
+	}
+	val = sfp_read_oem_uid(uid_num);
+	INFO("SFP Value read is %x from UID %d\n", val, uid_num);
+	if (val == 0U) {
+		*nv_ctr = 0U;
+	} else {
+		*nv_ctr = (32U - __builtin_clz(val));
+	}
+	INFO("NV Counter value for UID %d is %d\n", uid_num, *nv_ctr);
+	return 0;
+}
+int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
+{
+	const char *oid;
+	uint32_t uid_num, sfp_val;
+	assert(cookie != NULL);
+	/* Counter values upto 32 are supported */
+	if (nv_ctr > 32U) {
+		return 1;
+	}
+	oid = (const char *)cookie;
+	if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
+		uid_num = 3U;
+	} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
+		uid_num = 4U;
+	} else {
+		return 1;
+	}
+	sfp_val = (1U << (nv_ctr - 1));
+	if (sfp_write_oem_uid(uid_num, sfp_val) == 1) {
+		/* Enable POVDD on board */
+		if (board_enable_povdd()) {
+			sfp_program_fuses();
+		}
+		/* Disable POVDD on board */
+		board_disable_povdd();
+	} else {
+		ERROR("Invalid OEM UID sent.\n");
+		return 1;
+	}
+	return 0;
+}
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
+{
+	return get_mbedtls_heap_helper(heap_addr, heap_size);
+}