Commit 9e7d6631 authored by Sandrine Bailleux's avatar Sandrine Bailleux
Browse files

Refactor load_auth_image_internal().



The pre-processor directives make it hard to read the non-TBB version of
this function. Refactor the code to improve readability. No functional
change introduced.

In particular, introduce a new helper function load_image_flush(),
that simply loads an image and flushes it out to main memory. This is
the only thing load_auth_image_internal() needs to do when TBB is
disabled or when authentication is dynamically disabled.

In other cases, we need to recursively authenticate the parent images up
to the root of trust. To make this clearer, this code gets moved to a
TBB-specific helper function called load_auth_image_recursive().

As a result, load_auth_image_internal() now boils down to calling the
right helper function (depending on TBB enablement and dynamic
authentication status).

Change-Id: I20a39a3b833810b97ecf4219358e7d2cac263890
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
parent 1d2b4161
......@@ -143,26 +143,45 @@ exit:
return io_result;
}
static int load_auth_image_internal(unsigned int image_id,
/*
* Load an image and flush it out to main memory so that it can be executed
* later by any CPU, regardless of cache and MMU state.
*/
static int load_image_flush(unsigned int image_id,
image_info_t *image_data)
{
int rc;
rc = load_image(image_id, image_data);
if (rc == 0) {
flush_dcache_range(image_data->image_base,
image_data->image_size);
}
return rc;
}
#if TRUSTED_BOARD_BOOT
/*
* This function uses recursion to authenticate the parent images up to the root
* of trust.
*/
static int load_auth_image_recursive(unsigned int image_id,
image_info_t *image_data,
int is_parent_image)
{
int rc;
unsigned int parent_id;
#if TRUSTED_BOARD_BOOT
if (dyn_is_auth_disabled() == 0) {
unsigned int parent_id;
/* Use recursion to authenticate parent images */
rc = auth_mod_get_parent_id(image_id, &parent_id);
if (rc == 0) {
rc = load_auth_image_internal(parent_id, image_data, 1);
if (rc != 0) {
return rc;
}
/* Use recursion to authenticate parent images */
rc = auth_mod_get_parent_id(image_id, &parent_id);
if (rc == 0) {
rc = load_auth_image_recursive(parent_id, image_data, 1);
if (rc != 0) {
return rc;
}
}
#endif /* TRUSTED_BOARD_BOOT */
/* Load the image */
rc = load_image(image_id, image_data);
......@@ -170,51 +189,58 @@ static int load_auth_image_internal(unsigned int image_id,
return rc;
}
#if TRUSTED_BOARD_BOOT
if (dyn_is_auth_disabled() == 0) {
/* Authenticate it */
rc = auth_mod_verify_img(image_id,
(void *)image_data->image_base,
image_data->image_size);
if (rc != 0) {
/* Authentication error, zero memory and flush it right away. */
zero_normalmem((void *)image_data->image_base,
/* Authenticate it */
rc = auth_mod_verify_img(image_id,
(void *)image_data->image_base,
image_data->image_size);
if (rc != 0) {
/* Authentication error, zero memory and flush it right away. */
zero_normalmem((void *)image_data->image_base,
image_data->image_size);
flush_dcache_range(image_data->image_base,
image_data->image_size);
return -EAUTH;
}
flush_dcache_range(image_data->image_base,
image_data->image_size);
return -EAUTH;
}
#endif /* TRUSTED_BOARD_BOOT */
/*
* Flush the image to main memory so that it can be executed later by
* any CPU, regardless of cache and MMU state. If TBB is enabled, then
* the file has been successfully loaded and authenticated and flush
* only for child images, not for the parents (certificates).
* any CPU, regardless of cache and MMU state. This is only needed for
* child images, not for the parents (certificates).
*/
if (is_parent_image == 0) {
flush_dcache_range(image_data->image_base,
image_data->image_size);
}
return 0;
}
#endif /* TRUSTED_BOARD_BOOT */
static int load_auth_image_internal(unsigned int image_id,
image_info_t *image_data)
{
#if TRUSTED_BOARD_BOOT
if (dyn_is_auth_disabled() == 0) {
return load_auth_image_recursive(image_id, image_data, 0);
}
#endif
return load_image_flush(image_id, image_data);
}
/*******************************************************************************
* Generic function to load and authenticate an image. The image is actually
* loaded by calling the 'load_image()' function. Therefore, it returns the
* same error codes if the loading operation failed, or -EAUTH if the
* authentication failed. In addition, this function uses recursion to
* authenticate the parent images up to the root of trust.
* authenticate the parent images up to the root of trust (if TBB is enabled).
******************************************************************************/
int load_auth_image(unsigned int image_id, image_info_t *image_data)
{
int err;
do {
err = load_auth_image_internal(image_id, image_data, 0);
err = load_auth_image_internal(image_id, image_data);
} while ((err != 0) && (plat_try_next_boot_source() != 0));
return err;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment