From db4845349399f9fd5a2a9027e0376372f67c4d60 Mon Sep 17 00:00:00 2001 From: Siva Durga Prasad Paladugu Date: Tue, 4 Sep 2018 18:05:50 +0530 Subject: [PATCH] zynqmp: Add ATF support for Data blob encryption and decryption This patch adds ATF support for AES data blob encrypt/decrypt. ATF establishes a path to send the address of the structure to the xilsecure, so that it will pick addresses of the data and performs the requested operation (encrypt/decrypt) and puts the result in load address. where structure contains - Data blob src address - load address - IV address - Key address - this will actual key addr in case of KUP else it will be zero. - Data-size - Aes-op type - KeySrc Signed-off-by: Kalyani Akula Signed-off-by: Siva Durga Prasad Paladugu --- plat/xilinx/zynqmp/pm_service/pm_api_sys.c | 24 +++++++++++++++++++++ plat/xilinx/zynqmp/pm_service/pm_api_sys.h | 3 +++ plat/xilinx/zynqmp/pm_service/pm_defs.h | 1 + plat/xilinx/zynqmp/pm_service/pm_svc_main.c | 8 +++++++ 4 files changed, 36 insertions(+) diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c index 18c6cd734..e85b2cee3 100644 --- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c +++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c @@ -601,6 +601,30 @@ enum pm_ret_status pm_secure_rsaaes(uint32_t address_low, return pm_ipi_send_sync(primary_proc, payload, NULL, 0); } +/** + * pm_aes_engine() - Aes data blob encryption/decryption + * This function provides access to the xilsecure library to + * encrypt/decrypt data blobs. + * + * address_low: lower 32-bit address of the AesParams structure + * + * address_high: higher 32-bit address of the AesParams structure + * + * value: Returned output value + * + * @return Returns status, either success or error+reason + */ +enum pm_ret_status pm_aes_engine(uint32_t address_high, + uint32_t address_low, + uint32_t *value) +{ + uint32_t payload[PAYLOAD_ARG_CNT]; + + /* Send request to the PMU */ + PM_PACK_PAYLOAD3(payload, PM_SECURE_AES, address_high, address_low); + return pm_ipi_send_sync(primary_proc, payload, value, 1); +} + /** * pm_pinctrl_request() - Request Pin from firmware * @pin Pin number to request diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h index 3726e8569..1c9255e6f 100644 --- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h +++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h @@ -172,5 +172,8 @@ enum pm_ret_status pm_fpga_read(uint32_t reg_numframes, uint32_t address_high, uint32_t readback_type, uint32_t *value); +enum pm_ret_status pm_aes_engine(uint32_t address_high, + uint32_t address_low, + uint32_t *value); #endif /* _PM_API_SYS_H_ */ diff --git a/plat/xilinx/zynqmp/pm_service/pm_defs.h b/plat/xilinx/zynqmp/pm_service/pm_defs.h index 0775bf9e6..1fbf6eed9 100644 --- a/plat/xilinx/zynqmp/pm_service/pm_defs.h +++ b/plat/xilinx/zynqmp/pm_service/pm_defs.h @@ -91,6 +91,7 @@ enum pm_api_id { PM_SECURE_IMAGE, /* FPGA PL Readback */ PM_FPGA_READ, + PM_SECURE_AES, PM_API_MAX }; diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c index 92b7b3e83..7790c979d 100644 --- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c +++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c @@ -555,6 +555,14 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3, SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32); } + case PM_SECURE_AES: + { + uint32_t value; + + ret = pm_aes_engine(pm_arg[0], pm_arg[1], &value); + SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32); + } + default: WARN("Unimplemented PM Service Call: 0x%x\n", smc_fid); SMC_RET1(handle, SMC_UNK); -- GitLab