aboutsummaryrefslogtreecommitdiff
path: root/bl2
diff options
context:
space:
mode:
authorJuan Castillo <juan.castillo@arm.com>2015-05-19 11:54:12 +0100
committerJuan Castillo <juan.castillo@arm.com>2015-06-25 08:53:27 +0100
commit1779ba6b97fbff87290f164c7c78559329173e02 (patch)
tree366ee19673e8fbe3b36e676f77511c4f3e4e1268 /bl2
parentccbf890e5e2fb75b4df30f50f06c505702a0e01c (diff)
downloadtrusted-firmware-a-1779ba6b97fbff87290f164c7c78559329173e02.tar.gz
TBB: switch to the new authentication framework
This patch modifies the Trusted Board Boot implementation to use the new authentication framework, making use of the authentication module, the cryto module and the image parser module to authenticate the images in the Chain of Trust. A new function 'load_auth_image()' has been implemented. When TBB is enabled, this function will call the authentication module to authenticate parent images following the CoT up to the root of trust to finally load and authenticate the requested image. The platform is responsible for picking up the right makefiles to build the corresponding cryptographic and image parser libraries. ARM platforms use the mbedTLS based libraries. The platform may also specify what key algorithm should be used to sign the certificates. This is done by declaring the 'KEY_ALG' variable in the platform makefile. FVP and Juno use ECDSA keys. On ARM platforms, BL2 and BL1-RW regions have been increased 4KB each to accommodate the ECDSA code. REMOVED BUILD OPTIONS: * 'AUTH_MOD' Change-Id: I47d436589fc213a39edf5f5297bbd955f15ae867
Diffstat (limited to 'bl2')
-rw-r--r--bl2/bl2_main.c296
1 files changed, 42 insertions, 254 deletions
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index aba0afcfe6..4c19002522 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -31,7 +31,7 @@
#include <arch.h>
#include <arch_helpers.h>
#include <assert.h>
-#include <auth.h>
+#include <auth_mod.h>
#include <bl_common.h>
#include <debug.h>
#include <platform.h>
@@ -39,147 +39,6 @@
#include <stdint.h>
#include "bl2_private.h"
-#if TRUSTED_BOARD_BOOT
-
-#ifdef BL32_BASE
-static int bl32_cert_error;
-#endif
-
-/*
- * Load and authenticate the key and content certificates for a BL3-x image.
- * The _blob values identify the authentication objects (an object may be seen
- * as a single stage in the authentication process). See auth.h for the complete
- * list of objects. The _id values are passed to the IO framework to identify
- * the images to load.
- *
- * Parameters:
- * key_cert_blob: key certificate blob id (see auth.h)
- * key_cert_id: key certificate image identifier (for IO framework)
- * cont_cert_blob: content certificate blob id (see auth.h)
- * cont_cert_id: content certificate image identifier (for IO framework)
- * mem_layout: Trusted SRAM memory layout
- * load_addr: load the certificates at this address
- *
- * Return: 0 = success, Otherwise = error
- */
-static int load_cert_bl3x(unsigned int key_cert_blob, unsigned int key_cert_id,
- unsigned int cont_cert_blob, unsigned int cont_cert_id,
- meminfo_t *mem_layout, uint64_t load_addr)
-{
- image_info_t image_info;
- int err;
-
- /* Load Key certificate */
- image_info.h.version = VERSION_1;
- err = load_image(mem_layout, key_cert_id, load_addr, &image_info, NULL);
- if (err) {
- ERROR("Cannot load key certificate id=%u\n", key_cert_id);
- return err;
- }
-
- err = auth_verify_obj(key_cert_blob, image_info.image_base,
- image_info.image_size);
- if (err) {
- ERROR("Invalid key certificate id=%u\n", key_cert_id);
- return err;
- }
-
- /* Load Content certificate */
- image_info.h.version = VERSION_1;
- err = load_image(mem_layout, cont_cert_id, load_addr, &image_info, NULL);
- if (err) {
- ERROR("Cannot load content certificate id=%u\n",
- cont_cert_id);
- return err;
- }
-
- err = auth_verify_obj(cont_cert_blob, image_info.image_base,
- image_info.image_size);
- if (err) {
- ERROR("Invalid content certificate id=%u\n", cont_cert_id);
- return err;
- }
-
- return 0;
-}
-
-/*
- * Load and authenticate the Trusted Key certificate the key and content
- * certificates for each of the BL3-x images.
- *
- * Return: 0 = success, Otherwise = error
- */
-static int load_certs(void)
-{
- const uint64_t load_addr = BL31_BASE;
- image_info_t image_info;
- meminfo_t *mem_layout;
- int err;
-
- /* Find out how much free trusted ram remains after BL2 load */
- mem_layout = bl2_plat_sec_mem_layout();
-
- /* Load the Trusted Key certificate in the BL31 region */
- image_info.h.version = VERSION_1;
- err = load_image(mem_layout, TRUSTED_KEY_CERT_ID, load_addr,
- &image_info, NULL);
- if (err) {
- ERROR("Failed to load Trusted Key certificate.\n");
- return err;
- }
-
- /* Validate the certificate */
- err = auth_verify_obj(AUTH_TRUSTED_KEY_CERT, image_info.image_base,
- image_info.image_size);
- if (err) {
- ERROR("Invalid Trusted Key certificate.\n");
- return err;
- }
-
- /* Load and validate Key and Content certificates for BL3-x images */
-#ifdef BL30_BASE
- err = load_cert_bl3x(AUTH_BL30_KEY_CERT, BL30_KEY_CERT_ID,
- AUTH_BL30_IMG_CERT, BL30_CERT_ID,
- mem_layout, load_addr);
- if (err) {
- ERROR("Failed to verify BL3-0 authenticity\n");
- return err;
- }
-#endif /* BL30_BASE */
-
- err = load_cert_bl3x(AUTH_BL31_KEY_CERT, BL31_KEY_CERT_ID,
- AUTH_BL31_IMG_CERT, BL31_CERT_ID,
- mem_layout, load_addr);
- if (err) {
- ERROR("Failed to verify BL3-1 authenticity\n");
- return err;
- }
-
-#ifdef BL32_BASE
- /* BL3-2 image is optional, but keep the return value in case the
- * image is present but the certificate is missing */
- err = load_cert_bl3x(AUTH_BL32_KEY_CERT, BL32_KEY_CERT_ID,
- AUTH_BL32_IMG_CERT, BL32_CERT_ID,
- mem_layout, load_addr);
- if (err) {
- WARN("Failed to verify BL3-2 authenticity\n");
- }
- bl32_cert_error = err;
-#endif /* BL32_BASE */
-
- err = load_cert_bl3x(AUTH_BL33_KEY_CERT, BL33_KEY_CERT_ID,
- AUTH_BL33_IMG_CERT, BL33_CERT_ID,
- mem_layout, load_addr);
- if (err) {
- ERROR("Failed to verify BL3-3 authenticity\n");
- return err;
- }
-
- return 0;
-}
-
-#endif /* TRUSTED_BOARD_BOOT */
-
/*******************************************************************************
* Load the BL3-0 image if there's one.
* If a platform does not want to attempt to load BL3-0 image it must leave
@@ -205,34 +64,18 @@ static int load_bl30(void)
INFO("BL2: Loading BL3-0\n");
bl2_plat_get_bl30_meminfo(&bl30_mem_info);
bl30_image_info.h.version = VERSION_1;
- e = load_image(&bl30_mem_info,
- BL30_IMAGE_ID,
- BL30_BASE,
- &bl30_image_info,
- NULL);
-
- if (e)
- return e;
-
-#if TRUSTED_BOARD_BOOT
- e = auth_verify_obj(AUTH_BL30_IMG,
- bl30_image_info.image_base,
- bl30_image_info.image_size);
- if (e) {
- ERROR("Failed to authenticate BL3-0 image.\n");
- return e;
- }
-
- /* After working with data, invalidate the data cache */
- inv_dcache_range(bl30_image_info.image_base,
- (size_t)bl30_image_info.image_size);
-#endif /* TRUSTED_BOARD_BOOT */
-
- /* The subsequent handling of BL3-0 is platform specific */
- e = bl2_plat_handle_bl30(&bl30_image_info);
- if (e) {
- ERROR("Failure in platform-specific handling of BL3-0 image.\n");
- return e;
+ e = load_auth_image(&bl30_mem_info,
+ BL30_IMAGE_ID,
+ BL30_BASE,
+ &bl30_image_info,
+ NULL);
+
+ if (e == 0) {
+ /* The subsequent handling of BL3-0 is platform specific */
+ e = bl2_plat_handle_bl30(&bl30_image_info);
+ if (e) {
+ ERROR("Failure in platform-specific handling of BL3-0 image.\n");
+ }
}
#endif /* BL30_BASE */
@@ -262,31 +105,17 @@ static int load_bl31(bl31_params_t *bl2_to_bl31_params,
bl31_ep_info->args.arg0 = (unsigned long)bl2_to_bl31_params;
/* Load the BL3-1 image */
- e = load_image(bl2_tzram_layout,
- BL31_IMAGE_ID,
- BL31_BASE,
- bl2_to_bl31_params->bl31_image_info,
- bl31_ep_info);
- if (e)
- return e;
-
-#if TRUSTED_BOARD_BOOT
- e = auth_verify_obj(AUTH_BL31_IMG,
- bl2_to_bl31_params->bl31_image_info->image_base,
- bl2_to_bl31_params->bl31_image_info->image_size);
- if (e) {
- ERROR("Failed to authenticate BL3-1 image.\n");
- return e;
+ e = load_auth_image(bl2_tzram_layout,
+ BL31_IMAGE_ID,
+ BL31_BASE,
+ bl2_to_bl31_params->bl31_image_info,
+ bl31_ep_info);
+
+ if (e == 0) {
+ bl2_plat_set_bl31_ep_info(bl2_to_bl31_params->bl31_image_info,
+ bl31_ep_info);
}
- /* After working with data, invalidate the data cache */
- inv_dcache_range(bl2_to_bl31_params->bl31_image_info->image_base,
- (size_t)bl2_to_bl31_params->bl31_image_info->image_size);
-#endif /* TRUSTED_BOARD_BOOT */
-
- bl2_plat_set_bl31_ep_info(bl2_to_bl31_params->bl31_image_info,
- bl31_ep_info);
-
return e;
}
@@ -314,37 +143,17 @@ static int load_bl32(bl31_params_t *bl2_to_bl31_params)
* completely different memory.
*/
bl2_plat_get_bl32_meminfo(&bl32_mem_info);
- e = load_image(&bl32_mem_info,
- BL32_IMAGE_ID,
- BL32_BASE,
- bl2_to_bl31_params->bl32_image_info,
- bl2_to_bl31_params->bl32_ep_info);
-
- if (e)
- return e;
-
-#if TRUSTED_BOARD_BOOT
- /* Image is present. Check if there is a valid certificate */
- if (bl32_cert_error) {
- ERROR("Failed to authenticate BL3-2 certificates.\n");
- return bl32_cert_error;
- }
-
- e = auth_verify_obj(AUTH_BL32_IMG,
- bl2_to_bl31_params->bl32_image_info->image_base,
- bl2_to_bl31_params->bl32_image_info->image_size);
- if (e) {
- ERROR("Failed to authenticate BL3-2 image.\n");
- return e;
+ e = load_auth_image(&bl32_mem_info,
+ BL32_IMAGE_ID,
+ BL32_BASE,
+ bl2_to_bl31_params->bl32_image_info,
+ bl2_to_bl31_params->bl32_ep_info);
+
+ if (e == 0) {
+ bl2_plat_set_bl32_ep_info(
+ bl2_to_bl31_params->bl32_image_info,
+ bl2_to_bl31_params->bl32_ep_info);
}
- /* After working with data, invalidate the data cache */
- inv_dcache_range(bl2_to_bl31_params->bl32_image_info->image_base,
- (size_t)bl2_to_bl31_params->bl32_image_info->image_size);
-#endif /* TRUSTED_BOARD_BOOT */
-
- bl2_plat_set_bl32_ep_info(
- bl2_to_bl31_params->bl32_image_info,
- bl2_to_bl31_params->bl32_ep_info);
#endif /* BL32_BASE */
return e;
@@ -367,30 +176,16 @@ static int load_bl33(bl31_params_t *bl2_to_bl31_params)
bl2_plat_get_bl33_meminfo(&bl33_mem_info);
/* Load the BL3-3 image in non-secure memory provided by the platform */
- e = load_image(&bl33_mem_info,
- BL33_IMAGE_ID,
- plat_get_ns_image_entrypoint(),
- bl2_to_bl31_params->bl33_image_info,
- bl2_to_bl31_params->bl33_ep_info);
-
- if (e)
- return e;
-
-#if TRUSTED_BOARD_BOOT
- e = auth_verify_obj(AUTH_BL33_IMG,
- bl2_to_bl31_params->bl33_image_info->image_base,
- bl2_to_bl31_params->bl33_image_info->image_size);
- if (e) {
- ERROR("Failed to authenticate BL3-3 image.\n");
- return e;
+ e = load_auth_image(&bl33_mem_info,
+ BL33_IMAGE_ID,
+ plat_get_ns_image_entrypoint(),
+ bl2_to_bl31_params->bl33_image_info,
+ bl2_to_bl31_params->bl33_ep_info);
+
+ if (e == 0) {
+ bl2_plat_set_bl33_ep_info(bl2_to_bl31_params->bl33_image_info,
+ bl2_to_bl31_params->bl33_ep_info);
}
- /* After working with data, invalidate the data cache */
- inv_dcache_range(bl2_to_bl31_params->bl33_image_info->image_base,
- (size_t)bl2_to_bl31_params->bl33_image_info->image_size);
-#endif /* TRUSTED_BOARD_BOOT */
-
- bl2_plat_set_bl33_ep_info(bl2_to_bl31_params->bl33_image_info,
- bl2_to_bl31_params->bl33_ep_info);
return e;
}
@@ -414,14 +209,7 @@ void bl2_main(void)
#if TRUSTED_BOARD_BOOT
/* Initialize authentication module */
- auth_init();
-
- /* Validate the certificates involved in the Chain of Trust */
- e = load_certs();
- if (e) {
- ERROR("Chain of Trust invalid. Aborting...\n");
- panic();
- }
+ auth_mod_init();
#endif /* TRUSTED_BOARD_BOOT */
/*