From: Biju Das <biju.das.jz@bp.renesas.com>
Date: Wed, 16 Dec 2020 11:11:09 +0000 (+0000)
Subject: drivers: renesas: auth: Move to common
X-Git-Tag: baikal/aarch64/sdk5.9~1031^2~6
X-Git-Url: https://git.baikalelectronics.ru/sdk/?a=commitdiff_plain;h=9a0c8b7c579032817d0159a9c4474d18a3fd9ed9;p=arm-tf.git

drivers: renesas: auth: Move to common

Move authentication driver code to common directory, so that the
same code can be re-used by both R-Car Gen3 and RZ/G2 platforms.

Signed-off-by: Biju Das <biju.das.jz@bp.renesas.com>
Reviewed-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Change-Id: I02592dfc714998bf89b9feaa78f685ae36be6f59
---

diff --git a/drivers/renesas/common/auth/auth_mod.c b/drivers/renesas/common/auth/auth_mod.c
new file mode 100644
index 000000000..4aa86e2a4
--- /dev/null
+++ b/drivers/renesas/common/auth/auth_mod.c
@@ -0,0 +1,172 @@
+/*
+ * Copyright (c) 2015-2020, Renesas Electronics Corporation. All rights
+ * reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+
+#include <arch_helpers.h>
+#include <common/debug.h>
+#include <lib/mmio.h>
+#include <plat/common/platform.h>
+
+#include <platform_def.h>
+#include "rom_api.h"
+
+typedef int32_t(*secure_boot_api_f) (uint32_t a, uint32_t b, void *c);
+extern int32_t rcar_get_certificate(const int32_t name, uint32_t *cert_addr);
+
+#define RCAR_IMAGE_ID_MAX	(10)
+#define RCAR_CERT_MAGIC_NUM	(0xE291F358U)
+#define RCAR_BOOT_KEY_CERT	(0xE6300C00U)
+#define RCAR_BOOT_KEY_CERT_NEW	(0xE6300F00U)
+#define RST_BASE		(0xE6160000U)
+#define RST_MODEMR		(RST_BASE + 0x0060U)
+#define MFISOFTMDR		(0xE6260600U)
+#define MODEMR_MD5_MASK		(0x00000020U)
+#define MODEMR_MD5_SHIFT	(5U)
+#define SOFTMD_BOOTMODE_MASK	(0x00000001U)
+#define SOFTMD_NORMALBOOT	(0x1U)
+
+static secure_boot_api_f secure_boot_api;
+
+int auth_mod_get_parent_id(unsigned int img_id, unsigned int *parent_id)
+{
+	return 1;
+}
+
+int auth_mod_verify_img(unsigned int img_id, void *ptr, unsigned int len)
+{
+	int32_t ret = 0, index = 0;
+	uint32_t cert_addr = 0U;
+	static const struct img_to_cert_t {
+		uint32_t id;
+		int32_t cert;
+		const char *name;
+	} image[RCAR_IMAGE_ID_MAX] = {
+		{ BL31_IMAGE_ID, SOC_FW_CONTENT_CERT_ID, "BL31" },
+		{ BL32_IMAGE_ID, TRUSTED_OS_FW_CONTENT_CERT_ID, "BL32" },
+		{ BL33_IMAGE_ID, NON_TRUSTED_FW_CONTENT_CERT_ID, "BL33" },
+		{ BL332_IMAGE_ID, BL332_CERT_ID, "BL332" },
+		{ BL333_IMAGE_ID, BL333_CERT_ID, "BL333" },
+		{ BL334_IMAGE_ID, BL334_CERT_ID, "BL334" },
+		{ BL335_IMAGE_ID, BL335_CERT_ID, "BL335" },
+		{ BL336_IMAGE_ID, BL336_CERT_ID, "BL336" },
+		{ BL337_IMAGE_ID, BL337_CERT_ID, "BL337" },
+		{ BL338_IMAGE_ID, BL338_CERT_ID, "BL338" },
+	};
+
+#if IMAGE_BL2
+	switch (img_id) {
+	case TRUSTED_KEY_CERT_ID:
+	case SOC_FW_KEY_CERT_ID:
+	case TRUSTED_OS_FW_KEY_CERT_ID:
+	case NON_TRUSTED_FW_KEY_CERT_ID:
+	case BL332_KEY_CERT_ID:
+	case BL333_KEY_CERT_ID:
+	case BL334_KEY_CERT_ID:
+	case BL335_KEY_CERT_ID:
+	case BL336_KEY_CERT_ID:
+	case BL337_KEY_CERT_ID:
+	case BL338_KEY_CERT_ID:
+	case SOC_FW_CONTENT_CERT_ID:
+	case TRUSTED_OS_FW_CONTENT_CERT_ID:
+	case NON_TRUSTED_FW_CONTENT_CERT_ID:
+	case BL332_CERT_ID:
+	case BL333_CERT_ID:
+	case BL334_CERT_ID:
+	case BL335_CERT_ID:
+	case BL336_CERT_ID:
+	case BL337_CERT_ID:
+	case BL338_CERT_ID:
+		return ret;
+	case BL31_IMAGE_ID:
+	case BL32_IMAGE_ID:
+	case BL33_IMAGE_ID:
+	case BL332_IMAGE_ID:
+	case BL333_IMAGE_ID:
+	case BL334_IMAGE_ID:
+	case BL335_IMAGE_ID:
+	case BL336_IMAGE_ID:
+	case BL337_IMAGE_ID:
+	case BL338_IMAGE_ID:
+		goto verify_image;
+	default:
+		return -1;
+	}
+
+verify_image:
+	for (index = 0; index < RCAR_IMAGE_ID_MAX; index++) {
+		if (img_id != image[index].id)
+			continue;
+
+		ret = rcar_get_certificate(image[index].cert, &cert_addr);
+		break;
+	}
+
+	if (ret || (index == RCAR_IMAGE_ID_MAX)) {
+		ERROR("Verification Failed for image id = %d\n", img_id);
+		return ret;
+	}
+#if RCAR_BL2_DCACHE == 1
+	/* clean and disable */
+	write_sctlr_el3(read_sctlr_el3() & ~SCTLR_C_BIT);
+	dcsw_op_all(DCCISW);
+#endif
+	ret = (mmio_read_32(RCAR_BOOT_KEY_CERT_NEW) == RCAR_CERT_MAGIC_NUM) ?
+	    secure_boot_api(RCAR_BOOT_KEY_CERT_NEW, cert_addr, NULL) :
+	    secure_boot_api(RCAR_BOOT_KEY_CERT, cert_addr, NULL);
+	if (ret)
+		ERROR("Verification Failed 0x%x, %s\n", ret, image[index].name);
+
+#if RCAR_BL2_DCACHE == 1
+	/* enable */
+	write_sctlr_el3(read_sctlr_el3() | SCTLR_C_BIT);
+#endif /* RCAR_BL2_DCACHE */
+
+#endif /* IMAGE_BL2 */
+	return ret;
+}
+
+static int32_t normal_boot_verify(uint32_t a, uint32_t b, void *c)
+{
+	return 0;
+}
+
+void auth_mod_init(void)
+{
+#if RCAR_SECURE_BOOT
+	uint32_t soft_md = mmio_read_32(MFISOFTMDR) & SOFTMD_BOOTMODE_MASK;
+	uint32_t md = mmio_read_32(RST_MODEMR) & MODEMR_MD5_MASK;
+	uint32_t lcs, ret;
+
+	secure_boot_api = (secure_boot_api_f) &rcar_rom_secure_boot_api;
+
+	ret = rcar_rom_get_lcs(&lcs);
+	if (ret) {
+		ERROR("BL2: Failed to get the LCS. (%d)\n", ret);
+		panic();
+	}
+
+	switch (lcs) {
+	case LCS_SE:
+		if (soft_md == SOFTMD_NORMALBOOT)
+			secure_boot_api = &normal_boot_verify;
+		break;
+	case LCS_SD:
+		secure_boot_api = &normal_boot_verify;
+		break;
+	default:
+		if (md >> MODEMR_MD5_SHIFT)
+			secure_boot_api = &normal_boot_verify;
+	}
+
+	NOTICE("BL2: %s boot\n",
+	       secure_boot_api == &normal_boot_verify ? "Normal" : "Secure");
+#else
+	NOTICE("BL2: Normal boot\n");
+	secure_boot_api = &normal_boot_verify;
+#endif
+}
diff --git a/drivers/renesas/rcar/auth/auth_mod.c b/drivers/renesas/rcar/auth/auth_mod.c
deleted file mode 100644
index 4aa86e2a4..000000000
--- a/drivers/renesas/rcar/auth/auth_mod.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Copyright (c) 2015-2020, Renesas Electronics Corporation. All rights
- * reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <stddef.h>
-
-#include <arch_helpers.h>
-#include <common/debug.h>
-#include <lib/mmio.h>
-#include <plat/common/platform.h>
-
-#include <platform_def.h>
-#include "rom_api.h"
-
-typedef int32_t(*secure_boot_api_f) (uint32_t a, uint32_t b, void *c);
-extern int32_t rcar_get_certificate(const int32_t name, uint32_t *cert_addr);
-
-#define RCAR_IMAGE_ID_MAX	(10)
-#define RCAR_CERT_MAGIC_NUM	(0xE291F358U)
-#define RCAR_BOOT_KEY_CERT	(0xE6300C00U)
-#define RCAR_BOOT_KEY_CERT_NEW	(0xE6300F00U)
-#define RST_BASE		(0xE6160000U)
-#define RST_MODEMR		(RST_BASE + 0x0060U)
-#define MFISOFTMDR		(0xE6260600U)
-#define MODEMR_MD5_MASK		(0x00000020U)
-#define MODEMR_MD5_SHIFT	(5U)
-#define SOFTMD_BOOTMODE_MASK	(0x00000001U)
-#define SOFTMD_NORMALBOOT	(0x1U)
-
-static secure_boot_api_f secure_boot_api;
-
-int auth_mod_get_parent_id(unsigned int img_id, unsigned int *parent_id)
-{
-	return 1;
-}
-
-int auth_mod_verify_img(unsigned int img_id, void *ptr, unsigned int len)
-{
-	int32_t ret = 0, index = 0;
-	uint32_t cert_addr = 0U;
-	static const struct img_to_cert_t {
-		uint32_t id;
-		int32_t cert;
-		const char *name;
-	} image[RCAR_IMAGE_ID_MAX] = {
-		{ BL31_IMAGE_ID, SOC_FW_CONTENT_CERT_ID, "BL31" },
-		{ BL32_IMAGE_ID, TRUSTED_OS_FW_CONTENT_CERT_ID, "BL32" },
-		{ BL33_IMAGE_ID, NON_TRUSTED_FW_CONTENT_CERT_ID, "BL33" },
-		{ BL332_IMAGE_ID, BL332_CERT_ID, "BL332" },
-		{ BL333_IMAGE_ID, BL333_CERT_ID, "BL333" },
-		{ BL334_IMAGE_ID, BL334_CERT_ID, "BL334" },
-		{ BL335_IMAGE_ID, BL335_CERT_ID, "BL335" },
-		{ BL336_IMAGE_ID, BL336_CERT_ID, "BL336" },
-		{ BL337_IMAGE_ID, BL337_CERT_ID, "BL337" },
-		{ BL338_IMAGE_ID, BL338_CERT_ID, "BL338" },
-	};
-
-#if IMAGE_BL2
-	switch (img_id) {
-	case TRUSTED_KEY_CERT_ID:
-	case SOC_FW_KEY_CERT_ID:
-	case TRUSTED_OS_FW_KEY_CERT_ID:
-	case NON_TRUSTED_FW_KEY_CERT_ID:
-	case BL332_KEY_CERT_ID:
-	case BL333_KEY_CERT_ID:
-	case BL334_KEY_CERT_ID:
-	case BL335_KEY_CERT_ID:
-	case BL336_KEY_CERT_ID:
-	case BL337_KEY_CERT_ID:
-	case BL338_KEY_CERT_ID:
-	case SOC_FW_CONTENT_CERT_ID:
-	case TRUSTED_OS_FW_CONTENT_CERT_ID:
-	case NON_TRUSTED_FW_CONTENT_CERT_ID:
-	case BL332_CERT_ID:
-	case BL333_CERT_ID:
-	case BL334_CERT_ID:
-	case BL335_CERT_ID:
-	case BL336_CERT_ID:
-	case BL337_CERT_ID:
-	case BL338_CERT_ID:
-		return ret;
-	case BL31_IMAGE_ID:
-	case BL32_IMAGE_ID:
-	case BL33_IMAGE_ID:
-	case BL332_IMAGE_ID:
-	case BL333_IMAGE_ID:
-	case BL334_IMAGE_ID:
-	case BL335_IMAGE_ID:
-	case BL336_IMAGE_ID:
-	case BL337_IMAGE_ID:
-	case BL338_IMAGE_ID:
-		goto verify_image;
-	default:
-		return -1;
-	}
-
-verify_image:
-	for (index = 0; index < RCAR_IMAGE_ID_MAX; index++) {
-		if (img_id != image[index].id)
-			continue;
-
-		ret = rcar_get_certificate(image[index].cert, &cert_addr);
-		break;
-	}
-
-	if (ret || (index == RCAR_IMAGE_ID_MAX)) {
-		ERROR("Verification Failed for image id = %d\n", img_id);
-		return ret;
-	}
-#if RCAR_BL2_DCACHE == 1
-	/* clean and disable */
-	write_sctlr_el3(read_sctlr_el3() & ~SCTLR_C_BIT);
-	dcsw_op_all(DCCISW);
-#endif
-	ret = (mmio_read_32(RCAR_BOOT_KEY_CERT_NEW) == RCAR_CERT_MAGIC_NUM) ?
-	    secure_boot_api(RCAR_BOOT_KEY_CERT_NEW, cert_addr, NULL) :
-	    secure_boot_api(RCAR_BOOT_KEY_CERT, cert_addr, NULL);
-	if (ret)
-		ERROR("Verification Failed 0x%x, %s\n", ret, image[index].name);
-
-#if RCAR_BL2_DCACHE == 1
-	/* enable */
-	write_sctlr_el3(read_sctlr_el3() | SCTLR_C_BIT);
-#endif /* RCAR_BL2_DCACHE */
-
-#endif /* IMAGE_BL2 */
-	return ret;
-}
-
-static int32_t normal_boot_verify(uint32_t a, uint32_t b, void *c)
-{
-	return 0;
-}
-
-void auth_mod_init(void)
-{
-#if RCAR_SECURE_BOOT
-	uint32_t soft_md = mmio_read_32(MFISOFTMDR) & SOFTMD_BOOTMODE_MASK;
-	uint32_t md = mmio_read_32(RST_MODEMR) & MODEMR_MD5_MASK;
-	uint32_t lcs, ret;
-
-	secure_boot_api = (secure_boot_api_f) &rcar_rom_secure_boot_api;
-
-	ret = rcar_rom_get_lcs(&lcs);
-	if (ret) {
-		ERROR("BL2: Failed to get the LCS. (%d)\n", ret);
-		panic();
-	}
-
-	switch (lcs) {
-	case LCS_SE:
-		if (soft_md == SOFTMD_NORMALBOOT)
-			secure_boot_api = &normal_boot_verify;
-		break;
-	case LCS_SD:
-		secure_boot_api = &normal_boot_verify;
-		break;
-	default:
-		if (md >> MODEMR_MD5_SHIFT)
-			secure_boot_api = &normal_boot_verify;
-	}
-
-	NOTICE("BL2: %s boot\n",
-	       secure_boot_api == &normal_boot_verify ? "Normal" : "Secure");
-#else
-	NOTICE("BL2: Normal boot\n");
-	secure_boot_api = &normal_boot_verify;
-#endif
-}
diff --git a/plat/renesas/common/common.mk b/plat/renesas/common/common.mk
index ec10b6f25..61e86fe3b 100644
--- a/plat/renesas/common/common.mk
+++ b/plat/renesas/common/common.mk
@@ -84,6 +84,7 @@ BL2_SOURCES	+=	${RCAR_GIC_SOURCES}				\
 			drivers/renesas/common/io/io_emmcdrv.c		\
 			drivers/renesas/common/io/io_memdrv.c		\
 			drivers/renesas/common/io/io_rcar.c		\
+			drivers/renesas/common/auth/auth_mod.c		\
 			drivers/renesas/common/dma/dma_driver.c		\
 			drivers/renesas/common/delay/micro_delay.c	\
 			drivers/renesas/common/emmc/emmc_interrupt.c	\
diff --git a/plat/renesas/rcar/platform.mk b/plat/renesas/rcar/platform.mk
index a54255f0a..fc83cc5da 100644
--- a/plat/renesas/rcar/platform.mk
+++ b/plat/renesas/rcar/platform.mk
@@ -320,7 +320,6 @@ BL2_SOURCES	+=	plat/renesas/rcar/aarch64/platform_common.c	\
 			plat/renesas/rcar/bl2_plat_mem_params_desc.c	\
 			plat/renesas/rcar/plat_image_load.c		\
 			plat/renesas/rcar/bl2_cpg_init.c		\
-			drivers/renesas/rcar/auth/auth_mod.c		\
 			drivers/renesas/rcar/rpc/rpc_driver.c		\
 			drivers/renesas/rcar/avs/avs_driver.c		\
 			drivers/renesas/rcar/board/board.c