ENGR00139223-1 [MX6Q] Secure Boot, enable HAB on ARM2 platform (Stage 1)

The first stage of High Assurance Boot (HAB) is the authentication of
U-boot. A CST tool is used to generate the CSF data, which include
public key, certificate and instruction of authentication process. Then
it is attached to the original u-boot.bin

The IVT should be modified to contain a pointer to the CSF data. The original
u-boot.bin is with size between 0x27000 to 0x28000. For convinence, we first
extend the u-boot.bin to 0x2F000 (with fill 0xFF). Then concatenate it with
the CSF data. The combined image is again extend to a fixed length (0x31000),
which is used as the IVT size parameter.

The new memory layout is as the following.

    U-Boot Image
    +-------------+
    |   Blank     |
    |-------------| 0x400
    |    IVT      |-----------------------+
    |-------------|                       |
    |             |                       |
    |             |                       |
    |             |                       |
    |Remaining UB |                       |  CSF pointer
    |             |                       |
    |             |                       |
    |             |                       |
    |-------------|                       |
    |             |                       |
    |  Fill Data  |                       |
    |             |                       |
    |-------------| 0x2F000 <-------------+
    |             |
    |   CSF Data  |
    |             |
    |-------------|
    |             |
    |  Fill Data  |
    |             |
    +-------------+ 0x31000

HAB APIs are ROM implemented, the entry table is located in a fixed
location in the ROM. We export them so that during the HAB we can
have some information about the secure boot process. For convinience
some wrapper API is implemented based on the HAB APIs.

 - get_hab_status : used to dump information of authentication result
 - authenticate_image : used by u-boot to authenticate uImage

For security hardware to function, CAAM related clock (CG0[4~6]) must
be open. They are default closed in the original U-boot.
"hab_caam_clock_enable" and "hab_caam_clock_disable" are created to
open and close these clock gates.

The generation of CSF data is not in the scope of this patch. CST tool
will be used for this purpose. The procedure will be introduced in
another document.

Signed-off-by: Eric Sun <jian.sun@freescale.com>

2 files changed, 82 insertions, 0 deletions

diff --git a/include/asm-arm/arch-mx6/mx6_secure.h b/include/asm-arm/arch-mx6/mx6_secure.h
new file mode 100644
index 0000000..a632ca2
--- /dev/null
+++ b/include/asm-arm/arch-mx6/mx6_secure.h
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2012 Freescale Semiconductor, Inc. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Auto Generate file, please don't edit it
+ *
+ */
+
+#ifndef __SECURE_MX6Q_H__
+#define __SECURE_MX6Q_H__
+
+#include <linux/types.h>
+
+/* -------- start of HAB API updates ------------*/
+/* The following are taken from HAB4 SIS */
+
+/* Status definitions */
+typedef enum hab_status {
+	HAB_STS_ANY = 0x00,
+	HAB_FAILURE = 0x33,
+	HAB_WARNING = 0x69,
+	HAB_SUCCESS = 0xf0
+} hab_status_t;
+
+/* Security Configuration definitions */
+typedef enum hab_config {
+	HAB_CFG_RETURN = 0x33, /**< Field Return IC */
+	HAB_CFG_OPEN = 0xf0, /**< Non-secure IC */
+	HAB_CFG_CLOSED = 0xcc /**< Secure IC */
+} hab_config_t;
+
+/* State definitions */
+typedef enum hab_state {
+	HAB_STATE_INITIAL = 0x33, /**< Initialising state (transitory) */
+	HAB_STATE_CHECK = 0x55, /**< Check state (non-secure) */
+	HAB_STATE_NONSECURE = 0x66, /**< Non-secure state */
+	HAB_STATE_TRUSTED = 0x99, /**< Trusted state */
+	HAB_STATE_SECURE = 0xaa, /**< Secure state */
+	HAB_STATE_FAIL_SOFT = 0xcc, /**< Soft fail state */
+	HAB_STATE_FAIL_HARD = 0xff, /**< Hard fail state (terminal) */
+	HAB_STATE_NONE = 0xf0, /**< No security state machine */
+	HAB_STATE_MAX
+} hab_state_t;
+
+/*Function prototype description*/
+typedef hab_status_t hab_rvt_report_event_t(hab_status_t, uint32_t, \
+		uint8_t* , size_t*);
+typedef hab_status_t hab_rvt_report_status_t(hab_config_t *, hab_state_t *);
+typedef hab_status_t hab_loader_callback_f_t(void**, size_t*, const void*);
+typedef hab_status_t hab_rvt_entry_t(void);
+typedef hab_status_t hab_rvt_exit_t(void);
+typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, \
+		void **, size_t *, hab_loader_callback_f_t);
+typedef void hapi_clock_init_t(void);
+
+#define HAB_RVT_REPORT_EVENT (*(uint32_t *) 0x000000B4)
+#define HAB_RVT_REPORT_STATUS (*(uint32_t *) 0x000000B8)
+#define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *) 0x000000A4)
+#define HAB_RVT_ENTRY (*(uint32_t *) 0x00000098)
+#define HAB_RVT_EXIT (*(uint32_t *) 0x0000009C)
+#define HAB_RVT_CLOCK_INIT ((hapi_clock_init_t *) 0x0000024D)
+
+#define HAB_CID_ROM 0 /**< ROM Caller ID */
+#define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/
+/* ----------- end of HAB API updates ------------*/
+
+#endif
diff --git a/include/configs/mx6q_arm2.h b/include/configs/mx6q_arm2.h
index f7d8759..cd03bf7 100644
--- a/include/configs/mx6q_arm2.h
+++ b/include/configs/mx6q_arm2.h
@@ -33,6 +33,8 @@
 #define CONFIG_FLASH_HEADER_OFFSET 0x400
 #define CONFIG_MX6_CLK32	   32768
 
+#define CONFIG_SECURE_BOOT /*For Secure Boot*/
+
 #define CONFIG_SKIP_RELOCATE_UBOOT
 
 #define CONFIG_ARCH_CPU_INIT