subject:"Re\: \[v2 2\/6\] arm\: socfpga\: soc64\: Support Vendor Authorized Boot \(VAB\)"

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-17 Thread Tan, Ley Foon




> -Original Message-
> From: Lim, Elly Siew Chin 
> Sent: Thursday, January 7, 2021 6:04 PM
> To: u-boot@lists.denx.de
> Cc: Marek Vasut ; Tan, Ley Foon
> ; See, Chin Liang ;
> Simon Goldschmidt ; Chee, Tien Fong
> ; Westergreen, Dalon
> ; Simon Glass ; Gan,
> Yau Wai ; Lim, Elly Siew Chin
> 
> Subject: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)
> 
> Vendor Authorized Boot is a security feature for authenticating the images
> such as U-Boot, ARM trusted Firmware, Linux kernel, device tree blob and
> etc loaded from FIT. After those images are loaded from FIT, the VAB
> certificate and signature block appended at the end of each image are sent
> to Secure Device Manager (SDM) for authentication. U-Boot will validate the
> SHA384 of the image against the SHA384 hash stored in the VAB certificate
> before sending the image to SDM for authentication.
> 
> Signed-off-by: Siew Chin Lim 
> 
> ---
> v2
> ---
> - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> - Changes in secure_vab.c
>   - Changed to use SZ_1K for 1024
>   - Updated comment in secure_vab.c of "... the certificate for T"
>   - The code will report error before end of the function if reach
> maximum retry.
>   - In board_prep_linux function, only execute linux_qspi_enable
> command if it exists in enviroment variable. It is optional.
> ---
>  arch/arm/mach-socfpga/Kconfig|  15 ++
>  arch/arm/mach-socfpga/Makefile   |   2 +
>  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
>  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
>  arch/arm/mach-socfpga/secure_vab.c   | 193
> +++
>  common/Kconfig.boot  |   2 +-
>  6 files changed, 275 insertions(+), 1 deletion(-)  create mode 100644
> arch/arm/mach-socfpga/include/mach/secure_vab.h
>  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> 
> diff --git a/arch/arm/mach-socfpga/Kconfig b/arch/arm/mach-
> socfpga/Kconfig index 9b1abdaabd..0c35406232 100644
> --- a/arch/arm/mach-socfpga/Kconfig
> +++ b/arch/arm/mach-socfpga/Kconfig
> @@ -6,6 +6,21 @@ config ERR_PTR_OFFSET
>  config NR_DRAM_BANKS
>   default 1
> 
> +config SOCFPGA_SECURE_VAB_AUTH
> + bool "Enable boot image authentication with Secure Device
> Manager"
> + depends on TARGET_SOCFPGA_AGILEX
> + select FIT_IMAGE_POST_PROCESS
> + select SHA384
> + select SHA512_ALGO
> + select SPL_FIT_IMAGE_POST_PROCESS
> + help
> +  All images loaded from FIT will be authenticated by Secure Device
> +  Manager.
> +
> +config SOCFPGA_SECURE_VAB_AUTH_ALLOW_NON_FIT_IMAGE
> + bool "Allow non-FIT VAB signed images"
> + depends on SOCFPGA_SECURE_VAB_AUTH
> +
>  config SPL_SIZE_LIMIT
>   default 0x1 if TARGET_SOCFPGA_GEN5
> 
> diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-
> socfpga/Makefile index 82b681d870..1f1e21766d 100644
> --- a/arch/arm/mach-socfpga/Makefile
> +++ b/arch/arm/mach-socfpga/Makefile
> @@ -4,6 +4,7 @@
>  # Wolfgang Denk, DENX Software Engineering, w...@denx.de.
>  #
>  # Copyright (C) 2012-2017 Altera Corporation 
> +# Copyright (C) 2017-2020 Intel Corporation 
> 
>  obj-y+= board.o
>  obj-y+= clock_manager.o
> @@ -47,6 +48,7 @@ obj-y   += mailbox_s10.o
>  obj-y+= misc_s10.o
>  obj-y+= mmu-arm64_s10.o
>  obj-y+= reset_manager_s10.o
> +obj-$(CONFIG_SOCFPGA_SECURE_VAB_AUTH)+= secure_vab.o
>  obj-y+= system_manager_s10.o
>  obj-y+= timer_s10.o
>  obj-y+= wrap_pinmux_config_s10.o
> diff --git a/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> b/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> index 4d783119ea..fbaf11597e 100644
> --- a/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> +++ b/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> @@ -118,6 +118,7 @@ enum ALT_SDM_MBOX_RESP_CODE {
>  #define MBOX_RECONFIG_MSEL   7
>  #define MBOX_RECONFIG_DATA   8
>  #define MBOX_RECONFIG_STATUS 9
> +#define MBOX_VAB_SRC_CERT11
>  #define MBOX_QSPI_OPEN   50
>  #define MBOX_QSPI_CLOSE  51
>  #define MBOX_QSPI_DIRECT 59
> diff --git a/arch/arm/mach-socfpga/include/mach/secure_vab.h
> b/arch/arm/mach-socfpga/include/mach/secure_vab.h
> new file mode 100644
> index 00..42588588e8
> --- /dev/null
> +++ b/arch/arm/mach-socfpga/include/mach/secure_vab.h
> @@ -0,0 +1,63 @@
> +/* SPDX-License-Identifier: GPL-2.0
> + *
> + * Copyright (C) 2020 Intel Corporation 
> + *
> + */
> +
> +#ifndef  _SECURE_VAB_H_
> +#define  _SECURE_VAB_H_
> +
> +#include 
> +#include 
> +#include 
> +
> +#define VAB_DATA_SZ  64
> +
> +#define SDM_CERT_MAGIC_NUM   0x25D04E7F
> +#define FCS_HPS_VAB_MAGIC_NUM0xD0564142
> +
> +#define MAX_CERT_SIZE(SZ_4K)
> +
> +/*
> + * struct fcs_hps_vab_certificate_data
> + * @vab_cert_magic_num: VAB Certificate Magic Word (0x

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-18 Thread Lim, Elly Siew Chin

Hi Ley Foon,

> -Original Message-
> From: Tan, Ley Foon 
> Sent: Monday, January 18, 2021 3:29 PM
> To: Lim, Elly Siew Chin ; u-boot@lists.denx.de
> Cc: Marek Vasut ; See, Chin Liang
> ; Simon Goldschmidt
> ; Chee, Tien Fong
> ; Westergreen, Dalon
> ; Simon Glass ; Gan, Yau
> Wai 
> Subject: RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> (VAB)
> 
> 
> 
> > -Original Message-
> > From: Lim, Elly Siew Chin 
> > Sent: Thursday, January 7, 2021 6:04 PM
> > To: u-boot@lists.denx.de
> > Cc: Marek Vasut ; Tan, Ley Foon
> > ; See, Chin Liang ;
> > Simon Goldschmidt ; Chee, Tien Fong
> > ; Westergreen, Dalon
> > ; Simon Glass ; Gan,
> > Yau Wai ; Lim, Elly Siew Chin
> > 
> > Subject: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> > (VAB)
> >
> > Vendor Authorized Boot is a security feature for authenticating the
> > images such as U-Boot, ARM trusted Firmware, Linux kernel, device tree
> > blob and etc loaded from FIT. After those images are loaded from FIT,
> > the VAB certificate and signature block appended at the end of each
> > image are sent to Secure Device Manager (SDM) for authentication.
> > U-Boot will validate the
> > SHA384 of the image against the SHA384 hash stored in the VAB
> > certificate before sending the image to SDM for authentication.
> >
> > Signed-off-by: Siew Chin Lim 
> >
> > ---
> > v2
> > ---
> > - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> > - Changes in secure_vab.c
> >   - Changed to use SZ_1K for 1024
> >   - Updated comment in secure_vab.c of "... the certificate for T"
> >   - The code will report error before end of the function if reach
> > maximum retry.
> >   - In board_prep_linux function, only execute linux_qspi_enable
> > command if it exists in enviroment variable. It is optional.
> > ---
> >  arch/arm/mach-socfpga/Kconfig|  15 ++
> >  arch/arm/mach-socfpga/Makefile   |   2 +
> >  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
> >  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
> >  arch/arm/mach-socfpga/secure_vab.c   | 193
> > +++
> >  common/Kconfig.boot  |   2 +-
> >  6 files changed, 275 insertions(+), 1 deletion(-)  create mode 100644
> > arch/arm/mach-socfpga/include/mach/secure_vab.h
> >  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> >
> > diff --git a/arch/arm/mach-socfpga/Kconfig b/arch/arm/mach-
> > socfpga/Kconfig index 9b1abdaabd..0c35406232 100644
> > --- a/arch/arm/mach-socfpga/Kconfig
> > +++ b/arch/arm/mach-socfpga/Kconfig
> > @@ -6,6 +6,21 @@ config ERR_PTR_OFFSET  config NR_DRAM_BANKS
> > default 1
> >
> > +config SOCFPGA_SECURE_VAB_AUTH
> > +   bool "Enable boot image authentication with Secure Device
> > Manager"
> > +   depends on TARGET_SOCFPGA_AGILEX
> > +   select FIT_IMAGE_POST_PROCESS
> > +   select SHA384
> > +   select SHA512_ALGO
> > +   select SPL_FIT_IMAGE_POST_PROCESS
> > +   help
> > +All images loaded from FIT will be authenticated by Secure Device
> > +Manager.
> > +
> > +config SOCFPGA_SECURE_VAB_AUTH_ALLOW_NON_FIT_IMAGE
> > +   bool "Allow non-FIT VAB signed images"
> > +   depends on SOCFPGA_SECURE_VAB_AUTH
> > +
> >  config SPL_SIZE_LIMIT
> > default 0x1 if TARGET_SOCFPGA_GEN5
> >
> > diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-
> > socfpga/Makefile index 82b681d870..1f1e21766d 100644
> > --- a/arch/arm/mach-socfpga/Makefile
> > +++ b/arch/arm/mach-socfpga/Makefile
> > @@ -4,6 +4,7 @@
> >  # Wolfgang Denk, DENX Software Engineering, w...@denx.de.
> >  #
> >  # Copyright (C) 2012-2017 Altera Corporation 
> > +# Copyright (C) 2017-2020 Intel Corporation 
> >
> >  obj-y  += board.o
> >  obj-y  += clock_manager.o
> > @@ -47,6 +48,7 @@ obj-y += mailbox_s10.o
> >  obj-y  += misc_s10.o
> >  obj-y  += mmu-arm64_s10.o
> >  obj-y  += reset_manager_s10.o
> > +obj-$(CONFIG_SOCFPGA_SECURE_VAB_AUTH)  += secure_vab.o
> >  obj-y  += system_manager_s10.o
> >  obj-y  += timer_s10.o
> >  obj-y  += wrap_pinmux_config_s10.o
> > diff --git a/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> > b/arch/arm/mach-socfpga/include/mach/mailbox_s10.h
> > index 4d783119ea..fbaf11597e 100644
> > --- a/arch/arm/mach-socfpga/inc

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-18 Thread Tan, Ley Foon




> -Original Message-
> From: Lim, Elly Siew Chin 
> Sent: Monday, January 18, 2021 4:03 PM
> To: Tan, Ley Foon ; u-boot@lists.denx.de
> Cc: Marek Vasut ; See, Chin Liang
> ; Simon Goldschmidt
> ; Chee, Tien Fong
> ; Westergreen, Dalon
> ; Simon Glass ; Gan,
> Yau Wai 
> Subject: RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> (VAB)
> 
> Hi Ley Foon,
> 
> > -Original Message-
> > From: Tan, Ley Foon 
> > Sent: Monday, January 18, 2021 3:29 PM
> > To: Lim, Elly Siew Chin ;
> > u-boot@lists.denx.de
> > Cc: Marek Vasut ; See, Chin Liang
> > ; Simon Goldschmidt
> > ; Chee, Tien Fong
> > ; Westergreen, Dalon
> > ; Simon Glass ; Gan,
> > Yau Wai 
> > Subject: RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized
> > Boot
> > (VAB)
> >
> >
> >
> > > -Original Message-
> > > From: Lim, Elly Siew Chin 
> > > Sent: Thursday, January 7, 2021 6:04 PM
> > > To: u-boot@lists.denx.de
> > > Cc: Marek Vasut ; Tan, Ley Foon
> > > ; See, Chin Liang
> > > ; Simon Goldschmidt
> > > ; Chee, Tien Fong
> > > ; Westergreen, Dalon
> > > ; Simon Glass ; Gan,
> > > Yau Wai ; Lim, Elly Siew Chin
> > > 
> > > Subject: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized
> > > Boot
> > > (VAB)
> > >
> > > Vendor Authorized Boot is a security feature for authenticating the
> > > images such as U-Boot, ARM trusted Firmware, Linux kernel, device
> > > tree blob and etc loaded from FIT. After those images are loaded
> > > from FIT, the VAB certificate and signature block appended at the
> > > end of each image are sent to Secure Device Manager (SDM) for
> authentication.
> > > U-Boot will validate the
> > > SHA384 of the image against the SHA384 hash stored in the VAB
> > > certificate before sending the image to SDM for authentication.
> > >
> > > Signed-off-by: Siew Chin Lim 
> > >
> > > ---
> > > v2
> > > ---
> > > - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> > > - Changes in secure_vab.c
> > >   - Changed to use SZ_1K for 1024
> > >   - Updated comment in secure_vab.c of "... the certificate for T"
> > >   - The code will report error before end of the function if reach
> > > maximum retry.
> > >   - In board_prep_linux function, only execute linux_qspi_enable
> > > command if it exists in enviroment variable. It is optional.
> > > ---
> > >  arch/arm/mach-socfpga/Kconfig|  15 ++
> > >  arch/arm/mach-socfpga/Makefile   |   2 +
> > >  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
> > >  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
> > >  arch/arm/mach-socfpga/secure_vab.c   | 193
> > > +++
> > >  common/Kconfig.boot  |   2 +-
> > >  6 files changed, 275 insertions(+), 1 deletion(-)  create mode
> > > 100644 arch/arm/mach-socfpga/include/mach/secure_vab.h
> > >  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> > >
> > > diff --git a/arch/arm/mach-socfpga/Kconfig b/arch/arm/mach-
> > > socfpga/Kconfig index 9b1abdaabd..0c35406232 100644
> > > --- a/arch/arm/mach-socfpga/Kconfig
> > > +++ b/arch/arm/mach-socfpga/Kconfig
> > > @@ -6,6 +6,21 @@ config ERR_PTR_OFFSET  config NR_DRAM_BANKS
> > >   default 1
> > >
> > > +config SOCFPGA_SECURE_VAB_AUTH
> > > + bool "Enable boot image authentication with Secure Device
> > > Manager"
> > > + depends on TARGET_SOCFPGA_AGILEX
> > > + select FIT_IMAGE_POST_PROCESS
> > > + select SHA384
> > > + select SHA512_ALGO
> > > + select SPL_FIT_IMAGE_POST_PROCESS
> > > + help
> > > +  All images loaded from FIT will be authenticated by Secure Device
> > > +  Manager.
> > > +
> > > +config SOCFPGA_SECURE_VAB_AUTH_ALLOW_NON_FIT_IMAGE
> > > + bool "Allow non-FIT VAB signed images"
> > > + depends on SOCFPGA_SECURE_VAB_AUTH
> > > +
> > >  config SPL_SIZE_LIMIT
> > >   default 0x1 if TARGET_SOCFPGA_GEN5
> > >
> > > diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-
> > > socfpga/Makefile index 82b681d870..1f1e21766d 100644
> > > --- a/arch/arm/mach-socfpga/Makefile
> > > +++ b/arch/arm/mach-socfpga/Makefile
>

Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-07 Thread Simon Glass

On Thu, 7 Jan 2021 at 03:03, Siew Chin Lim  wrote:
>
> Vendor Authorized Boot is a security feature for authenticating
> the images such as U-Boot, ARM trusted Firmware, Linux kernel,
> device tree blob and etc loaded from FIT. After those images are
> loaded from FIT, the VAB certificate and signature block appended
> at the end of each image are sent to Secure Device Manager (SDM)
> for authentication. U-Boot will validate the SHA384 of the image
> against the SHA384 hash stored in the VAB certificate before
> sending the image to SDM for authentication.
>
> Signed-off-by: Siew Chin Lim 
>
> ---
> v2
> ---
> - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> - Changes in secure_vab.c
>   - Changed to use SZ_1K for 1024
>   - Updated comment in secure_vab.c of "... the certificate for T"
>   - The code will report error before end of the function if reach
> maximum retry.
>   - In board_prep_linux function, only execute linux_qspi_enable
> command if it exists in enviroment variable. It is optional.
> ---
>  arch/arm/mach-socfpga/Kconfig|  15 ++
>  arch/arm/mach-socfpga/Makefile   |   2 +
>  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
>  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
>  arch/arm/mach-socfpga/secure_vab.c   | 193 
> +++
>  common/Kconfig.boot  |   2 +-
>  6 files changed, 275 insertions(+), 1 deletion(-)
>  create mode 100644 arch/arm/mach-socfpga/include/mach/secure_vab.h
>  create mode 100644 arch/arm/mach-socfpga/secure_vab.c

I think this could use a few more function comments. Also try to use
if() instead of #if

Regards,
Simon

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-07 Thread Lim, Elly Siew Chin

Hi Simon,

> -Original Message-
> From: Simon Glass 
> Sent: Thursday, January 7, 2021 8:36 PM
> To: Lim, Elly Siew Chin 
> Cc: U-Boot Mailing List ; Marek Vasut
> ; Tan, Ley Foon ; See, Chin Liang
> ; Simon Goldschmidt
> ; Chee, Tien Fong
> ; Westergreen, Dalon
> ; Gan, Yau Wai 
> Subject: Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> (VAB)
> 
> On Thu, 7 Jan 2021 at 03:03, Siew Chin Lim 
> wrote:
> >
> > Vendor Authorized Boot is a security feature for authenticating the
> > images such as U-Boot, ARM trusted Firmware, Linux kernel, device tree
> > blob and etc loaded from FIT. After those images are loaded from FIT,
> > the VAB certificate and signature block appended at the end of each
> > image are sent to Secure Device Manager (SDM) for authentication.
> > U-Boot will validate the SHA384 of the image against the SHA384 hash
> > stored in the VAB certificate before sending the image to SDM for
> > authentication.
> >
> > Signed-off-by: Siew Chin Lim 
> >
> > ---
> > v2
> > ---
> > - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> > - Changes in secure_vab.c
> >   - Changed to use SZ_1K for 1024
> >   - Updated comment in secure_vab.c of "... the certificate for T"
> >   - The code will report error before end of the function if reach
> > maximum retry.
> >   - In board_prep_linux function, only execute linux_qspi_enable
> > command if it exists in enviroment variable. It is optional.
> > ---
> >  arch/arm/mach-socfpga/Kconfig|  15 ++
> >  arch/arm/mach-socfpga/Makefile   |   2 +
> >  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
> >  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
> >  arch/arm/mach-socfpga/secure_vab.c   | 193
> +++
> >  common/Kconfig.boot  |   2 +-
> >  6 files changed, 275 insertions(+), 1 deletion(-)  create mode 100644
> > arch/arm/mach-socfpga/include/mach/secure_vab.h
> >  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> 
> I think this could use a few more function comments. Also try to use
> if() instead of #if

Noted. I will change #if in *.c to " if (IS_ENABLED(CONFIG...))".

Besides, can you please help to elaborate more about  "I think this could use a 
few more function comments."?

Thanks,
Siew Chin

> 
> Regards,
> Simon

Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-07 Thread Simon Glass

Hi,

On Thu, 7 Jan 2021 at 18:11, Lim, Elly Siew Chin
 wrote:
>
> Hi Simon,
>
> > -Original Message-
> > From: Simon Glass 
> > Sent: Thursday, January 7, 2021 8:36 PM
> > To: Lim, Elly Siew Chin 
> > Cc: U-Boot Mailing List ; Marek Vasut
> > ; Tan, Ley Foon ; See, Chin Liang
> > ; Simon Goldschmidt
> > ; Chee, Tien Fong
> > ; Westergreen, Dalon
> > ; Gan, Yau Wai 
> > Subject: Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> > (VAB)
> >
> > On Thu, 7 Jan 2021 at 03:03, Siew Chin Lim 
> > wrote:
> > >
> > > Vendor Authorized Boot is a security feature for authenticating the
> > > images such as U-Boot, ARM trusted Firmware, Linux kernel, device tree
> > > blob and etc loaded from FIT. After those images are loaded from FIT,
> > > the VAB certificate and signature block appended at the end of each
> > > image are sent to Secure Device Manager (SDM) for authentication.
> > > U-Boot will validate the SHA384 of the image against the SHA384 hash
> > > stored in the VAB certificate before sending the image to SDM for
> > > authentication.
> > >
> > > Signed-off-by: Siew Chin Lim 
> > >
> > > ---
> > > v2
> > > ---
> > > - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> > > - Changes in secure_vab.c
> > >   - Changed to use SZ_1K for 1024
> > >   - Updated comment in secure_vab.c of "... the certificate for T"
> > >   - The code will report error before end of the function if reach
> > > maximum retry.
> > >   - In board_prep_linux function, only execute linux_qspi_enable
> > > command if it exists in enviroment variable. It is optional.
> > > ---
> > >  arch/arm/mach-socfpga/Kconfig|  15 ++
> > >  arch/arm/mach-socfpga/Makefile   |   2 +
> > >  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
> > >  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
> > >  arch/arm/mach-socfpga/secure_vab.c   | 193
> > +++
> > >  common/Kconfig.boot  |   2 +-
> > >  6 files changed, 275 insertions(+), 1 deletion(-)  create mode 100644
> > > arch/arm/mach-socfpga/include/mach/secure_vab.h
> > >  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> >
> > I think this could use a few more function comments. Also try to use
> > if() instead of #if
>
> Noted. I will change #if in *.c to " if (IS_ENABLED(CONFIG...))".
>
> Besides, can you please help to elaborate more about  "I think this could use 
> a few more function comments."?

Non-trivial functions should have a comment in the standard style that
explains their purpose/action and documents input and output args and
return value.

Regards,
Simon

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

2021-01-07 Thread Lim, Elly Siew Chin

Hi Simon,

> -Original Message-
> From: Simon Glass 
> Sent: Friday, January 8, 2021 11:24 AM
> To: Lim, Elly Siew Chin 
> Cc: U-Boot Mailing List ; Marek Vasut
> ; Tan, Ley Foon ; See, Chin Liang
> ; Simon Goldschmidt
> ; Chee, Tien Fong
> ; Westergreen, Dalon
> ; Gan, Yau Wai 
> Subject: Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot
> (VAB)
> 
> Hi,
> 
> On Thu, 7 Jan 2021 at 18:11, Lim, Elly Siew Chin 
> 
> wrote:
> >
> > Hi Simon,
> >
> > > -Original Message-
> > > From: Simon Glass 
> > > Sent: Thursday, January 7, 2021 8:36 PM
> > > To: Lim, Elly Siew Chin 
> > > Cc: U-Boot Mailing List ; Marek Vasut
> > > ; Tan, Ley Foon ; See, Chin
> > > Liang ; Simon Goldschmidt
> > > ; Chee, Tien Fong
> > > ; Westergreen, Dalon
> > > ; Gan, Yau Wai 
> > > Subject: Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized
> > > Boot
> > > (VAB)
> > >
> > > On Thu, 7 Jan 2021 at 03:03, Siew Chin Lim
> > > 
> > > wrote:
> > > >
> > > > Vendor Authorized Boot is a security feature for authenticating
> > > > the images such as U-Boot, ARM trusted Firmware, Linux kernel,
> > > > device tree blob and etc loaded from FIT. After those images are
> > > > loaded from FIT, the VAB certificate and signature block appended
> > > > at the end of each image are sent to Secure Device Manager (SDM) for
> authentication.
> > > > U-Boot will validate the SHA384 of the image against the SHA384
> > > > hash stored in the VAB certificate before sending the image to SDM
> > > > for authentication.
> > > >
> > > > Signed-off-by: Siew Chin Lim 
> > > >
> > > > ---
> > > > v2
> > > > ---
> > > > - Renamed SECURE_VAB_AUTH* to SOCFPGA_SECURE_VAB_AUTH*
> > > > - Changes in secure_vab.c
> > > >   - Changed to use SZ_1K for 1024
> > > >   - Updated comment in secure_vab.c of "... the certificate for T"
> > > >   - The code will report error before end of the function if reach
> > > > maximum retry.
> > > >   - In board_prep_linux function, only execute linux_qspi_enable
> > > > command if it exists in enviroment variable. It is optional.
> > > > ---
> > > >  arch/arm/mach-socfpga/Kconfig|  15 ++
> > > >  arch/arm/mach-socfpga/Makefile   |   2 +
> > > >  arch/arm/mach-socfpga/include/mach/mailbox_s10.h |   1 +
> > > >  arch/arm/mach-socfpga/include/mach/secure_vab.h  |  63 
> > > >  arch/arm/mach-socfpga/secure_vab.c   | 193
> > > +++
> > > >  common/Kconfig.boot  |   2 +-
> > > >  6 files changed, 275 insertions(+), 1 deletion(-)  create mode
> > > > 100644 arch/arm/mach-socfpga/include/mach/secure_vab.h
> > > >  create mode 100644 arch/arm/mach-socfpga/secure_vab.c
> > >
> > > I think this could use a few more function comments. Also try to use
> > > if() instead of #if
> >
> > Noted. I will change #if in *.c to " if (IS_ENABLED(CONFIG...))".
> >
> > Besides, can you please help to elaborate more about  "I think this could 
> > use a
> few more function comments."?

Noted, I will review this. Thanks.
> 
> Non-trivial functions should have a comment in the standard style that 
> explains
> their purpose/action and documents input and output args and return value.
> 
> Regards,
> Simon

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

Re: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

RE: [v2 2/6] arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

7 matches

Site Navigation

Mail list logo

Footer information