From 3fc3f521957677b1f363624494ed866985a25505 Mon Sep 17 00:00:00 2001 From: Ji Luo Date: Wed, 17 Jul 2019 12:21:09 +0800 Subject: [PATCH] MA-15151 Limit some hwcrypto commands within bootloader It can be dangerous to export some hwcrypto commands to Linux, add commands to limit some commands within bootloader. Test: hwcrypto commands can't be used after locking boot state. Change-Id: Ib0a96a87f661778c133178840d8dccf49f151c22 Signed-off-by: Ji Luo --- drivers/fastboot/fb_fsl/fb_fsl_boot.c | 2 ++ include/interface/hwcrypto/hwcrypto.h | 1 + include/trusty/hwcrypto.h | 7 +++++++ lib/trusty/ql-tipc/hwcrypto.c | 5 +++++ 4 files changed, 15 insertions(+) diff --git a/drivers/fastboot/fb_fsl/fb_fsl_boot.c b/drivers/fastboot/fb_fsl/fb_fsl_boot.c index 6256520059..3c71b987ef 100644 --- a/drivers/fastboot/fb_fsl/fb_fsl_boot.c +++ b/drivers/fastboot/fb_fsl/fb_fsl_boot.c @@ -831,6 +831,8 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { goto fail; /* lock the boot status and rollback_idx preventing Linux modify it */ trusty_lock_boot_state(); + /* lock the boot state so linux can't use some hwcrypto commands. */ + hwcrypto_lock_boot_state(); /* put ql-tipc to release resource for Linux */ trusty_ipc_shutdown(); #endif diff --git a/include/interface/hwcrypto/hwcrypto.h b/include/interface/hwcrypto/hwcrypto.h index 4579d8c2e7..b8afb94aef 100644 --- a/include/interface/hwcrypto/hwcrypto.h +++ b/include/interface/hwcrypto/hwcrypto.h @@ -40,6 +40,7 @@ enum hwcrypto_command { HWCRYPTO_ENCAP_BLOB = (2 << HWCRYPTO_REQ_SHIFT), HWCRYPTO_GEN_RNG = (3 << HWCRYPTO_REQ_SHIFT), HWCRYPTO_GEN_BKEK = (4 << HWCRYPTO_REQ_SHIFT), + HWCRYPTO_LOCK_BOOT_STATE = (5 << HWCRYPTO_REQ_SHIFT), }; /** diff --git a/include/trusty/hwcrypto.h b/include/trusty/hwcrypto.h index d6837d6f84..bf7ae4cd87 100644 --- a/include/trusty/hwcrypto.h +++ b/include/trusty/hwcrypto.h @@ -82,4 +82,11 @@ int hwcrypto_gen_rng(uint32_t buf, uint32_t len); * @len: size of required rng. * */ int hwcrypto_gen_bkek(uint32_t buf, uint32_t len); + +/* Send request to secure side to lock boot state, so some + * hwcrypto commands can't be used outside of bootloader. + * Returns one of trusty_err. + * */ +int hwcrypto_lock_boot_state(void); + #endif /* TRUSTY_HWCRYPTO_H_ */ diff --git a/lib/trusty/ql-tipc/hwcrypto.c b/lib/trusty/ql-tipc/hwcrypto.c index 50532b005b..800b759c53 100644 --- a/lib/trusty/ql-tipc/hwcrypto.c +++ b/lib/trusty/ql-tipc/hwcrypto.c @@ -262,3 +262,8 @@ int hwcrypto_gen_bkek(uint32_t buf, uint32_t len) sizeof(req), NULL, 0, false); return rc; } + +int hwcrypto_lock_boot_state(void) +{ + return hwcrypto_do_tipc(HWCRYPTO_LOCK_BOOT_STATE, NULL, 0, NULL, 0, false); +} -- 2.17.1