From 40a24461f84afd6b743f627d15765bb1535d83a7 Mon Sep 17 00:00:00 2001 From: Zhongfu Luo Date: Wed, 21 Nov 2018 18:14:23 +0800 Subject: [PATCH] GXL: defendkey: support secure upgrade check [2/3] PD#SWPL-2100 Problem: GXL need to support secure upgrade check Solution: 1.add dtb decrypt support 2.add 32bit defendkey support Verify: GXL skt board verify pass Change-Id: I501967530b2a61d9b90c20241b82f92b00829453 Signed-off-by: Zhongfu Luo --- arch/arm/configs/meson64_a32_defconfig | 1 + drivers/amlogic/defendkey/defendkey.c | 73 ++++++++++++++++++++++++++++------ 2 files changed, 61 insertions(+), 13 deletions(-) diff --git a/arch/arm/configs/meson64_a32_defconfig b/arch/arm/configs/meson64_a32_defconfig index df4d76b..5e74d95 100644 --- a/arch/arm/configs/meson64_a32_defconfig +++ b/arch/arm/configs/meson64_a32_defconfig @@ -366,6 +366,7 @@ CONFIG_AMLOGIC_GPIO_IRQ=y CONFIG_AMLOGIC_ATV_DEMOD=y CONFIG_AMLOGIC_DEBUG=y CONFIG_AMLOGIC_DEBUG_LOCKUP=y +CONFIG_AMLOGIC_DEFENDKEY=y CONFIG_AMLOGIC_BATTERY_DUMMY=y CONFIG_AMLOGIC_CHARGER_DUMMY=y CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" diff --git a/drivers/amlogic/defendkey/defendkey.c b/drivers/amlogic/defendkey/defendkey.c index 8bf3c46..6fabe80 100644 --- a/drivers/amlogic/defendkey/defendkey.c +++ b/drivers/amlogic/defendkey/defendkey.c @@ -41,6 +41,10 @@ void __iomem *mem_base_virt; unsigned long mem_size; unsigned long random_virt; +static struct reserved_mem defendkey_rmem; + +#define CMD_SECURE_CHECK _IO('d', 0x01) +#define CMD_DECRYPT_DTB _IO('d', 0x02) enum e_defendkey_type { e_upgrade_check = 0, @@ -83,7 +87,27 @@ static loff_t defendkey_llseek(struct file *filp, loff_t off, int whence) static long defendkey_unlocked_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { - return 0; + unsigned long ret = 0; + + switch (cmd) { + case CMD_SECURE_CHECK: + ret = aml_is_secure_set(); + break; + case CMD_DECRYPT_DTB: + if (arg == 1) + decrypt_dtb = 1; + else if (arg == 0) + decrypt_dtb = 0; + else { + return -EINVAL; + pr_info("set defendkey decrypt_dtb fail,invalid value\n"); + } + break; + default: + return -EINVAL; + } + + return ret; } #ifdef CONFIG_COMPAT @@ -124,7 +148,7 @@ static ssize_t defendkey_read(struct file *file, __func__, ret); return ret_fail; } - __dma_flush_area((const void *)mem_base_virt, copy_size); + //__dma_flush_area((const void *)mem_base_virt, copy_size); } if (!ret) { pr_info("%s: copy data to user successfully!\n", @@ -143,11 +167,12 @@ static ssize_t defendkey_write(struct file *file, ssize_t ret_value = ret_error; int ret = -EINVAL; - unsigned long mem_base_phy, copy_base, copy_size, random; - unsigned long option = 0; + unsigned long mem_base_phy, copy_base, copy_size; + uint64_t option = 0, random = 0, option_random = 0; int i; - mem_base_phy = get_sharemem_info(GET_SHARE_MEM_INPUT_BASE); + + mem_base_phy = defendkey_rmem.base; mem_base_virt = phys_to_virt(mem_base_phy); if (!mem_base_phy || !mem_size) { @@ -161,6 +186,12 @@ static ssize_t defendkey_write(struct file *file, random = readl((void *)random_virt); +#ifdef CONFIG_ARM64_A32 + option_random = (random << 8); +#endif + + option_random |= (random << 32); + for (i = 0; i <= count/mem_size; i++) { copy_size = mem_size; copy_base = (unsigned long)buf+i*mem_size; @@ -173,7 +204,7 @@ static ssize_t defendkey_write(struct file *file, ret = -EFAULT; goto exit; } - __dma_flush_area((const void *)mem_base_virt, copy_size); + //__dma_flush_area((const void *)mem_base_virt, copy_size); if (i == 0) { option = 1; @@ -181,19 +212,19 @@ static ssize_t defendkey_write(struct file *file, /*just transfer data to BL31 one time*/ option = 1|2|4; } - option |= (random<<32); + option |= option_random; } else if ((i > 0) && (i < (count/mem_size))) { - option = 2|(random<<32); + option = 2|option_random; if ((count%mem_size == 0) && (i == (count/mem_size - 1))) - option = 4|(random<<32); + option = 4|option_random; } else if (i == (count/mem_size)) { if (count%mem_size != 0) - option = 4|(random<<32); + option = 4|option_random; else break; } - pr_info("defendkey:%d: copy_size:0x%lx, option:0x%lx\n", + pr_info("defendkey:%d: copy_size:0x%lx, option:0x%llx\n", __LINE__, copy_size, option); pr_info("decrypt_dtb: %d\n", decrypt_dtb); if (e_decrypt_dtb == decrypt_dtb) @@ -277,8 +308,7 @@ static ssize_t decrypt_dtb_store(struct class *cla, len = count; if (!strncmp(buf, "1", len)) { - //decrypt_dtb = 1; - pr_info("current BL31 share memory size not support decrypt_dtb\n"); + decrypt_dtb = 1; } else if (!strncmp(buf, "0", len)) decrypt_dtb = 0; else { @@ -313,6 +343,18 @@ static struct class defendkey_class = { .class_attrs = defendkey_class_attrs, }; +static int __init rmem_defendkey_setup(struct reserved_mem *rmem) +{ + defendkey_rmem.base = rmem->base; + defendkey_rmem.size = rmem->size; + + pr_info("Reserved memory: created defendkey at 0x%p, size %ld MiB\n", + (void *)rmem->base, (unsigned long)rmem->size / SZ_1M); + + return 0; +} +RESERVEDMEM_OF_DECLARE(defendkey, "amlogic, defendkey", rmem_defendkey_setup); + static int aml_defendkey_probe(struct platform_device *pdev) { int ret = -1; @@ -334,7 +376,12 @@ static int aml_defendkey_probe(struct platform_device *pdev) dev_err(&pdev->dev, "please config mem_size in dts\n"); goto error1; } + mem_size = val64; + if (mem_size > defendkey_rmem.size) { + dev_err(&pdev->dev, "Reserved memory is not enough!\n"); + return -EINVAL; + } res = platform_get_resource(pdev, IORESOURCE_MEM, 0); if (IS_ERR(res)) { -- 2.7.4