feat(intel): support HMAC SHA-2 MAC verify request

This command sends request on checking the integrity and authenticity of a blob by comparing the calculated MAC with tagged MAC. The comparison result will be returned in response. Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com> Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com> Change-Id: Ifefdf67f088d7612d2ec2459d71faf2ec8181222
2022-05-10 17:27:12 +08:00 · 2022-05-10 17:27:12 +08:00 · c05ea29690
parent 7e8249a2db
commit c05ea29690
5 changed files with 124 additions and 1 deletions
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@ -66,6 +66,8 @@

 #define FCS_GET_DIGEST_CMD_MAX_WORD_SIZE	7U
 #define FCS_GET_DIGEST_RESP_MAX_WORD_SIZE	19U
+#define FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE	23U
+#define FCS_MAC_VERIFY_RESP_MAX_WORD_SIZE	4U
 #define FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET	8U
 /* FCS Payload Structure */
 typedef struct fcs_rng_payload_t {
@ -179,4 +181,12 @@ int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,
 				uint64_t dst_addr, uint32_t *dst_size,
 				uint32_t *mbox_error);

+int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
+				uint32_t key_id, uint32_t param_size,
+				uint64_t param_data, uint32_t *mbox_error);
+int intel_fcs_mac_verify_finalize(uint32_t session_id, uint32_t context_id,
+				uint32_t src_addr, uint32_t src_size,
+				uint64_t dst_addr, uint32_t *dst_size,
+				uint32_t data_size, uint32_t *mbox_error);
+
 #endif /* SOCFPGA_FCS_H */
--- a/plat/intel/soc/common/include/socfpga_mailbox.h
+++ b/plat/intel/soc/common/include/socfpga_mailbox.h
@ -76,6 +76,7 @@
 #define MBOX_FCS_DECRYPT_REQ				0x7F
 #define MBOX_FCS_RANDOM_GEN				0x80
 #define MBOX_FCS_GET_DIGEST_REQ				0x82
+#define MBOX_FCS_MAC_VERIFY_REQ				0x83
 #define MBOX_FCS_OPEN_CS_SESSION			0xA0
 #define MBOX_FCS_CLOSE_CS_SESSION			0xA1
 #define MBOX_FCS_IMPORT_CS_KEY				0xA5
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@ -95,6 +95,8 @@
 #define INTEL_SIP_SMC_FCS_GET_CS_KEY_INFO		0xC2000073
 #define INTEL_SIP_SMC_FCS_GET_DIGEST_INIT		0xC2000077
 #define INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE		0xC2000079
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT		0xC200007A
+#define INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE		0xC200007C

 #define INTEL_SIP_SMC_FCS_SHA_MODE_MASK			0xF
 #define INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK		0xF
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@ -13,6 +13,7 @@

 /* FCS static variables */
 static fcs_crypto_service_data fcs_sha_get_digest_param;
+static fcs_crypto_service_data fcs_sha_mac_verify_param;

 bool is_size_4_bytes_aligned(uint32_t size)
 {
@ -797,3 +798,98 @@ int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,

 	return INTEL_SIP_SMC_STATUS_OK;
 }
+
+int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
+				uint32_t key_id, uint32_t param_size,
+				uint64_t param_data, uint32_t *mbox_error)
+{
+	return intel_fcs_crypto_service_init(session_id, context_id,
+				key_id, param_size, param_data,
+				(void *) &fcs_sha_mac_verify_param,
+				mbox_error);
+}
+
+int intel_fcs_mac_verify_finalize(uint32_t session_id, uint32_t context_id,
+				uint32_t src_addr, uint32_t src_size,
+				uint64_t dst_addr, uint32_t *dst_size,
+				uint32_t data_size, uint32_t *mbox_error)
+{
+	int status;
+	uint32_t i;
+	uint32_t resp_len = *dst_size / MBOX_WORD_BYTE;
+	uint32_t payload[FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
+	uintptr_t mac_offset;
+
+	if (dst_size == NULL || mbox_error == NULL) {
+		return INTEL_SIP_SMC_STATUS_REJECTED;
+	}
+
+	if (fcs_sha_mac_verify_param.session_id != session_id ||
+		fcs_sha_mac_verify_param.context_id != context_id) {
+		return INTEL_SIP_SMC_STATUS_REJECTED;
+	}
+
+	if (data_size >= src_size) {
+		return INTEL_SIP_SMC_STATUS_REJECTED;
+	}
+
+	if (!is_size_4_bytes_aligned(src_size) ||
+		!is_8_bytes_aligned(data_size)) {
+		return INTEL_SIP_SMC_STATUS_REJECTED;
+	}
+
+	if (!is_address_in_ddr_range(src_addr, src_size) ||
+		!is_address_in_ddr_range(dst_addr, *dst_size)) {
+		return INTEL_SIP_SMC_STATUS_REJECTED;
+	}
+
+	/* Prepare command payload */
+	i = 0;
+	/* Crypto header */
+	payload[i] = fcs_sha_mac_verify_param.session_id;
+	i++;
+	payload[i] = fcs_sha_mac_verify_param.context_id;
+	i++;
+	payload[i] = fcs_sha_mac_verify_param.crypto_param_size
+			& FCS_CS_FIELD_SIZE_MASK;
+	payload[i] |= (FCS_CS_FIELD_FLAG_INIT | FCS_CS_FIELD_FLAG_UPDATE
+			| FCS_CS_FIELD_FLAG_FINALIZE)
+			<< FCS_CS_FIELD_FLAG_OFFSET;
+	i++;
+	payload[i] = fcs_sha_mac_verify_param.key_id;
+	i++;
+	/* Crypto parameters */
+	payload[i] = ((fcs_sha_mac_verify_param.crypto_param
+			>> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
+			& INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
+			<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
+	i++;
+	/* Data source address and size */
+	payload[i] = src_addr;
+	i++;
+	payload[i] = data_size;
+	i++;
+	/* Copy mac data to command */
+	mac_offset = src_addr + data_size;
+	memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
+				src_size - data_size);
+
+	i += (src_size - data_size) / MBOX_WORD_BYTE;
+
+	status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
+				payload, i, CMD_CASUAL,
+				(uint32_t *) dst_addr, &resp_len);
+
+	memset((void *)&fcs_sha_mac_verify_param, 0,
+				sizeof(fcs_crypto_service_data));
+
+	if (status < 0) {
+		*mbox_error = -status;
+		return INTEL_SIP_SMC_STATUS_ERROR;
+	}
+
+	*dst_size = resp_len * MBOX_WORD_BYTE;
+	flush_dcache_range(dst_addr, *dst_size);
+
+	return INTEL_SIP_SMC_STATUS_OK;
+}
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@ -634,7 +634,7 @@ uintptr_t sip_smc_handler(uint32_t smc_fid,
 	int status = INTEL_SIP_SMC_STATUS_OK;
 	int mbox_status;
 	unsigned int len_in_resp;
-	u_register_t x5, x6;
+	u_register_t x5, x6, x7;

 	switch (smc_fid) {
 	case SIP_SVC_UID:
@ -880,6 +880,20 @@ uintptr_t sip_smc_handler(uint32_t smc_fid,
 					 x4, x5, (uint32_t *) &x6, &mbox_error);
 		SMC_RET4(handle, status, mbox_error, x5, x6);

+	case INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT:
+		x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+		status = intel_fcs_mac_verify_init(x1, x2, x3,
+					x4, x5, &mbox_error);
+		SMC_RET2(handle, status, mbox_error);
+
+	case INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE:
+		x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+		x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+		x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+		status = intel_fcs_mac_verify_finalize(x1, x2, x3,
+					 x4, x5, (uint32_t *) &x6, x7, &mbox_error);
+		SMC_RET4(handle, status, mbox_error, x5, x6);
+
 	case INTEL_SIP_SMC_GET_ROM_PATCH_SHA384:
 		status = intel_fcs_get_rom_patch_sha384(x1, &retval64,
 							&mbox_error);