uplift bdk

Signed-off-by: Damien Zhao <zdm65477730@126.com>

bdk/sec/se.c

@@ -33,6 +33,9 @@ typedef struct _se_ll_t
 	vu32 size;
 } se_ll_t;
 
+static u32 _se_rsa_mod_sizes[SE_RSA_KEYSLOT_COUNT];
+static u32 _se_rsa_exp_sizes[SE_RSA_KEYSLOT_COUNT];
+
 se_ll_t ll_src, ll_dst;
 se_ll_t *ll_src_ptr, *ll_dst_ptr; // Must be u32 aligned.
 
@@ -194,7 +197,7 @@ static int _se_execute_one_block(u32 op, void *dst, u32 dst_size, const void *sr
 	return res;
 }
 
-static void _se_aes_ctr_set(void *ctr)
+static void _se_aes_ctr_set(const void *ctr)
 {
 	u32 data[SE_AES_IV_SIZE / 4];
 	memcpy(data, ctr, SE_AES_IV_SIZE);
@@ -213,6 +216,66 @@ void se_rsa_acc_ctrl(u32 rs, u32 flags)
 		SE(SE_RSA_SECURITY_PERKEY_REG) &= ~BIT(rs);
 }
 
+// se_rsa_key_set() was derived from Atmosphère's set_rsa_keyslot
+void se_rsa_key_set(u32 ks, const void *mod, u32 mod_size, const void *exp, u32 exp_size)
+{
+	u32 *data = (u32 *)mod;
+	for (u32 i = 0; i < mod_size / 4; i++)
+	{
+		SE(SE_RSA_KEYTABLE_ADDR_REG) = RSA_KEY_NUM(ks) | SE_RSA_KEYTABLE_TYPE(RSA_KEY_TYPE_MOD) | i;
+		SE(SE_RSA_KEYTABLE_DATA_REG) = byte_swap_32(data[mod_size / 4 - i - 1]);
+	}
+
+	data = (u32 *)exp;
+	for (u32 i = 0; i < exp_size / 4; i++)
+	{
+		SE(SE_RSA_KEYTABLE_ADDR_REG) = RSA_KEY_NUM(ks) | SE_RSA_KEYTABLE_TYPE(RSA_KEY_TYPE_EXP) | i;
+		SE(SE_RSA_KEYTABLE_DATA_REG) = byte_swap_32(data[exp_size / 4 - i - 1]);
+	}
+
+	_se_rsa_mod_sizes[ks] = mod_size;
+	_se_rsa_exp_sizes[ks] = exp_size;
+}
+
+// se_rsa_key_clear() was derived from Atmosphère's clear_rsa_keyslot
+void se_rsa_key_clear(u32 ks)
+{
+	for (u32 i = 0; i < SE_RSA2048_DIGEST_SIZE / 4; i++)
+	{
+		SE(SE_RSA_KEYTABLE_ADDR_REG) = RSA_KEY_NUM(ks) | SE_RSA_KEYTABLE_TYPE(RSA_KEY_TYPE_MOD) | i;
+		SE(SE_RSA_KEYTABLE_DATA_REG) = 0;
+	}
+	for (u32 i = 0; i < SE_RSA2048_DIGEST_SIZE / 4; i++)
+	{
+		SE(SE_RSA_KEYTABLE_ADDR_REG) = RSA_KEY_NUM(ks) | SE_RSA_KEYTABLE_TYPE(RSA_KEY_TYPE_EXP) | i;
+		SE(SE_RSA_KEYTABLE_DATA_REG) = 0;
+	}
+}
+
+// se_rsa_exp_mod() was derived from Atmosphère's se_synchronous_exp_mod and se_get_exp_mod_output
+int se_rsa_exp_mod(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size)
+{
+	int res;
+	u8 stack_buf[SE_RSA2048_DIGEST_SIZE];
+
+	for (u32 i = 0; i < src_size; i++)
+		stack_buf[i] = *((u8 *)src + src_size - i - 1);
+
+	SE(SE_CONFIG_REG) = SE_CONFIG_ENC_ALG(ALG_RSA) | SE_CONFIG_DST(DST_RSAREG);
+	SE(SE_RSA_CONFIG) = RSA_KEY_SLOT(ks);
+	SE(SE_RSA_KEY_SIZE_REG) = (_se_rsa_mod_sizes[ks] >> 6) - 1;
+	SE(SE_RSA_EXP_SIZE_REG) = _se_rsa_exp_sizes[ks] >> 2;
+
+	res = _se_execute_oneshot(SE_OP_START, NULL, 0, stack_buf, src_size);
+
+	// Copy output hash.
+	u32 *dst32 = (u32 *)dst;
+	for (u32 i = 0; i < dst_size / 4; i++)
+		dst32[dst_size / 4 - i - 1] = byte_swap_32(SE(SE_RSA_OUTPUT_REG + (i * 4)));
+
+	return res;
+}
+
 void se_key_acc_ctrl(u32 ks, u32 flags)
 {
 	if (flags & SE_KEY_TBL_DIS_KEY_ACCESS_FLAG)
@@ -226,7 +289,7 @@ u32 se_key_acc_ctrl_get(u32 ks)
 	return SE(SE_CRYPTO_KEYTABLE_ACCESS_REG + 4 * ks);
 }
 
-void se_aes_key_set(u32 ks, void *key, u32 size)
+void se_aes_key_set(u32 ks, const void *key, u32 size)
 {
 	u32 data[SE_AES_MAX_KEY_SIZE / 4];
 	memcpy(data, key, size);
@@ -238,7 +301,13 @@ void se_aes_key_set(u32 ks, void *key, u32 size)
 	}
 }
 
-void se_aes_iv_set(u32 ks, void *iv)
+void se_aes_key_partial_set(u32 ks, u32 index, u32 data)
+{
+	SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | index;
+	SE(SE_CRYPTO_KEYTABLE_DATA_REG) = data;
+}
+
+void se_aes_iv_set(u32 ks, const void *iv)
 {
 	u32 data[SE_AES_IV_SIZE / 4];
 	memcpy(data, iv, SE_AES_IV_SIZE);

bdk/sec/se.h

@@ -22,11 +22,15 @@
 #include <utils/types.h>
 
 void se_rsa_acc_ctrl(u32 rs, u32 flags);
+void se_rsa_key_set(u32 ks, const void *mod, u32 mod_size, const void *exp, u32 exp_size);
+void se_rsa_key_clear(u32 ks);
+int  se_rsa_exp_mod(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size);
 void se_key_acc_ctrl(u32 ks, u32 flags);
 u32  se_key_acc_ctrl_get(u32 ks);
 void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize);
-void se_aes_key_set(u32 ks, void *key, u32 size);
-void se_aes_iv_set(u32 ks, void *iv);
+void se_aes_key_set(u32 ks, const void *key, u32 size);
+void se_aes_iv_set(u32 ks, const void *iv);
+void se_aes_key_partial_set(u32 ks, u32 index, u32 data);
 void se_aes_key_get(u32 ks, void *key, u32 size);
 void se_aes_key_clear(u32 ks);
 void se_aes_iv_clear(u32 ks);

bdk/sec/tsec.c

@@ -75,7 +75,7 @@ int tsec_query(void *tsec_keys, tsec_ctxt_t *tsec_ctxt)
 	void *ptb;
 
 	bpmp_mmu_disable();
-	bpmp_freq_t prev_fid = bpmp_clk_rate_set(BPMP_CLK_NORMAL);
+	bpmp_clk_rate_relaxed(true);
 
 	// Enable clocks.
 	clock_enable_tsec();
@@ -305,7 +305,7 @@ out:
 	clock_disable_sor_safe();
 	clock_disable_tsec();
 	bpmp_mmu_enable();
-	bpmp_clk_rate_set(prev_fid);
+	bpmp_clk_rate_relaxed(false);
 
 #ifdef BDK_MC_ENABLE_AHB_REDIRECT
 	// Re-enable AHB aperture.