cmd_esbc_validate.c 2.09 KB
edit raw blame history



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86


// SPDX-License-Identifier: GPL-2.0+
/*
 * Copyright 2015 Freescale Semiconductor, Inc.
 */

#include <common.h>
#include <command.h>
#include <env.h>
#include <fsl_validate.h>

int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
				char * const argv[])
{
	if (fsl_check_boot_mode_secure() == 0) {
		printf("Boot Mode is Non-Secure. Not entering spin loop.\n");
		return 0;
	}

	printf("Core is entering spin loop.\n");
loop:
	goto loop;

	return 0;
}

#ifndef CONFIG_SPL_BUILD
static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc,
				char * const argv[])
{
	char *hash_str = NULL;
	uintptr_t haddr;
	int ret;
	uintptr_t img_addr = 0;
	char buf[20];

	if (argc < 2)
		return cmd_usage(cmdtp);
	else if (argc > 2)
		/* Second arg - Optional - Hash Str*/
		hash_str = argv[2];

	/* First argument - header address -32/64bit */
	haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);

	/* With esbc_validate command, Image address must be
	 * part of header. So, the function is called
	 * by passing this argument as 0.
	 */
	ret = fsl_secboot_validate(haddr, hash_str, &img_addr);

	/* Need to set "img_addr" even if validation failure.
	 * Required when SB_EN in RCW set and non-fatal error
	 * to continue U-Boot
	 */
	sprintf(buf, "%lx", img_addr);
	env_set("img_addr", buf);

	if (ret)
		return 1;

	printf("esbc_validate command successful\n");
	return 0;
}

/***************************************************/
static char esbc_validate_help_text[] =
	"esbc_validate hdr_addr <hash_val> - Validates signature using\n"
	"                          RSA verification\n"
	"                          $hdr_addr Address of header of the image\n"
	"                          to be validated.\n"
	"                          $hash_val -Optional\n"
	"                          It provides Hash of public/srk key to be\n"
	"                          used to verify signature.\n";

U_BOOT_CMD(
	esbc_validate,	3,	0,	do_esbc_validate,
	"Validates signature on a given image using RSA verification",
	esbc_validate_help_text
);

U_BOOT_CMD(
	esbc_halt,	1,	0,	do_esbc_halt,
	"Put the core in spin loop (Secure Boot Only)",
	""
);
#endif