Commit b2ca8907d92434300e081e0f23ec589a2de1be9f
Committed by
Stefano Babic
1 parent
d01806a8fc
Exists in
smarc_8mq_lf_v2020.04
and in
11 other branches
imx: hab: Convert non-NULL IVT DCD pointer warning to an error
The following NXP application notes and manual recommend to ensure the IVT DCD pointer is Null prior to calling HAB API authenticate_image() function: - AN12263: HABv4 RVT Guidelines and Recommendations - AN4581: Secure Boot on i.MX50, i.MX53, i.MX 6 and i.MX7 Series using HABv4 - CST docs: High Assurance Boot Version 4 Application Programming Interface Reference Manual Commit ca89df7dd46f ("imx: hab: Convert DCD non-NULL error to warning") converted DCD non-NULL error to warning due to the lack of documentation at the time of first patch submission. We have warned U-Boot users since v2018.03, and it makes sense now to follow the NXP recommendation to ensure the IVT DCD pointer is Null. DCD commands should only be present in the initial boot image loaded by the SoC ROM. Starting in HAB v4.3.7 the HAB code will generate an error if a DCD pointer is present in an image being authenticated by calling the HAB RVT API. Older versions of HAB will process and run DCD if it is present, and this could lead to an incorrect authentication boot flow. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <festevam@gmail.com>
Showing 1 changed file with 4 additions and 2 deletions Inline Diff
arch/arm/mach-imx/hab.c
1 | // SPDX-License-Identifier: GPL-2.0+ | 1 | // SPDX-License-Identifier: GPL-2.0+ |
2 | /* | 2 | /* |
3 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. | 3 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. |
4 | */ | 4 | */ |
5 | 5 | ||
6 | #include <common.h> | 6 | #include <common.h> |
7 | #include <config.h> | 7 | #include <config.h> |
8 | #include <fuse.h> | 8 | #include <fuse.h> |
9 | #include <mapmem.h> | 9 | #include <mapmem.h> |
10 | #include <image.h> | 10 | #include <image.h> |
11 | #include <asm/io.h> | 11 | #include <asm/io.h> |
12 | #include <asm/system.h> | 12 | #include <asm/system.h> |
13 | #include <asm/arch/clock.h> | 13 | #include <asm/arch/clock.h> |
14 | #include <asm/arch/sys_proto.h> | 14 | #include <asm/arch/sys_proto.h> |
15 | #include <asm/mach-imx/hab.h> | 15 | #include <asm/mach-imx/hab.h> |
16 | 16 | ||
17 | #define ALIGN_SIZE 0x1000 | 17 | #define ALIGN_SIZE 0x1000 |
18 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 | 18 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 |
19 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 | 19 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 |
20 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 | 20 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 |
21 | #define IS_HAB_ENABLED_BIT \ | 21 | #define IS_HAB_ENABLED_BIT \ |
22 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ | 22 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ |
23 | (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) | 23 | (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) |
24 | 24 | ||
25 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) | 25 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) |
26 | { | 26 | { |
27 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, | 27 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, |
28 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); | 28 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); |
29 | 29 | ||
30 | return 1; | 30 | return 1; |
31 | } | 31 | } |
32 | 32 | ||
33 | static int verify_ivt_header(struct ivt_header *ivt_hdr) | 33 | static int verify_ivt_header(struct ivt_header *ivt_hdr) |
34 | { | 34 | { |
35 | int result = 0; | 35 | int result = 0; |
36 | 36 | ||
37 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) | 37 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) |
38 | result = ivt_header_error("bad magic", ivt_hdr); | 38 | result = ivt_header_error("bad magic", ivt_hdr); |
39 | 39 | ||
40 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) | 40 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) |
41 | result = ivt_header_error("bad length", ivt_hdr); | 41 | result = ivt_header_error("bad length", ivt_hdr); |
42 | 42 | ||
43 | if (ivt_hdr->version != IVT_HEADER_V1 && | 43 | if (ivt_hdr->version != IVT_HEADER_V1 && |
44 | ivt_hdr->version != IVT_HEADER_V2) | 44 | ivt_hdr->version != IVT_HEADER_V2) |
45 | result = ivt_header_error("bad version", ivt_hdr); | 45 | result = ivt_header_error("bad version", ivt_hdr); |
46 | 46 | ||
47 | return result; | 47 | return result; |
48 | } | 48 | } |
49 | 49 | ||
50 | #if !defined(CONFIG_SPL_BUILD) | 50 | #if !defined(CONFIG_SPL_BUILD) |
51 | 51 | ||
52 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ | 52 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ |
53 | 53 | ||
54 | struct record { | 54 | struct record { |
55 | uint8_t tag; /* Tag */ | 55 | uint8_t tag; /* Tag */ |
56 | uint8_t len[2]; /* Length */ | 56 | uint8_t len[2]; /* Length */ |
57 | uint8_t par; /* Version */ | 57 | uint8_t par; /* Version */ |
58 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ | 58 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ |
59 | bool any_rec_flag; | 59 | bool any_rec_flag; |
60 | }; | 60 | }; |
61 | 61 | ||
62 | static char *rsn_str[] = { | 62 | static char *rsn_str[] = { |
63 | "RSN = HAB_RSN_ANY (0x00)\n", | 63 | "RSN = HAB_RSN_ANY (0x00)\n", |
64 | "RSN = HAB_ENG_FAIL (0x30)\n", | 64 | "RSN = HAB_ENG_FAIL (0x30)\n", |
65 | "RSN = HAB_INV_ADDRESS (0x22)\n", | 65 | "RSN = HAB_INV_ADDRESS (0x22)\n", |
66 | "RSN = HAB_INV_ASSERTION (0x0C)\n", | 66 | "RSN = HAB_INV_ASSERTION (0x0C)\n", |
67 | "RSN = HAB_INV_CALL (0x28)\n", | 67 | "RSN = HAB_INV_CALL (0x28)\n", |
68 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", | 68 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", |
69 | "RSN = HAB_INV_COMMAND (0x06)\n", | 69 | "RSN = HAB_INV_COMMAND (0x06)\n", |
70 | "RSN = HAB_INV_CSF (0x11)\n", | 70 | "RSN = HAB_INV_CSF (0x11)\n", |
71 | "RSN = HAB_INV_DCD (0x27)\n", | 71 | "RSN = HAB_INV_DCD (0x27)\n", |
72 | "RSN = HAB_INV_INDEX (0x0F)\n", | 72 | "RSN = HAB_INV_INDEX (0x0F)\n", |
73 | "RSN = HAB_INV_IVT (0x05)\n", | 73 | "RSN = HAB_INV_IVT (0x05)\n", |
74 | "RSN = HAB_INV_KEY (0x1D)\n", | 74 | "RSN = HAB_INV_KEY (0x1D)\n", |
75 | "RSN = HAB_INV_RETURN (0x1E)\n", | 75 | "RSN = HAB_INV_RETURN (0x1E)\n", |
76 | "RSN = HAB_INV_SIGNATURE (0x18)\n", | 76 | "RSN = HAB_INV_SIGNATURE (0x18)\n", |
77 | "RSN = HAB_INV_SIZE (0x17)\n", | 77 | "RSN = HAB_INV_SIZE (0x17)\n", |
78 | "RSN = HAB_MEM_FAIL (0x2E)\n", | 78 | "RSN = HAB_MEM_FAIL (0x2E)\n", |
79 | "RSN = HAB_OVR_COUNT (0x2B)\n", | 79 | "RSN = HAB_OVR_COUNT (0x2B)\n", |
80 | "RSN = HAB_OVR_STORAGE (0x2D)\n", | 80 | "RSN = HAB_OVR_STORAGE (0x2D)\n", |
81 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", | 81 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", |
82 | "RSN = HAB_UNS_COMMAND (0x03)\n", | 82 | "RSN = HAB_UNS_COMMAND (0x03)\n", |
83 | "RSN = HAB_UNS_ENGINE (0x0A)\n", | 83 | "RSN = HAB_UNS_ENGINE (0x0A)\n", |
84 | "RSN = HAB_UNS_ITEM (0x24)\n", | 84 | "RSN = HAB_UNS_ITEM (0x24)\n", |
85 | "RSN = HAB_UNS_KEY (0x1B)\n", | 85 | "RSN = HAB_UNS_KEY (0x1B)\n", |
86 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", | 86 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", |
87 | "RSN = HAB_UNS_STATE (0x09)\n", | 87 | "RSN = HAB_UNS_STATE (0x09)\n", |
88 | "RSN = INVALID\n", | 88 | "RSN = INVALID\n", |
89 | NULL | 89 | NULL |
90 | }; | 90 | }; |
91 | 91 | ||
92 | static char *sts_str[] = { | 92 | static char *sts_str[] = { |
93 | "STS = HAB_SUCCESS (0xF0)\n", | 93 | "STS = HAB_SUCCESS (0xF0)\n", |
94 | "STS = HAB_FAILURE (0x33)\n", | 94 | "STS = HAB_FAILURE (0x33)\n", |
95 | "STS = HAB_WARNING (0x69)\n", | 95 | "STS = HAB_WARNING (0x69)\n", |
96 | "STS = INVALID\n", | 96 | "STS = INVALID\n", |
97 | NULL | 97 | NULL |
98 | }; | 98 | }; |
99 | 99 | ||
100 | static char *eng_str[] = { | 100 | static char *eng_str[] = { |
101 | "ENG = HAB_ENG_ANY (0x00)\n", | 101 | "ENG = HAB_ENG_ANY (0x00)\n", |
102 | "ENG = HAB_ENG_SCC (0x03)\n", | 102 | "ENG = HAB_ENG_SCC (0x03)\n", |
103 | "ENG = HAB_ENG_RTIC (0x05)\n", | 103 | "ENG = HAB_ENG_RTIC (0x05)\n", |
104 | "ENG = HAB_ENG_SAHARA (0x06)\n", | 104 | "ENG = HAB_ENG_SAHARA (0x06)\n", |
105 | "ENG = HAB_ENG_CSU (0x0A)\n", | 105 | "ENG = HAB_ENG_CSU (0x0A)\n", |
106 | "ENG = HAB_ENG_SRTC (0x0C)\n", | 106 | "ENG = HAB_ENG_SRTC (0x0C)\n", |
107 | "ENG = HAB_ENG_DCP (0x1B)\n", | 107 | "ENG = HAB_ENG_DCP (0x1B)\n", |
108 | "ENG = HAB_ENG_CAAM (0x1D)\n", | 108 | "ENG = HAB_ENG_CAAM (0x1D)\n", |
109 | "ENG = HAB_ENG_SNVS (0x1E)\n", | 109 | "ENG = HAB_ENG_SNVS (0x1E)\n", |
110 | "ENG = HAB_ENG_OCOTP (0x21)\n", | 110 | "ENG = HAB_ENG_OCOTP (0x21)\n", |
111 | "ENG = HAB_ENG_DTCP (0x22)\n", | 111 | "ENG = HAB_ENG_DTCP (0x22)\n", |
112 | "ENG = HAB_ENG_ROM (0x36)\n", | 112 | "ENG = HAB_ENG_ROM (0x36)\n", |
113 | "ENG = HAB_ENG_HDCP (0x24)\n", | 113 | "ENG = HAB_ENG_HDCP (0x24)\n", |
114 | "ENG = HAB_ENG_RTL (0x77)\n", | 114 | "ENG = HAB_ENG_RTL (0x77)\n", |
115 | "ENG = HAB_ENG_SW (0xFF)\n", | 115 | "ENG = HAB_ENG_SW (0xFF)\n", |
116 | "ENG = INVALID\n", | 116 | "ENG = INVALID\n", |
117 | NULL | 117 | NULL |
118 | }; | 118 | }; |
119 | 119 | ||
120 | static char *ctx_str[] = { | 120 | static char *ctx_str[] = { |
121 | "CTX = HAB_CTX_ANY(0x00)\n", | 121 | "CTX = HAB_CTX_ANY(0x00)\n", |
122 | "CTX = HAB_CTX_FAB (0xFF)\n", | 122 | "CTX = HAB_CTX_FAB (0xFF)\n", |
123 | "CTX = HAB_CTX_ENTRY (0xE1)\n", | 123 | "CTX = HAB_CTX_ENTRY (0xE1)\n", |
124 | "CTX = HAB_CTX_TARGET (0x33)\n", | 124 | "CTX = HAB_CTX_TARGET (0x33)\n", |
125 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", | 125 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", |
126 | "CTX = HAB_CTX_DCD (0xDD)\n", | 126 | "CTX = HAB_CTX_DCD (0xDD)\n", |
127 | "CTX = HAB_CTX_CSF (0xCF)\n", | 127 | "CTX = HAB_CTX_CSF (0xCF)\n", |
128 | "CTX = HAB_CTX_COMMAND (0xC0)\n", | 128 | "CTX = HAB_CTX_COMMAND (0xC0)\n", |
129 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", | 129 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", |
130 | "CTX = HAB_CTX_ASSERT (0xA0)\n", | 130 | "CTX = HAB_CTX_ASSERT (0xA0)\n", |
131 | "CTX = HAB_CTX_EXIT (0xEE)\n", | 131 | "CTX = HAB_CTX_EXIT (0xEE)\n", |
132 | "CTX = INVALID\n", | 132 | "CTX = INVALID\n", |
133 | NULL | 133 | NULL |
134 | }; | 134 | }; |
135 | 135 | ||
136 | static uint8_t hab_statuses[5] = { | 136 | static uint8_t hab_statuses[5] = { |
137 | HAB_STS_ANY, | 137 | HAB_STS_ANY, |
138 | HAB_FAILURE, | 138 | HAB_FAILURE, |
139 | HAB_WARNING, | 139 | HAB_WARNING, |
140 | HAB_SUCCESS, | 140 | HAB_SUCCESS, |
141 | -1 | 141 | -1 |
142 | }; | 142 | }; |
143 | 143 | ||
144 | static uint8_t hab_reasons[26] = { | 144 | static uint8_t hab_reasons[26] = { |
145 | HAB_RSN_ANY, | 145 | HAB_RSN_ANY, |
146 | HAB_ENG_FAIL, | 146 | HAB_ENG_FAIL, |
147 | HAB_INV_ADDRESS, | 147 | HAB_INV_ADDRESS, |
148 | HAB_INV_ASSERTION, | 148 | HAB_INV_ASSERTION, |
149 | HAB_INV_CALL, | 149 | HAB_INV_CALL, |
150 | HAB_INV_CERTIFICATE, | 150 | HAB_INV_CERTIFICATE, |
151 | HAB_INV_COMMAND, | 151 | HAB_INV_COMMAND, |
152 | HAB_INV_CSF, | 152 | HAB_INV_CSF, |
153 | HAB_INV_DCD, | 153 | HAB_INV_DCD, |
154 | HAB_INV_INDEX, | 154 | HAB_INV_INDEX, |
155 | HAB_INV_IVT, | 155 | HAB_INV_IVT, |
156 | HAB_INV_KEY, | 156 | HAB_INV_KEY, |
157 | HAB_INV_RETURN, | 157 | HAB_INV_RETURN, |
158 | HAB_INV_SIGNATURE, | 158 | HAB_INV_SIGNATURE, |
159 | HAB_INV_SIZE, | 159 | HAB_INV_SIZE, |
160 | HAB_MEM_FAIL, | 160 | HAB_MEM_FAIL, |
161 | HAB_OVR_COUNT, | 161 | HAB_OVR_COUNT, |
162 | HAB_OVR_STORAGE, | 162 | HAB_OVR_STORAGE, |
163 | HAB_UNS_ALGORITHM, | 163 | HAB_UNS_ALGORITHM, |
164 | HAB_UNS_COMMAND, | 164 | HAB_UNS_COMMAND, |
165 | HAB_UNS_ENGINE, | 165 | HAB_UNS_ENGINE, |
166 | HAB_UNS_ITEM, | 166 | HAB_UNS_ITEM, |
167 | HAB_UNS_KEY, | 167 | HAB_UNS_KEY, |
168 | HAB_UNS_PROTOCOL, | 168 | HAB_UNS_PROTOCOL, |
169 | HAB_UNS_STATE, | 169 | HAB_UNS_STATE, |
170 | -1 | 170 | -1 |
171 | }; | 171 | }; |
172 | 172 | ||
173 | static uint8_t hab_contexts[12] = { | 173 | static uint8_t hab_contexts[12] = { |
174 | HAB_CTX_ANY, | 174 | HAB_CTX_ANY, |
175 | HAB_CTX_FAB, | 175 | HAB_CTX_FAB, |
176 | HAB_CTX_ENTRY, | 176 | HAB_CTX_ENTRY, |
177 | HAB_CTX_TARGET, | 177 | HAB_CTX_TARGET, |
178 | HAB_CTX_AUTHENTICATE, | 178 | HAB_CTX_AUTHENTICATE, |
179 | HAB_CTX_DCD, | 179 | HAB_CTX_DCD, |
180 | HAB_CTX_CSF, | 180 | HAB_CTX_CSF, |
181 | HAB_CTX_COMMAND, | 181 | HAB_CTX_COMMAND, |
182 | HAB_CTX_AUT_DAT, | 182 | HAB_CTX_AUT_DAT, |
183 | HAB_CTX_ASSERT, | 183 | HAB_CTX_ASSERT, |
184 | HAB_CTX_EXIT, | 184 | HAB_CTX_EXIT, |
185 | -1 | 185 | -1 |
186 | }; | 186 | }; |
187 | 187 | ||
188 | static uint8_t hab_engines[16] = { | 188 | static uint8_t hab_engines[16] = { |
189 | HAB_ENG_ANY, | 189 | HAB_ENG_ANY, |
190 | HAB_ENG_SCC, | 190 | HAB_ENG_SCC, |
191 | HAB_ENG_RTIC, | 191 | HAB_ENG_RTIC, |
192 | HAB_ENG_SAHARA, | 192 | HAB_ENG_SAHARA, |
193 | HAB_ENG_CSU, | 193 | HAB_ENG_CSU, |
194 | HAB_ENG_SRTC, | 194 | HAB_ENG_SRTC, |
195 | HAB_ENG_DCP, | 195 | HAB_ENG_DCP, |
196 | HAB_ENG_CAAM, | 196 | HAB_ENG_CAAM, |
197 | HAB_ENG_SNVS, | 197 | HAB_ENG_SNVS, |
198 | HAB_ENG_OCOTP, | 198 | HAB_ENG_OCOTP, |
199 | HAB_ENG_DTCP, | 199 | HAB_ENG_DTCP, |
200 | HAB_ENG_ROM, | 200 | HAB_ENG_ROM, |
201 | HAB_ENG_HDCP, | 201 | HAB_ENG_HDCP, |
202 | HAB_ENG_RTL, | 202 | HAB_ENG_RTL, |
203 | HAB_ENG_SW, | 203 | HAB_ENG_SW, |
204 | -1 | 204 | -1 |
205 | }; | 205 | }; |
206 | 206 | ||
207 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) | 207 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) |
208 | { | 208 | { |
209 | uint8_t idx = 0; | 209 | uint8_t idx = 0; |
210 | uint8_t element = list[idx]; | 210 | uint8_t element = list[idx]; |
211 | while (element != -1) { | 211 | while (element != -1) { |
212 | if (element == tgt) | 212 | if (element == tgt) |
213 | return idx; | 213 | return idx; |
214 | element = list[++idx]; | 214 | element = list[++idx]; |
215 | } | 215 | } |
216 | return -1; | 216 | return -1; |
217 | } | 217 | } |
218 | 218 | ||
219 | static void process_event_record(uint8_t *event_data, size_t bytes) | 219 | static void process_event_record(uint8_t *event_data, size_t bytes) |
220 | { | 220 | { |
221 | struct record *rec = (struct record *)event_data; | 221 | struct record *rec = (struct record *)event_data; |
222 | 222 | ||
223 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); | 223 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); |
224 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); | 224 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); |
225 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); | 225 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); |
226 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); | 226 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); |
227 | } | 227 | } |
228 | 228 | ||
229 | static void display_event(uint8_t *event_data, size_t bytes) | 229 | static void display_event(uint8_t *event_data, size_t bytes) |
230 | { | 230 | { |
231 | uint32_t i; | 231 | uint32_t i; |
232 | 232 | ||
233 | if (!(event_data && bytes > 0)) | 233 | if (!(event_data && bytes > 0)) |
234 | return; | 234 | return; |
235 | 235 | ||
236 | for (i = 0; i < bytes; i++) { | 236 | for (i = 0; i < bytes; i++) { |
237 | if (i == 0) | 237 | if (i == 0) |
238 | printf("\t0x%02x", event_data[i]); | 238 | printf("\t0x%02x", event_data[i]); |
239 | else if ((i % 8) == 0) | 239 | else if ((i % 8) == 0) |
240 | printf("\n\t0x%02x", event_data[i]); | 240 | printf("\n\t0x%02x", event_data[i]); |
241 | else | 241 | else |
242 | printf(" 0x%02x", event_data[i]); | 242 | printf(" 0x%02x", event_data[i]); |
243 | } | 243 | } |
244 | 244 | ||
245 | process_event_record(event_data, bytes); | 245 | process_event_record(event_data, bytes); |
246 | } | 246 | } |
247 | 247 | ||
248 | static int get_hab_status(void) | 248 | static int get_hab_status(void) |
249 | { | 249 | { |
250 | uint32_t index = 0; /* Loop index */ | 250 | uint32_t index = 0; /* Loop index */ |
251 | uint8_t event_data[128]; /* Event data buffer */ | 251 | uint8_t event_data[128]; /* Event data buffer */ |
252 | size_t bytes = sizeof(event_data); /* Event size in bytes */ | 252 | size_t bytes = sizeof(event_data); /* Event size in bytes */ |
253 | enum hab_config config = 0; | 253 | enum hab_config config = 0; |
254 | enum hab_state state = 0; | 254 | enum hab_state state = 0; |
255 | hab_rvt_report_event_t *hab_rvt_report_event; | 255 | hab_rvt_report_event_t *hab_rvt_report_event; |
256 | hab_rvt_report_status_t *hab_rvt_report_status; | 256 | hab_rvt_report_status_t *hab_rvt_report_status; |
257 | 257 | ||
258 | hab_rvt_report_event = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; | 258 | hab_rvt_report_event = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; |
259 | hab_rvt_report_status = | 259 | hab_rvt_report_status = |
260 | (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; | 260 | (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; |
261 | 261 | ||
262 | if (imx_hab_is_enabled()) | 262 | if (imx_hab_is_enabled()) |
263 | puts("\nSecure boot enabled\n"); | 263 | puts("\nSecure boot enabled\n"); |
264 | else | 264 | else |
265 | puts("\nSecure boot disabled\n"); | 265 | puts("\nSecure boot disabled\n"); |
266 | 266 | ||
267 | /* Check HAB status */ | 267 | /* Check HAB status */ |
268 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { | 268 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { |
269 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | 269 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", |
270 | config, state); | 270 | config, state); |
271 | 271 | ||
272 | /* Display HAB Error events */ | 272 | /* Display HAB Error events */ |
273 | while (hab_rvt_report_event(HAB_FAILURE, index, event_data, | 273 | while (hab_rvt_report_event(HAB_FAILURE, index, event_data, |
274 | &bytes) == HAB_SUCCESS) { | 274 | &bytes) == HAB_SUCCESS) { |
275 | puts("\n"); | 275 | puts("\n"); |
276 | printf("--------- HAB Event %d -----------------\n", | 276 | printf("--------- HAB Event %d -----------------\n", |
277 | index + 1); | 277 | index + 1); |
278 | puts("event data:\n"); | 278 | puts("event data:\n"); |
279 | display_event(event_data, bytes); | 279 | display_event(event_data, bytes); |
280 | puts("\n"); | 280 | puts("\n"); |
281 | bytes = sizeof(event_data); | 281 | bytes = sizeof(event_data); |
282 | index++; | 282 | index++; |
283 | } | 283 | } |
284 | } | 284 | } |
285 | /* Display message if no HAB events are found */ | 285 | /* Display message if no HAB events are found */ |
286 | else { | 286 | else { |
287 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | 287 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", |
288 | config, state); | 288 | config, state); |
289 | puts("No HAB Events Found!\n\n"); | 289 | puts("No HAB Events Found!\n\n"); |
290 | } | 290 | } |
291 | return 0; | 291 | return 0; |
292 | } | 292 | } |
293 | 293 | ||
294 | static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, | 294 | static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, |
295 | char * const argv[]) | 295 | char * const argv[]) |
296 | { | 296 | { |
297 | if ((argc != 1)) { | 297 | if ((argc != 1)) { |
298 | cmd_usage(cmdtp); | 298 | cmd_usage(cmdtp); |
299 | return 1; | 299 | return 1; |
300 | } | 300 | } |
301 | 301 | ||
302 | get_hab_status(); | 302 | get_hab_status(); |
303 | 303 | ||
304 | return 0; | 304 | return 0; |
305 | } | 305 | } |
306 | 306 | ||
307 | static ulong get_image_ivt_offset(ulong img_addr) | 307 | static ulong get_image_ivt_offset(ulong img_addr) |
308 | { | 308 | { |
309 | const void *buf; | 309 | const void *buf; |
310 | 310 | ||
311 | buf = map_sysmem(img_addr, 0); | 311 | buf = map_sysmem(img_addr, 0); |
312 | switch (genimg_get_format(buf)) { | 312 | switch (genimg_get_format(buf)) { |
313 | #if defined(CONFIG_IMAGE_FORMAT_LEGACY) | 313 | #if defined(CONFIG_IMAGE_FORMAT_LEGACY) |
314 | case IMAGE_FORMAT_LEGACY: | 314 | case IMAGE_FORMAT_LEGACY: |
315 | return (image_get_image_size((image_header_t *)img_addr) | 315 | return (image_get_image_size((image_header_t *)img_addr) |
316 | + 0x1000 - 1) & ~(0x1000 - 1); | 316 | + 0x1000 - 1) & ~(0x1000 - 1); |
317 | #endif | 317 | #endif |
318 | #if IMAGE_ENABLE_FIT | 318 | #if IMAGE_ENABLE_FIT |
319 | case IMAGE_FORMAT_FIT: | 319 | case IMAGE_FORMAT_FIT: |
320 | return (fit_get_size(buf) + 0x1000 - 1) & ~(0x1000 - 1); | 320 | return (fit_get_size(buf) + 0x1000 - 1) & ~(0x1000 - 1); |
321 | #endif | 321 | #endif |
322 | default: | 322 | default: |
323 | return 0; | 323 | return 0; |
324 | } | 324 | } |
325 | } | 325 | } |
326 | 326 | ||
327 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, | 327 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, |
328 | char * const argv[]) | 328 | char * const argv[]) |
329 | { | 329 | { |
330 | ulong addr, length, ivt_offset; | 330 | ulong addr, length, ivt_offset; |
331 | int rcode = 0; | 331 | int rcode = 0; |
332 | 332 | ||
333 | if (argc < 3) | 333 | if (argc < 3) |
334 | return CMD_RET_USAGE; | 334 | return CMD_RET_USAGE; |
335 | 335 | ||
336 | addr = simple_strtoul(argv[1], NULL, 16); | 336 | addr = simple_strtoul(argv[1], NULL, 16); |
337 | length = simple_strtoul(argv[2], NULL, 16); | 337 | length = simple_strtoul(argv[2], NULL, 16); |
338 | if (argc == 3) | 338 | if (argc == 3) |
339 | ivt_offset = get_image_ivt_offset(addr); | 339 | ivt_offset = get_image_ivt_offset(addr); |
340 | else | 340 | else |
341 | ivt_offset = simple_strtoul(argv[3], NULL, 16); | 341 | ivt_offset = simple_strtoul(argv[3], NULL, 16); |
342 | 342 | ||
343 | rcode = imx_hab_authenticate_image(addr, length, ivt_offset); | 343 | rcode = imx_hab_authenticate_image(addr, length, ivt_offset); |
344 | if (rcode == 0) | 344 | if (rcode == 0) |
345 | rcode = CMD_RET_SUCCESS; | 345 | rcode = CMD_RET_SUCCESS; |
346 | else | 346 | else |
347 | rcode = CMD_RET_FAILURE; | 347 | rcode = CMD_RET_FAILURE; |
348 | 348 | ||
349 | return rcode; | 349 | return rcode; |
350 | } | 350 | } |
351 | 351 | ||
352 | static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, | 352 | static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, |
353 | char * const argv[]) | 353 | char * const argv[]) |
354 | { | 354 | { |
355 | hab_rvt_failsafe_t *hab_rvt_failsafe; | 355 | hab_rvt_failsafe_t *hab_rvt_failsafe; |
356 | 356 | ||
357 | if (argc != 1) { | 357 | if (argc != 1) { |
358 | cmd_usage(cmdtp); | 358 | cmd_usage(cmdtp); |
359 | return 1; | 359 | return 1; |
360 | } | 360 | } |
361 | 361 | ||
362 | hab_rvt_failsafe = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; | 362 | hab_rvt_failsafe = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; |
363 | hab_rvt_failsafe(); | 363 | hab_rvt_failsafe(); |
364 | 364 | ||
365 | return 0; | 365 | return 0; |
366 | } | 366 | } |
367 | 367 | ||
368 | static int do_authenticate_image_or_failover(cmd_tbl_t *cmdtp, int flag, | 368 | static int do_authenticate_image_or_failover(cmd_tbl_t *cmdtp, int flag, |
369 | int argc, char * const argv[]) | 369 | int argc, char * const argv[]) |
370 | { | 370 | { |
371 | int ret = CMD_RET_FAILURE; | 371 | int ret = CMD_RET_FAILURE; |
372 | 372 | ||
373 | if (argc != 4) { | 373 | if (argc != 4) { |
374 | ret = CMD_RET_USAGE; | 374 | ret = CMD_RET_USAGE; |
375 | goto error; | 375 | goto error; |
376 | } | 376 | } |
377 | 377 | ||
378 | if (!imx_hab_is_enabled()) { | 378 | if (!imx_hab_is_enabled()) { |
379 | printf("error: secure boot disabled\n"); | 379 | printf("error: secure boot disabled\n"); |
380 | goto error; | 380 | goto error; |
381 | } | 381 | } |
382 | 382 | ||
383 | if (do_authenticate_image(NULL, flag, argc, argv) != CMD_RET_SUCCESS) { | 383 | if (do_authenticate_image(NULL, flag, argc, argv) != CMD_RET_SUCCESS) { |
384 | fprintf(stderr, "authentication fail -> %s %s %s %s\n", | 384 | fprintf(stderr, "authentication fail -> %s %s %s %s\n", |
385 | argv[0], argv[1], argv[2], argv[3]); | 385 | argv[0], argv[1], argv[2], argv[3]); |
386 | do_hab_failsafe(0, 0, 1, NULL); | 386 | do_hab_failsafe(0, 0, 1, NULL); |
387 | }; | 387 | }; |
388 | ret = CMD_RET_SUCCESS; | 388 | ret = CMD_RET_SUCCESS; |
389 | error: | 389 | error: |
390 | return ret; | 390 | return ret; |
391 | } | 391 | } |
392 | 392 | ||
393 | U_BOOT_CMD( | 393 | U_BOOT_CMD( |
394 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, | 394 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, |
395 | "display HAB status", | 395 | "display HAB status", |
396 | "" | 396 | "" |
397 | ); | 397 | ); |
398 | 398 | ||
399 | U_BOOT_CMD( | 399 | U_BOOT_CMD( |
400 | hab_auth_img, 4, 0, do_authenticate_image, | 400 | hab_auth_img, 4, 0, do_authenticate_image, |
401 | "authenticate image via HAB", | 401 | "authenticate image via HAB", |
402 | "addr length ivt_offset\n" | 402 | "addr length ivt_offset\n" |
403 | "addr - image hex address\n" | 403 | "addr - image hex address\n" |
404 | "length - image hex length\n" | 404 | "length - image hex length\n" |
405 | "ivt_offset - hex offset of IVT in the image" | 405 | "ivt_offset - hex offset of IVT in the image" |
406 | ); | 406 | ); |
407 | 407 | ||
408 | U_BOOT_CMD( | 408 | U_BOOT_CMD( |
409 | hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, | 409 | hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, |
410 | "run BootROM failsafe routine", | 410 | "run BootROM failsafe routine", |
411 | "" | 411 | "" |
412 | ); | 412 | ); |
413 | 413 | ||
414 | U_BOOT_CMD( | 414 | U_BOOT_CMD( |
415 | hab_auth_img_or_fail, 4, 0, | 415 | hab_auth_img_or_fail, 4, 0, |
416 | do_authenticate_image_or_failover, | 416 | do_authenticate_image_or_failover, |
417 | "authenticate image via HAB on failure drop to USB BootROM mode", | 417 | "authenticate image via HAB on failure drop to USB BootROM mode", |
418 | "addr length ivt_offset\n" | 418 | "addr length ivt_offset\n" |
419 | "addr - image hex address\n" | 419 | "addr - image hex address\n" |
420 | "length - image hex length\n" | 420 | "length - image hex length\n" |
421 | "ivt_offset - hex offset of IVT in the image" | 421 | "ivt_offset - hex offset of IVT in the image" |
422 | ); | 422 | ); |
423 | 423 | ||
424 | #endif /* !defined(CONFIG_SPL_BUILD) */ | 424 | #endif /* !defined(CONFIG_SPL_BUILD) */ |
425 | 425 | ||
426 | /* Get CSF Header length */ | 426 | /* Get CSF Header length */ |
427 | static int get_hab_hdr_len(struct hab_hdr *hdr) | 427 | static int get_hab_hdr_len(struct hab_hdr *hdr) |
428 | { | 428 | { |
429 | return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); | 429 | return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); |
430 | } | 430 | } |
431 | 431 | ||
432 | /* Check whether addr lies between start and | 432 | /* Check whether addr lies between start and |
433 | * end and is within the length of the image | 433 | * end and is within the length of the image |
434 | */ | 434 | */ |
435 | static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) | 435 | static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) |
436 | { | 436 | { |
437 | size_t csf_size = (size_t)((end + 1) - addr); | 437 | size_t csf_size = (size_t)((end + 1) - addr); |
438 | 438 | ||
439 | return (addr && (addr >= start) && (addr <= end) && | 439 | return (addr && (addr >= start) && (addr <= end) && |
440 | (csf_size >= bytes)); | 440 | (csf_size >= bytes)); |
441 | } | 441 | } |
442 | 442 | ||
443 | /* Get Length of each command in CSF */ | 443 | /* Get Length of each command in CSF */ |
444 | static int get_csf_cmd_hdr_len(u8 *csf_hdr) | 444 | static int get_csf_cmd_hdr_len(u8 *csf_hdr) |
445 | { | 445 | { |
446 | if (*csf_hdr == HAB_CMD_HDR) | 446 | if (*csf_hdr == HAB_CMD_HDR) |
447 | return sizeof(struct hab_hdr); | 447 | return sizeof(struct hab_hdr); |
448 | 448 | ||
449 | return get_hab_hdr_len((struct hab_hdr *)csf_hdr); | 449 | return get_hab_hdr_len((struct hab_hdr *)csf_hdr); |
450 | } | 450 | } |
451 | 451 | ||
452 | /* Check if CSF is valid */ | 452 | /* Check if CSF is valid */ |
453 | static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) | 453 | static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) |
454 | { | 454 | { |
455 | u8 *start = (u8 *)start_addr; | 455 | u8 *start = (u8 *)start_addr; |
456 | u8 *csf_hdr; | 456 | u8 *csf_hdr; |
457 | u8 *end; | 457 | u8 *end; |
458 | 458 | ||
459 | size_t csf_hdr_len; | 459 | size_t csf_hdr_len; |
460 | size_t cmd_hdr_len; | 460 | size_t cmd_hdr_len; |
461 | size_t offset = 0; | 461 | size_t offset = 0; |
462 | 462 | ||
463 | if (bytes != 0) | 463 | if (bytes != 0) |
464 | end = start + bytes - 1; | 464 | end = start + bytes - 1; |
465 | else | 465 | else |
466 | end = start; | 466 | end = start; |
467 | 467 | ||
468 | /* Verify if CSF pointer content is zero */ | 468 | /* Verify if CSF pointer content is zero */ |
469 | if (!ivt->csf) { | 469 | if (!ivt->csf) { |
470 | puts("Error: CSF pointer is NULL\n"); | 470 | puts("Error: CSF pointer is NULL\n"); |
471 | return false; | 471 | return false; |
472 | } | 472 | } |
473 | 473 | ||
474 | csf_hdr = (u8 *)ivt->csf; | 474 | csf_hdr = (u8 *)ivt->csf; |
475 | 475 | ||
476 | /* Verify if CSF Header exist */ | 476 | /* Verify if CSF Header exist */ |
477 | if (*csf_hdr != HAB_CMD_HDR) { | 477 | if (*csf_hdr != HAB_CMD_HDR) { |
478 | puts("Error: CSF header command not found\n"); | 478 | puts("Error: CSF header command not found\n"); |
479 | return false; | 479 | return false; |
480 | } | 480 | } |
481 | 481 | ||
482 | csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); | 482 | csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); |
483 | 483 | ||
484 | /* Check if the CSF lies within the image bounds */ | 484 | /* Check if the CSF lies within the image bounds */ |
485 | if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { | 485 | if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { |
486 | puts("Error: CSF lies outside the image bounds\n"); | 486 | puts("Error: CSF lies outside the image bounds\n"); |
487 | return false; | 487 | return false; |
488 | } | 488 | } |
489 | 489 | ||
490 | do { | 490 | do { |
491 | struct hab_hdr *cmd; | 491 | struct hab_hdr *cmd; |
492 | 492 | ||
493 | cmd = (struct hab_hdr *)&csf_hdr[offset]; | 493 | cmd = (struct hab_hdr *)&csf_hdr[offset]; |
494 | 494 | ||
495 | switch (cmd->tag) { | 495 | switch (cmd->tag) { |
496 | case (HAB_CMD_WRT_DAT): | 496 | case (HAB_CMD_WRT_DAT): |
497 | puts("Error: Deprecated write command found\n"); | 497 | puts("Error: Deprecated write command found\n"); |
498 | return false; | 498 | return false; |
499 | case (HAB_CMD_CHK_DAT): | 499 | case (HAB_CMD_CHK_DAT): |
500 | puts("Error: Deprecated check command found\n"); | 500 | puts("Error: Deprecated check command found\n"); |
501 | return false; | 501 | return false; |
502 | case (HAB_CMD_SET): | 502 | case (HAB_CMD_SET): |
503 | if (cmd->par == HAB_PAR_MID) { | 503 | if (cmd->par == HAB_PAR_MID) { |
504 | puts("Error: Deprecated Set MID command found\n"); | 504 | puts("Error: Deprecated Set MID command found\n"); |
505 | return false; | 505 | return false; |
506 | } | 506 | } |
507 | default: | 507 | default: |
508 | break; | 508 | break; |
509 | } | 509 | } |
510 | 510 | ||
511 | cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); | 511 | cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); |
512 | if (!cmd_hdr_len) { | 512 | if (!cmd_hdr_len) { |
513 | puts("Error: Invalid command length\n"); | 513 | puts("Error: Invalid command length\n"); |
514 | return false; | 514 | return false; |
515 | } | 515 | } |
516 | offset += cmd_hdr_len; | 516 | offset += cmd_hdr_len; |
517 | 517 | ||
518 | } while (offset < csf_hdr_len); | 518 | } while (offset < csf_hdr_len); |
519 | 519 | ||
520 | return true; | 520 | return true; |
521 | } | 521 | } |
522 | 522 | ||
523 | bool imx_hab_is_enabled(void) | 523 | bool imx_hab_is_enabled(void) |
524 | { | 524 | { |
525 | struct imx_sec_config_fuse_t *fuse = | 525 | struct imx_sec_config_fuse_t *fuse = |
526 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; | 526 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; |
527 | uint32_t reg; | 527 | uint32_t reg; |
528 | int ret; | 528 | int ret; |
529 | 529 | ||
530 | ret = fuse_read(fuse->bank, fuse->word, ®); | 530 | ret = fuse_read(fuse->bank, fuse->word, ®); |
531 | if (ret) { | 531 | if (ret) { |
532 | puts("\nSecure boot fuse read error\n"); | 532 | puts("\nSecure boot fuse read error\n"); |
533 | return ret; | 533 | return ret; |
534 | } | 534 | } |
535 | 535 | ||
536 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; | 536 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; |
537 | } | 537 | } |
538 | 538 | ||
539 | int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, | 539 | int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, |
540 | uint32_t ivt_offset) | 540 | uint32_t ivt_offset) |
541 | { | 541 | { |
542 | uint32_t load_addr = 0; | 542 | uint32_t load_addr = 0; |
543 | size_t bytes; | 543 | size_t bytes; |
544 | uint32_t ivt_addr = 0; | 544 | uint32_t ivt_addr = 0; |
545 | int result = 1; | 545 | int result = 1; |
546 | ulong start; | 546 | ulong start; |
547 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; | 547 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; |
548 | hab_rvt_entry_t *hab_rvt_entry; | 548 | hab_rvt_entry_t *hab_rvt_entry; |
549 | hab_rvt_exit_t *hab_rvt_exit; | 549 | hab_rvt_exit_t *hab_rvt_exit; |
550 | hab_rvt_check_target_t *hab_rvt_check_target; | 550 | hab_rvt_check_target_t *hab_rvt_check_target; |
551 | struct ivt *ivt; | 551 | struct ivt *ivt; |
552 | struct ivt_header *ivt_hdr; | 552 | struct ivt_header *ivt_hdr; |
553 | enum hab_status status; | 553 | enum hab_status status; |
554 | 554 | ||
555 | hab_rvt_authenticate_image = | 555 | hab_rvt_authenticate_image = |
556 | (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; | 556 | (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; |
557 | hab_rvt_entry = (hab_rvt_entry_t *)HAB_RVT_ENTRY; | 557 | hab_rvt_entry = (hab_rvt_entry_t *)HAB_RVT_ENTRY; |
558 | hab_rvt_exit = (hab_rvt_exit_t *)HAB_RVT_EXIT; | 558 | hab_rvt_exit = (hab_rvt_exit_t *)HAB_RVT_EXIT; |
559 | hab_rvt_check_target = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; | 559 | hab_rvt_check_target = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; |
560 | 560 | ||
561 | if (!imx_hab_is_enabled()) { | 561 | if (!imx_hab_is_enabled()) { |
562 | puts("hab fuse not enabled\n"); | 562 | puts("hab fuse not enabled\n"); |
563 | return 0; | 563 | return 0; |
564 | } | 564 | } |
565 | 565 | ||
566 | printf("\nAuthenticate image from DDR location 0x%x...\n", | 566 | printf("\nAuthenticate image from DDR location 0x%x...\n", |
567 | ddr_start); | 567 | ddr_start); |
568 | 568 | ||
569 | hab_caam_clock_enable(1); | 569 | hab_caam_clock_enable(1); |
570 | 570 | ||
571 | /* Calculate IVT address header */ | 571 | /* Calculate IVT address header */ |
572 | ivt_addr = ddr_start + ivt_offset; | 572 | ivt_addr = ddr_start + ivt_offset; |
573 | ivt = (struct ivt *)ivt_addr; | 573 | ivt = (struct ivt *)ivt_addr; |
574 | ivt_hdr = &ivt->hdr; | 574 | ivt_hdr = &ivt->hdr; |
575 | 575 | ||
576 | /* Verify IVT header bugging out on error */ | 576 | /* Verify IVT header bugging out on error */ |
577 | if (verify_ivt_header(ivt_hdr)) | 577 | if (verify_ivt_header(ivt_hdr)) |
578 | goto hab_authentication_exit; | 578 | goto hab_authentication_exit; |
579 | 579 | ||
580 | /* Verify IVT body */ | 580 | /* Verify IVT body */ |
581 | if (ivt->self != ivt_addr) { | 581 | if (ivt->self != ivt_addr) { |
582 | printf("ivt->self 0x%08x pointer is 0x%08x\n", | 582 | printf("ivt->self 0x%08x pointer is 0x%08x\n", |
583 | ivt->self, ivt_addr); | 583 | ivt->self, ivt_addr); |
584 | goto hab_authentication_exit; | 584 | goto hab_authentication_exit; |
585 | } | 585 | } |
586 | 586 | ||
587 | /* Verify if IVT DCD pointer is NULL */ | 587 | /* Verify if IVT DCD pointer is NULL */ |
588 | if (ivt->dcd) | 588 | if (ivt->dcd) { |
589 | puts("Warning: DCD pointer should be NULL\n"); | 589 | puts("Error: DCD pointer must be NULL\n"); |
590 | goto hab_authentication_exit; | ||
591 | } | ||
590 | 592 | ||
591 | start = ddr_start; | 593 | start = ddr_start; |
592 | bytes = image_size; | 594 | bytes = image_size; |
593 | 595 | ||
594 | /* Verify CSF */ | 596 | /* Verify CSF */ |
595 | if (!csf_is_valid(ivt, start, bytes)) | 597 | if (!csf_is_valid(ivt, start, bytes)) |
596 | goto hab_authentication_exit; | 598 | goto hab_authentication_exit; |
597 | 599 | ||
598 | if (hab_rvt_entry() != HAB_SUCCESS) { | 600 | if (hab_rvt_entry() != HAB_SUCCESS) { |
599 | puts("hab entry function fail\n"); | 601 | puts("hab entry function fail\n"); |
600 | goto hab_exit_failure_print_status; | 602 | goto hab_exit_failure_print_status; |
601 | } | 603 | } |
602 | 604 | ||
603 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); | 605 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); |
604 | if (status != HAB_SUCCESS) { | 606 | if (status != HAB_SUCCESS) { |
605 | printf("HAB check target 0x%08x-0x%08x fail\n", | 607 | printf("HAB check target 0x%08x-0x%08x fail\n", |
606 | ddr_start, ddr_start + bytes); | 608 | ddr_start, ddr_start + bytes); |
607 | goto hab_exit_failure_print_status; | 609 | goto hab_exit_failure_print_status; |
608 | } | 610 | } |
609 | #ifdef DEBUG | 611 | #ifdef DEBUG |
610 | printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); | 612 | printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); |
611 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, | 613 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, |
612 | ivt->dcd, ivt->csf); | 614 | ivt->dcd, ivt->csf); |
613 | puts("Dumping IVT\n"); | 615 | puts("Dumping IVT\n"); |
614 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); | 616 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); |
615 | 617 | ||
616 | puts("Dumping CSF Header\n"); | 618 | puts("Dumping CSF Header\n"); |
617 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); | 619 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); |
618 | 620 | ||
619 | #if !defined(CONFIG_SPL_BUILD) | 621 | #if !defined(CONFIG_SPL_BUILD) |
620 | get_hab_status(); | 622 | get_hab_status(); |
621 | #endif | 623 | #endif |
622 | 624 | ||
623 | puts("\nCalling authenticate_image in ROM\n"); | 625 | puts("\nCalling authenticate_image in ROM\n"); |
624 | printf("\tivt_offset = 0x%x\n", ivt_offset); | 626 | printf("\tivt_offset = 0x%x\n", ivt_offset); |
625 | printf("\tstart = 0x%08lx\n", start); | 627 | printf("\tstart = 0x%08lx\n", start); |
626 | printf("\tbytes = 0x%x\n", bytes); | 628 | printf("\tbytes = 0x%x\n", bytes); |
627 | #endif | 629 | #endif |
628 | /* | 630 | /* |
629 | * If the MMU is enabled, we have to notify the ROM | 631 | * If the MMU is enabled, we have to notify the ROM |
630 | * code, or it won't flush the caches when needed. | 632 | * code, or it won't flush the caches when needed. |
631 | * This is done, by setting the "pu_irom_mmu_enabled" | 633 | * This is done, by setting the "pu_irom_mmu_enabled" |
632 | * word to 1. You can find its address by looking in | 634 | * word to 1. You can find its address by looking in |
633 | * the ROM map. This is critical for | 635 | * the ROM map. This is critical for |
634 | * authenticate_image(). If MMU is enabled, without | 636 | * authenticate_image(). If MMU is enabled, without |
635 | * setting this bit, authentication will fail and may | 637 | * setting this bit, authentication will fail and may |
636 | * crash. | 638 | * crash. |
637 | */ | 639 | */ |
638 | /* Check MMU enabled */ | 640 | /* Check MMU enabled */ |
639 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { | 641 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { |
640 | if (is_mx6dq()) { | 642 | if (is_mx6dq()) { |
641 | /* | 643 | /* |
642 | * This won't work on Rev 1.0.0 of | 644 | * This won't work on Rev 1.0.0 of |
643 | * i.MX6Q/D, since their ROM doesn't | 645 | * i.MX6Q/D, since their ROM doesn't |
644 | * do cache flushes. don't think any | 646 | * do cache flushes. don't think any |
645 | * exist, so we ignore them. | 647 | * exist, so we ignore them. |
646 | */ | 648 | */ |
647 | if (!is_mx6dqp()) | 649 | if (!is_mx6dqp()) |
648 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); | 650 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); |
649 | } else if (is_mx6sdl()) { | 651 | } else if (is_mx6sdl()) { |
650 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); | 652 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); |
651 | } else if (is_mx6sl()) { | 653 | } else if (is_mx6sl()) { |
652 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); | 654 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); |
653 | } | 655 | } |
654 | } | 656 | } |
655 | 657 | ||
656 | load_addr = (uint32_t)hab_rvt_authenticate_image( | 658 | load_addr = (uint32_t)hab_rvt_authenticate_image( |
657 | HAB_CID_UBOOT, | 659 | HAB_CID_UBOOT, |
658 | ivt_offset, (void **)&start, | 660 | ivt_offset, (void **)&start, |
659 | (size_t *)&bytes, NULL); | 661 | (size_t *)&bytes, NULL); |
660 | if (hab_rvt_exit() != HAB_SUCCESS) { | 662 | if (hab_rvt_exit() != HAB_SUCCESS) { |
661 | puts("hab exit function fail\n"); | 663 | puts("hab exit function fail\n"); |
662 | load_addr = 0; | 664 | load_addr = 0; |
663 | } | 665 | } |
664 | 666 | ||
665 | hab_exit_failure_print_status: | 667 | hab_exit_failure_print_status: |
666 | #if !defined(CONFIG_SPL_BUILD) | 668 | #if !defined(CONFIG_SPL_BUILD) |
667 | get_hab_status(); | 669 | get_hab_status(); |
668 | #endif | 670 | #endif |
669 | 671 | ||
670 | hab_authentication_exit: | 672 | hab_authentication_exit: |
671 | 673 | ||
672 | if (load_addr != 0) | 674 | if (load_addr != 0) |
673 | result = 0; | 675 | result = 0; |
674 | 676 | ||
675 | return result; | 677 | return result; |
676 | } | 678 | } |
677 | 679 |