Eric Lee / smarc-uboot

Download as
Browse Code ยป

Commit f905f893e3ccdb30224583f3b9d9b6ac38b8a652

Authored by Breno Lima
Committed by Ye Li
1 parent dd058bca4a
Exists in smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga and in 4 other branches smarc-imx6_v2018.03_4.14.98_2.0.0_ga, smarc-imx7_v2018.03_4.14.98_2.0.0_ga, smarc_8m-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8m_00d0-imx_v2018.03_4.14.98_2.0.0_ga

MLK-21251-1 imx: hab: Fix build warnings in 32-bit targets 

When building 32-bit targets with CONFIG_SECURE_BOOT and DEBUG enabled
the following warnings are displayed:

arch/arm/mach-imx/hab.c:840:41: warning: format '%lx' expects argument \
of type 'long unsigned int', but argument 3 has type 'uint32_t \
{aka unsigned int}' [-Wformat=]
   printf("HAB check target 0x%08x-0x%08lx fail\n",
                                     ~~~~^
                                     %08x
          ddr_start, ddr_start + bytes);

arch/arm/mach-imx/hab.c:845:45: warning: format '%x' expects argument \
of type 'unsigned int', but argument 3 has type 'ulong \
{aka long unsigned int}' [-Wformat=]
  printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr);
                                            ~^
                                            %lx

Fix warnings by providing the correct data type.

Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
(cherry picked from commit 050beb8ee3fc4c690c9ce7c4f47adfc6f48dccdf)

Showing 1 changed file with 2 additions and 2 deletions Inline Diff

arch/arm/mach-imx/hab.c
Diff comments   View file @ f905f89
1 /* 1 /*
2 * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. 2 * Copyright (C) 2010-2015 Freescale Semiconductor, Inc.
3 * 3 *
4 * SPDX-License-Identifier: GPL-2.0+ 4 * SPDX-License-Identifier: GPL-2.0+
5 */ 5 */
6 6
7 #include <common.h> 7 #include <common.h>
8 #include <config.h> 8 #include <config.h>
9 #include <fuse.h> 9 #include <fuse.h>
10 #include <asm/io.h> 10 #include <asm/io.h>
11 #include <asm/system.h> 11 #include <asm/system.h>
12 #include <asm/arch/clock.h> 12 #include <asm/arch/clock.h>
13 #include <asm/arch/sys_proto.h> 13 #include <asm/arch/sys_proto.h>
14 #include <asm/mach-imx/hab.h> 14 #include <asm/mach-imx/hab.h>
15 15
16 DECLARE_GLOBAL_DATA_PTR; 16 DECLARE_GLOBAL_DATA_PTR;
17 17
18 #define ALIGN_SIZE 0x1000 18 #define ALIGN_SIZE 0x1000
19 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 19 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8
20 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 20 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0
21 #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 21 #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18
22 #define IS_HAB_ENABLED_BIT \ 22 #define IS_HAB_ENABLED_BIT \
23 (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ 23 (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \
24 ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M))? 0x2000000 : 0x2)) 24 ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M))? 0x2000000 : 0x2))
25 25
26 #ifdef CONFIG_MX7ULP 26 #ifdef CONFIG_MX7ULP
27 #define HAB_M4_PERSISTENT_START ((soc_rev() >= CHIP_REV_2_0) ? 0x20008040 : \ 27 #define HAB_M4_PERSISTENT_START ((soc_rev() >= CHIP_REV_2_0) ? 0x20008040 : \
28 0x20008180) 28 0x20008180)
29 #define HAB_M4_PERSISTENT_BYTES 0xB80 29 #define HAB_M4_PERSISTENT_BYTES 0xB80
30 #endif 30 #endif
31 31
32 static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) 32 static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr)
33 { 33 {
34 printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, 34 printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str,
35 ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); 35 ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version);
36 36
37 return 1; 37 return 1;
38 } 38 }
39 39
40 static int verify_ivt_header(struct ivt_header *ivt_hdr) 40 static int verify_ivt_header(struct ivt_header *ivt_hdr)
41 { 41 {
42 int result = 0; 42 int result = 0;
43 43
44 if (ivt_hdr->magic != IVT_HEADER_MAGIC) 44 if (ivt_hdr->magic != IVT_HEADER_MAGIC)
45 result = ivt_header_error("bad magic", ivt_hdr); 45 result = ivt_header_error("bad magic", ivt_hdr);
46 46
47 if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) 47 if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH)
48 result = ivt_header_error("bad length", ivt_hdr); 48 result = ivt_header_error("bad length", ivt_hdr);
49 49
50 if (ivt_hdr->version != IVT_HEADER_V1 && 50 if (ivt_hdr->version != IVT_HEADER_V1 &&
51 ivt_hdr->version != IVT_HEADER_V2) 51 ivt_hdr->version != IVT_HEADER_V2)
52 result = ivt_header_error("bad version", ivt_hdr); 52 result = ivt_header_error("bad version", ivt_hdr);
53 53
54 return result; 54 return result;
55 } 55 }
56 56
57 #ifdef CONFIG_ARM64 57 #ifdef CONFIG_ARM64
58 #define FSL_SIP_HAB 0xC2000007 58 #define FSL_SIP_HAB 0xC2000007
59 #define FSL_SIP_HAB_AUTHENTICATE 0x00 59 #define FSL_SIP_HAB_AUTHENTICATE 0x00
60 #define FSL_SIP_HAB_ENTRY 0x01 60 #define FSL_SIP_HAB_ENTRY 0x01
61 #define FSL_SIP_HAB_EXIT 0x02 61 #define FSL_SIP_HAB_EXIT 0x02
62 #define FSL_SIP_HAB_REPORT_EVENT 0x03 62 #define FSL_SIP_HAB_REPORT_EVENT 0x03
63 #define FSL_SIP_HAB_REPORT_STATUS 0x04 63 #define FSL_SIP_HAB_REPORT_STATUS 0x04
64 #define FSL_SIP_HAB_FAILSAFE 0x05 64 #define FSL_SIP_HAB_FAILSAFE 0x05
65 #define FSL_SIP_HAB_CHECK_TARGET 0x06 65 #define FSL_SIP_HAB_CHECK_TARGET 0x06
66 static volatile gd_t *gd_save; 66 static volatile gd_t *gd_save;
67 #endif 67 #endif
68 68
69 static inline void save_gd(void) 69 static inline void save_gd(void)
70 { 70 {
71 #ifdef CONFIG_ARM64 71 #ifdef CONFIG_ARM64
72 gd_save = gd; 72 gd_save = gd;
73 #endif 73 #endif
74 } 74 }
75 75
76 static inline void restore_gd(void) 76 static inline void restore_gd(void)
77 { 77 {
78 #ifdef CONFIG_ARM64 78 #ifdef CONFIG_ARM64
79 /* 79 /*
80 * Make will already error that reserving x18 is not supported at the 80 * Make will already error that reserving x18 is not supported at the
81 * time of writing, clang: error: unknown argument: '-ffixed-x18' 81 * time of writing, clang: error: unknown argument: '-ffixed-x18'
82 */ 82 */
83 __asm__ volatile("mov x18, %0\n" : : "r" (gd_save)); 83 __asm__ volatile("mov x18, %0\n" : : "r" (gd_save));
84 #endif 84 #endif
85 } 85 }
86 86
87 enum hab_status hab_rvt_report_event(enum hab_status status, uint32_t index, 87 enum hab_status hab_rvt_report_event(enum hab_status status, uint32_t index,
88 uint8_t *event, size_t *bytes) 88 uint8_t *event, size_t *bytes)
89 { 89 {
90 enum hab_status ret; 90 enum hab_status ret;
91 hab_rvt_report_event_t *hab_rvt_report_event_func; 91 hab_rvt_report_event_t *hab_rvt_report_event_func;
92 hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; 92 hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT;
93 93
94 #if defined(CONFIG_ARM64) 94 #if defined(CONFIG_ARM64)
95 if (current_el() != 3) { 95 if (current_el() != 3) {
96 /* call sip */ 96 /* call sip */
97 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index, 97 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index,
98 (unsigned long)event, (unsigned long)bytes); 98 (unsigned long)event, (unsigned long)bytes);
99 return ret; 99 return ret;
100 } 100 }
101 #endif 101 #endif
102 102
103 save_gd(); 103 save_gd();
104 ret = hab_rvt_report_event_func(status, index, event, bytes); 104 ret = hab_rvt_report_event_func(status, index, event, bytes);
105 restore_gd(); 105 restore_gd();
106 106
107 return ret; 107 return ret;
108 108
109 } 109 }
110 110
111 enum hab_status hab_rvt_report_status(enum hab_config *config, 111 enum hab_status hab_rvt_report_status(enum hab_config *config,
112 enum hab_state *state) 112 enum hab_state *state)
113 { 113 {
114 enum hab_status ret; 114 enum hab_status ret;
115 hab_rvt_report_status_t *hab_rvt_report_status_func; 115 hab_rvt_report_status_t *hab_rvt_report_status_func;
116 hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; 116 hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS;
117 117
118 #if defined(CONFIG_ARM64) 118 #if defined(CONFIG_ARM64)
119 if (current_el() != 3) { 119 if (current_el() != 3) {
120 /* call sip */ 120 /* call sip */
121 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS, 121 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS,
122 (unsigned long)config, (unsigned long)state, 0); 122 (unsigned long)config, (unsigned long)state, 0);
123 return ret; 123 return ret;
124 } 124 }
125 #endif 125 #endif
126 126
127 save_gd(); 127 save_gd();
128 ret = hab_rvt_report_status_func(config, state); 128 ret = hab_rvt_report_status_func(config, state);
129 restore_gd(); 129 restore_gd();
130 130
131 return ret; 131 return ret;
132 } 132 }
133 133
134 enum hab_status hab_rvt_entry(void) 134 enum hab_status hab_rvt_entry(void)
135 { 135 {
136 enum hab_status ret; 136 enum hab_status ret;
137 hab_rvt_entry_t *hab_rvt_entry_func; 137 hab_rvt_entry_t *hab_rvt_entry_func;
138 hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY; 138 hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY;
139 139
140 #if defined(CONFIG_ARM64) 140 #if defined(CONFIG_ARM64)
141 if (current_el() != 3) { 141 if (current_el() != 3) {
142 /* call sip */ 142 /* call sip */
143 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0); 143 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0);
144 return ret; 144 return ret;
145 } 145 }
146 #endif 146 #endif
147 147
148 save_gd(); 148 save_gd();
149 ret = hab_rvt_entry_func(); 149 ret = hab_rvt_entry_func();
150 restore_gd(); 150 restore_gd();
151 151
152 return ret; 152 return ret;
153 } 153 }
154 154
155 enum hab_status hab_rvt_exit(void) 155 enum hab_status hab_rvt_exit(void)
156 { 156 {
157 enum hab_status ret; 157 enum hab_status ret;
158 hab_rvt_exit_t *hab_rvt_exit_func; 158 hab_rvt_exit_t *hab_rvt_exit_func;
159 hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT; 159 hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT;
160 160
161 #if defined(CONFIG_ARM64) 161 #if defined(CONFIG_ARM64)
162 if (current_el() != 3) { 162 if (current_el() != 3) {
163 /* call sip */ 163 /* call sip */
164 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0); 164 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0);
165 return ret; 165 return ret;
166 } 166 }
167 #endif 167 #endif
168 168
169 save_gd(); 169 save_gd();
170 ret = hab_rvt_exit_func(); 170 ret = hab_rvt_exit_func();
171 restore_gd(); 171 restore_gd();
172 172
173 return ret; 173 return ret;
174 } 174 }
175 175
176 void hab_rvt_failsafe(void) 176 void hab_rvt_failsafe(void)
177 { 177 {
178 hab_rvt_failsafe_t *hab_rvt_failsafe_func; 178 hab_rvt_failsafe_t *hab_rvt_failsafe_func;
179 hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; 179 hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE;
180 180
181 #if defined(CONFIG_ARM64) 181 #if defined(CONFIG_ARM64)
182 if (current_el() != 3) { 182 if (current_el() != 3) {
183 /* call sip */ 183 /* call sip */
184 call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0); 184 call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0);
185 return; 185 return;
186 } 186 }
187 #endif 187 #endif
188 188
189 save_gd(); 189 save_gd();
190 hab_rvt_failsafe_func(); 190 hab_rvt_failsafe_func();
191 restore_gd(); 191 restore_gd();
192 } 192 }
193 193
194 enum hab_status hab_rvt_check_target(enum hab_target type, const void *start, 194 enum hab_status hab_rvt_check_target(enum hab_target type, const void *start,
195 size_t bytes) 195 size_t bytes)
196 { 196 {
197 enum hab_status ret; 197 enum hab_status ret;
198 hab_rvt_check_target_t *hab_rvt_check_target_func; 198 hab_rvt_check_target_t *hab_rvt_check_target_func;
199 hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; 199 hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET;
200 200
201 #if defined(CONFIG_ARM64) 201 #if defined(CONFIG_ARM64)
202 if (current_el() != 3) { 202 if (current_el() != 3) {
203 /* call sip */ 203 /* call sip */
204 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type, 204 ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type,
205 (unsigned long)start, (unsigned long)bytes); 205 (unsigned long)start, (unsigned long)bytes);
206 return ret; 206 return ret;
207 } 207 }
208 #endif 208 #endif
209 209
210 save_gd(); 210 save_gd();
211 ret = hab_rvt_check_target_func(type, start, bytes); 211 ret = hab_rvt_check_target_func(type, start, bytes);
212 restore_gd(); 212 restore_gd();
213 213
214 return ret; 214 return ret;
215 } 215 }
216 216
217 void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset, 217 void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset,
218 void **start, size_t *bytes, hab_loader_callback_f_t loader) 218 void **start, size_t *bytes, hab_loader_callback_f_t loader)
219 { 219 {
220 void *ret; 220 void *ret;
221 hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func; 221 hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func;
222 hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; 222 hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE;
223 223
224 #if defined(CONFIG_ARM64) 224 #if defined(CONFIG_ARM64)
225 if (current_el() != 3) { 225 if (current_el() != 3) {
226 /* call sip */ 226 /* call sip */
227 ret = (void *)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset, 227 ret = (void *)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset,
228 (unsigned long)start, (unsigned long)bytes); 228 (unsigned long)start, (unsigned long)bytes);
229 return ret; 229 return ret;
230 } 230 }
231 #endif 231 #endif
232 232
233 save_gd(); 233 save_gd();
234 ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader); 234 ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader);
235 restore_gd(); 235 restore_gd();
236 236
237 return ret; 237 return ret;
238 } 238 }
239 239
240 #if !defined(CONFIG_SPL_BUILD) 240 #if !defined(CONFIG_SPL_BUILD)
241 241
242 #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ 242 #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */
243 243
244 struct record { 244 struct record {
245 uint8_t tag; /* Tag */ 245 uint8_t tag; /* Tag */
246 uint8_t len[2]; /* Length */ 246 uint8_t len[2]; /* Length */
247 uint8_t par; /* Version */ 247 uint8_t par; /* Version */
248 uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ 248 uint8_t contents[MAX_RECORD_BYTES];/* Record Data */
249 bool any_rec_flag; 249 bool any_rec_flag;
250 }; 250 };
251 251
252 static char *rsn_str[] = { 252 static char *rsn_str[] = {
253 "RSN = HAB_RSN_ANY (0x00)\n", 253 "RSN = HAB_RSN_ANY (0x00)\n",
254 "RSN = HAB_ENG_FAIL (0x30)\n", 254 "RSN = HAB_ENG_FAIL (0x30)\n",
255 "RSN = HAB_INV_ADDRESS (0x22)\n", 255 "RSN = HAB_INV_ADDRESS (0x22)\n",
256 "RSN = HAB_INV_ASSERTION (0x0C)\n", 256 "RSN = HAB_INV_ASSERTION (0x0C)\n",
257 "RSN = HAB_INV_CALL (0x28)\n", 257 "RSN = HAB_INV_CALL (0x28)\n",
258 "RSN = HAB_INV_CERTIFICATE (0x21)\n", 258 "RSN = HAB_INV_CERTIFICATE (0x21)\n",
259 "RSN = HAB_INV_COMMAND (0x06)\n", 259 "RSN = HAB_INV_COMMAND (0x06)\n",
260 "RSN = HAB_INV_CSF (0x11)\n", 260 "RSN = HAB_INV_CSF (0x11)\n",
261 "RSN = HAB_INV_DCD (0x27)\n", 261 "RSN = HAB_INV_DCD (0x27)\n",
262 "RSN = HAB_INV_INDEX (0x0F)\n", 262 "RSN = HAB_INV_INDEX (0x0F)\n",
263 "RSN = HAB_INV_IVT (0x05)\n", 263 "RSN = HAB_INV_IVT (0x05)\n",
264 "RSN = HAB_INV_KEY (0x1D)\n", 264 "RSN = HAB_INV_KEY (0x1D)\n",
265 "RSN = HAB_INV_RETURN (0x1E)\n", 265 "RSN = HAB_INV_RETURN (0x1E)\n",
266 "RSN = HAB_INV_SIGNATURE (0x18)\n", 266 "RSN = HAB_INV_SIGNATURE (0x18)\n",
267 "RSN = HAB_INV_SIZE (0x17)\n", 267 "RSN = HAB_INV_SIZE (0x17)\n",
268 "RSN = HAB_MEM_FAIL (0x2E)\n", 268 "RSN = HAB_MEM_FAIL (0x2E)\n",
269 "RSN = HAB_OVR_COUNT (0x2B)\n", 269 "RSN = HAB_OVR_COUNT (0x2B)\n",
270 "RSN = HAB_OVR_STORAGE (0x2D)\n", 270 "RSN = HAB_OVR_STORAGE (0x2D)\n",
271 "RSN = HAB_UNS_ALGORITHM (0x12)\n", 271 "RSN = HAB_UNS_ALGORITHM (0x12)\n",
272 "RSN = HAB_UNS_COMMAND (0x03)\n", 272 "RSN = HAB_UNS_COMMAND (0x03)\n",
273 "RSN = HAB_UNS_ENGINE (0x0A)\n", 273 "RSN = HAB_UNS_ENGINE (0x0A)\n",
274 "RSN = HAB_UNS_ITEM (0x24)\n", 274 "RSN = HAB_UNS_ITEM (0x24)\n",
275 "RSN = HAB_UNS_KEY (0x1B)\n", 275 "RSN = HAB_UNS_KEY (0x1B)\n",
276 "RSN = HAB_UNS_PROTOCOL (0x14)\n", 276 "RSN = HAB_UNS_PROTOCOL (0x14)\n",
277 "RSN = HAB_UNS_STATE (0x09)\n", 277 "RSN = HAB_UNS_STATE (0x09)\n",
278 "RSN = INVALID\n", 278 "RSN = INVALID\n",
279 NULL 279 NULL
280 }; 280 };
281 281
282 static char *sts_str[] = { 282 static char *sts_str[] = {
283 "STS = HAB_SUCCESS (0xF0)\n", 283 "STS = HAB_SUCCESS (0xF0)\n",
284 "STS = HAB_FAILURE (0x33)\n", 284 "STS = HAB_FAILURE (0x33)\n",
285 "STS = HAB_WARNING (0x69)\n", 285 "STS = HAB_WARNING (0x69)\n",
286 "STS = INVALID\n", 286 "STS = INVALID\n",
287 NULL 287 NULL
288 }; 288 };
289 289
290 static char *eng_str[] = { 290 static char *eng_str[] = {
291 "ENG = HAB_ENG_ANY (0x00)\n", 291 "ENG = HAB_ENG_ANY (0x00)\n",
292 "ENG = HAB_ENG_SCC (0x03)\n", 292 "ENG = HAB_ENG_SCC (0x03)\n",
293 "ENG = HAB_ENG_RTIC (0x05)\n", 293 "ENG = HAB_ENG_RTIC (0x05)\n",
294 "ENG = HAB_ENG_SAHARA (0x06)\n", 294 "ENG = HAB_ENG_SAHARA (0x06)\n",
295 "ENG = HAB_ENG_CSU (0x0A)\n", 295 "ENG = HAB_ENG_CSU (0x0A)\n",
296 "ENG = HAB_ENG_SRTC (0x0C)\n", 296 "ENG = HAB_ENG_SRTC (0x0C)\n",
297 "ENG = HAB_ENG_DCP (0x1B)\n", 297 "ENG = HAB_ENG_DCP (0x1B)\n",
298 "ENG = HAB_ENG_CAAM (0x1D)\n", 298 "ENG = HAB_ENG_CAAM (0x1D)\n",
299 "ENG = HAB_ENG_SNVS (0x1E)\n", 299 "ENG = HAB_ENG_SNVS (0x1E)\n",
300 "ENG = HAB_ENG_OCOTP (0x21)\n", 300 "ENG = HAB_ENG_OCOTP (0x21)\n",
301 "ENG = HAB_ENG_DTCP (0x22)\n", 301 "ENG = HAB_ENG_DTCP (0x22)\n",
302 "ENG = HAB_ENG_ROM (0x36)\n", 302 "ENG = HAB_ENG_ROM (0x36)\n",
303 "ENG = HAB_ENG_HDCP (0x24)\n", 303 "ENG = HAB_ENG_HDCP (0x24)\n",
304 "ENG = HAB_ENG_RTL (0x77)\n", 304 "ENG = HAB_ENG_RTL (0x77)\n",
305 "ENG = HAB_ENG_SW (0xFF)\n", 305 "ENG = HAB_ENG_SW (0xFF)\n",
306 "ENG = INVALID\n", 306 "ENG = INVALID\n",
307 NULL 307 NULL
308 }; 308 };
309 309
310 static char *ctx_str[] = { 310 static char *ctx_str[] = {
311 "CTX = HAB_CTX_ANY(0x00)\n", 311 "CTX = HAB_CTX_ANY(0x00)\n",
312 "CTX = HAB_CTX_FAB (0xFF)\n", 312 "CTX = HAB_CTX_FAB (0xFF)\n",
313 "CTX = HAB_CTX_ENTRY (0xE1)\n", 313 "CTX = HAB_CTX_ENTRY (0xE1)\n",
314 "CTX = HAB_CTX_TARGET (0x33)\n", 314 "CTX = HAB_CTX_TARGET (0x33)\n",
315 "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", 315 "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n",
316 "CTX = HAB_CTX_DCD (0xDD)\n", 316 "CTX = HAB_CTX_DCD (0xDD)\n",
317 "CTX = HAB_CTX_CSF (0xCF)\n", 317 "CTX = HAB_CTX_CSF (0xCF)\n",
318 "CTX = HAB_CTX_COMMAND (0xC0)\n", 318 "CTX = HAB_CTX_COMMAND (0xC0)\n",
319 "CTX = HAB_CTX_AUT_DAT (0xDB)\n", 319 "CTX = HAB_CTX_AUT_DAT (0xDB)\n",
320 "CTX = HAB_CTX_ASSERT (0xA0)\n", 320 "CTX = HAB_CTX_ASSERT (0xA0)\n",
321 "CTX = HAB_CTX_EXIT (0xEE)\n", 321 "CTX = HAB_CTX_EXIT (0xEE)\n",
322 "CTX = INVALID\n", 322 "CTX = INVALID\n",
323 NULL 323 NULL
324 }; 324 };
325 325
326 static uint8_t hab_statuses[5] = { 326 static uint8_t hab_statuses[5] = {
327 HAB_STS_ANY, 327 HAB_STS_ANY,
328 HAB_FAILURE, 328 HAB_FAILURE,
329 HAB_WARNING, 329 HAB_WARNING,
330 HAB_SUCCESS, 330 HAB_SUCCESS,
331 -1 331 -1
332 }; 332 };
333 333
334 static uint8_t hab_reasons[26] = { 334 static uint8_t hab_reasons[26] = {
335 HAB_RSN_ANY, 335 HAB_RSN_ANY,
336 HAB_ENG_FAIL, 336 HAB_ENG_FAIL,
337 HAB_INV_ADDRESS, 337 HAB_INV_ADDRESS,
338 HAB_INV_ASSERTION, 338 HAB_INV_ASSERTION,
339 HAB_INV_CALL, 339 HAB_INV_CALL,
340 HAB_INV_CERTIFICATE, 340 HAB_INV_CERTIFICATE,
341 HAB_INV_COMMAND, 341 HAB_INV_COMMAND,
342 HAB_INV_CSF, 342 HAB_INV_CSF,
343 HAB_INV_DCD, 343 HAB_INV_DCD,
344 HAB_INV_INDEX, 344 HAB_INV_INDEX,
345 HAB_INV_IVT, 345 HAB_INV_IVT,
346 HAB_INV_KEY, 346 HAB_INV_KEY,
347 HAB_INV_RETURN, 347 HAB_INV_RETURN,
348 HAB_INV_SIGNATURE, 348 HAB_INV_SIGNATURE,
349 HAB_INV_SIZE, 349 HAB_INV_SIZE,
350 HAB_MEM_FAIL, 350 HAB_MEM_FAIL,
351 HAB_OVR_COUNT, 351 HAB_OVR_COUNT,
352 HAB_OVR_STORAGE, 352 HAB_OVR_STORAGE,
353 HAB_UNS_ALGORITHM, 353 HAB_UNS_ALGORITHM,
354 HAB_UNS_COMMAND, 354 HAB_UNS_COMMAND,
355 HAB_UNS_ENGINE, 355 HAB_UNS_ENGINE,
356 HAB_UNS_ITEM, 356 HAB_UNS_ITEM,
357 HAB_UNS_KEY, 357 HAB_UNS_KEY,
358 HAB_UNS_PROTOCOL, 358 HAB_UNS_PROTOCOL,
359 HAB_UNS_STATE, 359 HAB_UNS_STATE,
360 -1 360 -1
361 }; 361 };
362 362
363 static uint8_t hab_contexts[12] = { 363 static uint8_t hab_contexts[12] = {
364 HAB_CTX_ANY, 364 HAB_CTX_ANY,
365 HAB_CTX_FAB, 365 HAB_CTX_FAB,
366 HAB_CTX_ENTRY, 366 HAB_CTX_ENTRY,
367 HAB_CTX_TARGET, 367 HAB_CTX_TARGET,
368 HAB_CTX_AUTHENTICATE, 368 HAB_CTX_AUTHENTICATE,
369 HAB_CTX_DCD, 369 HAB_CTX_DCD,
370 HAB_CTX_CSF, 370 HAB_CTX_CSF,
371 HAB_CTX_COMMAND, 371 HAB_CTX_COMMAND,
372 HAB_CTX_AUT_DAT, 372 HAB_CTX_AUT_DAT,
373 HAB_CTX_ASSERT, 373 HAB_CTX_ASSERT,
374 HAB_CTX_EXIT, 374 HAB_CTX_EXIT,
375 -1 375 -1
376 }; 376 };
377 377
378 static uint8_t hab_engines[16] = { 378 static uint8_t hab_engines[16] = {
379 HAB_ENG_ANY, 379 HAB_ENG_ANY,
380 HAB_ENG_SCC, 380 HAB_ENG_SCC,
381 HAB_ENG_RTIC, 381 HAB_ENG_RTIC,
382 HAB_ENG_SAHARA, 382 HAB_ENG_SAHARA,
383 HAB_ENG_CSU, 383 HAB_ENG_CSU,
384 HAB_ENG_SRTC, 384 HAB_ENG_SRTC,
385 HAB_ENG_DCP, 385 HAB_ENG_DCP,
386 HAB_ENG_CAAM, 386 HAB_ENG_CAAM,
387 HAB_ENG_SNVS, 387 HAB_ENG_SNVS,
388 HAB_ENG_OCOTP, 388 HAB_ENG_OCOTP,
389 HAB_ENG_DTCP, 389 HAB_ENG_DTCP,
390 HAB_ENG_ROM, 390 HAB_ENG_ROM,
391 HAB_ENG_HDCP, 391 HAB_ENG_HDCP,
392 HAB_ENG_RTL, 392 HAB_ENG_RTL,
393 HAB_ENG_SW, 393 HAB_ENG_SW,
394 -1 394 -1
395 }; 395 };
396 396
397 static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) 397 static inline uint8_t get_idx(uint8_t *list, uint8_t tgt)
398 { 398 {
399 uint8_t idx = 0; 399 uint8_t idx = 0;
400 uint8_t element = list[idx]; 400 uint8_t element = list[idx];
401 while (element != -1) { 401 while (element != -1) {
402 if (element == tgt) 402 if (element == tgt)
403 return idx; 403 return idx;
404 element = list[++idx]; 404 element = list[++idx];
405 } 405 }
406 return -1; 406 return -1;
407 } 407 }
408 408
409 static void process_event_record(uint8_t *event_data, size_t bytes) 409 static void process_event_record(uint8_t *event_data, size_t bytes)
410 { 410 {
411 struct record *rec = (struct record *)event_data; 411 struct record *rec = (struct record *)event_data;
412 412
413 printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); 413 printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]);
414 printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); 414 printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]);
415 printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); 415 printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]);
416 printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); 416 printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]);
417 } 417 }
418 418
419 static void display_event(uint8_t *event_data, size_t bytes) 419 static void display_event(uint8_t *event_data, size_t bytes)
420 { 420 {
421 uint32_t i; 421 uint32_t i;
422 422
423 if (!(event_data && bytes > 0)) 423 if (!(event_data && bytes > 0))
424 return; 424 return;
425 425
426 for (i = 0; i < bytes; i++) { 426 for (i = 0; i < bytes; i++) {
427 if (i == 0) 427 if (i == 0)
428 printf("\t0x%02x", event_data[i]); 428 printf("\t0x%02x", event_data[i]);
429 else if ((i % 8) == 0) 429 else if ((i % 8) == 0)
430 printf("\n\t0x%02x", event_data[i]); 430 printf("\n\t0x%02x", event_data[i]);
431 else 431 else
432 printf(" 0x%02x", event_data[i]); 432 printf(" 0x%02x", event_data[i]);
433 } 433 }
434 434
435 process_event_record(event_data, bytes); 435 process_event_record(event_data, bytes);
436 } 436 }
437 437
438 static int get_hab_status(void) 438 static int get_hab_status(void)
439 { 439 {
440 uint32_t index = 0; /* Loop index */ 440 uint32_t index = 0; /* Loop index */
441 uint8_t event_data[128]; /* Event data buffer */ 441 uint8_t event_data[128]; /* Event data buffer */
442 size_t bytes = sizeof(event_data); /* Event size in bytes */ 442 size_t bytes = sizeof(event_data); /* Event size in bytes */
443 enum hab_config config = 0; 443 enum hab_config config = 0;
444 enum hab_state state = 0; 444 enum hab_state state = 0;
445 445
446 if (imx_hab_is_enabled()) 446 if (imx_hab_is_enabled())
447 puts("\nSecure boot enabled\n"); 447 puts("\nSecure boot enabled\n");
448 else 448 else
449 puts("\nSecure boot disabled\n"); 449 puts("\nSecure boot disabled\n");
450 450
451 /* Check HAB status */ 451 /* Check HAB status */
452 if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { 452 if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) {
453 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", 453 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
454 config, state); 454 config, state);
455 455
456 /* Display HAB events */ 456 /* Display HAB events */
457 while (hab_rvt_report_event(HAB_STS_ANY, index, event_data, 457 while (hab_rvt_report_event(HAB_STS_ANY, index, event_data,
458 &bytes) == HAB_SUCCESS) { 458 &bytes) == HAB_SUCCESS) {
459 puts("\n"); 459 puts("\n");
460 printf("--------- HAB Event %d -----------------\n", 460 printf("--------- HAB Event %d -----------------\n",
461 index + 1); 461 index + 1);
462 puts("event data:\n"); 462 puts("event data:\n");
463 display_event(event_data, bytes); 463 display_event(event_data, bytes);
464 puts("\n"); 464 puts("\n");
465 bytes = sizeof(event_data); 465 bytes = sizeof(event_data);
466 index++; 466 index++;
467 } 467 }
468 } 468 }
469 /* Display message if no HAB events are found */ 469 /* Display message if no HAB events are found */
470 else { 470 else {
471 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", 471 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
472 config, state); 472 config, state);
473 puts("No HAB Events Found!\n\n"); 473 puts("No HAB Events Found!\n\n");
474 } 474 }
475 return 0; 475 return 0;
476 } 476 }
477 477
478 #ifdef CONFIG_MX7ULP 478 #ifdef CONFIG_MX7ULP
479 479
480 static int get_record_len(struct record *rec) 480 static int get_record_len(struct record *rec)
481 { 481 {
482 return (size_t)((rec->len[0] << 8) + (rec->len[1])); 482 return (size_t)((rec->len[0] << 8) + (rec->len[1]));
483 } 483 }
484 484
485 static int get_hab_status_m4(void) 485 static int get_hab_status_m4(void)
486 { 486 {
487 unsigned int index = 0; 487 unsigned int index = 0;
488 uint8_t event_data[128]; 488 uint8_t event_data[128];
489 size_t record_len, offset = 0; 489 size_t record_len, offset = 0;
490 enum hab_config config = 0; 490 enum hab_config config = 0;
491 enum hab_state state = 0; 491 enum hab_state state = 0;
492 492
493 if (imx_hab_is_enabled()) 493 if (imx_hab_is_enabled())
494 puts("\nSecure boot enabled\n"); 494 puts("\nSecure boot enabled\n");
495 else 495 else
496 puts("\nSecure boot disabled\n"); 496 puts("\nSecure boot disabled\n");
497 497
498 /* 498 /*
499 * HAB in both A7 and M4 gather the security state 499 * HAB in both A7 and M4 gather the security state
500 * and configuration of the chip from 500 * and configuration of the chip from
501 * shared SNVS module 501 * shared SNVS module
502 */ 502 */
503 hab_rvt_report_status(&config, &state); 503 hab_rvt_report_status(&config, &state);
504 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", 504 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
505 config, state); 505 config, state);
506 506
507 struct record *rec = (struct record *)(HAB_M4_PERSISTENT_START); 507 struct record *rec = (struct record *)(HAB_M4_PERSISTENT_START);
508 508
509 record_len = get_record_len(rec); 509 record_len = get_record_len(rec);
510 510
511 /* Check if HAB persistent memory is valid */ 511 /* Check if HAB persistent memory is valid */
512 if (rec->tag != HAB_TAG_EVT_DEF || 512 if (rec->tag != HAB_TAG_EVT_DEF ||
513 record_len != sizeof(struct evt_def) || 513 record_len != sizeof(struct evt_def) ||
514 (rec->par & HAB_MAJ_MASK) != HAB_MAJ_VER) { 514 (rec->par & HAB_MAJ_MASK) != HAB_MAJ_VER) {
515 puts("\nERROR: Invalid HAB persistent memory\n"); 515 puts("\nERROR: Invalid HAB persistent memory\n");
516 return 1; 516 return 1;
517 } 517 }
518 518
519 /* Parse events in HAB M4 persistent memory region */ 519 /* Parse events in HAB M4 persistent memory region */
520 while (offset < HAB_M4_PERSISTENT_BYTES) { 520 while (offset < HAB_M4_PERSISTENT_BYTES) {
521 rec = (struct record *)(HAB_M4_PERSISTENT_START + offset); 521 rec = (struct record *)(HAB_M4_PERSISTENT_START + offset);
522 522
523 record_len = get_record_len(rec); 523 record_len = get_record_len(rec);
524 524
525 if (rec->tag == HAB_TAG_EVT) { 525 if (rec->tag == HAB_TAG_EVT) {
526 memcpy(&event_data, rec, record_len); 526 memcpy(&event_data, rec, record_len);
527 puts("\n"); 527 puts("\n");
528 printf("--------- HAB Event %d -----------------\n", 528 printf("--------- HAB Event %d -----------------\n",
529 index + 1); 529 index + 1);
530 puts("event data:\n"); 530 puts("event data:\n");
531 display_event(event_data, record_len); 531 display_event(event_data, record_len);
532 puts("\n"); 532 puts("\n");
533 index++; 533 index++;
534 } 534 }
535 535
536 offset += record_len; 536 offset += record_len;
537 537
538 /* Ensure all records start on a word boundary */ 538 /* Ensure all records start on a word boundary */
539 if ((offset % 4) != 0) 539 if ((offset % 4) != 0)
540 offset = offset + (4 - (offset % 4)); 540 offset = offset + (4 - (offset % 4));
541 } 541 }
542 542
543 if (!index) 543 if (!index)
544 puts("No HAB Events Found!\n\n"); 544 puts("No HAB Events Found!\n\n");
545 545
546 return 0; 546 return 0;
547 } 547 }
548 #endif 548 #endif
549 549
550 static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, 550 static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc,
551 char * const argv[]) 551 char * const argv[])
552 { 552 {
553 #ifdef CONFIG_MX7ULP 553 #ifdef CONFIG_MX7ULP
554 if ((argc > 2)) { 554 if ((argc > 2)) {
555 cmd_usage(cmdtp); 555 cmd_usage(cmdtp);
556 return 1; 556 return 1;
557 } 557 }
558 558
559 if (strcmp("m4", argv[1]) == 0) 559 if (strcmp("m4", argv[1]) == 0)
560 get_hab_status_m4(); 560 get_hab_status_m4();
561 else 561 else
562 get_hab_status(); 562 get_hab_status();
563 #else 563 #else
564 if ((argc != 1)) { 564 if ((argc != 1)) {
565 cmd_usage(cmdtp); 565 cmd_usage(cmdtp);
566 return 1; 566 return 1;
567 } 567 }
568 568
569 get_hab_status(); 569 get_hab_status();
570 #endif 570 #endif
571 571
572 return 0; 572 return 0;
573 } 573 }
574 574
575 static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, 575 static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc,
576 char * const argv[]) 576 char * const argv[])
577 { 577 {
578 ulong addr, length, ivt_offset; 578 ulong addr, length, ivt_offset;
579 int rcode = 0; 579 int rcode = 0;
580 580
581 if (argc < 4) 581 if (argc < 4)
582 return CMD_RET_USAGE; 582 return CMD_RET_USAGE;
583 583
584 addr = simple_strtoul(argv[1], NULL, 16); 584 addr = simple_strtoul(argv[1], NULL, 16);
585 length = simple_strtoul(argv[2], NULL, 16); 585 length = simple_strtoul(argv[2], NULL, 16);
586 ivt_offset = simple_strtoul(argv[3], NULL, 16); 586 ivt_offset = simple_strtoul(argv[3], NULL, 16);
587 587
588 rcode = imx_hab_authenticate_image(addr, length, ivt_offset); 588 rcode = imx_hab_authenticate_image(addr, length, ivt_offset);
589 if (rcode == 0) 589 if (rcode == 0)
590 rcode = CMD_RET_SUCCESS; 590 rcode = CMD_RET_SUCCESS;
591 else 591 else
592 rcode = CMD_RET_FAILURE; 592 rcode = CMD_RET_FAILURE;
593 593
594 return rcode; 594 return rcode;
595 } 595 }
596 596
597 static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, 597 static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc,
598 char * const argv[]) 598 char * const argv[])
599 { 599 {
600 if (argc != 1) { 600 if (argc != 1) {
601 cmd_usage(cmdtp); 601 cmd_usage(cmdtp);
602 return 1; 602 return 1;
603 } 603 }
604 604
605 hab_rvt_failsafe(); 605 hab_rvt_failsafe();
606 606
607 return 0; 607 return 0;
608 } 608 }
609 609
610 #ifdef CONFIG_MX7ULP 610 #ifdef CONFIG_MX7ULP
611 U_BOOT_CMD( 611 U_BOOT_CMD(
612 hab_status, CONFIG_SYS_MAXARGS, 2, do_hab_status, 612 hab_status, CONFIG_SYS_MAXARGS, 2, do_hab_status,
613 "display HAB status and events", 613 "display HAB status and events",
614 "hab_status - A7 HAB event and status\n" 614 "hab_status - A7 HAB event and status\n"
615 "hab_status m4 - M4 HAB event and status" 615 "hab_status m4 - M4 HAB event and status"
616 ); 616 );
617 #else 617 #else
618 U_BOOT_CMD( 618 U_BOOT_CMD(
619 hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, 619 hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status,
620 "display HAB status", 620 "display HAB status",
621 "" 621 ""
622 ); 622 );
623 #endif 623 #endif
624 624
625 U_BOOT_CMD( 625 U_BOOT_CMD(
626 hab_auth_img, 4, 0, do_authenticate_image, 626 hab_auth_img, 4, 0, do_authenticate_image,
627 "authenticate image via HAB", 627 "authenticate image via HAB",
628 "addr length ivt_offset\n" 628 "addr length ivt_offset\n"
629 "addr - image hex address\n" 629 "addr - image hex address\n"
630 "length - image hex length\n" 630 "length - image hex length\n"
631 "ivt_offset - hex offset of IVT in the image" 631 "ivt_offset - hex offset of IVT in the image"
632 ); 632 );
633 633
634 U_BOOT_CMD( 634 U_BOOT_CMD(
635 hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, 635 hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe,
636 "run BootROM failsafe routine", 636 "run BootROM failsafe routine",
637 "" 637 ""
638 ); 638 );
639 639
640 #endif /* !defined(CONFIG_SPL_BUILD) */ 640 #endif /* !defined(CONFIG_SPL_BUILD) */
641 641
642 /* Get CSF Header length */ 642 /* Get CSF Header length */
643 static int get_hab_hdr_len(struct hab_hdr *hdr) 643 static int get_hab_hdr_len(struct hab_hdr *hdr)
644 { 644 {
645 return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); 645 return (size_t)((hdr->len[0] << 8) + (hdr->len[1]));
646 } 646 }
647 647
648 /* Check whether addr lies between start and 648 /* Check whether addr lies between start and
649 * end and is within the length of the image 649 * end and is within the length of the image
650 */ 650 */
651 static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) 651 static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end)
652 { 652 {
653 size_t csf_size = (size_t)((end + 1) - addr); 653 size_t csf_size = (size_t)((end + 1) - addr);
654 654
655 return (addr && (addr >= start) && (addr <= end) && 655 return (addr && (addr >= start) && (addr <= end) &&
656 (csf_size >= bytes)); 656 (csf_size >= bytes));
657 } 657 }
658 658
659 /* Get Length of each command in CSF */ 659 /* Get Length of each command in CSF */
660 static int get_csf_cmd_hdr_len(u8 *csf_hdr) 660 static int get_csf_cmd_hdr_len(u8 *csf_hdr)
661 { 661 {
662 if (*csf_hdr == HAB_CMD_HDR) 662 if (*csf_hdr == HAB_CMD_HDR)
663 return sizeof(struct hab_hdr); 663 return sizeof(struct hab_hdr);
664 664
665 return get_hab_hdr_len((struct hab_hdr *)csf_hdr); 665 return get_hab_hdr_len((struct hab_hdr *)csf_hdr);
666 } 666 }
667 667
668 /* Check if CSF is valid */ 668 /* Check if CSF is valid */
669 static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) 669 static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes)
670 { 670 {
671 u8 *start = (u8 *)start_addr; 671 u8 *start = (u8 *)start_addr;
672 u8 *csf_hdr; 672 u8 *csf_hdr;
673 u8 *end; 673 u8 *end;
674 674
675 size_t csf_hdr_len; 675 size_t csf_hdr_len;
676 size_t cmd_hdr_len; 676 size_t cmd_hdr_len;
677 size_t offset = 0; 677 size_t offset = 0;
678 678
679 if (bytes != 0) 679 if (bytes != 0)
680 end = start + bytes - 1; 680 end = start + bytes - 1;
681 else 681 else
682 end = start; 682 end = start;
683 683
684 /* Verify if CSF pointer content is zero */ 684 /* Verify if CSF pointer content is zero */
685 if (!ivt->csf) { 685 if (!ivt->csf) {
686 puts("Error: CSF pointer is NULL\n"); 686 puts("Error: CSF pointer is NULL\n");
687 return false; 687 return false;
688 } 688 }
689 689
690 csf_hdr = (u8 *)(ulong)ivt->csf; 690 csf_hdr = (u8 *)(ulong)ivt->csf;
691 691
692 /* Verify if CSF Header exist */ 692 /* Verify if CSF Header exist */
693 if (*csf_hdr != HAB_CMD_HDR) { 693 if (*csf_hdr != HAB_CMD_HDR) {
694 puts("Error: CSF header command not found\n"); 694 puts("Error: CSF header command not found\n");
695 return false; 695 return false;
696 } 696 }
697 697
698 csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); 698 csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr);
699 699
700 /* Check if the CSF lies within the image bounds */ 700 /* Check if the CSF lies within the image bounds */
701 if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { 701 if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) {
702 puts("Error: CSF lies outside the image bounds\n"); 702 puts("Error: CSF lies outside the image bounds\n");
703 return false; 703 return false;
704 } 704 }
705 705
706 do { 706 do {
707 struct hab_hdr *cmd; 707 struct hab_hdr *cmd;
708 708
709 cmd = (struct hab_hdr *)&csf_hdr[offset]; 709 cmd = (struct hab_hdr *)&csf_hdr[offset];
710 710
711 switch (cmd->tag) { 711 switch (cmd->tag) {
712 case (HAB_CMD_WRT_DAT): 712 case (HAB_CMD_WRT_DAT):
713 puts("Error: Deprecated write command found\n"); 713 puts("Error: Deprecated write command found\n");
714 return false; 714 return false;
715 case (HAB_CMD_CHK_DAT): 715 case (HAB_CMD_CHK_DAT):
716 puts("Error: Deprecated check command found\n"); 716 puts("Error: Deprecated check command found\n");
717 return false; 717 return false;
718 case (HAB_CMD_SET): 718 case (HAB_CMD_SET):
719 if (cmd->par == HAB_PAR_MID) { 719 if (cmd->par == HAB_PAR_MID) {
720 puts("Error: Deprecated Set MID command found\n"); 720 puts("Error: Deprecated Set MID command found\n");
721 return false; 721 return false;
722 } 722 }
723 default: 723 default:
724 break; 724 break;
725 } 725 }
726 726
727 cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); 727 cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]);
728 if (!cmd_hdr_len) { 728 if (!cmd_hdr_len) {
729 puts("Error: Invalid command length\n"); 729 puts("Error: Invalid command length\n");
730 return false; 730 return false;
731 } 731 }
732 offset += cmd_hdr_len; 732 offset += cmd_hdr_len;
733 733
734 } while (offset < csf_hdr_len); 734 } while (offset < csf_hdr_len);
735 735
736 return true; 736 return true;
737 } 737 }
738 738
739 /* 739 /*
740 * Validate IVT structure of the image being authenticated 740 * Validate IVT structure of the image being authenticated
741 */ 741 */
742 static int validate_ivt(struct ivt *ivt_initial) 742 static int validate_ivt(struct ivt *ivt_initial)
743 { 743 {
744 struct ivt_header *ivt_hdr = &ivt_initial->hdr; 744 struct ivt_header *ivt_hdr = &ivt_initial->hdr;
745 745
746 if ((ulong)ivt_initial & 0x3) { 746 if ((ulong)ivt_initial & 0x3) {
747 puts("Error: Image's start address is not 4 byte aligned\n"); 747 puts("Error: Image's start address is not 4 byte aligned\n");
748 return 0; 748 return 0;
749 } 749 }
750 750
751 /* Check IVT fields before allowing authentication */ 751 /* Check IVT fields before allowing authentication */
752 if ((!verify_ivt_header(ivt_hdr)) && \ 752 if ((!verify_ivt_header(ivt_hdr)) && \
753 (ivt_initial->entry != 0x0) && \ 753 (ivt_initial->entry != 0x0) && \
754 (ivt_initial->reserved1 == 0x0) && \ 754 (ivt_initial->reserved1 == 0x0) && \
755 (ivt_initial->self == \ 755 (ivt_initial->self == \
756 (uint32_t)((ulong)ivt_initial & 0xffffffff)) && \ 756 (uint32_t)((ulong)ivt_initial & 0xffffffff)) && \
757 (ivt_initial->csf != 0x0) && \ 757 (ivt_initial->csf != 0x0) && \
758 (ivt_initial->reserved2 == 0x0)) { 758 (ivt_initial->reserved2 == 0x0)) {
759 /* Report boot failure if DCD pointer is found in IVT */ 759 /* Report boot failure if DCD pointer is found in IVT */
760 if (ivt_initial->dcd != 0x0) 760 if (ivt_initial->dcd != 0x0)
761 puts("Error: DCD pointer must be 0\n"); 761 puts("Error: DCD pointer must be 0\n");
762 else 762 else
763 return 1; 763 return 1;
764 } 764 }
765 765
766 puts("Error: Invalid IVT structure\n"); 766 puts("Error: Invalid IVT structure\n");
767 puts("\nAllowed IVT structure:\n"); 767 puts("\nAllowed IVT structure:\n");
768 puts("IVT HDR = 0x4X2000D1\n"); 768 puts("IVT HDR = 0x4X2000D1\n");
769 puts("IVT ENTRY = 0xXXXXXXXX\n"); 769 puts("IVT ENTRY = 0xXXXXXXXX\n");
770 puts("IVT RSV1 = 0x0\n"); 770 puts("IVT RSV1 = 0x0\n");
771 puts("IVT DCD = 0x0\n"); /* Recommended */ 771 puts("IVT DCD = 0x0\n"); /* Recommended */
772 puts("IVT BOOT_DATA = 0xXXXXXXXX\n"); /* Commonly 0x0 */ 772 puts("IVT BOOT_DATA = 0xXXXXXXXX\n"); /* Commonly 0x0 */
773 puts("IVT SELF = 0xXXXXXXXX\n"); /* = ddr_start + ivt_offset */ 773 puts("IVT SELF = 0xXXXXXXXX\n"); /* = ddr_start + ivt_offset */
774 puts("IVT CSF = 0xXXXXXXXX\n"); 774 puts("IVT CSF = 0xXXXXXXXX\n");
775 puts("IVT RSV2 = 0x0\n"); 775 puts("IVT RSV2 = 0x0\n");
776 776
777 /* Invalid IVT structure */ 777 /* Invalid IVT structure */
778 return 0; 778 return 0;
779 } 779 }
780 780
781 bool imx_hab_is_enabled(void) 781 bool imx_hab_is_enabled(void)
782 { 782 {
783 struct imx_sec_config_fuse_t *fuse = 783 struct imx_sec_config_fuse_t *fuse =
784 (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; 784 (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse;
785 uint32_t reg; 785 uint32_t reg;
786 int ret; 786 int ret;
787 787
788 ret = fuse_read(fuse->bank, fuse->word, &reg); 788 ret = fuse_read(fuse->bank, fuse->word, &reg);
789 if (ret) { 789 if (ret) {
790 puts("\nSecure boot fuse read error\n"); 790 puts("\nSecure boot fuse read error\n");
791 return ret; 791 return ret;
792 } 792 }
793 793
794 return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; 794 return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT;
795 } 795 }
796 796
797 int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, 797 int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size,
798 uint32_t ivt_offset) 798 uint32_t ivt_offset)
799 { 799 {
800 ulong load_addr = 0; 800 ulong load_addr = 0;
801 size_t bytes; 801 size_t bytes;
802 ulong ivt_addr = 0; 802 ulong ivt_addr = 0;
803 int result = 1; 803 int result = 1;
804 ulong start; 804 ulong start;
805 struct ivt *ivt; 805 struct ivt *ivt;
806 enum hab_status status; 806 enum hab_status status;
807 807
808 if (!imx_hab_is_enabled()) 808 if (!imx_hab_is_enabled())
809 puts("hab fuse not enabled\n"); 809 puts("hab fuse not enabled\n");
810 810
811 printf("\nAuthenticate image from DDR location 0x%x...\n", 811 printf("\nAuthenticate image from DDR location 0x%x...\n",
812 ddr_start); 812 ddr_start);
813 813
814 hab_caam_clock_enable(1); 814 hab_caam_clock_enable(1);
815 815
816 /* Calculate IVT address header */ 816 /* Calculate IVT address header */
817 ivt_addr = (ulong) (ddr_start + ivt_offset); 817 ivt_addr = (ulong) (ddr_start + ivt_offset);
818 ivt = (struct ivt *)ivt_addr; 818 ivt = (struct ivt *)ivt_addr;
819 819
820 /* Verify IVT header bugging out on error */ 820 /* Verify IVT header bugging out on error */
821 if (!validate_ivt(ivt)) 821 if (!validate_ivt(ivt))
822 goto hab_authentication_exit; 822 goto hab_authentication_exit;
823 823
824 start = ddr_start; 824 start = ddr_start;
825 bytes = image_size; 825 bytes = image_size;
826 826
827 /* Verify CSF */ 827 /* Verify CSF */
828 if (!csf_is_valid(ivt, start, bytes)) 828 if (!csf_is_valid(ivt, start, bytes))
829 goto hab_authentication_exit; 829 goto hab_authentication_exit;
830 830
831 if (hab_rvt_entry() != HAB_SUCCESS) { 831 if (hab_rvt_entry() != HAB_SUCCESS) {
832 puts("hab entry function fail\n"); 832 puts("hab entry function fail\n");
833 goto hab_exit_failure_print_status; 833 goto hab_exit_failure_print_status;
834 } 834 }
835 835
836 status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes); 836 status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes);
837 if (status != HAB_SUCCESS) { 837 if (status != HAB_SUCCESS) {
838 printf("HAB check target 0x%08x-0x%08lx fail\n", 838 printf("HAB check target 0x%08x-0x%08lx fail\n",
839 ddr_start, ddr_start + bytes); 839 ddr_start, ddr_start + (ulong)bytes);
840 goto hab_exit_failure_print_status; 840 goto hab_exit_failure_print_status;
841 } 841 }
842 #ifdef DEBUG 842 #ifdef DEBUG
843 printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); 843 printf("\nivt_offset = 0x%x, ivt addr = 0x%lx\n", ivt_offset, ivt_addr);
844 printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, 844 printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry,
845 ivt->dcd, ivt->csf); 845 ivt->dcd, ivt->csf);
846 puts("Dumping IVT\n"); 846 puts("Dumping IVT\n");
847 print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); 847 print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0);
848 848
849 puts("Dumping CSF Header\n"); 849 puts("Dumping CSF Header\n");
850 print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); 850 print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0);
851 851
852 #if !defined(CONFIG_SPL_BUILD) 852 #if !defined(CONFIG_SPL_BUILD)
853 get_hab_status(); 853 get_hab_status();
854 #endif 854 #endif
855 855
856 puts("\nCalling authenticate_image in ROM\n"); 856 puts("\nCalling authenticate_image in ROM\n");
857 printf("\tivt_offset = 0x%x\n", ivt_offset); 857 printf("\tivt_offset = 0x%x\n", ivt_offset);
858 printf("\tstart = 0x%08lx\n", start); 858 printf("\tstart = 0x%08lx\n", start);
859 printf("\tbytes = 0x%x\n", bytes); 859 printf("\tbytes = 0x%x\n", bytes);
860 #endif 860 #endif
861 861
862 #ifndef CONFIG_ARM64 862 #ifndef CONFIG_ARM64
863 /* 863 /*
864 * If the MMU is enabled, we have to notify the ROM 864 * If the MMU is enabled, we have to notify the ROM
865 * code, or it won't flush the caches when needed. 865 * code, or it won't flush the caches when needed.
866 * This is done, by setting the "pu_irom_mmu_enabled" 866 * This is done, by setting the "pu_irom_mmu_enabled"
867 * word to 1. You can find its address by looking in 867 * word to 1. You can find its address by looking in
868 * the ROM map. This is critical for 868 * the ROM map. This is critical for
869 * authenticate_image(). If MMU is enabled, without 869 * authenticate_image(). If MMU is enabled, without
870 * setting this bit, authentication will fail and may 870 * setting this bit, authentication will fail and may
871 * crash. 871 * crash.
872 */ 872 */
873 /* Check MMU enabled */ 873 /* Check MMU enabled */
874 if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { 874 if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) {
875 if (is_mx6dq()) { 875 if (is_mx6dq()) {
876 /* 876 /*
877 * This won't work on Rev 1.0.0 of 877 * This won't work on Rev 1.0.0 of
878 * i.MX6Q/D, since their ROM doesn't 878 * i.MX6Q/D, since their ROM doesn't
879 * do cache flushes. don't think any 879 * do cache flushes. don't think any
880 * exist, so we ignore them. 880 * exist, so we ignore them.
881 */ 881 */
882 if (!is_mx6dqp()) 882 if (!is_mx6dqp())
883 writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); 883 writel(1, MX6DQ_PU_IROM_MMU_EN_VAR);
884 } else if (is_mx6sdl()) { 884 } else if (is_mx6sdl()) {
885 writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); 885 writel(1, MX6DLS_PU_IROM_MMU_EN_VAR);
886 } else if (is_mx6sl()) { 886 } else if (is_mx6sl()) {
887 writel(1, MX6SL_PU_IROM_MMU_EN_VAR); 887 writel(1, MX6SL_PU_IROM_MMU_EN_VAR);
888 } 888 }
889 } 889 }
890 #endif 890 #endif
891 891
892 load_addr = (ulong)hab_rvt_authenticate_image( 892 load_addr = (ulong)hab_rvt_authenticate_image(
893 HAB_CID_UBOOT, 893 HAB_CID_UBOOT,
894 ivt_offset, (void **)&start, 894 ivt_offset, (void **)&start,
895 (size_t *)&bytes, NULL); 895 (size_t *)&bytes, NULL);
896 if (hab_rvt_exit() != HAB_SUCCESS) { 896 if (hab_rvt_exit() != HAB_SUCCESS) {
897 puts("hab exit function fail\n"); 897 puts("hab exit function fail\n");
898 load_addr = 0; 898 load_addr = 0;
899 } 899 }
900 900
901 hab_exit_failure_print_status: 901 hab_exit_failure_print_status:
902 #if !defined(CONFIG_SPL_BUILD) 902 #if !defined(CONFIG_SPL_BUILD)
903 get_hab_status(); 903 get_hab_status();
904 #endif 904 #endif
905 905
906 hab_authentication_exit: 906 hab_authentication_exit:
907 907
908 if (load_addr != 0 || !imx_hab_is_enabled()) 908 if (load_addr != 0 || !imx_hab_is_enabled())
909 result = 0; 909 result = 0;
910 910
911 return result; 911 return result;
912 } 912 }
913 913
914 int authenticate_image(uint32_t ddr_start, uint32_t raw_image_size) 914 int authenticate_image(uint32_t ddr_start, uint32_t raw_image_size)
915 { 915 {
916 uint32_t ivt_offset; 916 uint32_t ivt_offset;
917 size_t bytes; 917 size_t bytes;
918 918
919 ivt_offset = (raw_image_size + ALIGN_SIZE - 1) & 919 ivt_offset = (raw_image_size + ALIGN_SIZE - 1) &
920 ~(ALIGN_SIZE - 1); 920 ~(ALIGN_SIZE - 1);
921 bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; 921 bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE;
922 922
923 return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset); 923 return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset);
924 } 924 }
925 925