Commit f905f893e3ccdb30224583f3b9d9b6ac38b8a652
Committed by
Ye Li
1 parent
dd058bca4a
Exists in
smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga
and in
4 other branches
MLK-21251-1 imx: hab: Fix build warnings in 32-bit targets
When building 32-bit targets with CONFIG_SECURE_BOOT and DEBUG enabled the following warnings are displayed: arch/arm/mach-imx/hab.c:840:41: warning: format '%lx' expects argument \ of type 'long unsigned int', but argument 3 has type 'uint32_t \ {aka unsigned int}' [-Wformat=] printf("HAB check target 0x%08x-0x%08lx fail\n", ~~~~^ %08x ddr_start, ddr_start + bytes); arch/arm/mach-imx/hab.c:845:45: warning: format '%x' expects argument \ of type 'unsigned int', but argument 3 has type 'ulong \ {aka long unsigned int}' [-Wformat=] printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); ~^ %lx Fix warnings by providing the correct data type. Reviewed-by: Ye Li <ye.li@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> (cherry picked from commit 050beb8ee3fc4c690c9ce7c4f47adfc6f48dccdf)
Showing 1 changed file with 2 additions and 2 deletions Inline Diff
arch/arm/mach-imx/hab.c
1 | /* | 1 | /* |
2 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. | 2 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. |
3 | * | 3 | * |
4 | * SPDX-License-Identifier: GPL-2.0+ | 4 | * SPDX-License-Identifier: GPL-2.0+ |
5 | */ | 5 | */ |
6 | 6 | ||
7 | #include <common.h> | 7 | #include <common.h> |
8 | #include <config.h> | 8 | #include <config.h> |
9 | #include <fuse.h> | 9 | #include <fuse.h> |
10 | #include <asm/io.h> | 10 | #include <asm/io.h> |
11 | #include <asm/system.h> | 11 | #include <asm/system.h> |
12 | #include <asm/arch/clock.h> | 12 | #include <asm/arch/clock.h> |
13 | #include <asm/arch/sys_proto.h> | 13 | #include <asm/arch/sys_proto.h> |
14 | #include <asm/mach-imx/hab.h> | 14 | #include <asm/mach-imx/hab.h> |
15 | 15 | ||
16 | DECLARE_GLOBAL_DATA_PTR; | 16 | DECLARE_GLOBAL_DATA_PTR; |
17 | 17 | ||
18 | #define ALIGN_SIZE 0x1000 | 18 | #define ALIGN_SIZE 0x1000 |
19 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 | 19 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 |
20 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 | 20 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 |
21 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 | 21 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 |
22 | #define IS_HAB_ENABLED_BIT \ | 22 | #define IS_HAB_ENABLED_BIT \ |
23 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ | 23 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ |
24 | ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M))? 0x2000000 : 0x2)) | 24 | ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M))? 0x2000000 : 0x2)) |
25 | 25 | ||
26 | #ifdef CONFIG_MX7ULP | 26 | #ifdef CONFIG_MX7ULP |
27 | #define HAB_M4_PERSISTENT_START ((soc_rev() >= CHIP_REV_2_0) ? 0x20008040 : \ | 27 | #define HAB_M4_PERSISTENT_START ((soc_rev() >= CHIP_REV_2_0) ? 0x20008040 : \ |
28 | 0x20008180) | 28 | 0x20008180) |
29 | #define HAB_M4_PERSISTENT_BYTES 0xB80 | 29 | #define HAB_M4_PERSISTENT_BYTES 0xB80 |
30 | #endif | 30 | #endif |
31 | 31 | ||
32 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) | 32 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) |
33 | { | 33 | { |
34 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, | 34 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, |
35 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); | 35 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); |
36 | 36 | ||
37 | return 1; | 37 | return 1; |
38 | } | 38 | } |
39 | 39 | ||
40 | static int verify_ivt_header(struct ivt_header *ivt_hdr) | 40 | static int verify_ivt_header(struct ivt_header *ivt_hdr) |
41 | { | 41 | { |
42 | int result = 0; | 42 | int result = 0; |
43 | 43 | ||
44 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) | 44 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) |
45 | result = ivt_header_error("bad magic", ivt_hdr); | 45 | result = ivt_header_error("bad magic", ivt_hdr); |
46 | 46 | ||
47 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) | 47 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) |
48 | result = ivt_header_error("bad length", ivt_hdr); | 48 | result = ivt_header_error("bad length", ivt_hdr); |
49 | 49 | ||
50 | if (ivt_hdr->version != IVT_HEADER_V1 && | 50 | if (ivt_hdr->version != IVT_HEADER_V1 && |
51 | ivt_hdr->version != IVT_HEADER_V2) | 51 | ivt_hdr->version != IVT_HEADER_V2) |
52 | result = ivt_header_error("bad version", ivt_hdr); | 52 | result = ivt_header_error("bad version", ivt_hdr); |
53 | 53 | ||
54 | return result; | 54 | return result; |
55 | } | 55 | } |
56 | 56 | ||
57 | #ifdef CONFIG_ARM64 | 57 | #ifdef CONFIG_ARM64 |
58 | #define FSL_SIP_HAB 0xC2000007 | 58 | #define FSL_SIP_HAB 0xC2000007 |
59 | #define FSL_SIP_HAB_AUTHENTICATE 0x00 | 59 | #define FSL_SIP_HAB_AUTHENTICATE 0x00 |
60 | #define FSL_SIP_HAB_ENTRY 0x01 | 60 | #define FSL_SIP_HAB_ENTRY 0x01 |
61 | #define FSL_SIP_HAB_EXIT 0x02 | 61 | #define FSL_SIP_HAB_EXIT 0x02 |
62 | #define FSL_SIP_HAB_REPORT_EVENT 0x03 | 62 | #define FSL_SIP_HAB_REPORT_EVENT 0x03 |
63 | #define FSL_SIP_HAB_REPORT_STATUS 0x04 | 63 | #define FSL_SIP_HAB_REPORT_STATUS 0x04 |
64 | #define FSL_SIP_HAB_FAILSAFE 0x05 | 64 | #define FSL_SIP_HAB_FAILSAFE 0x05 |
65 | #define FSL_SIP_HAB_CHECK_TARGET 0x06 | 65 | #define FSL_SIP_HAB_CHECK_TARGET 0x06 |
66 | static volatile gd_t *gd_save; | 66 | static volatile gd_t *gd_save; |
67 | #endif | 67 | #endif |
68 | 68 | ||
69 | static inline void save_gd(void) | 69 | static inline void save_gd(void) |
70 | { | 70 | { |
71 | #ifdef CONFIG_ARM64 | 71 | #ifdef CONFIG_ARM64 |
72 | gd_save = gd; | 72 | gd_save = gd; |
73 | #endif | 73 | #endif |
74 | } | 74 | } |
75 | 75 | ||
76 | static inline void restore_gd(void) | 76 | static inline void restore_gd(void) |
77 | { | 77 | { |
78 | #ifdef CONFIG_ARM64 | 78 | #ifdef CONFIG_ARM64 |
79 | /* | 79 | /* |
80 | * Make will already error that reserving x18 is not supported at the | 80 | * Make will already error that reserving x18 is not supported at the |
81 | * time of writing, clang: error: unknown argument: '-ffixed-x18' | 81 | * time of writing, clang: error: unknown argument: '-ffixed-x18' |
82 | */ | 82 | */ |
83 | __asm__ volatile("mov x18, %0\n" : : "r" (gd_save)); | 83 | __asm__ volatile("mov x18, %0\n" : : "r" (gd_save)); |
84 | #endif | 84 | #endif |
85 | } | 85 | } |
86 | 86 | ||
87 | enum hab_status hab_rvt_report_event(enum hab_status status, uint32_t index, | 87 | enum hab_status hab_rvt_report_event(enum hab_status status, uint32_t index, |
88 | uint8_t *event, size_t *bytes) | 88 | uint8_t *event, size_t *bytes) |
89 | { | 89 | { |
90 | enum hab_status ret; | 90 | enum hab_status ret; |
91 | hab_rvt_report_event_t *hab_rvt_report_event_func; | 91 | hab_rvt_report_event_t *hab_rvt_report_event_func; |
92 | hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; | 92 | hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; |
93 | 93 | ||
94 | #if defined(CONFIG_ARM64) | 94 | #if defined(CONFIG_ARM64) |
95 | if (current_el() != 3) { | 95 | if (current_el() != 3) { |
96 | /* call sip */ | 96 | /* call sip */ |
97 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index, | 97 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index, |
98 | (unsigned long)event, (unsigned long)bytes); | 98 | (unsigned long)event, (unsigned long)bytes); |
99 | return ret; | 99 | return ret; |
100 | } | 100 | } |
101 | #endif | 101 | #endif |
102 | 102 | ||
103 | save_gd(); | 103 | save_gd(); |
104 | ret = hab_rvt_report_event_func(status, index, event, bytes); | 104 | ret = hab_rvt_report_event_func(status, index, event, bytes); |
105 | restore_gd(); | 105 | restore_gd(); |
106 | 106 | ||
107 | return ret; | 107 | return ret; |
108 | 108 | ||
109 | } | 109 | } |
110 | 110 | ||
111 | enum hab_status hab_rvt_report_status(enum hab_config *config, | 111 | enum hab_status hab_rvt_report_status(enum hab_config *config, |
112 | enum hab_state *state) | 112 | enum hab_state *state) |
113 | { | 113 | { |
114 | enum hab_status ret; | 114 | enum hab_status ret; |
115 | hab_rvt_report_status_t *hab_rvt_report_status_func; | 115 | hab_rvt_report_status_t *hab_rvt_report_status_func; |
116 | hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; | 116 | hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; |
117 | 117 | ||
118 | #if defined(CONFIG_ARM64) | 118 | #if defined(CONFIG_ARM64) |
119 | if (current_el() != 3) { | 119 | if (current_el() != 3) { |
120 | /* call sip */ | 120 | /* call sip */ |
121 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS, | 121 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS, |
122 | (unsigned long)config, (unsigned long)state, 0); | 122 | (unsigned long)config, (unsigned long)state, 0); |
123 | return ret; | 123 | return ret; |
124 | } | 124 | } |
125 | #endif | 125 | #endif |
126 | 126 | ||
127 | save_gd(); | 127 | save_gd(); |
128 | ret = hab_rvt_report_status_func(config, state); | 128 | ret = hab_rvt_report_status_func(config, state); |
129 | restore_gd(); | 129 | restore_gd(); |
130 | 130 | ||
131 | return ret; | 131 | return ret; |
132 | } | 132 | } |
133 | 133 | ||
134 | enum hab_status hab_rvt_entry(void) | 134 | enum hab_status hab_rvt_entry(void) |
135 | { | 135 | { |
136 | enum hab_status ret; | 136 | enum hab_status ret; |
137 | hab_rvt_entry_t *hab_rvt_entry_func; | 137 | hab_rvt_entry_t *hab_rvt_entry_func; |
138 | hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY; | 138 | hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY; |
139 | 139 | ||
140 | #if defined(CONFIG_ARM64) | 140 | #if defined(CONFIG_ARM64) |
141 | if (current_el() != 3) { | 141 | if (current_el() != 3) { |
142 | /* call sip */ | 142 | /* call sip */ |
143 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0); | 143 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0); |
144 | return ret; | 144 | return ret; |
145 | } | 145 | } |
146 | #endif | 146 | #endif |
147 | 147 | ||
148 | save_gd(); | 148 | save_gd(); |
149 | ret = hab_rvt_entry_func(); | 149 | ret = hab_rvt_entry_func(); |
150 | restore_gd(); | 150 | restore_gd(); |
151 | 151 | ||
152 | return ret; | 152 | return ret; |
153 | } | 153 | } |
154 | 154 | ||
155 | enum hab_status hab_rvt_exit(void) | 155 | enum hab_status hab_rvt_exit(void) |
156 | { | 156 | { |
157 | enum hab_status ret; | 157 | enum hab_status ret; |
158 | hab_rvt_exit_t *hab_rvt_exit_func; | 158 | hab_rvt_exit_t *hab_rvt_exit_func; |
159 | hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT; | 159 | hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT; |
160 | 160 | ||
161 | #if defined(CONFIG_ARM64) | 161 | #if defined(CONFIG_ARM64) |
162 | if (current_el() != 3) { | 162 | if (current_el() != 3) { |
163 | /* call sip */ | 163 | /* call sip */ |
164 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0); | 164 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0); |
165 | return ret; | 165 | return ret; |
166 | } | 166 | } |
167 | #endif | 167 | #endif |
168 | 168 | ||
169 | save_gd(); | 169 | save_gd(); |
170 | ret = hab_rvt_exit_func(); | 170 | ret = hab_rvt_exit_func(); |
171 | restore_gd(); | 171 | restore_gd(); |
172 | 172 | ||
173 | return ret; | 173 | return ret; |
174 | } | 174 | } |
175 | 175 | ||
176 | void hab_rvt_failsafe(void) | 176 | void hab_rvt_failsafe(void) |
177 | { | 177 | { |
178 | hab_rvt_failsafe_t *hab_rvt_failsafe_func; | 178 | hab_rvt_failsafe_t *hab_rvt_failsafe_func; |
179 | hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; | 179 | hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; |
180 | 180 | ||
181 | #if defined(CONFIG_ARM64) | 181 | #if defined(CONFIG_ARM64) |
182 | if (current_el() != 3) { | 182 | if (current_el() != 3) { |
183 | /* call sip */ | 183 | /* call sip */ |
184 | call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0); | 184 | call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0); |
185 | return; | 185 | return; |
186 | } | 186 | } |
187 | #endif | 187 | #endif |
188 | 188 | ||
189 | save_gd(); | 189 | save_gd(); |
190 | hab_rvt_failsafe_func(); | 190 | hab_rvt_failsafe_func(); |
191 | restore_gd(); | 191 | restore_gd(); |
192 | } | 192 | } |
193 | 193 | ||
194 | enum hab_status hab_rvt_check_target(enum hab_target type, const void *start, | 194 | enum hab_status hab_rvt_check_target(enum hab_target type, const void *start, |
195 | size_t bytes) | 195 | size_t bytes) |
196 | { | 196 | { |
197 | enum hab_status ret; | 197 | enum hab_status ret; |
198 | hab_rvt_check_target_t *hab_rvt_check_target_func; | 198 | hab_rvt_check_target_t *hab_rvt_check_target_func; |
199 | hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; | 199 | hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; |
200 | 200 | ||
201 | #if defined(CONFIG_ARM64) | 201 | #if defined(CONFIG_ARM64) |
202 | if (current_el() != 3) { | 202 | if (current_el() != 3) { |
203 | /* call sip */ | 203 | /* call sip */ |
204 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type, | 204 | ret = (enum hab_status)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type, |
205 | (unsigned long)start, (unsigned long)bytes); | 205 | (unsigned long)start, (unsigned long)bytes); |
206 | return ret; | 206 | return ret; |
207 | } | 207 | } |
208 | #endif | 208 | #endif |
209 | 209 | ||
210 | save_gd(); | 210 | save_gd(); |
211 | ret = hab_rvt_check_target_func(type, start, bytes); | 211 | ret = hab_rvt_check_target_func(type, start, bytes); |
212 | restore_gd(); | 212 | restore_gd(); |
213 | 213 | ||
214 | return ret; | 214 | return ret; |
215 | } | 215 | } |
216 | 216 | ||
217 | void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset, | 217 | void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset, |
218 | void **start, size_t *bytes, hab_loader_callback_f_t loader) | 218 | void **start, size_t *bytes, hab_loader_callback_f_t loader) |
219 | { | 219 | { |
220 | void *ret; | 220 | void *ret; |
221 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func; | 221 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func; |
222 | hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; | 222 | hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; |
223 | 223 | ||
224 | #if defined(CONFIG_ARM64) | 224 | #if defined(CONFIG_ARM64) |
225 | if (current_el() != 3) { | 225 | if (current_el() != 3) { |
226 | /* call sip */ | 226 | /* call sip */ |
227 | ret = (void *)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset, | 227 | ret = (void *)call_imx_sip(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset, |
228 | (unsigned long)start, (unsigned long)bytes); | 228 | (unsigned long)start, (unsigned long)bytes); |
229 | return ret; | 229 | return ret; |
230 | } | 230 | } |
231 | #endif | 231 | #endif |
232 | 232 | ||
233 | save_gd(); | 233 | save_gd(); |
234 | ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader); | 234 | ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader); |
235 | restore_gd(); | 235 | restore_gd(); |
236 | 236 | ||
237 | return ret; | 237 | return ret; |
238 | } | 238 | } |
239 | 239 | ||
240 | #if !defined(CONFIG_SPL_BUILD) | 240 | #if !defined(CONFIG_SPL_BUILD) |
241 | 241 | ||
242 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ | 242 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ |
243 | 243 | ||
244 | struct record { | 244 | struct record { |
245 | uint8_t tag; /* Tag */ | 245 | uint8_t tag; /* Tag */ |
246 | uint8_t len[2]; /* Length */ | 246 | uint8_t len[2]; /* Length */ |
247 | uint8_t par; /* Version */ | 247 | uint8_t par; /* Version */ |
248 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ | 248 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ |
249 | bool any_rec_flag; | 249 | bool any_rec_flag; |
250 | }; | 250 | }; |
251 | 251 | ||
252 | static char *rsn_str[] = { | 252 | static char *rsn_str[] = { |
253 | "RSN = HAB_RSN_ANY (0x00)\n", | 253 | "RSN = HAB_RSN_ANY (0x00)\n", |
254 | "RSN = HAB_ENG_FAIL (0x30)\n", | 254 | "RSN = HAB_ENG_FAIL (0x30)\n", |
255 | "RSN = HAB_INV_ADDRESS (0x22)\n", | 255 | "RSN = HAB_INV_ADDRESS (0x22)\n", |
256 | "RSN = HAB_INV_ASSERTION (0x0C)\n", | 256 | "RSN = HAB_INV_ASSERTION (0x0C)\n", |
257 | "RSN = HAB_INV_CALL (0x28)\n", | 257 | "RSN = HAB_INV_CALL (0x28)\n", |
258 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", | 258 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", |
259 | "RSN = HAB_INV_COMMAND (0x06)\n", | 259 | "RSN = HAB_INV_COMMAND (0x06)\n", |
260 | "RSN = HAB_INV_CSF (0x11)\n", | 260 | "RSN = HAB_INV_CSF (0x11)\n", |
261 | "RSN = HAB_INV_DCD (0x27)\n", | 261 | "RSN = HAB_INV_DCD (0x27)\n", |
262 | "RSN = HAB_INV_INDEX (0x0F)\n", | 262 | "RSN = HAB_INV_INDEX (0x0F)\n", |
263 | "RSN = HAB_INV_IVT (0x05)\n", | 263 | "RSN = HAB_INV_IVT (0x05)\n", |
264 | "RSN = HAB_INV_KEY (0x1D)\n", | 264 | "RSN = HAB_INV_KEY (0x1D)\n", |
265 | "RSN = HAB_INV_RETURN (0x1E)\n", | 265 | "RSN = HAB_INV_RETURN (0x1E)\n", |
266 | "RSN = HAB_INV_SIGNATURE (0x18)\n", | 266 | "RSN = HAB_INV_SIGNATURE (0x18)\n", |
267 | "RSN = HAB_INV_SIZE (0x17)\n", | 267 | "RSN = HAB_INV_SIZE (0x17)\n", |
268 | "RSN = HAB_MEM_FAIL (0x2E)\n", | 268 | "RSN = HAB_MEM_FAIL (0x2E)\n", |
269 | "RSN = HAB_OVR_COUNT (0x2B)\n", | 269 | "RSN = HAB_OVR_COUNT (0x2B)\n", |
270 | "RSN = HAB_OVR_STORAGE (0x2D)\n", | 270 | "RSN = HAB_OVR_STORAGE (0x2D)\n", |
271 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", | 271 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", |
272 | "RSN = HAB_UNS_COMMAND (0x03)\n", | 272 | "RSN = HAB_UNS_COMMAND (0x03)\n", |
273 | "RSN = HAB_UNS_ENGINE (0x0A)\n", | 273 | "RSN = HAB_UNS_ENGINE (0x0A)\n", |
274 | "RSN = HAB_UNS_ITEM (0x24)\n", | 274 | "RSN = HAB_UNS_ITEM (0x24)\n", |
275 | "RSN = HAB_UNS_KEY (0x1B)\n", | 275 | "RSN = HAB_UNS_KEY (0x1B)\n", |
276 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", | 276 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", |
277 | "RSN = HAB_UNS_STATE (0x09)\n", | 277 | "RSN = HAB_UNS_STATE (0x09)\n", |
278 | "RSN = INVALID\n", | 278 | "RSN = INVALID\n", |
279 | NULL | 279 | NULL |
280 | }; | 280 | }; |
281 | 281 | ||
282 | static char *sts_str[] = { | 282 | static char *sts_str[] = { |
283 | "STS = HAB_SUCCESS (0xF0)\n", | 283 | "STS = HAB_SUCCESS (0xF0)\n", |
284 | "STS = HAB_FAILURE (0x33)\n", | 284 | "STS = HAB_FAILURE (0x33)\n", |
285 | "STS = HAB_WARNING (0x69)\n", | 285 | "STS = HAB_WARNING (0x69)\n", |
286 | "STS = INVALID\n", | 286 | "STS = INVALID\n", |
287 | NULL | 287 | NULL |
288 | }; | 288 | }; |
289 | 289 | ||
290 | static char *eng_str[] = { | 290 | static char *eng_str[] = { |
291 | "ENG = HAB_ENG_ANY (0x00)\n", | 291 | "ENG = HAB_ENG_ANY (0x00)\n", |
292 | "ENG = HAB_ENG_SCC (0x03)\n", | 292 | "ENG = HAB_ENG_SCC (0x03)\n", |
293 | "ENG = HAB_ENG_RTIC (0x05)\n", | 293 | "ENG = HAB_ENG_RTIC (0x05)\n", |
294 | "ENG = HAB_ENG_SAHARA (0x06)\n", | 294 | "ENG = HAB_ENG_SAHARA (0x06)\n", |
295 | "ENG = HAB_ENG_CSU (0x0A)\n", | 295 | "ENG = HAB_ENG_CSU (0x0A)\n", |
296 | "ENG = HAB_ENG_SRTC (0x0C)\n", | 296 | "ENG = HAB_ENG_SRTC (0x0C)\n", |
297 | "ENG = HAB_ENG_DCP (0x1B)\n", | 297 | "ENG = HAB_ENG_DCP (0x1B)\n", |
298 | "ENG = HAB_ENG_CAAM (0x1D)\n", | 298 | "ENG = HAB_ENG_CAAM (0x1D)\n", |
299 | "ENG = HAB_ENG_SNVS (0x1E)\n", | 299 | "ENG = HAB_ENG_SNVS (0x1E)\n", |
300 | "ENG = HAB_ENG_OCOTP (0x21)\n", | 300 | "ENG = HAB_ENG_OCOTP (0x21)\n", |
301 | "ENG = HAB_ENG_DTCP (0x22)\n", | 301 | "ENG = HAB_ENG_DTCP (0x22)\n", |
302 | "ENG = HAB_ENG_ROM (0x36)\n", | 302 | "ENG = HAB_ENG_ROM (0x36)\n", |
303 | "ENG = HAB_ENG_HDCP (0x24)\n", | 303 | "ENG = HAB_ENG_HDCP (0x24)\n", |
304 | "ENG = HAB_ENG_RTL (0x77)\n", | 304 | "ENG = HAB_ENG_RTL (0x77)\n", |
305 | "ENG = HAB_ENG_SW (0xFF)\n", | 305 | "ENG = HAB_ENG_SW (0xFF)\n", |
306 | "ENG = INVALID\n", | 306 | "ENG = INVALID\n", |
307 | NULL | 307 | NULL |
308 | }; | 308 | }; |
309 | 309 | ||
310 | static char *ctx_str[] = { | 310 | static char *ctx_str[] = { |
311 | "CTX = HAB_CTX_ANY(0x00)\n", | 311 | "CTX = HAB_CTX_ANY(0x00)\n", |
312 | "CTX = HAB_CTX_FAB (0xFF)\n", | 312 | "CTX = HAB_CTX_FAB (0xFF)\n", |
313 | "CTX = HAB_CTX_ENTRY (0xE1)\n", | 313 | "CTX = HAB_CTX_ENTRY (0xE1)\n", |
314 | "CTX = HAB_CTX_TARGET (0x33)\n", | 314 | "CTX = HAB_CTX_TARGET (0x33)\n", |
315 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", | 315 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", |
316 | "CTX = HAB_CTX_DCD (0xDD)\n", | 316 | "CTX = HAB_CTX_DCD (0xDD)\n", |
317 | "CTX = HAB_CTX_CSF (0xCF)\n", | 317 | "CTX = HAB_CTX_CSF (0xCF)\n", |
318 | "CTX = HAB_CTX_COMMAND (0xC0)\n", | 318 | "CTX = HAB_CTX_COMMAND (0xC0)\n", |
319 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", | 319 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", |
320 | "CTX = HAB_CTX_ASSERT (0xA0)\n", | 320 | "CTX = HAB_CTX_ASSERT (0xA0)\n", |
321 | "CTX = HAB_CTX_EXIT (0xEE)\n", | 321 | "CTX = HAB_CTX_EXIT (0xEE)\n", |
322 | "CTX = INVALID\n", | 322 | "CTX = INVALID\n", |
323 | NULL | 323 | NULL |
324 | }; | 324 | }; |
325 | 325 | ||
326 | static uint8_t hab_statuses[5] = { | 326 | static uint8_t hab_statuses[5] = { |
327 | HAB_STS_ANY, | 327 | HAB_STS_ANY, |
328 | HAB_FAILURE, | 328 | HAB_FAILURE, |
329 | HAB_WARNING, | 329 | HAB_WARNING, |
330 | HAB_SUCCESS, | 330 | HAB_SUCCESS, |
331 | -1 | 331 | -1 |
332 | }; | 332 | }; |
333 | 333 | ||
334 | static uint8_t hab_reasons[26] = { | 334 | static uint8_t hab_reasons[26] = { |
335 | HAB_RSN_ANY, | 335 | HAB_RSN_ANY, |
336 | HAB_ENG_FAIL, | 336 | HAB_ENG_FAIL, |
337 | HAB_INV_ADDRESS, | 337 | HAB_INV_ADDRESS, |
338 | HAB_INV_ASSERTION, | 338 | HAB_INV_ASSERTION, |
339 | HAB_INV_CALL, | 339 | HAB_INV_CALL, |
340 | HAB_INV_CERTIFICATE, | 340 | HAB_INV_CERTIFICATE, |
341 | HAB_INV_COMMAND, | 341 | HAB_INV_COMMAND, |
342 | HAB_INV_CSF, | 342 | HAB_INV_CSF, |
343 | HAB_INV_DCD, | 343 | HAB_INV_DCD, |
344 | HAB_INV_INDEX, | 344 | HAB_INV_INDEX, |
345 | HAB_INV_IVT, | 345 | HAB_INV_IVT, |
346 | HAB_INV_KEY, | 346 | HAB_INV_KEY, |
347 | HAB_INV_RETURN, | 347 | HAB_INV_RETURN, |
348 | HAB_INV_SIGNATURE, | 348 | HAB_INV_SIGNATURE, |
349 | HAB_INV_SIZE, | 349 | HAB_INV_SIZE, |
350 | HAB_MEM_FAIL, | 350 | HAB_MEM_FAIL, |
351 | HAB_OVR_COUNT, | 351 | HAB_OVR_COUNT, |
352 | HAB_OVR_STORAGE, | 352 | HAB_OVR_STORAGE, |
353 | HAB_UNS_ALGORITHM, | 353 | HAB_UNS_ALGORITHM, |
354 | HAB_UNS_COMMAND, | 354 | HAB_UNS_COMMAND, |
355 | HAB_UNS_ENGINE, | 355 | HAB_UNS_ENGINE, |
356 | HAB_UNS_ITEM, | 356 | HAB_UNS_ITEM, |
357 | HAB_UNS_KEY, | 357 | HAB_UNS_KEY, |
358 | HAB_UNS_PROTOCOL, | 358 | HAB_UNS_PROTOCOL, |
359 | HAB_UNS_STATE, | 359 | HAB_UNS_STATE, |
360 | -1 | 360 | -1 |
361 | }; | 361 | }; |
362 | 362 | ||
363 | static uint8_t hab_contexts[12] = { | 363 | static uint8_t hab_contexts[12] = { |
364 | HAB_CTX_ANY, | 364 | HAB_CTX_ANY, |
365 | HAB_CTX_FAB, | 365 | HAB_CTX_FAB, |
366 | HAB_CTX_ENTRY, | 366 | HAB_CTX_ENTRY, |
367 | HAB_CTX_TARGET, | 367 | HAB_CTX_TARGET, |
368 | HAB_CTX_AUTHENTICATE, | 368 | HAB_CTX_AUTHENTICATE, |
369 | HAB_CTX_DCD, | 369 | HAB_CTX_DCD, |
370 | HAB_CTX_CSF, | 370 | HAB_CTX_CSF, |
371 | HAB_CTX_COMMAND, | 371 | HAB_CTX_COMMAND, |
372 | HAB_CTX_AUT_DAT, | 372 | HAB_CTX_AUT_DAT, |
373 | HAB_CTX_ASSERT, | 373 | HAB_CTX_ASSERT, |
374 | HAB_CTX_EXIT, | 374 | HAB_CTX_EXIT, |
375 | -1 | 375 | -1 |
376 | }; | 376 | }; |
377 | 377 | ||
378 | static uint8_t hab_engines[16] = { | 378 | static uint8_t hab_engines[16] = { |
379 | HAB_ENG_ANY, | 379 | HAB_ENG_ANY, |
380 | HAB_ENG_SCC, | 380 | HAB_ENG_SCC, |
381 | HAB_ENG_RTIC, | 381 | HAB_ENG_RTIC, |
382 | HAB_ENG_SAHARA, | 382 | HAB_ENG_SAHARA, |
383 | HAB_ENG_CSU, | 383 | HAB_ENG_CSU, |
384 | HAB_ENG_SRTC, | 384 | HAB_ENG_SRTC, |
385 | HAB_ENG_DCP, | 385 | HAB_ENG_DCP, |
386 | HAB_ENG_CAAM, | 386 | HAB_ENG_CAAM, |
387 | HAB_ENG_SNVS, | 387 | HAB_ENG_SNVS, |
388 | HAB_ENG_OCOTP, | 388 | HAB_ENG_OCOTP, |
389 | HAB_ENG_DTCP, | 389 | HAB_ENG_DTCP, |
390 | HAB_ENG_ROM, | 390 | HAB_ENG_ROM, |
391 | HAB_ENG_HDCP, | 391 | HAB_ENG_HDCP, |
392 | HAB_ENG_RTL, | 392 | HAB_ENG_RTL, |
393 | HAB_ENG_SW, | 393 | HAB_ENG_SW, |
394 | -1 | 394 | -1 |
395 | }; | 395 | }; |
396 | 396 | ||
397 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) | 397 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) |
398 | { | 398 | { |
399 | uint8_t idx = 0; | 399 | uint8_t idx = 0; |
400 | uint8_t element = list[idx]; | 400 | uint8_t element = list[idx]; |
401 | while (element != -1) { | 401 | while (element != -1) { |
402 | if (element == tgt) | 402 | if (element == tgt) |
403 | return idx; | 403 | return idx; |
404 | element = list[++idx]; | 404 | element = list[++idx]; |
405 | } | 405 | } |
406 | return -1; | 406 | return -1; |
407 | } | 407 | } |
408 | 408 | ||
409 | static void process_event_record(uint8_t *event_data, size_t bytes) | 409 | static void process_event_record(uint8_t *event_data, size_t bytes) |
410 | { | 410 | { |
411 | struct record *rec = (struct record *)event_data; | 411 | struct record *rec = (struct record *)event_data; |
412 | 412 | ||
413 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); | 413 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); |
414 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); | 414 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); |
415 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); | 415 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); |
416 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); | 416 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); |
417 | } | 417 | } |
418 | 418 | ||
419 | static void display_event(uint8_t *event_data, size_t bytes) | 419 | static void display_event(uint8_t *event_data, size_t bytes) |
420 | { | 420 | { |
421 | uint32_t i; | 421 | uint32_t i; |
422 | 422 | ||
423 | if (!(event_data && bytes > 0)) | 423 | if (!(event_data && bytes > 0)) |
424 | return; | 424 | return; |
425 | 425 | ||
426 | for (i = 0; i < bytes; i++) { | 426 | for (i = 0; i < bytes; i++) { |
427 | if (i == 0) | 427 | if (i == 0) |
428 | printf("\t0x%02x", event_data[i]); | 428 | printf("\t0x%02x", event_data[i]); |
429 | else if ((i % 8) == 0) | 429 | else if ((i % 8) == 0) |
430 | printf("\n\t0x%02x", event_data[i]); | 430 | printf("\n\t0x%02x", event_data[i]); |
431 | else | 431 | else |
432 | printf(" 0x%02x", event_data[i]); | 432 | printf(" 0x%02x", event_data[i]); |
433 | } | 433 | } |
434 | 434 | ||
435 | process_event_record(event_data, bytes); | 435 | process_event_record(event_data, bytes); |
436 | } | 436 | } |
437 | 437 | ||
438 | static int get_hab_status(void) | 438 | static int get_hab_status(void) |
439 | { | 439 | { |
440 | uint32_t index = 0; /* Loop index */ | 440 | uint32_t index = 0; /* Loop index */ |
441 | uint8_t event_data[128]; /* Event data buffer */ | 441 | uint8_t event_data[128]; /* Event data buffer */ |
442 | size_t bytes = sizeof(event_data); /* Event size in bytes */ | 442 | size_t bytes = sizeof(event_data); /* Event size in bytes */ |
443 | enum hab_config config = 0; | 443 | enum hab_config config = 0; |
444 | enum hab_state state = 0; | 444 | enum hab_state state = 0; |
445 | 445 | ||
446 | if (imx_hab_is_enabled()) | 446 | if (imx_hab_is_enabled()) |
447 | puts("\nSecure boot enabled\n"); | 447 | puts("\nSecure boot enabled\n"); |
448 | else | 448 | else |
449 | puts("\nSecure boot disabled\n"); | 449 | puts("\nSecure boot disabled\n"); |
450 | 450 | ||
451 | /* Check HAB status */ | 451 | /* Check HAB status */ |
452 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { | 452 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { |
453 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | 453 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", |
454 | config, state); | 454 | config, state); |
455 | 455 | ||
456 | /* Display HAB events */ | 456 | /* Display HAB events */ |
457 | while (hab_rvt_report_event(HAB_STS_ANY, index, event_data, | 457 | while (hab_rvt_report_event(HAB_STS_ANY, index, event_data, |
458 | &bytes) == HAB_SUCCESS) { | 458 | &bytes) == HAB_SUCCESS) { |
459 | puts("\n"); | 459 | puts("\n"); |
460 | printf("--------- HAB Event %d -----------------\n", | 460 | printf("--------- HAB Event %d -----------------\n", |
461 | index + 1); | 461 | index + 1); |
462 | puts("event data:\n"); | 462 | puts("event data:\n"); |
463 | display_event(event_data, bytes); | 463 | display_event(event_data, bytes); |
464 | puts("\n"); | 464 | puts("\n"); |
465 | bytes = sizeof(event_data); | 465 | bytes = sizeof(event_data); |
466 | index++; | 466 | index++; |
467 | } | 467 | } |
468 | } | 468 | } |
469 | /* Display message if no HAB events are found */ | 469 | /* Display message if no HAB events are found */ |
470 | else { | 470 | else { |
471 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | 471 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", |
472 | config, state); | 472 | config, state); |
473 | puts("No HAB Events Found!\n\n"); | 473 | puts("No HAB Events Found!\n\n"); |
474 | } | 474 | } |
475 | return 0; | 475 | return 0; |
476 | } | 476 | } |
477 | 477 | ||
478 | #ifdef CONFIG_MX7ULP | 478 | #ifdef CONFIG_MX7ULP |
479 | 479 | ||
480 | static int get_record_len(struct record *rec) | 480 | static int get_record_len(struct record *rec) |
481 | { | 481 | { |
482 | return (size_t)((rec->len[0] << 8) + (rec->len[1])); | 482 | return (size_t)((rec->len[0] << 8) + (rec->len[1])); |
483 | } | 483 | } |
484 | 484 | ||
485 | static int get_hab_status_m4(void) | 485 | static int get_hab_status_m4(void) |
486 | { | 486 | { |
487 | unsigned int index = 0; | 487 | unsigned int index = 0; |
488 | uint8_t event_data[128]; | 488 | uint8_t event_data[128]; |
489 | size_t record_len, offset = 0; | 489 | size_t record_len, offset = 0; |
490 | enum hab_config config = 0; | 490 | enum hab_config config = 0; |
491 | enum hab_state state = 0; | 491 | enum hab_state state = 0; |
492 | 492 | ||
493 | if (imx_hab_is_enabled()) | 493 | if (imx_hab_is_enabled()) |
494 | puts("\nSecure boot enabled\n"); | 494 | puts("\nSecure boot enabled\n"); |
495 | else | 495 | else |
496 | puts("\nSecure boot disabled\n"); | 496 | puts("\nSecure boot disabled\n"); |
497 | 497 | ||
498 | /* | 498 | /* |
499 | * HAB in both A7 and M4 gather the security state | 499 | * HAB in both A7 and M4 gather the security state |
500 | * and configuration of the chip from | 500 | * and configuration of the chip from |
501 | * shared SNVS module | 501 | * shared SNVS module |
502 | */ | 502 | */ |
503 | hab_rvt_report_status(&config, &state); | 503 | hab_rvt_report_status(&config, &state); |
504 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | 504 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", |
505 | config, state); | 505 | config, state); |
506 | 506 | ||
507 | struct record *rec = (struct record *)(HAB_M4_PERSISTENT_START); | 507 | struct record *rec = (struct record *)(HAB_M4_PERSISTENT_START); |
508 | 508 | ||
509 | record_len = get_record_len(rec); | 509 | record_len = get_record_len(rec); |
510 | 510 | ||
511 | /* Check if HAB persistent memory is valid */ | 511 | /* Check if HAB persistent memory is valid */ |
512 | if (rec->tag != HAB_TAG_EVT_DEF || | 512 | if (rec->tag != HAB_TAG_EVT_DEF || |
513 | record_len != sizeof(struct evt_def) || | 513 | record_len != sizeof(struct evt_def) || |
514 | (rec->par & HAB_MAJ_MASK) != HAB_MAJ_VER) { | 514 | (rec->par & HAB_MAJ_MASK) != HAB_MAJ_VER) { |
515 | puts("\nERROR: Invalid HAB persistent memory\n"); | 515 | puts("\nERROR: Invalid HAB persistent memory\n"); |
516 | return 1; | 516 | return 1; |
517 | } | 517 | } |
518 | 518 | ||
519 | /* Parse events in HAB M4 persistent memory region */ | 519 | /* Parse events in HAB M4 persistent memory region */ |
520 | while (offset < HAB_M4_PERSISTENT_BYTES) { | 520 | while (offset < HAB_M4_PERSISTENT_BYTES) { |
521 | rec = (struct record *)(HAB_M4_PERSISTENT_START + offset); | 521 | rec = (struct record *)(HAB_M4_PERSISTENT_START + offset); |
522 | 522 | ||
523 | record_len = get_record_len(rec); | 523 | record_len = get_record_len(rec); |
524 | 524 | ||
525 | if (rec->tag == HAB_TAG_EVT) { | 525 | if (rec->tag == HAB_TAG_EVT) { |
526 | memcpy(&event_data, rec, record_len); | 526 | memcpy(&event_data, rec, record_len); |
527 | puts("\n"); | 527 | puts("\n"); |
528 | printf("--------- HAB Event %d -----------------\n", | 528 | printf("--------- HAB Event %d -----------------\n", |
529 | index + 1); | 529 | index + 1); |
530 | puts("event data:\n"); | 530 | puts("event data:\n"); |
531 | display_event(event_data, record_len); | 531 | display_event(event_data, record_len); |
532 | puts("\n"); | 532 | puts("\n"); |
533 | index++; | 533 | index++; |
534 | } | 534 | } |
535 | 535 | ||
536 | offset += record_len; | 536 | offset += record_len; |
537 | 537 | ||
538 | /* Ensure all records start on a word boundary */ | 538 | /* Ensure all records start on a word boundary */ |
539 | if ((offset % 4) != 0) | 539 | if ((offset % 4) != 0) |
540 | offset = offset + (4 - (offset % 4)); | 540 | offset = offset + (4 - (offset % 4)); |
541 | } | 541 | } |
542 | 542 | ||
543 | if (!index) | 543 | if (!index) |
544 | puts("No HAB Events Found!\n\n"); | 544 | puts("No HAB Events Found!\n\n"); |
545 | 545 | ||
546 | return 0; | 546 | return 0; |
547 | } | 547 | } |
548 | #endif | 548 | #endif |
549 | 549 | ||
550 | static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, | 550 | static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, |
551 | char * const argv[]) | 551 | char * const argv[]) |
552 | { | 552 | { |
553 | #ifdef CONFIG_MX7ULP | 553 | #ifdef CONFIG_MX7ULP |
554 | if ((argc > 2)) { | 554 | if ((argc > 2)) { |
555 | cmd_usage(cmdtp); | 555 | cmd_usage(cmdtp); |
556 | return 1; | 556 | return 1; |
557 | } | 557 | } |
558 | 558 | ||
559 | if (strcmp("m4", argv[1]) == 0) | 559 | if (strcmp("m4", argv[1]) == 0) |
560 | get_hab_status_m4(); | 560 | get_hab_status_m4(); |
561 | else | 561 | else |
562 | get_hab_status(); | 562 | get_hab_status(); |
563 | #else | 563 | #else |
564 | if ((argc != 1)) { | 564 | if ((argc != 1)) { |
565 | cmd_usage(cmdtp); | 565 | cmd_usage(cmdtp); |
566 | return 1; | 566 | return 1; |
567 | } | 567 | } |
568 | 568 | ||
569 | get_hab_status(); | 569 | get_hab_status(); |
570 | #endif | 570 | #endif |
571 | 571 | ||
572 | return 0; | 572 | return 0; |
573 | } | 573 | } |
574 | 574 | ||
575 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, | 575 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, |
576 | char * const argv[]) | 576 | char * const argv[]) |
577 | { | 577 | { |
578 | ulong addr, length, ivt_offset; | 578 | ulong addr, length, ivt_offset; |
579 | int rcode = 0; | 579 | int rcode = 0; |
580 | 580 | ||
581 | if (argc < 4) | 581 | if (argc < 4) |
582 | return CMD_RET_USAGE; | 582 | return CMD_RET_USAGE; |
583 | 583 | ||
584 | addr = simple_strtoul(argv[1], NULL, 16); | 584 | addr = simple_strtoul(argv[1], NULL, 16); |
585 | length = simple_strtoul(argv[2], NULL, 16); | 585 | length = simple_strtoul(argv[2], NULL, 16); |
586 | ivt_offset = simple_strtoul(argv[3], NULL, 16); | 586 | ivt_offset = simple_strtoul(argv[3], NULL, 16); |
587 | 587 | ||
588 | rcode = imx_hab_authenticate_image(addr, length, ivt_offset); | 588 | rcode = imx_hab_authenticate_image(addr, length, ivt_offset); |
589 | if (rcode == 0) | 589 | if (rcode == 0) |
590 | rcode = CMD_RET_SUCCESS; | 590 | rcode = CMD_RET_SUCCESS; |
591 | else | 591 | else |
592 | rcode = CMD_RET_FAILURE; | 592 | rcode = CMD_RET_FAILURE; |
593 | 593 | ||
594 | return rcode; | 594 | return rcode; |
595 | } | 595 | } |
596 | 596 | ||
597 | static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, | 597 | static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, |
598 | char * const argv[]) | 598 | char * const argv[]) |
599 | { | 599 | { |
600 | if (argc != 1) { | 600 | if (argc != 1) { |
601 | cmd_usage(cmdtp); | 601 | cmd_usage(cmdtp); |
602 | return 1; | 602 | return 1; |
603 | } | 603 | } |
604 | 604 | ||
605 | hab_rvt_failsafe(); | 605 | hab_rvt_failsafe(); |
606 | 606 | ||
607 | return 0; | 607 | return 0; |
608 | } | 608 | } |
609 | 609 | ||
610 | #ifdef CONFIG_MX7ULP | 610 | #ifdef CONFIG_MX7ULP |
611 | U_BOOT_CMD( | 611 | U_BOOT_CMD( |
612 | hab_status, CONFIG_SYS_MAXARGS, 2, do_hab_status, | 612 | hab_status, CONFIG_SYS_MAXARGS, 2, do_hab_status, |
613 | "display HAB status and events", | 613 | "display HAB status and events", |
614 | "hab_status - A7 HAB event and status\n" | 614 | "hab_status - A7 HAB event and status\n" |
615 | "hab_status m4 - M4 HAB event and status" | 615 | "hab_status m4 - M4 HAB event and status" |
616 | ); | 616 | ); |
617 | #else | 617 | #else |
618 | U_BOOT_CMD( | 618 | U_BOOT_CMD( |
619 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, | 619 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, |
620 | "display HAB status", | 620 | "display HAB status", |
621 | "" | 621 | "" |
622 | ); | 622 | ); |
623 | #endif | 623 | #endif |
624 | 624 | ||
625 | U_BOOT_CMD( | 625 | U_BOOT_CMD( |
626 | hab_auth_img, 4, 0, do_authenticate_image, | 626 | hab_auth_img, 4, 0, do_authenticate_image, |
627 | "authenticate image via HAB", | 627 | "authenticate image via HAB", |
628 | "addr length ivt_offset\n" | 628 | "addr length ivt_offset\n" |
629 | "addr - image hex address\n" | 629 | "addr - image hex address\n" |
630 | "length - image hex length\n" | 630 | "length - image hex length\n" |
631 | "ivt_offset - hex offset of IVT in the image" | 631 | "ivt_offset - hex offset of IVT in the image" |
632 | ); | 632 | ); |
633 | 633 | ||
634 | U_BOOT_CMD( | 634 | U_BOOT_CMD( |
635 | hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, | 635 | hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, |
636 | "run BootROM failsafe routine", | 636 | "run BootROM failsafe routine", |
637 | "" | 637 | "" |
638 | ); | 638 | ); |
639 | 639 | ||
640 | #endif /* !defined(CONFIG_SPL_BUILD) */ | 640 | #endif /* !defined(CONFIG_SPL_BUILD) */ |
641 | 641 | ||
642 | /* Get CSF Header length */ | 642 | /* Get CSF Header length */ |
643 | static int get_hab_hdr_len(struct hab_hdr *hdr) | 643 | static int get_hab_hdr_len(struct hab_hdr *hdr) |
644 | { | 644 | { |
645 | return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); | 645 | return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); |
646 | } | 646 | } |
647 | 647 | ||
648 | /* Check whether addr lies between start and | 648 | /* Check whether addr lies between start and |
649 | * end and is within the length of the image | 649 | * end and is within the length of the image |
650 | */ | 650 | */ |
651 | static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) | 651 | static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) |
652 | { | 652 | { |
653 | size_t csf_size = (size_t)((end + 1) - addr); | 653 | size_t csf_size = (size_t)((end + 1) - addr); |
654 | 654 | ||
655 | return (addr && (addr >= start) && (addr <= end) && | 655 | return (addr && (addr >= start) && (addr <= end) && |
656 | (csf_size >= bytes)); | 656 | (csf_size >= bytes)); |
657 | } | 657 | } |
658 | 658 | ||
659 | /* Get Length of each command in CSF */ | 659 | /* Get Length of each command in CSF */ |
660 | static int get_csf_cmd_hdr_len(u8 *csf_hdr) | 660 | static int get_csf_cmd_hdr_len(u8 *csf_hdr) |
661 | { | 661 | { |
662 | if (*csf_hdr == HAB_CMD_HDR) | 662 | if (*csf_hdr == HAB_CMD_HDR) |
663 | return sizeof(struct hab_hdr); | 663 | return sizeof(struct hab_hdr); |
664 | 664 | ||
665 | return get_hab_hdr_len((struct hab_hdr *)csf_hdr); | 665 | return get_hab_hdr_len((struct hab_hdr *)csf_hdr); |
666 | } | 666 | } |
667 | 667 | ||
668 | /* Check if CSF is valid */ | 668 | /* Check if CSF is valid */ |
669 | static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) | 669 | static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) |
670 | { | 670 | { |
671 | u8 *start = (u8 *)start_addr; | 671 | u8 *start = (u8 *)start_addr; |
672 | u8 *csf_hdr; | 672 | u8 *csf_hdr; |
673 | u8 *end; | 673 | u8 *end; |
674 | 674 | ||
675 | size_t csf_hdr_len; | 675 | size_t csf_hdr_len; |
676 | size_t cmd_hdr_len; | 676 | size_t cmd_hdr_len; |
677 | size_t offset = 0; | 677 | size_t offset = 0; |
678 | 678 | ||
679 | if (bytes != 0) | 679 | if (bytes != 0) |
680 | end = start + bytes - 1; | 680 | end = start + bytes - 1; |
681 | else | 681 | else |
682 | end = start; | 682 | end = start; |
683 | 683 | ||
684 | /* Verify if CSF pointer content is zero */ | 684 | /* Verify if CSF pointer content is zero */ |
685 | if (!ivt->csf) { | 685 | if (!ivt->csf) { |
686 | puts("Error: CSF pointer is NULL\n"); | 686 | puts("Error: CSF pointer is NULL\n"); |
687 | return false; | 687 | return false; |
688 | } | 688 | } |
689 | 689 | ||
690 | csf_hdr = (u8 *)(ulong)ivt->csf; | 690 | csf_hdr = (u8 *)(ulong)ivt->csf; |
691 | 691 | ||
692 | /* Verify if CSF Header exist */ | 692 | /* Verify if CSF Header exist */ |
693 | if (*csf_hdr != HAB_CMD_HDR) { | 693 | if (*csf_hdr != HAB_CMD_HDR) { |
694 | puts("Error: CSF header command not found\n"); | 694 | puts("Error: CSF header command not found\n"); |
695 | return false; | 695 | return false; |
696 | } | 696 | } |
697 | 697 | ||
698 | csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); | 698 | csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); |
699 | 699 | ||
700 | /* Check if the CSF lies within the image bounds */ | 700 | /* Check if the CSF lies within the image bounds */ |
701 | if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { | 701 | if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { |
702 | puts("Error: CSF lies outside the image bounds\n"); | 702 | puts("Error: CSF lies outside the image bounds\n"); |
703 | return false; | 703 | return false; |
704 | } | 704 | } |
705 | 705 | ||
706 | do { | 706 | do { |
707 | struct hab_hdr *cmd; | 707 | struct hab_hdr *cmd; |
708 | 708 | ||
709 | cmd = (struct hab_hdr *)&csf_hdr[offset]; | 709 | cmd = (struct hab_hdr *)&csf_hdr[offset]; |
710 | 710 | ||
711 | switch (cmd->tag) { | 711 | switch (cmd->tag) { |
712 | case (HAB_CMD_WRT_DAT): | 712 | case (HAB_CMD_WRT_DAT): |
713 | puts("Error: Deprecated write command found\n"); | 713 | puts("Error: Deprecated write command found\n"); |
714 | return false; | 714 | return false; |
715 | case (HAB_CMD_CHK_DAT): | 715 | case (HAB_CMD_CHK_DAT): |
716 | puts("Error: Deprecated check command found\n"); | 716 | puts("Error: Deprecated check command found\n"); |
717 | return false; | 717 | return false; |
718 | case (HAB_CMD_SET): | 718 | case (HAB_CMD_SET): |
719 | if (cmd->par == HAB_PAR_MID) { | 719 | if (cmd->par == HAB_PAR_MID) { |
720 | puts("Error: Deprecated Set MID command found\n"); | 720 | puts("Error: Deprecated Set MID command found\n"); |
721 | return false; | 721 | return false; |
722 | } | 722 | } |
723 | default: | 723 | default: |
724 | break; | 724 | break; |
725 | } | 725 | } |
726 | 726 | ||
727 | cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); | 727 | cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); |
728 | if (!cmd_hdr_len) { | 728 | if (!cmd_hdr_len) { |
729 | puts("Error: Invalid command length\n"); | 729 | puts("Error: Invalid command length\n"); |
730 | return false; | 730 | return false; |
731 | } | 731 | } |
732 | offset += cmd_hdr_len; | 732 | offset += cmd_hdr_len; |
733 | 733 | ||
734 | } while (offset < csf_hdr_len); | 734 | } while (offset < csf_hdr_len); |
735 | 735 | ||
736 | return true; | 736 | return true; |
737 | } | 737 | } |
738 | 738 | ||
739 | /* | 739 | /* |
740 | * Validate IVT structure of the image being authenticated | 740 | * Validate IVT structure of the image being authenticated |
741 | */ | 741 | */ |
742 | static int validate_ivt(struct ivt *ivt_initial) | 742 | static int validate_ivt(struct ivt *ivt_initial) |
743 | { | 743 | { |
744 | struct ivt_header *ivt_hdr = &ivt_initial->hdr; | 744 | struct ivt_header *ivt_hdr = &ivt_initial->hdr; |
745 | 745 | ||
746 | if ((ulong)ivt_initial & 0x3) { | 746 | if ((ulong)ivt_initial & 0x3) { |
747 | puts("Error: Image's start address is not 4 byte aligned\n"); | 747 | puts("Error: Image's start address is not 4 byte aligned\n"); |
748 | return 0; | 748 | return 0; |
749 | } | 749 | } |
750 | 750 | ||
751 | /* Check IVT fields before allowing authentication */ | 751 | /* Check IVT fields before allowing authentication */ |
752 | if ((!verify_ivt_header(ivt_hdr)) && \ | 752 | if ((!verify_ivt_header(ivt_hdr)) && \ |
753 | (ivt_initial->entry != 0x0) && \ | 753 | (ivt_initial->entry != 0x0) && \ |
754 | (ivt_initial->reserved1 == 0x0) && \ | 754 | (ivt_initial->reserved1 == 0x0) && \ |
755 | (ivt_initial->self == \ | 755 | (ivt_initial->self == \ |
756 | (uint32_t)((ulong)ivt_initial & 0xffffffff)) && \ | 756 | (uint32_t)((ulong)ivt_initial & 0xffffffff)) && \ |
757 | (ivt_initial->csf != 0x0) && \ | 757 | (ivt_initial->csf != 0x0) && \ |
758 | (ivt_initial->reserved2 == 0x0)) { | 758 | (ivt_initial->reserved2 == 0x0)) { |
759 | /* Report boot failure if DCD pointer is found in IVT */ | 759 | /* Report boot failure if DCD pointer is found in IVT */ |
760 | if (ivt_initial->dcd != 0x0) | 760 | if (ivt_initial->dcd != 0x0) |
761 | puts("Error: DCD pointer must be 0\n"); | 761 | puts("Error: DCD pointer must be 0\n"); |
762 | else | 762 | else |
763 | return 1; | 763 | return 1; |
764 | } | 764 | } |
765 | 765 | ||
766 | puts("Error: Invalid IVT structure\n"); | 766 | puts("Error: Invalid IVT structure\n"); |
767 | puts("\nAllowed IVT structure:\n"); | 767 | puts("\nAllowed IVT structure:\n"); |
768 | puts("IVT HDR = 0x4X2000D1\n"); | 768 | puts("IVT HDR = 0x4X2000D1\n"); |
769 | puts("IVT ENTRY = 0xXXXXXXXX\n"); | 769 | puts("IVT ENTRY = 0xXXXXXXXX\n"); |
770 | puts("IVT RSV1 = 0x0\n"); | 770 | puts("IVT RSV1 = 0x0\n"); |
771 | puts("IVT DCD = 0x0\n"); /* Recommended */ | 771 | puts("IVT DCD = 0x0\n"); /* Recommended */ |
772 | puts("IVT BOOT_DATA = 0xXXXXXXXX\n"); /* Commonly 0x0 */ | 772 | puts("IVT BOOT_DATA = 0xXXXXXXXX\n"); /* Commonly 0x0 */ |
773 | puts("IVT SELF = 0xXXXXXXXX\n"); /* = ddr_start + ivt_offset */ | 773 | puts("IVT SELF = 0xXXXXXXXX\n"); /* = ddr_start + ivt_offset */ |
774 | puts("IVT CSF = 0xXXXXXXXX\n"); | 774 | puts("IVT CSF = 0xXXXXXXXX\n"); |
775 | puts("IVT RSV2 = 0x0\n"); | 775 | puts("IVT RSV2 = 0x0\n"); |
776 | 776 | ||
777 | /* Invalid IVT structure */ | 777 | /* Invalid IVT structure */ |
778 | return 0; | 778 | return 0; |
779 | } | 779 | } |
780 | 780 | ||
781 | bool imx_hab_is_enabled(void) | 781 | bool imx_hab_is_enabled(void) |
782 | { | 782 | { |
783 | struct imx_sec_config_fuse_t *fuse = | 783 | struct imx_sec_config_fuse_t *fuse = |
784 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; | 784 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; |
785 | uint32_t reg; | 785 | uint32_t reg; |
786 | int ret; | 786 | int ret; |
787 | 787 | ||
788 | ret = fuse_read(fuse->bank, fuse->word, ®); | 788 | ret = fuse_read(fuse->bank, fuse->word, ®); |
789 | if (ret) { | 789 | if (ret) { |
790 | puts("\nSecure boot fuse read error\n"); | 790 | puts("\nSecure boot fuse read error\n"); |
791 | return ret; | 791 | return ret; |
792 | } | 792 | } |
793 | 793 | ||
794 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; | 794 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; |
795 | } | 795 | } |
796 | 796 | ||
797 | int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, | 797 | int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, |
798 | uint32_t ivt_offset) | 798 | uint32_t ivt_offset) |
799 | { | 799 | { |
800 | ulong load_addr = 0; | 800 | ulong load_addr = 0; |
801 | size_t bytes; | 801 | size_t bytes; |
802 | ulong ivt_addr = 0; | 802 | ulong ivt_addr = 0; |
803 | int result = 1; | 803 | int result = 1; |
804 | ulong start; | 804 | ulong start; |
805 | struct ivt *ivt; | 805 | struct ivt *ivt; |
806 | enum hab_status status; | 806 | enum hab_status status; |
807 | 807 | ||
808 | if (!imx_hab_is_enabled()) | 808 | if (!imx_hab_is_enabled()) |
809 | puts("hab fuse not enabled\n"); | 809 | puts("hab fuse not enabled\n"); |
810 | 810 | ||
811 | printf("\nAuthenticate image from DDR location 0x%x...\n", | 811 | printf("\nAuthenticate image from DDR location 0x%x...\n", |
812 | ddr_start); | 812 | ddr_start); |
813 | 813 | ||
814 | hab_caam_clock_enable(1); | 814 | hab_caam_clock_enable(1); |
815 | 815 | ||
816 | /* Calculate IVT address header */ | 816 | /* Calculate IVT address header */ |
817 | ivt_addr = (ulong) (ddr_start + ivt_offset); | 817 | ivt_addr = (ulong) (ddr_start + ivt_offset); |
818 | ivt = (struct ivt *)ivt_addr; | 818 | ivt = (struct ivt *)ivt_addr; |
819 | 819 | ||
820 | /* Verify IVT header bugging out on error */ | 820 | /* Verify IVT header bugging out on error */ |
821 | if (!validate_ivt(ivt)) | 821 | if (!validate_ivt(ivt)) |
822 | goto hab_authentication_exit; | 822 | goto hab_authentication_exit; |
823 | 823 | ||
824 | start = ddr_start; | 824 | start = ddr_start; |
825 | bytes = image_size; | 825 | bytes = image_size; |
826 | 826 | ||
827 | /* Verify CSF */ | 827 | /* Verify CSF */ |
828 | if (!csf_is_valid(ivt, start, bytes)) | 828 | if (!csf_is_valid(ivt, start, bytes)) |
829 | goto hab_authentication_exit; | 829 | goto hab_authentication_exit; |
830 | 830 | ||
831 | if (hab_rvt_entry() != HAB_SUCCESS) { | 831 | if (hab_rvt_entry() != HAB_SUCCESS) { |
832 | puts("hab entry function fail\n"); | 832 | puts("hab entry function fail\n"); |
833 | goto hab_exit_failure_print_status; | 833 | goto hab_exit_failure_print_status; |
834 | } | 834 | } |
835 | 835 | ||
836 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes); | 836 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes); |
837 | if (status != HAB_SUCCESS) { | 837 | if (status != HAB_SUCCESS) { |
838 | printf("HAB check target 0x%08x-0x%08lx fail\n", | 838 | printf("HAB check target 0x%08x-0x%08lx fail\n", |
839 | ddr_start, ddr_start + bytes); | 839 | ddr_start, ddr_start + (ulong)bytes); |
840 | goto hab_exit_failure_print_status; | 840 | goto hab_exit_failure_print_status; |
841 | } | 841 | } |
842 | #ifdef DEBUG | 842 | #ifdef DEBUG |
843 | printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); | 843 | printf("\nivt_offset = 0x%x, ivt addr = 0x%lx\n", ivt_offset, ivt_addr); |
844 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, | 844 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, |
845 | ivt->dcd, ivt->csf); | 845 | ivt->dcd, ivt->csf); |
846 | puts("Dumping IVT\n"); | 846 | puts("Dumping IVT\n"); |
847 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); | 847 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); |
848 | 848 | ||
849 | puts("Dumping CSF Header\n"); | 849 | puts("Dumping CSF Header\n"); |
850 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); | 850 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); |
851 | 851 | ||
852 | #if !defined(CONFIG_SPL_BUILD) | 852 | #if !defined(CONFIG_SPL_BUILD) |
853 | get_hab_status(); | 853 | get_hab_status(); |
854 | #endif | 854 | #endif |
855 | 855 | ||
856 | puts("\nCalling authenticate_image in ROM\n"); | 856 | puts("\nCalling authenticate_image in ROM\n"); |
857 | printf("\tivt_offset = 0x%x\n", ivt_offset); | 857 | printf("\tivt_offset = 0x%x\n", ivt_offset); |
858 | printf("\tstart = 0x%08lx\n", start); | 858 | printf("\tstart = 0x%08lx\n", start); |
859 | printf("\tbytes = 0x%x\n", bytes); | 859 | printf("\tbytes = 0x%x\n", bytes); |
860 | #endif | 860 | #endif |
861 | 861 | ||
862 | #ifndef CONFIG_ARM64 | 862 | #ifndef CONFIG_ARM64 |
863 | /* | 863 | /* |
864 | * If the MMU is enabled, we have to notify the ROM | 864 | * If the MMU is enabled, we have to notify the ROM |
865 | * code, or it won't flush the caches when needed. | 865 | * code, or it won't flush the caches when needed. |
866 | * This is done, by setting the "pu_irom_mmu_enabled" | 866 | * This is done, by setting the "pu_irom_mmu_enabled" |
867 | * word to 1. You can find its address by looking in | 867 | * word to 1. You can find its address by looking in |
868 | * the ROM map. This is critical for | 868 | * the ROM map. This is critical for |
869 | * authenticate_image(). If MMU is enabled, without | 869 | * authenticate_image(). If MMU is enabled, without |
870 | * setting this bit, authentication will fail and may | 870 | * setting this bit, authentication will fail and may |
871 | * crash. | 871 | * crash. |
872 | */ | 872 | */ |
873 | /* Check MMU enabled */ | 873 | /* Check MMU enabled */ |
874 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { | 874 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { |
875 | if (is_mx6dq()) { | 875 | if (is_mx6dq()) { |
876 | /* | 876 | /* |
877 | * This won't work on Rev 1.0.0 of | 877 | * This won't work on Rev 1.0.0 of |
878 | * i.MX6Q/D, since their ROM doesn't | 878 | * i.MX6Q/D, since their ROM doesn't |
879 | * do cache flushes. don't think any | 879 | * do cache flushes. don't think any |
880 | * exist, so we ignore them. | 880 | * exist, so we ignore them. |
881 | */ | 881 | */ |
882 | if (!is_mx6dqp()) | 882 | if (!is_mx6dqp()) |
883 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); | 883 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); |
884 | } else if (is_mx6sdl()) { | 884 | } else if (is_mx6sdl()) { |
885 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); | 885 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); |
886 | } else if (is_mx6sl()) { | 886 | } else if (is_mx6sl()) { |
887 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); | 887 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); |
888 | } | 888 | } |
889 | } | 889 | } |
890 | #endif | 890 | #endif |
891 | 891 | ||
892 | load_addr = (ulong)hab_rvt_authenticate_image( | 892 | load_addr = (ulong)hab_rvt_authenticate_image( |
893 | HAB_CID_UBOOT, | 893 | HAB_CID_UBOOT, |
894 | ivt_offset, (void **)&start, | 894 | ivt_offset, (void **)&start, |
895 | (size_t *)&bytes, NULL); | 895 | (size_t *)&bytes, NULL); |
896 | if (hab_rvt_exit() != HAB_SUCCESS) { | 896 | if (hab_rvt_exit() != HAB_SUCCESS) { |
897 | puts("hab exit function fail\n"); | 897 | puts("hab exit function fail\n"); |
898 | load_addr = 0; | 898 | load_addr = 0; |
899 | } | 899 | } |
900 | 900 | ||
901 | hab_exit_failure_print_status: | 901 | hab_exit_failure_print_status: |
902 | #if !defined(CONFIG_SPL_BUILD) | 902 | #if !defined(CONFIG_SPL_BUILD) |
903 | get_hab_status(); | 903 | get_hab_status(); |
904 | #endif | 904 | #endif |
905 | 905 | ||
906 | hab_authentication_exit: | 906 | hab_authentication_exit: |
907 | 907 | ||
908 | if (load_addr != 0 || !imx_hab_is_enabled()) | 908 | if (load_addr != 0 || !imx_hab_is_enabled()) |
909 | result = 0; | 909 | result = 0; |
910 | 910 | ||
911 | return result; | 911 | return result; |
912 | } | 912 | } |
913 | 913 | ||
914 | int authenticate_image(uint32_t ddr_start, uint32_t raw_image_size) | 914 | int authenticate_image(uint32_t ddr_start, uint32_t raw_image_size) |
915 | { | 915 | { |
916 | uint32_t ivt_offset; | 916 | uint32_t ivt_offset; |
917 | size_t bytes; | 917 | size_t bytes; |
918 | 918 | ||
919 | ivt_offset = (raw_image_size + ALIGN_SIZE - 1) & | 919 | ivt_offset = (raw_image_size + ALIGN_SIZE - 1) & |
920 | ~(ALIGN_SIZE - 1); | 920 | ~(ALIGN_SIZE - 1); |
921 | bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; | 921 | bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; |
922 | 922 | ||
923 | return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset); | 923 | return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset); |
924 | } | 924 | } |
925 | 925 |