1
2
3
4
5
6#include <common.h>
7#include <dm.h>
8#include <fsl_validate.h>
9#include <fsl_secboot_err.h>
10#include <fsl_sfp.h>
11#include <fsl_sec.h>
12#include <command.h>
13#include <malloc.h>
14#include <u-boot/rsa-mod-exp.h>
15#include <hash.h>
16#include <fsl_secboot_err.h>
17#ifdef CONFIG_ARCH_LS1021A
18#include <asm/arch/immap_ls102xa.h>
19#endif
20
21#define SHA256_BITS 256
22#define SHA256_BYTES (256/8)
23#define SHA256_NIBBLES (256/4)
24#define NUM_HEX_CHARS (sizeof(ulong) * 2)
25
26#define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
27 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
28 ((key_len) == 2 * KEY_SIZE_BYTES))
29#if defined(CONFIG_FSL_ISBC_KEY_EXT)
30
31static struct fsl_secboot_glb glb;
32#endif
33
34
35static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
36 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
37 0x04, 0x20
38 };
39
40static u8 hash_val[SHA256_BYTES];
41
42#ifdef CONFIG_ESBC_HDR_LS
43
44static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 };
45#else
46static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
47#endif
48
49void branch_to_self(void) __attribute__ ((noreturn));
50
51
52
53
54
55
56void branch_to_self(void)
57{
58 printf("Core is in infinite loop due to errors.\n");
59self:
60 goto self;
61}
62
63#if defined(CONFIG_FSL_ISBC_KEY_EXT)
64static u32 check_ie(struct fsl_secboot_img_priv *img)
65{
66 if (img->hdr.ie_flag & IE_FLAG_MASK)
67 return 1;
68
69 return 0;
70}
71
72
73
74
75
76
77
78#if defined(CONFIG_MPC85xx)
79int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
80{
81 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
82 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
83 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
84 u32 flash_addr, addr;
85 int found = 0;
86 int i = 0;
87
88 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
89 flash_addr = flash_info[i].start[0];
90 addr = flash_info[i].start[0] + csf_flash_offset;
91 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
92 debug("Barker found on addr %x\n", addr);
93 found = 1;
94 break;
95 }
96 }
97
98 if (!found)
99 return -1;
100
101 *csf_addr = addr;
102 *flash_base_addr = flash_addr;
103
104 return 0;
105}
106#else
107
108
109
110int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
111{
112 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
113 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
114
115 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
116 barker_code, ESBC_BARKER_LEN))
117 return -1;
118
119 *csf_addr = csf_hdr_addr;
120 *flash_base_addr = 0;
121 return 0;
122}
123#endif
124
125#if defined(CONFIG_ESBC_HDR_LS)
126static int get_ie_info_addr(uintptr_t *ie_addr)
127{
128 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
129
130
131
132
133 *ie_addr = in_le32(&gur->scratchrw[SCRATCH_IE_HIGH_ADR - 1]);
134 *ie_addr = *ie_addr << 32;
135 *ie_addr |= in_le32(&gur->scratchrw[SCRATCH_IE_LOW_ADR - 1]);
136 return 0;
137}
138#else
139static int get_ie_info_addr(uintptr_t *ie_addr)
140{
141 struct fsl_secboot_img_hdr *hdr;
142 struct fsl_secboot_sg_table *sg_tbl;
143 u32 flash_base_addr, csf_addr;
144
145 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
146 return -1;
147
148 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
149
150
151
152
153
154
155
156#if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
157 sg_tbl = (struct fsl_secboot_sg_table *)
158 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
159 flash_base_addr);
160#else
161 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
162 (u32)hdr->psgtable);
163#endif
164
165
166#if defined(CONFIG_MPC85xx)
167 *ie_addr = (uintptr_t)((sg_tbl->src_addr &
168 ~(CONFIG_SYS_PBI_FLASH_BASE)) +
169 flash_base_addr);
170#else
171 *ie_addr = (uintptr_t)sg_tbl->src_addr;
172#endif
173
174 debug("IE Table address is %lx\n", *ie_addr);
175 return 0;
176}
177#endif
178#endif
179
180#ifdef CONFIG_KEY_REVOCATION
181
182static u32 check_srk(struct fsl_secboot_img_priv *img)
183{
184#ifdef CONFIG_ESBC_HDR_LS
185
186#if defined(CONFIG_FSL_ISBC_KEY_EXT)
187 return !check_ie(img);
188#endif
189 return 1;
190#else
191 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
192 return 1;
193
194 return 0;
195#endif
196}
197
198
199static u32 get_key_revoc(void)
200{
201 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
202 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
203 OSPR_KEY_REVOC_SHIFT;
204}
205
206
207static u32 is_key_revoked(u32 keynum, u32 rev_flag)
208{
209 if (keynum == UNREVOCABLE_KEY)
210 return 0;
211
212 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
213 return 1;
214
215 return 0;
216}
217
218
219static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
220{
221 int i = 0;
222 u32 ret, key_num, key_revoc_flag, size;
223 struct fsl_secboot_img_hdr *hdr = &img->hdr;
224 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
225
226 if ((hdr->len_kr.num_srk == 0) ||
227 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
228 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
229
230 key_num = hdr->len_kr.srk_sel;
231 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
232 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
233
234
235 key_revoc_flag = get_key_revoc();
236 ret = is_key_revoked(key_num, key_revoc_flag);
237 if (ret)
238 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
239
240 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
241
242 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
243
244 for (i = 0; i < hdr->len_kr.num_srk; i++) {
245 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
246 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
247 }
248
249 img->key_len = img->srk_tbl[key_num - 1].key_len;
250
251 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
252 img->key_len);
253
254 return 0;
255}
256#endif
257
258#ifndef CONFIG_ESBC_HDR_LS
259static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
260{
261 struct fsl_secboot_img_hdr *hdr = &img->hdr;
262 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
263
264
265 if (!CHECK_KEY_LEN(hdr->key_len))
266 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
267
268 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
269
270 img->key_len = hdr->key_len;
271
272 return 0;
273}
274#endif
275
276#if defined(CONFIG_FSL_ISBC_KEY_EXT)
277
278static void install_ie_tbl(uintptr_t ie_tbl_addr,
279 struct fsl_secboot_img_priv *img)
280{
281
282 memcpy(&glb.ie_tbl, (u8 *)ie_tbl_addr, sizeof(struct ie_key_info));
283 img->ie_addr = (uintptr_t)&glb.ie_tbl;
284 glb.ie_addr = img->ie_addr;
285}
286
287static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
288{
289 struct fsl_secboot_img_hdr *hdr = &img->hdr;
290 u32 ie_key_len, ie_revoc_flag, ie_num;
291 struct ie_key_info *ie_info;
292
293 if (!img->ie_addr) {
294 if (get_ie_info_addr(&img->ie_addr))
295 return ERROR_IE_TABLE_NOT_FOUND;
296 else
297 install_ie_tbl(img->ie_addr, img);
298 }
299
300 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
301 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
302 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
303
304 ie_num = hdr->ie_key_sel;
305 if (ie_num == 0 || ie_num > ie_info->num_keys)
306 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
307
308 ie_revoc_flag = ie_info->key_revok;
309 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
310 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
311
312 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
313
314 if (!CHECK_KEY_LEN(ie_key_len))
315 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
316
317 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
318 ie_key_len);
319
320 img->key_len = ie_key_len;
321 return 0;
322}
323#endif
324
325
326
327static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
328{
329 return img->key_len;
330}
331
332
333
334
335
336
337
338static void fsl_secboot_header_verification_failure(void)
339{
340 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
341
342
343 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
344
345 if (its == 1)
346 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
347 else
348 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
349
350 printf("Generating reset request\n");
351 do_reset(NULL, 0, 0, NULL);
352
353 do_esbc_halt(NULL, 0, 0, NULL);
354}
355
356
357
358
359
360
361
362
363static void fsl_secboot_image_verification_failure(void)
364{
365 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
366
367 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
368
369 if (its == 1) {
370 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
371
372 printf("Generating reset request\n");
373 do_reset(NULL, 0, 0, NULL);
374
375 do_esbc_halt(NULL, 0, 0, NULL);
376
377 } else {
378 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
379 }
380}
381
382static void fsl_secboot_bootscript_parse_failure(void)
383{
384 fsl_secboot_header_verification_failure();
385}
386
387
388
389
390
391
392
393void fsl_secboot_handle_error(int error)
394{
395#ifndef CONFIG_SPL_BUILD
396 const struct fsl_secboot_errcode *e;
397
398 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
399 e++) {
400 if (e->errcode == error)
401 printf("ERROR :: %x :: %s\n", error, e->name);
402 }
403#else
404 printf("ERROR :: %x\n", error);
405#endif
406
407
408
409
410
411 if (fsl_check_boot_mode_secure() == 0)
412 return;
413
414 switch (error) {
415 case ERROR_ESBC_CLIENT_HEADER_BARKER:
416 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
417 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
418 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
419 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
420 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
421 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
422 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
423 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
424 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
425 case ERROR_KEY_TABLE_NOT_FOUND:
426#ifdef CONFIG_KEY_REVOCATION
427 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
428 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
429 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
430 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
431#endif
432#if defined(CONFIG_FSL_ISBC_KEY_EXT)
433
434 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
435 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
436 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
437 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
438 case ERROR_IE_TABLE_NOT_FOUND:
439#endif
440 fsl_secboot_header_verification_failure();
441 break;
442 case ERROR_ESBC_SEC_RESET:
443 case ERROR_ESBC_SEC_DEQ:
444 case ERROR_ESBC_SEC_ENQ:
445 case ERROR_ESBC_SEC_DEQ_TO:
446 case ERROR_ESBC_SEC_JOBQ_STATUS:
447 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
448 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
449 fsl_secboot_image_verification_failure();
450 break;
451 case ERROR_ESBC_MISSING_BOOTM:
452 fsl_secboot_bootscript_parse_failure();
453 break;
454 case ERROR_ESBC_WRONG_CMD:
455 default:
456 branch_to_self();
457 break;
458 }
459}
460
461static void fsl_secblk_handle_error(int error)
462{
463 switch (error) {
464 case ERROR_ESBC_SEC_ENQ:
465 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
466 break;
467 case ERROR_ESBC_SEC_DEQ:
468 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
469 break;
470 case ERROR_ESBC_SEC_DEQ_TO:
471 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
472 break;
473 default:
474 printf("Job Queue Output status %x\n", error);
475 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
476 break;
477 }
478}
479
480
481
482
483
484
485static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
486{
487 struct hash_algo *algo;
488 void *ctx;
489 int i, srk = 0;
490 int ret = 0;
491 const char *algo_name = "sha256";
492
493
494 ret = hash_progressive_lookup_algo(algo_name, &algo);
495 if (ret)
496 return ret;
497
498 ret = algo->hash_init(algo, &ctx);
499 if (ret)
500 return ret;
501
502
503#ifdef CONFIG_KEY_REVOCATION
504 if (check_srk(img)) {
505 ret = algo->hash_update(algo, ctx,
506 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
507 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
508 srk = 1;
509 }
510#endif
511 if (!srk)
512 ret = algo->hash_update(algo, ctx,
513 img->img_key, img->key_len, 1);
514 if (ret)
515 return ret;
516
517
518 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
519 if (ret)
520 return ret;
521
522 for (i = 0; i < SHA256_BYTES; i++)
523 img->img_key_hash[i] = hash_val[i];
524
525 return 0;
526}
527
528
529
530
531
532
533static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
534{
535 struct hash_algo *algo;
536 void *ctx;
537 int ret = 0;
538 int key_hash = 0;
539 const char *algo_name = "sha256";
540
541
542 ret = hash_progressive_lookup_algo(algo_name, &algo);
543 if (ret)
544 return ret;
545
546 ret = algo->hash_init(algo, &ctx);
547
548 if (ret)
549 return ret;
550
551
552 ret = algo->hash_update(algo, ctx,
553 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
554 if (ret)
555 return ret;
556
557
558
559
560
561
562#ifdef CONFIG_KEY_REVOCATION
563 if (check_srk(img)) {
564 ret = algo->hash_update(algo, ctx,
565 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
566 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
567 key_hash = 1;
568 }
569#endif
570#if defined(CONFIG_FSL_ISBC_KEY_EXT)
571 if (!key_hash && check_ie(img))
572 key_hash = 1;
573#endif
574#ifndef CONFIG_ESBC_HDR_LS
575
576 if (!key_hash) {
577 ret = algo->hash_update(algo, ctx,
578 img->img_key, img->hdr.key_len, 0);
579 key_hash = 1;
580 }
581#endif
582 if (ret)
583 return ret;
584 if (!key_hash)
585 return ERROR_KEY_TABLE_NOT_FOUND;
586
587
588 ret = algo->hash_update(algo, ctx,
589 (u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
590 if (ret)
591 return ret;
592
593
594 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
595 if (ret)
596 return ret;
597
598 return 0;
599}
600
601
602
603
604
605
606
607static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
608{
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626 size_t len;
627 u8 *representative;
628 u8 *padding, *digest;
629 u8 *hash_id, *separator;
630 int i;
631
632 len = (get_key_len(img) / 2) - 1;
633 representative = img->img_encoded_hash_second;
634 representative[0] = 0;
635 representative[1] = 1;
636
637 padding = &representative[2];
638 digest = &representative[1] + len - 32;
639 hash_id = digest - sizeof(hash_identifier);
640 separator = hash_id - 1;
641
642
643 memset(padding, 0xff, separator - padding);
644
645
646 *separator = 0;
647
648
649 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
650
651
652 for (i = 0; i < SHA256_BYTES; i++)
653 digest[i] = hash_val[i];
654}
655
656
657
658
659
660
661
662
663static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
664{
665 struct fsl_secboot_img_hdr *hdr = &img->hdr;
666 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
667 u8 *k, *s;
668 u32 ret = 0;
669
670 int key_found = 0;
671
672
673 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
674 return ERROR_ESBC_CLIENT_HEADER_BARKER;
675
676
677
678
679 if (*(img->img_addr_ptr) == 0) {
680 #ifdef CONFIG_ESBC_ADDR_64BIT
681 *(img->img_addr_ptr) = hdr->pimg64;
682 #else
683 *(img->img_addr_ptr) = hdr->pimg;
684 #endif
685 }
686
687 if (!hdr->img_size)
688 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
689
690 img->img_size = hdr->img_size;
691
692
693#ifdef CONFIG_KEY_REVOCATION
694 if (check_srk(img)) {
695 ret = read_validate_srk_tbl(img);
696 if (ret != 0)
697 return ret;
698 key_found = 1;
699 }
700#endif
701
702#if defined(CONFIG_FSL_ISBC_KEY_EXT)
703 if (!key_found && check_ie(img)) {
704 ret = read_validate_ie_tbl(img);
705 if (ret != 0)
706 return ret;
707 key_found = 1;
708 }
709#endif
710#ifndef CONFIG_ESBC_HDR_LS
711
712 if (key_found == 0) {
713 ret = read_validate_single_key(img);
714 if (ret != 0)
715 return ret;
716 key_found = 1;
717 }
718#endif
719 if (!key_found)
720 return ERROR_KEY_TABLE_NOT_FOUND;
721
722
723 if (get_key_len(img) == 2 * hdr->sign_len) {
724
725 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
726 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
727 (hdr->sign_len == KEY_SIZE_BYTES)))
728 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
729 } else {
730 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
731 }
732
733 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
734
735#ifndef CONFIG_ESBC_HDR_LS
736
737 if (hdr->sg_flag)
738 return ERROR_ESBC_CLIENT_HEADER_SG;
739#endif
740
741
742 k = (u8 *)&img->img_key;
743
744 if ((k[0] & 0x80) == 0)
745 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
746
747
748 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
749 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
750
751
752 s = (u8 *)&img->img_sign;
753
754 if (!(memcmp(s, k, hdr->sign_len) < 0))
755 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
756
757 return ESBC_VALID_HDR;
758}
759
760static inline int str2longbe(const char *p, ulong *num)
761{
762 char *endptr;
763 ulong tmp;
764
765 if (!p) {
766 return 0;
767 } else {
768 tmp = simple_strtoul(p, &endptr, 16);
769 if (sizeof(ulong) == 4)
770 *num = cpu_to_be32(tmp);
771 else
772 *num = cpu_to_be64(tmp);
773 }
774
775 return *p != '\0' && *endptr == '\0';
776}
777
778
779
780
781
782static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
783{
784 int ret;
785 uint32_t key_len;
786 struct key_prop prop;
787#if !defined(USE_HOSTCC)
788 struct udevice *mod_exp_dev;
789#endif
790 ret = calc_esbchdr_esbc_hash(img);
791 if (ret)
792 return ret;
793
794
795 construct_img_encoded_hash_second(img);
796
797
798 memset(&prop, 0, sizeof(struct key_prop));
799 key_len = get_key_len(img) / 2;
800 prop.modulus = img->img_key;
801 prop.public_exponent = img->img_key + key_len;
802 prop.num_bits = key_len * 8;
803 prop.exp_len = key_len;
804
805 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
806 if (ret) {
807 printf("RSA: Can't find Modular Exp implementation\n");
808 return -EINVAL;
809 }
810
811 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
812 &prop, img->img_encoded_hash);
813 if (ret)
814 return ret;
815
816
817
818
819
820
821 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
822 img->hdr.sign_len);
823
824 if (ret)
825 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
826
827 return 0;
828}
829
830
831static int secboot_init(struct fsl_secboot_img_priv **img_ptr)
832{
833 *img_ptr = malloc(sizeof(struct fsl_secboot_img_priv));
834
835 struct fsl_secboot_img_priv *img = *img_ptr;
836
837 if (!img)
838 return -ENOMEM;
839 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
840
841#if defined(CONFIG_FSL_ISBC_KEY_EXT)
842 if (glb.ie_addr)
843 img->ie_addr = glb.ie_addr;
844#endif
845 return 0;
846}
847
848
849
850
851
852
853
854
855
856
857
858int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
859 uintptr_t *img_addr_ptr)
860{
861 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
862 ulong hash[SHA256_BYTES/sizeof(ulong)];
863 char hash_str[NUM_HEX_CHARS + 1];
864 struct fsl_secboot_img_priv *img;
865 struct fsl_secboot_img_hdr *hdr;
866 void *esbc;
867 int ret, i, hash_cmd = 0;
868 u32 srk_hash[8];
869
870 if (arg_hash_str != NULL) {
871 const char *cp = arg_hash_str;
872 int i = 0;
873
874 if (*cp == '0' && *(cp + 1) == 'x')
875 cp += 2;
876
877
878
879
880
881
882 if (strlen(cp) != SHA256_NIBBLES) {
883 printf("%s is not a 256 bits hex string as expected\n",
884 arg_hash_str);
885 return -1;
886 }
887
888 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
889 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
890 NUM_HEX_CHARS);
891 hash_str[NUM_HEX_CHARS] = '\0';
892 if (!str2longbe(hash_str, &hash[i])) {
893 printf("%s is not a 256 bits hex string ",
894 arg_hash_str);
895 return -1;
896 }
897 }
898
899 hash_cmd = 1;
900 }
901
902 ret = secboot_init(&img);
903 if (ret)
904 goto exit;
905
906
907 hdr = &img->hdr;
908 img->ehdrloc = haddr;
909 img->img_addr_ptr = img_addr_ptr;
910 esbc = (u8 *)img->ehdrloc;
911
912 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
913
914
915 ret = read_validate_esbc_client_header(img);
916
917 if (ret != ESBC_VALID_HDR) {
918 fsl_secboot_handle_error(ret);
919 goto exit;
920 }
921
922
923 for (i = 0; i < NUM_SRKH_REGS; i++)
924 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
925
926
927
928
929
930 ret = calc_img_key_hash(img);
931 if (ret) {
932 fsl_secblk_handle_error(ret);
933 goto exit;
934 }
935
936
937 if (hash_cmd)
938 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
939 else
940 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
941
942#if defined(CONFIG_FSL_ISBC_KEY_EXT)
943 if (!hash_cmd && check_ie(img))
944 ret = 0;
945#endif
946
947 if (ret != 0) {
948 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
949 goto exit;
950 }
951
952 ret = calculate_cmp_img_sig(img);
953 if (ret) {
954 fsl_secboot_handle_error(ret);
955 goto exit;
956 }
957
958exit:
959
960 free(img);
961 return ret;
962}
963