1
2
3
4
5
6#include <common.h>
7#include <command.h>
8#include <config.h>
9#include <fuse.h>
10#include <mapmem.h>
11#include <image.h>
12#include <asm/io.h>
13#include <asm/global_data.h>
14#include <asm/system.h>
15#include <asm/arch/clock.h>
16#include <asm/arch/sys_proto.h>
17#include <asm/mach-imx/hab.h>
18#include <linux/arm-smccc.h>
19
20DECLARE_GLOBAL_DATA_PTR;
21
22#define ALIGN_SIZE 0x1000
23#define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8
24#define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0
25#define MX6SL_PU_IROM_MMU_EN_VAR 0x00901c60
26#define IS_HAB_ENABLED_BIT \
27 (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \
28 ((is_soc_type(MXC_SOC_MX7) || is_soc_type(MXC_SOC_IMX8M)) ? 0x2000000 : 0x2))
29
30#ifdef CONFIG_MX7ULP
31#define HAB_M4_PERSISTENT_START ((soc_rev() >= CHIP_REV_2_0) ? 0x20008040 : \
32 0x20008180)
33#define HAB_M4_PERSISTENT_BYTES 0xB80
34#endif
35
36static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr)
37{
38 printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str,
39 ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version);
40
41 return 1;
42}
43
44static int verify_ivt_header(struct ivt_header *ivt_hdr)
45{
46 int result = 0;
47
48 if (ivt_hdr->magic != IVT_HEADER_MAGIC)
49 result = ivt_header_error("bad magic", ivt_hdr);
50
51 if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH)
52 result = ivt_header_error("bad length", ivt_hdr);
53
54 if ((ivt_hdr->version & HAB_MAJ_MASK) != HAB_MAJ_VER)
55 result = ivt_header_error("bad version", ivt_hdr);
56
57 return result;
58}
59
60#ifdef CONFIG_ARM64
61#define FSL_SIP_HAB 0xC2000007
62#define FSL_SIP_HAB_AUTHENTICATE 0x00
63#define FSL_SIP_HAB_ENTRY 0x01
64#define FSL_SIP_HAB_EXIT 0x02
65#define FSL_SIP_HAB_REPORT_EVENT 0x03
66#define FSL_SIP_HAB_REPORT_STATUS 0x04
67#define FSL_SIP_HAB_FAILSAFE 0x05
68#define FSL_SIP_HAB_CHECK_TARGET 0x06
69static volatile gd_t *gd_save;
70#endif
71
72static inline void save_gd(void)
73{
74#ifdef CONFIG_ARM64
75 gd_save = gd;
76#endif
77}
78
79static inline void restore_gd(void)
80{
81#ifdef CONFIG_ARM64
82
83
84
85
86 __asm__ volatile("mov x18, %0\n" : : "r" (gd_save));
87#endif
88}
89
90enum hab_status hab_rvt_report_event(enum hab_status status, u32 index,
91 u8 *event, size_t *bytes)
92{
93 enum hab_status ret;
94 hab_rvt_report_event_t *hab_rvt_report_event_func;
95 struct arm_smccc_res res __maybe_unused;
96
97 hab_rvt_report_event_func = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT;
98#if defined(CONFIG_ARM64)
99 if (current_el() != 3) {
100
101 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_EVENT, (unsigned long)index,
102 (unsigned long)event, (unsigned long)bytes, 0, 0, 0, &res);
103 return (enum hab_status)res.a0;
104 }
105#endif
106
107 save_gd();
108 ret = hab_rvt_report_event_func(status, index, event, bytes);
109 restore_gd();
110
111 return ret;
112
113}
114
115enum hab_status hab_rvt_report_status(enum hab_config *config, enum hab_state *state)
116{
117 enum hab_status ret;
118 hab_rvt_report_status_t *hab_rvt_report_status_func;
119 struct arm_smccc_res res __maybe_unused;
120
121 hab_rvt_report_status_func = (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS;
122#if defined(CONFIG_ARM64)
123 if (current_el() != 3) {
124
125 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_REPORT_STATUS, (unsigned long)config,
126 (unsigned long)state, 0, 0, 0, 0, &res);
127 return (enum hab_status)res.a0;
128 }
129#endif
130
131 save_gd();
132 ret = hab_rvt_report_status_func(config, state);
133 restore_gd();
134
135 return ret;
136}
137
138enum hab_status hab_rvt_entry(void)
139{
140 enum hab_status ret;
141 hab_rvt_entry_t *hab_rvt_entry_func;
142 struct arm_smccc_res res __maybe_unused;
143
144 hab_rvt_entry_func = (hab_rvt_entry_t *)HAB_RVT_ENTRY;
145#if defined(CONFIG_ARM64)
146 if (current_el() != 3) {
147
148 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_ENTRY, 0, 0, 0, 0, 0, 0, &res);
149 return (enum hab_status)res.a0;
150 }
151#endif
152
153 save_gd();
154 ret = hab_rvt_entry_func();
155 restore_gd();
156
157 return ret;
158}
159
160enum hab_status hab_rvt_exit(void)
161{
162 enum hab_status ret;
163 hab_rvt_exit_t *hab_rvt_exit_func;
164 struct arm_smccc_res res __maybe_unused;
165
166 hab_rvt_exit_func = (hab_rvt_exit_t *)HAB_RVT_EXIT;
167#if defined(CONFIG_ARM64)
168 if (current_el() != 3) {
169
170 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_EXIT, 0, 0, 0, 0, 0, 0, &res);
171 return (enum hab_status)res.a0;
172 }
173#endif
174
175 save_gd();
176 ret = hab_rvt_exit_func();
177 restore_gd();
178
179 return ret;
180}
181
182void hab_rvt_failsafe(void)
183{
184 hab_rvt_failsafe_t *hab_rvt_failsafe_func;
185
186 hab_rvt_failsafe_func = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE;
187#if defined(CONFIG_ARM64)
188 if (current_el() != 3) {
189
190 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_FAILSAFE, 0, 0, 0, 0, 0, 0, NULL);
191 return;
192 }
193#endif
194
195 save_gd();
196 hab_rvt_failsafe_func();
197 restore_gd();
198}
199
200enum hab_status hab_rvt_check_target(enum hab_target type, const void *start,
201 size_t bytes)
202{
203 enum hab_status ret;
204 hab_rvt_check_target_t *hab_rvt_check_target_func;
205 struct arm_smccc_res res __maybe_unused;
206
207 hab_rvt_check_target_func = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET;
208#if defined(CONFIG_ARM64)
209 if (current_el() != 3) {
210
211 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_CHECK_TARGET, (unsigned long)type,
212 (unsigned long)start, (unsigned long)bytes, 0, 0, 0, &res);
213 return (enum hab_status)res.a0;
214 }
215#endif
216
217 save_gd();
218 ret = hab_rvt_check_target_func(type, start, bytes);
219 restore_gd();
220
221 return ret;
222}
223
224void *hab_rvt_authenticate_image(uint8_t cid, ptrdiff_t ivt_offset,
225 void **start, size_t *bytes, hab_loader_callback_f_t loader)
226{
227 void *ret;
228 hab_rvt_authenticate_image_t *hab_rvt_authenticate_image_func;
229 struct arm_smccc_res res __maybe_unused;
230
231 hab_rvt_authenticate_image_func = (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE;
232#if defined(CONFIG_ARM64)
233 if (current_el() != 3) {
234
235 arm_smccc_smc(FSL_SIP_HAB, FSL_SIP_HAB_AUTHENTICATE, (unsigned long)ivt_offset,
236 (unsigned long)start, (unsigned long)bytes, 0, 0, 0, &res);
237 return (void *)res.a0;
238 }
239#endif
240
241 save_gd();
242 ret = hab_rvt_authenticate_image_func(cid, ivt_offset, start, bytes, loader);
243 restore_gd();
244
245 return ret;
246}
247
248#if !defined(CONFIG_SPL_BUILD)
249
250#define MAX_RECORD_BYTES (8*1024)
251
252struct record {
253 uint8_t tag;
254 uint8_t len[2];
255 uint8_t par;
256 uint8_t contents[MAX_RECORD_BYTES];
257 bool any_rec_flag;
258};
259
260static char *rsn_str[] = {
261 "RSN = HAB_RSN_ANY (0x00)\n",
262 "RSN = HAB_ENG_FAIL (0x30)\n",
263 "RSN = HAB_INV_ADDRESS (0x22)\n",
264 "RSN = HAB_INV_ASSERTION (0x0C)\n",
265 "RSN = HAB_INV_CALL (0x28)\n",
266 "RSN = HAB_INV_CERTIFICATE (0x21)\n",
267 "RSN = HAB_INV_COMMAND (0x06)\n",
268 "RSN = HAB_INV_CSF (0x11)\n",
269 "RSN = HAB_INV_DCD (0x27)\n",
270 "RSN = HAB_INV_INDEX (0x0F)\n",
271 "RSN = HAB_INV_IVT (0x05)\n",
272 "RSN = HAB_INV_KEY (0x1D)\n",
273 "RSN = HAB_INV_RETURN (0x1E)\n",
274 "RSN = HAB_INV_SIGNATURE (0x18)\n",
275 "RSN = HAB_INV_SIZE (0x17)\n",
276 "RSN = HAB_MEM_FAIL (0x2E)\n",
277 "RSN = HAB_OVR_COUNT (0x2B)\n",
278 "RSN = HAB_OVR_STORAGE (0x2D)\n",
279 "RSN = HAB_UNS_ALGORITHM (0x12)\n",
280 "RSN = HAB_UNS_COMMAND (0x03)\n",
281 "RSN = HAB_UNS_ENGINE (0x0A)\n",
282 "RSN = HAB_UNS_ITEM (0x24)\n",
283 "RSN = HAB_UNS_KEY (0x1B)\n",
284 "RSN = HAB_UNS_PROTOCOL (0x14)\n",
285 "RSN = HAB_UNS_STATE (0x09)\n",
286 "RSN = INVALID\n",
287 NULL
288};
289
290static char *sts_str[] = {
291 "STS = HAB_SUCCESS (0xF0)\n",
292 "STS = HAB_FAILURE (0x33)\n",
293 "STS = HAB_WARNING (0x69)\n",
294 "STS = INVALID\n",
295 NULL
296};
297
298static char *eng_str[] = {
299 "ENG = HAB_ENG_ANY (0x00)\n",
300 "ENG = HAB_ENG_SCC (0x03)\n",
301 "ENG = HAB_ENG_RTIC (0x05)\n",
302 "ENG = HAB_ENG_SAHARA (0x06)\n",
303 "ENG = HAB_ENG_CSU (0x0A)\n",
304 "ENG = HAB_ENG_SRTC (0x0C)\n",
305 "ENG = HAB_ENG_DCP (0x1B)\n",
306 "ENG = HAB_ENG_CAAM (0x1D)\n",
307 "ENG = HAB_ENG_SNVS (0x1E)\n",
308 "ENG = HAB_ENG_OCOTP (0x21)\n",
309 "ENG = HAB_ENG_DTCP (0x22)\n",
310 "ENG = HAB_ENG_ROM (0x36)\n",
311 "ENG = HAB_ENG_HDCP (0x24)\n",
312 "ENG = HAB_ENG_RTL (0x77)\n",
313 "ENG = HAB_ENG_SW (0xFF)\n",
314 "ENG = INVALID\n",
315 NULL
316};
317
318static char *ctx_str[] = {
319 "CTX = HAB_CTX_ANY(0x00)\n",
320 "CTX = HAB_CTX_FAB (0xFF)\n",
321 "CTX = HAB_CTX_ENTRY (0xE1)\n",
322 "CTX = HAB_CTX_TARGET (0x33)\n",
323 "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n",
324 "CTX = HAB_CTX_DCD (0xDD)\n",
325 "CTX = HAB_CTX_CSF (0xCF)\n",
326 "CTX = HAB_CTX_COMMAND (0xC0)\n",
327 "CTX = HAB_CTX_AUT_DAT (0xDB)\n",
328 "CTX = HAB_CTX_ASSERT (0xA0)\n",
329 "CTX = HAB_CTX_EXIT (0xEE)\n",
330 "CTX = INVALID\n",
331 NULL
332};
333
334static uint8_t hab_statuses[5] = {
335 HAB_STS_ANY,
336 HAB_FAILURE,
337 HAB_WARNING,
338 HAB_SUCCESS,
339 -1
340};
341
342static uint8_t hab_reasons[26] = {
343 HAB_RSN_ANY,
344 HAB_ENG_FAIL,
345 HAB_INV_ADDRESS,
346 HAB_INV_ASSERTION,
347 HAB_INV_CALL,
348 HAB_INV_CERTIFICATE,
349 HAB_INV_COMMAND,
350 HAB_INV_CSF,
351 HAB_INV_DCD,
352 HAB_INV_INDEX,
353 HAB_INV_IVT,
354 HAB_INV_KEY,
355 HAB_INV_RETURN,
356 HAB_INV_SIGNATURE,
357 HAB_INV_SIZE,
358 HAB_MEM_FAIL,
359 HAB_OVR_COUNT,
360 HAB_OVR_STORAGE,
361 HAB_UNS_ALGORITHM,
362 HAB_UNS_COMMAND,
363 HAB_UNS_ENGINE,
364 HAB_UNS_ITEM,
365 HAB_UNS_KEY,
366 HAB_UNS_PROTOCOL,
367 HAB_UNS_STATE,
368 -1
369};
370
371static uint8_t hab_contexts[12] = {
372 HAB_CTX_ANY,
373 HAB_CTX_FAB,
374 HAB_CTX_ENTRY,
375 HAB_CTX_TARGET,
376 HAB_CTX_AUTHENTICATE,
377 HAB_CTX_DCD,
378 HAB_CTX_CSF,
379 HAB_CTX_COMMAND,
380 HAB_CTX_AUT_DAT,
381 HAB_CTX_ASSERT,
382 HAB_CTX_EXIT,
383 -1
384};
385
386static uint8_t hab_engines[16] = {
387 HAB_ENG_ANY,
388 HAB_ENG_SCC,
389 HAB_ENG_RTIC,
390 HAB_ENG_SAHARA,
391 HAB_ENG_CSU,
392 HAB_ENG_SRTC,
393 HAB_ENG_DCP,
394 HAB_ENG_CAAM,
395 HAB_ENG_SNVS,
396 HAB_ENG_OCOTP,
397 HAB_ENG_DTCP,
398 HAB_ENG_ROM,
399 HAB_ENG_HDCP,
400 HAB_ENG_RTL,
401 HAB_ENG_SW,
402 -1
403};
404
405static inline uint8_t get_idx(uint8_t *list, uint8_t tgt)
406{
407 uint8_t idx = 0;
408 uint8_t element = list[idx];
409 while (element != -1) {
410 if (element == tgt)
411 return idx;
412 element = list[++idx];
413 }
414 return -1;
415}
416
417static void process_event_record(uint8_t *event_data, size_t bytes)
418{
419 struct record *rec = (struct record *)event_data;
420
421 printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]);
422 printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]);
423 printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]);
424 printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]);
425}
426
427static void display_event(uint8_t *event_data, size_t bytes)
428{
429 uint32_t i;
430
431 if (!(event_data && bytes > 0))
432 return;
433
434 for (i = 0; i < bytes; i++) {
435 if (i == 0)
436 printf("\t0x%02x", event_data[i]);
437 else if ((i % 8) == 0)
438 printf("\n\t0x%02x", event_data[i]);
439 else
440 printf(" 0x%02x", event_data[i]);
441 }
442
443 process_event_record(event_data, bytes);
444}
445
446static int get_hab_status(void)
447{
448 uint32_t index = 0;
449 uint8_t event_data[128];
450 size_t bytes = sizeof(event_data);
451 enum hab_config config = 0;
452 enum hab_state state = 0;
453
454 if (imx_hab_is_enabled())
455 puts("\nSecure boot enabled\n");
456 else
457 puts("\nSecure boot disabled\n");
458
459
460 if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) {
461 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
462 config, state);
463
464
465 while (hab_rvt_report_event(HAB_STS_ANY, index, event_data,
466 &bytes) == HAB_SUCCESS) {
467 puts("\n");
468 printf("--------- HAB Event %d -----------------\n",
469 index + 1);
470 puts("event data:\n");
471 display_event(event_data, bytes);
472 puts("\n");
473 bytes = sizeof(event_data);
474 index++;
475 }
476 }
477
478 else {
479 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
480 config, state);
481 puts("No HAB Events Found!\n\n");
482 }
483 return 0;
484}
485
486#ifdef CONFIG_MX7ULP
487
488static int get_record_len(struct record *rec)
489{
490 return (size_t)((rec->len[0] << 8) + (rec->len[1]));
491}
492
493static int get_hab_status_m4(void)
494{
495 unsigned int index = 0;
496 uint8_t event_data[128];
497 size_t record_len, offset = 0;
498 enum hab_config config = 0;
499 enum hab_state state = 0;
500
501 if (imx_hab_is_enabled())
502 puts("\nSecure boot enabled\n");
503 else
504 puts("\nSecure boot disabled\n");
505
506
507
508
509
510
511 hab_rvt_report_status(&config, &state);
512 printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
513 config, state);
514
515 struct record *rec = (struct record *)(HAB_M4_PERSISTENT_START);
516
517 record_len = get_record_len(rec);
518
519
520 if (rec->tag != HAB_TAG_EVT_DEF ||
521 record_len != sizeof(struct evt_def) ||
522 (rec->par & HAB_MAJ_MASK) != HAB_MAJ_VER) {
523 puts("\nERROR: Invalid HAB persistent memory\n");
524 return 1;
525 }
526
527
528 while (offset < HAB_M4_PERSISTENT_BYTES) {
529 rec = (struct record *)(HAB_M4_PERSISTENT_START + offset);
530
531 record_len = get_record_len(rec);
532
533 if (rec->tag == HAB_TAG_EVT) {
534 memcpy(&event_data, rec, record_len);
535 puts("\n");
536 printf("--------- HAB Event %d -----------------\n",
537 index + 1);
538 puts("event data:\n");
539 display_event(event_data, record_len);
540 puts("\n");
541 index++;
542 }
543
544 offset += record_len;
545
546
547 if ((offset % 4) != 0)
548 offset = offset + (4 - (offset % 4));
549 }
550
551 if (!index)
552 puts("No HAB Events Found!\n\n");
553
554 return 0;
555}
556#endif
557
558static int do_hab_status(struct cmd_tbl *cmdtp, int flag, int argc,
559 char *const argv[])
560{
561#ifdef CONFIG_MX7ULP
562 if ((argc > 2)) {
563 cmd_usage(cmdtp);
564 return 1;
565 }
566
567 if (strcmp("m4", argv[1]) == 0)
568 get_hab_status_m4();
569 else
570 get_hab_status();
571#else
572 if ((argc != 1)) {
573 cmd_usage(cmdtp);
574 return 1;
575 }
576
577 get_hab_status();
578#endif
579
580 return 0;
581}
582
583static ulong get_image_ivt_offset(ulong img_addr)
584{
585 const void *buf;
586
587 buf = map_sysmem(img_addr, 0);
588 switch (genimg_get_format(buf)) {
589#if CONFIG_IS_ENABLED(LEGACY_IMAGE_FORMAT)
590 case IMAGE_FORMAT_LEGACY:
591 return (image_get_image_size((image_header_t *)img_addr)
592 + 0x1000 - 1) & ~(0x1000 - 1);
593#endif
594#if CONFIG_IS_ENABLED(FIT)
595 case IMAGE_FORMAT_FIT:
596 return (fit_get_size(buf) + 0x1000 - 1) & ~(0x1000 - 1);
597#endif
598 default:
599 return 0;
600 }
601}
602
603static int do_authenticate_image(struct cmd_tbl *cmdtp, int flag, int argc,
604 char *const argv[])
605{
606 ulong addr, length, ivt_offset;
607 int rcode = 0;
608
609 if (argc < 3)
610 return CMD_RET_USAGE;
611
612 addr = hextoul(argv[1], NULL);
613 length = hextoul(argv[2], NULL);
614 if (argc == 3)
615 ivt_offset = get_image_ivt_offset(addr);
616 else
617 ivt_offset = hextoul(argv[3], NULL);
618
619 rcode = imx_hab_authenticate_image(addr, length, ivt_offset);
620 if (rcode == 0)
621 rcode = CMD_RET_SUCCESS;
622 else
623 rcode = CMD_RET_FAILURE;
624
625 return rcode;
626}
627
628static int do_hab_failsafe(struct cmd_tbl *cmdtp, int flag, int argc,
629 char *const argv[])
630{
631 if (argc != 1) {
632 cmd_usage(cmdtp);
633 return 1;
634 }
635
636 hab_rvt_failsafe();
637
638 return 0;
639}
640
641static int do_hab_version(struct cmd_tbl *cmdtp, int flag, int argc,
642 char *const argv[])
643{
644 struct hab_hdr *hdr = (struct hab_hdr *)HAB_RVT_BASE;
645
646 if (hdr->tag != HAB_TAG_RVT) {
647 printf("Unexpected header tag: %x\n", hdr->tag);
648 return CMD_RET_FAILURE;
649 }
650
651 printf("HAB version: %d.%d\n", hdr->par >> 4, hdr->par & 0xf);
652
653 return 0;
654}
655
656static int do_authenticate_image_or_failover(struct cmd_tbl *cmdtp, int flag,
657 int argc, char *const argv[])
658{
659 int ret = CMD_RET_FAILURE;
660
661 if (argc != 4) {
662 ret = CMD_RET_USAGE;
663 goto error;
664 }
665
666 if (!imx_hab_is_enabled()) {
667 printf("error: secure boot disabled\n");
668 goto error;
669 }
670
671 if (do_authenticate_image(NULL, flag, argc, argv) != CMD_RET_SUCCESS) {
672 fprintf(stderr, "authentication fail -> %s %s %s %s\n",
673 argv[0], argv[1], argv[2], argv[3]);
674 do_hab_failsafe(0, 0, 1, NULL);
675 };
676 ret = CMD_RET_SUCCESS;
677error:
678 return ret;
679}
680
681#ifdef CONFIG_MX7ULP
682U_BOOT_CMD(
683 hab_status, CONFIG_SYS_MAXARGS, 2, do_hab_status,
684 "display HAB status and events",
685 "hab_status - A7 HAB event and status\n"
686 "hab_status m4 - M4 HAB event and status"
687 );
688#else
689U_BOOT_CMD(
690 hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status,
691 "display HAB status",
692 ""
693 );
694#endif
695
696U_BOOT_CMD(
697 hab_auth_img, 4, 0, do_authenticate_image,
698 "authenticate image via HAB",
699 "addr length ivt_offset\n"
700 "addr - image hex address\n"
701 "length - image hex length\n"
702 "ivt_offset - hex offset of IVT in the image"
703 );
704
705U_BOOT_CMD(
706 hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe,
707 "run BootROM failsafe routine",
708 ""
709 );
710
711U_BOOT_CMD(
712 hab_auth_img_or_fail, 4, 0,
713 do_authenticate_image_or_failover,
714 "authenticate image via HAB on failure drop to USB BootROM mode",
715 "addr length ivt_offset\n"
716 "addr - image hex address\n"
717 "length - image hex length\n"
718 "ivt_offset - hex offset of IVT in the image"
719 );
720
721U_BOOT_CMD(
722 hab_version, 1, 0, do_hab_version,
723 "print HAB major/minor version",
724 ""
725 );
726
727#endif
728
729
730static int get_hab_hdr_len(struct hab_hdr *hdr)
731{
732 return (size_t)((hdr->len[0] << 8) + (hdr->len[1]));
733}
734
735
736
737
738static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end)
739{
740 size_t csf_size = (size_t)((end + 1) - addr);
741
742 return (addr && (addr >= start) && (addr <= end) &&
743 (csf_size >= bytes));
744}
745
746
747static int get_csf_cmd_hdr_len(u8 *csf_hdr)
748{
749 if (*csf_hdr == HAB_CMD_HDR)
750 return sizeof(struct hab_hdr);
751
752 return get_hab_hdr_len((struct hab_hdr *)csf_hdr);
753}
754
755
756static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes)
757{
758 u8 *start = (u8 *)start_addr;
759 u8 *csf_hdr;
760 u8 *end;
761
762 size_t csf_hdr_len;
763 size_t cmd_hdr_len;
764 size_t offset = 0;
765
766 if (bytes != 0)
767 end = start + bytes - 1;
768 else
769 end = start;
770
771
772 if (!ivt->csf) {
773 puts("Error: CSF pointer is NULL\n");
774 return false;
775 }
776
777 csf_hdr = (u8 *)(ulong)ivt->csf;
778
779
780 if (*csf_hdr != HAB_CMD_HDR) {
781 puts("Error: CSF header command not found\n");
782 return false;
783 }
784
785 csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr);
786
787
788 if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) {
789 puts("Error: CSF lies outside the image bounds\n");
790 return false;
791 }
792
793 do {
794 struct hab_hdr *cmd;
795
796 cmd = (struct hab_hdr *)&csf_hdr[offset];
797
798 switch (cmd->tag) {
799 case (HAB_CMD_WRT_DAT):
800 puts("Error: Deprecated write command found\n");
801 return false;
802 case (HAB_CMD_CHK_DAT):
803 puts("Error: Deprecated check command found\n");
804 return false;
805 case (HAB_CMD_SET):
806 if (cmd->par == HAB_PAR_MID) {
807 puts("Error: Deprecated Set MID command found\n");
808 return false;
809 }
810 default:
811 break;
812 }
813
814 cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]);
815 if (!cmd_hdr_len) {
816 puts("Error: Invalid command length\n");
817 return false;
818 }
819 offset += cmd_hdr_len;
820
821 } while (offset < csf_hdr_len);
822
823 return true;
824}
825
826
827
828
829static int validate_ivt(struct ivt *ivt_initial)
830{
831 struct ivt_header *ivt_hdr = &ivt_initial->hdr;
832
833 if ((ulong)ivt_initial & 0x3) {
834 puts("Error: Image's start address is not 4 byte aligned\n");
835 return 0;
836 }
837
838
839 if ((!verify_ivt_header(ivt_hdr)) && \
840 (ivt_initial->entry != 0x0) && \
841 (ivt_initial->reserved1 == 0x0) && \
842 (ivt_initial->self == \
843 (uint32_t)((ulong)ivt_initial & 0xffffffff)) && \
844 (ivt_initial->csf != 0x0) && \
845 (ivt_initial->reserved2 == 0x0)) {
846
847 if (ivt_initial->dcd != 0x0)
848 puts("Error: DCD pointer must be 0\n");
849 else
850 return 1;
851 }
852
853 puts("Error: Invalid IVT structure\n");
854 debug("\nAllowed IVT structure:\n");
855 debug("IVT HDR = 0x4X2000D1\n");
856 debug("IVT ENTRY = 0xXXXXXXXX\n");
857 debug("IVT RSV1 = 0x0\n");
858 debug("IVT DCD = 0x0\n");
859 debug("IVT BOOT_DATA = 0xXXXXXXXX\n");
860 debug("IVT SELF = 0xXXXXXXXX\n");
861 debug("IVT CSF = 0xXXXXXXXX\n");
862 debug("IVT RSV2 = 0x0\n");
863
864
865 return 0;
866}
867
868bool imx_hab_is_enabled(void)
869{
870 struct imx_sec_config_fuse_t *fuse =
871 (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse;
872 uint32_t reg;
873 int ret;
874
875 ret = fuse_read(fuse->bank, fuse->word, ®);
876 if (ret) {
877 puts("\nSecure boot fuse read error\n");
878 return ret;
879 }
880
881 return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT;
882}
883
884int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size,
885 uint32_t ivt_offset)
886{
887 ulong load_addr = 0;
888 size_t bytes;
889 ulong ivt_addr = 0;
890 int result = 1;
891 ulong start;
892 struct ivt *ivt;
893 enum hab_status status;
894
895 if (!imx_hab_is_enabled())
896 puts("hab fuse not enabled\n");
897
898 printf("\nAuthenticate image from DDR location 0x%x...\n",
899 ddr_start);
900
901 hab_caam_clock_enable(1);
902
903
904 ivt_addr = (ulong) (ddr_start + ivt_offset);
905 ivt = (struct ivt *)ivt_addr;
906
907
908 if (!validate_ivt(ivt))
909 goto hab_authentication_exit;
910
911 start = ddr_start;
912 bytes = image_size;
913
914
915 if (!csf_is_valid(ivt, start, bytes))
916 goto hab_authentication_exit;
917
918 if (hab_rvt_entry() != HAB_SUCCESS) {
919 puts("hab entry function fail\n");
920 goto hab_exit_failure_print_status;
921 }
922
923 status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)(ulong)ddr_start, bytes);
924 if (status != HAB_SUCCESS) {
925 printf("HAB check target 0x%08x-0x%08lx fail\n",
926 ddr_start, ddr_start + (ulong)bytes);
927 goto hab_exit_failure_print_status;
928 }
929#ifdef DEBUG
930 printf("\nivt_offset = 0x%x, ivt addr = 0x%lx\n", ivt_offset, ivt_addr);
931 printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry,
932 ivt->dcd, ivt->csf);
933 puts("Dumping IVT\n");
934 print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0);
935
936 puts("Dumping CSF Header\n");
937 print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0);
938
939#if !defined(CONFIG_SPL_BUILD)
940 get_hab_status();
941#endif
942
943 puts("\nCalling authenticate_image in ROM\n");
944 printf("\tivt_offset = 0x%x\n", ivt_offset);
945 printf("\tstart = 0x%08lx\n", start);
946 printf("\tbytes = 0x%x\n", bytes);
947#endif
948
949#ifndef CONFIG_ARM64
950
951
952
953
954
955
956
957
958
959
960
961 if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) {
962 if (is_mx6dq()) {
963
964
965
966
967
968
969 if (!is_mx6dqp())
970 writel(1, MX6DQ_PU_IROM_MMU_EN_VAR);
971 } else if (is_mx6sdl()) {
972 writel(1, MX6DLS_PU_IROM_MMU_EN_VAR);
973 } else if (is_mx6sl()) {
974 writel(1, MX6SL_PU_IROM_MMU_EN_VAR);
975 }
976 }
977#endif
978
979 load_addr = (ulong)hab_rvt_authenticate_image(
980 HAB_CID_UBOOT,
981 ivt_offset, (void **)&start,
982 (size_t *)&bytes, NULL);
983 if (hab_rvt_exit() != HAB_SUCCESS) {
984 puts("hab exit function fail\n");
985 load_addr = 0;
986 }
987
988hab_exit_failure_print_status:
989#if !defined(CONFIG_SPL_BUILD)
990 get_hab_status();
991#endif
992
993hab_authentication_exit:
994
995 if (load_addr != 0 || !imx_hab_is_enabled())
996 result = 0;
997
998 return result;
999}
1000
1001int authenticate_image(u32 ddr_start, u32 raw_image_size)
1002{
1003 u32 ivt_offset;
1004 size_t bytes;
1005
1006 ivt_offset = (raw_image_size + ALIGN_SIZE - 1) &
1007 ~(ALIGN_SIZE - 1);
1008 bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE;
1009
1010 return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset);
1011}
1012