1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
11 #define LOG_CATEGORY LOGC_BOOT
16 #include <linux/libfdt.h>
17 #include <u-boot/crc.h>
19 #include <linux/compiler.h>
20 #include <linux/sizes.h>
28 #include <asm/global_data.h>
31 #include <u-boot/hash.h>
33 DECLARE_GLOBAL_DATA_PTR;
34 #endif /* !USE_HOSTCC*/
38 #include <bootstage.h>
39 #include <linux/kconfig.h>
40 #include <u-boot/crc.h>
41 #include <u-boot/md5.h>
42 #include <u-boot/sha1.h>
43 #include <u-boot/sha256.h>
44 #include <u-boot/sha512.h>
46 /*****************************************************************************/
47 /* New uImage format routines */
48 /*****************************************************************************/
50 static int fit_parse_spec(const char *spec, char sepc, ulong addr_curr,
51 ulong *addr, const char **name)
58 sep = strchr(spec, sepc);
61 *addr = hextoul(spec, NULL);
71 * fit_parse_conf - parse FIT configuration spec
72 * @spec: input string, containing configuration spec
73 * @add_curr: current image address (to be used as a possible default)
74 * @addr: pointer to a ulong variable, will hold FIT image address of a given
76 * @conf_name double pointer to a char, will hold pointer to a configuration
79 * fit_parse_conf() expects configuration spec in the form of [<addr>]#<conf>,
80 * where <addr> is a FIT image address that contains configuration
81 * with a <conf> unit name.
83 * Address part is optional, and if omitted default add_curr will
87 * 1 if spec is a valid configuration string,
88 * addr and conf_name are set accordingly
91 int fit_parse_conf(const char *spec, ulong addr_curr,
92 ulong *addr, const char **conf_name)
94 return fit_parse_spec(spec, '#', addr_curr, addr, conf_name);
98 * fit_parse_subimage - parse FIT subimage spec
99 * @spec: input string, containing subimage spec
100 * @add_curr: current image address (to be used as a possible default)
101 * @addr: pointer to a ulong variable, will hold FIT image address of a given
103 * @image_name: double pointer to a char, will hold pointer to a subimage name
105 * fit_parse_subimage() expects subimage spec in the form of
106 * [<addr>]:<subimage>, where <addr> is a FIT image address that contains
107 * subimage with a <subimg> unit name.
109 * Address part is optional, and if omitted default add_curr will
113 * 1 if spec is a valid subimage string,
114 * addr and image_name are set accordingly
117 int fit_parse_subimage(const char *spec, ulong addr_curr,
118 ulong *addr, const char **image_name)
120 return fit_parse_spec(spec, ':', addr_curr, addr, image_name);
122 #endif /* !USE_HOSTCC */
125 /* Host tools use these implementations for Cipher and Signature support */
126 static void *host_blob;
128 void image_set_host_blob(void *blob)
133 void *image_get_host_blob(void)
137 #endif /* USE_HOSTCC */
139 static void fit_get_debug(const void *fit, int noffset,
140 char *prop_name, int err)
142 debug("Can't get '%s' property from FIT 0x%08lx, node: offset %d, name %s (%s)\n",
143 prop_name, (ulong)fit, noffset, fit_get_name(fit, noffset, NULL),
148 * fit_get_subimage_count - get component (sub-image) count
149 * @fit: pointer to the FIT format image header
150 * @images_noffset: offset of images node
153 * number of image components
155 int fit_get_subimage_count(const void *fit, int images_noffset)
161 /* Process its subnodes, print out component images details */
162 for (ndepth = 0, count = 0,
163 noffset = fdt_next_node(fit, images_noffset, &ndepth);
164 (noffset >= 0) && (ndepth > 0);
165 noffset = fdt_next_node(fit, noffset, &ndepth)) {
175 * fit_image_print_data() - prints out the hash node details
176 * @fit: pointer to the FIT format image header
177 * @noffset: offset of the hash node
178 * @p: pointer to prefix string
179 * @type: Type of information to print ("hash" or "sign")
181 * fit_image_print_data() lists properties for the processed hash node
183 * This function avoid using puts() since it prints a newline on the host
184 * but does not in U-Boot.
187 * no returned results
189 static void fit_image_print_data(const void *fit, int noffset, const char *p,
200 debug("%s %s node: '%s'\n", p, type,
201 fit_get_name(fit, noffset, NULL));
202 printf("%s %s algo: ", p, type);
203 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
204 printf("invalid/unsupported\n");
208 keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
209 required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL;
211 printf(":%s", keyname);
213 printf(" (required)");
216 padding = fdt_getprop(fit, noffset, "padding", NULL);
218 printf("%s %s padding: %s\n", p, type, padding);
220 ret = fit_image_hash_get_value(fit, noffset, &value,
222 printf("%s %s value: ", p, type);
224 printf("unavailable\n");
226 for (i = 0; i < value_len; i++)
227 printf("%02x", value[i]);
231 debug("%s %s len: %d\n", p, type, value_len);
233 /* Signatures have a time stamp */
234 if (IMAGE_ENABLE_TIMESTAMP && keyname) {
237 printf("%s Timestamp: ", p);
238 if (fit_get_timestamp(fit, noffset, ×tamp))
239 printf("unavailable\n");
241 genimg_print_time(timestamp);
246 * fit_image_print_verification_data() - prints out the hash/signature details
247 * @fit: pointer to the FIT format image header
248 * @noffset: offset of the hash or signature node
249 * @p: pointer to prefix string
251 * This lists properties for the processed hash node
254 * no returned results
256 static void fit_image_print_verification_data(const void *fit, int noffset,
262 * Check subnode name, must be equal to "hash" or "signature".
263 * Multiple hash/signature nodes require unique unit node
264 * names, e.g. hash-1, hash-2, signature-1, signature-2, etc.
266 name = fit_get_name(fit, noffset, NULL);
267 if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME))) {
268 fit_image_print_data(fit, noffset, p, "Hash");
269 } else if (!strncmp(name, FIT_SIG_NODENAME,
270 strlen(FIT_SIG_NODENAME))) {
271 fit_image_print_data(fit, noffset, p, "Sign");
276 * fit_conf_print - prints out the FIT configuration details
277 * @fit: pointer to the FIT format image header
278 * @noffset: offset of the configuration node
279 * @p: pointer to prefix string
281 * fit_conf_print() lists all mandatory properties for the processed
282 * configuration node.
285 * no returned results
287 static void fit_conf_print(const void *fit, int noffset, const char *p)
292 int fdt_index, loadables_index;
295 /* Mandatory properties */
296 ret = fit_get_desc(fit, noffset, &desc);
297 printf("%s Description: ", p);
299 printf("unavailable\n");
301 printf("%s\n", desc);
303 uname = fdt_getprop(fit, noffset, FIT_KERNEL_PROP, NULL);
304 printf("%s Kernel: ", p);
306 printf("unavailable\n");
308 printf("%s\n", uname);
310 /* Optional properties */
311 uname = fdt_getprop(fit, noffset, FIT_RAMDISK_PROP, NULL);
313 printf("%s Init Ramdisk: %s\n", p, uname);
315 uname = fdt_getprop(fit, noffset, FIT_FIRMWARE_PROP, NULL);
317 printf("%s Firmware: %s\n", p, uname);
320 uname = fdt_stringlist_get(fit, noffset, FIT_FDT_PROP,
321 fdt_index, NULL), uname;
324 printf("%s FDT: ", p);
327 printf("%s\n", uname);
330 uname = fdt_getprop(fit, noffset, FIT_FPGA_PROP, NULL);
332 printf("%s FPGA: %s\n", p, uname);
334 /* Print out all of the specified loadables */
335 for (loadables_index = 0;
336 uname = fdt_stringlist_get(fit, noffset, FIT_LOADABLE_PROP,
337 loadables_index, NULL), uname;
339 if (loadables_index == 0) {
340 printf("%s Loadables: ", p);
344 printf("%s\n", uname);
347 /* Process all hash subnodes of the component configuration node */
348 for (ndepth = 0, noffset = fdt_next_node(fit, noffset, &ndepth);
349 (noffset >= 0) && (ndepth > 0);
350 noffset = fdt_next_node(fit, noffset, &ndepth)) {
352 /* Direct child node of the component configuration node */
353 fit_image_print_verification_data(fit, noffset, p);
359 * fit_print_contents - prints out the contents of the FIT format image
360 * @fit: pointer to the FIT format image header
361 * @p: pointer to prefix string
363 * fit_print_contents() formats a multi line FIT image contents description.
364 * The routine prints out FIT image properties (root node level) followed by
365 * the details of each component image.
368 * no returned results
370 void fit_print_contents(const void *fit)
383 if (!CONFIG_IS_ENABLED(FIT_PRINT))
386 /* Indent string is defined in header image.h */
387 p = IMAGE_INDENT_STRING;
389 /* Root node properties */
390 ret = fit_get_desc(fit, 0, &desc);
391 printf("%sFIT description: ", p);
393 printf("unavailable\n");
395 printf("%s\n", desc);
397 if (IMAGE_ENABLE_TIMESTAMP) {
398 ret = fit_get_timestamp(fit, 0, ×tamp);
399 printf("%sCreated: ", p);
401 printf("unavailable\n");
403 genimg_print_time(timestamp);
406 /* Find images parent node offset */
407 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
408 if (images_noffset < 0) {
409 printf("Can't find images parent node '%s' (%s)\n",
410 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
414 /* Process its subnodes, print out component images details */
415 for (ndepth = 0, count = 0,
416 noffset = fdt_next_node(fit, images_noffset, &ndepth);
417 (noffset >= 0) && (ndepth > 0);
418 noffset = fdt_next_node(fit, noffset, &ndepth)) {
421 * Direct child node of the images parent node,
422 * i.e. component image node.
424 printf("%s Image %u (%s)\n", p, count++,
425 fit_get_name(fit, noffset, NULL));
427 fit_image_print(fit, noffset, p);
431 /* Find configurations parent node offset */
432 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
433 if (confs_noffset < 0) {
434 debug("Can't get configurations parent node '%s' (%s)\n",
435 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
439 /* get default configuration unit name from default property */
440 uname = (char *)fdt_getprop(fit, noffset, FIT_DEFAULT_PROP, NULL);
442 printf("%s Default Configuration: '%s'\n", p, uname);
444 /* Process its subnodes, print out configurations details */
445 for (ndepth = 0, count = 0,
446 noffset = fdt_next_node(fit, confs_noffset, &ndepth);
447 (noffset >= 0) && (ndepth > 0);
448 noffset = fdt_next_node(fit, noffset, &ndepth)) {
451 * Direct child node of the configurations parent node,
452 * i.e. configuration node.
454 printf("%s Configuration %u (%s)\n", p, count++,
455 fit_get_name(fit, noffset, NULL));
457 fit_conf_print(fit, noffset, p);
463 * fit_image_print - prints out the FIT component image details
464 * @fit: pointer to the FIT format image header
465 * @image_noffset: offset of the component image node
466 * @p: pointer to prefix string
468 * fit_image_print() lists all mandatory properties for the processed component
469 * image. If present, hash nodes are printed out as well. Load
470 * address for images of type firmware is also printed out. Since the load
471 * address is not mandatory for firmware images, it will be output as
472 * "unavailable" when not present.
475 * no returned results
477 void fit_image_print(const void *fit, int image_noffset, const char *p)
480 uint8_t type, arch, os, comp = IH_COMP_NONE;
488 if (!CONFIG_IS_ENABLED(FIT_PRINT))
491 /* Mandatory properties */
492 ret = fit_get_desc(fit, image_noffset, &desc);
493 printf("%s Description: ", p);
495 printf("unavailable\n");
497 printf("%s\n", desc);
499 if (IMAGE_ENABLE_TIMESTAMP) {
502 ret = fit_get_timestamp(fit, 0, ×tamp);
503 printf("%s Created: ", p);
505 printf("unavailable\n");
507 genimg_print_time(timestamp);
510 fit_image_get_type(fit, image_noffset, &type);
511 printf("%s Type: %s\n", p, genimg_get_type_name(type));
513 fit_image_get_comp(fit, image_noffset, &comp);
514 printf("%s Compression: %s\n", p, genimg_get_comp_name(comp));
516 ret = fit_image_get_data_and_size(fit, image_noffset, &data, &size);
518 if (!tools_build()) {
519 printf("%s Data Start: ", p);
521 printf("unavailable\n");
523 void *vdata = (void *)data;
525 printf("0x%08lx\n", (ulong)map_to_sysmem(vdata));
529 printf("%s Data Size: ", p);
531 printf("unavailable\n");
533 genimg_print_size(size);
535 /* Remaining, type dependent properties */
536 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
537 (type == IH_TYPE_RAMDISK) || (type == IH_TYPE_FIRMWARE) ||
538 (type == IH_TYPE_FLATDT)) {
539 fit_image_get_arch(fit, image_noffset, &arch);
540 printf("%s Architecture: %s\n", p, genimg_get_arch_name(arch));
543 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_RAMDISK) ||
544 (type == IH_TYPE_FIRMWARE)) {
545 fit_image_get_os(fit, image_noffset, &os);
546 printf("%s OS: %s\n", p, genimg_get_os_name(os));
549 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
550 (type == IH_TYPE_FIRMWARE) || (type == IH_TYPE_RAMDISK) ||
551 (type == IH_TYPE_FPGA)) {
552 ret = fit_image_get_load(fit, image_noffset, &load);
553 printf("%s Load Address: ", p);
555 printf("unavailable\n");
557 printf("0x%08lx\n", load);
560 /* optional load address for FDT */
561 if (type == IH_TYPE_FLATDT && !fit_image_get_load(fit, image_noffset, &load))
562 printf("%s Load Address: 0x%08lx\n", p, load);
564 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
565 (type == IH_TYPE_RAMDISK)) {
566 ret = fit_image_get_entry(fit, image_noffset, &entry);
567 printf("%s Entry Point: ", p);
569 printf("unavailable\n");
571 printf("0x%08lx\n", entry);
574 /* Process all hash subnodes of the component image node */
575 for (ndepth = 0, noffset = fdt_next_node(fit, image_noffset, &ndepth);
576 (noffset >= 0) && (ndepth > 0);
577 noffset = fdt_next_node(fit, noffset, &ndepth)) {
579 /* Direct child node of the component image node */
580 fit_image_print_verification_data(fit, noffset, p);
586 * fit_get_desc - get node description property
587 * @fit: pointer to the FIT format image header
588 * @noffset: node offset
589 * @desc: double pointer to the char, will hold pointer to the description
591 * fit_get_desc() reads description property from a given node, if
592 * description is found pointer to it is returned in third call argument.
598 int fit_get_desc(const void *fit, int noffset, char **desc)
602 *desc = (char *)fdt_getprop(fit, noffset, FIT_DESC_PROP, &len);
604 fit_get_debug(fit, noffset, FIT_DESC_PROP, len);
612 * fit_get_timestamp - get node timestamp property
613 * @fit: pointer to the FIT format image header
614 * @noffset: node offset
615 * @timestamp: pointer to the time_t, will hold read timestamp
617 * fit_get_timestamp() reads timestamp property from given node, if timestamp
618 * is found and has a correct size its value is returned in third call
623 * -1, on property read failure
624 * -2, on wrong timestamp size
626 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp)
631 data = fdt_getprop(fit, noffset, FIT_TIMESTAMP_PROP, &len);
633 fit_get_debug(fit, noffset, FIT_TIMESTAMP_PROP, len);
636 if (len != sizeof(uint32_t)) {
637 debug("FIT timestamp with incorrect size of (%u)\n", len);
641 *timestamp = uimage_to_cpu(*((uint32_t *)data));
646 * fit_image_get_node - get node offset for component image of a given unit name
647 * @fit: pointer to the FIT format image header
648 * @image_uname: component image node unit name
650 * fit_image_get_node() finds a component image (within the '/images'
651 * node) of a provided unit name. If image is found its node offset is
652 * returned to the caller.
655 * image node offset when found (>=0)
656 * negative number on failure (FDT_ERR_* code)
658 int fit_image_get_node(const void *fit, const char *image_uname)
660 int noffset, images_noffset;
662 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
663 if (images_noffset < 0) {
664 debug("Can't find images parent node '%s' (%s)\n",
665 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
666 return images_noffset;
669 noffset = fdt_subnode_offset(fit, images_noffset, image_uname);
671 debug("Can't get node offset for image unit name: '%s' (%s)\n",
672 image_uname, fdt_strerror(noffset));
679 * fit_image_get_os - get os id for a given component image node
680 * @fit: pointer to the FIT format image header
681 * @noffset: component image node offset
682 * @os: pointer to the uint8_t, will hold os numeric id
684 * fit_image_get_os() finds os property in a given component image node.
685 * If the property is found, its (string) value is translated to the numeric
686 * id which is returned to the caller.
692 int fit_image_get_os(const void *fit, int noffset, uint8_t *os)
697 /* Get OS name from property data */
698 data = fdt_getprop(fit, noffset, FIT_OS_PROP, &len);
700 fit_get_debug(fit, noffset, FIT_OS_PROP, len);
705 /* Translate OS name to id */
706 *os = genimg_get_os_id(data);
711 * fit_image_get_arch - get arch id for a given component image node
712 * @fit: pointer to the FIT format image header
713 * @noffset: component image node offset
714 * @arch: pointer to the uint8_t, will hold arch numeric id
716 * fit_image_get_arch() finds arch property in a given component image node.
717 * If the property is found, its (string) value is translated to the numeric
718 * id which is returned to the caller.
724 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch)
729 /* Get architecture name from property data */
730 data = fdt_getprop(fit, noffset, FIT_ARCH_PROP, &len);
732 fit_get_debug(fit, noffset, FIT_ARCH_PROP, len);
737 /* Translate architecture name to id */
738 *arch = genimg_get_arch_id(data);
743 * fit_image_get_type - get type id for a given component image node
744 * @fit: pointer to the FIT format image header
745 * @noffset: component image node offset
746 * @type: pointer to the uint8_t, will hold type numeric id
748 * fit_image_get_type() finds type property in a given component image node.
749 * If the property is found, its (string) value is translated to the numeric
750 * id which is returned to the caller.
756 int fit_image_get_type(const void *fit, int noffset, uint8_t *type)
761 /* Get image type name from property data */
762 data = fdt_getprop(fit, noffset, FIT_TYPE_PROP, &len);
764 fit_get_debug(fit, noffset, FIT_TYPE_PROP, len);
769 /* Translate image type name to id */
770 *type = genimg_get_type_id(data);
775 * fit_image_get_comp - get comp id for a given component image node
776 * @fit: pointer to the FIT format image header
777 * @noffset: component image node offset
778 * @comp: pointer to the uint8_t, will hold comp numeric id
780 * fit_image_get_comp() finds comp property in a given component image node.
781 * If the property is found, its (string) value is translated to the numeric
782 * id which is returned to the caller.
788 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp)
793 /* Get compression name from property data */
794 data = fdt_getprop(fit, noffset, FIT_COMP_PROP, &len);
796 fit_get_debug(fit, noffset, FIT_COMP_PROP, len);
800 /* Translate compression name to id */
801 *comp = genimg_get_comp_id(data);
805 static int fit_image_get_address(const void *fit, int noffset, char *name,
812 cell = fdt_getprop(fit, noffset, name, &len);
814 fit_get_debug(fit, noffset, name, len);
819 /* Use load64 to avoid compiling warning for 32-bit target */
821 load64 = (load64 << 32) | uimage_to_cpu(*cell);
825 if (len > sizeof(ulong) && (uint32_t)(load64 >> 32)) {
826 printf("Unsupported %s address size\n", name);
830 *load = (ulong)load64;
835 * fit_image_get_load() - get load addr property for given component image node
836 * @fit: pointer to the FIT format image header
837 * @noffset: component image node offset
838 * @load: pointer to the uint32_t, will hold load address
840 * fit_image_get_load() finds load address property in a given component
841 * image node. If the property is found, its value is returned to the caller.
847 int fit_image_get_load(const void *fit, int noffset, ulong *load)
849 return fit_image_get_address(fit, noffset, FIT_LOAD_PROP, load);
853 * fit_image_get_entry() - get entry point address property
854 * @fit: pointer to the FIT format image header
855 * @noffset: component image node offset
856 * @entry: pointer to the uint32_t, will hold entry point address
858 * This gets the entry point address property for a given component image
861 * fit_image_get_entry() finds entry point address property in a given
862 * component image node. If the property is found, its value is returned
869 int fit_image_get_entry(const void *fit, int noffset, ulong *entry)
871 return fit_image_get_address(fit, noffset, FIT_ENTRY_PROP, entry);
875 * fit_image_get_data - get data property and its size for a given component image node
876 * @fit: pointer to the FIT format image header
877 * @noffset: component image node offset
878 * @data: double pointer to void, will hold data property's data address
879 * @size: pointer to size_t, will hold data property's data size
881 * fit_image_get_data() finds data property in a given component image node.
882 * If the property is found its data start address and size are returned to
889 int fit_image_get_data(const void *fit, int noffset,
890 const void **data, size_t *size)
894 *data = fdt_getprop(fit, noffset, FIT_DATA_PROP, &len);
896 fit_get_debug(fit, noffset, FIT_DATA_PROP, len);
906 * Get 'data-offset' property from a given image node.
908 * @fit: pointer to the FIT image header
909 * @noffset: component image node offset
910 * @data_offset: holds the data-offset property
914 * -ENOENT if the property could not be found
916 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset)
920 val = fdt_getprop(fit, noffset, FIT_DATA_OFFSET_PROP, NULL);
924 *data_offset = fdt32_to_cpu(*val);
930 * Get 'data-position' property from a given image node.
932 * @fit: pointer to the FIT image header
933 * @noffset: component image node offset
934 * @data_position: holds the data-position property
938 * -ENOENT if the property could not be found
940 int fit_image_get_data_position(const void *fit, int noffset,
945 val = fdt_getprop(fit, noffset, FIT_DATA_POSITION_PROP, NULL);
949 *data_position = fdt32_to_cpu(*val);
955 * Get 'data-size' property from a given image node.
957 * @fit: pointer to the FIT image header
958 * @noffset: component image node offset
959 * @data_size: holds the data-size property
963 * -ENOENT if the property could not be found
965 int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
969 val = fdt_getprop(fit, noffset, FIT_DATA_SIZE_PROP, NULL);
973 *data_size = fdt32_to_cpu(*val);
979 * Get 'data-size-unciphered' property from a given image node.
981 * @fit: pointer to the FIT image header
982 * @noffset: component image node offset
983 * @data_size: holds the data-size property
987 * -ENOENT if the property could not be found
989 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
994 val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
998 *data_size = (size_t)fdt32_to_cpu(*val);
1004 * fit_image_get_data_and_size - get data and its size including
1005 * both embedded and external data
1006 * @fit: pointer to the FIT format image header
1007 * @noffset: component image node offset
1008 * @data: double pointer to void, will hold data property's data address
1009 * @size: pointer to size_t, will hold data property's data size
1011 * fit_image_get_data_and_size() finds data and its size including
1012 * both embedded and external data. If the property is found
1013 * its data start address and size are returned to the caller.
1017 * otherwise, on failure
1019 int fit_image_get_data_and_size(const void *fit, int noffset,
1020 const void **data, size_t *size)
1022 bool external_data = false;
1027 if (!fit_image_get_data_position(fit, noffset, &offset)) {
1028 external_data = true;
1029 } else if (!fit_image_get_data_offset(fit, noffset, &offset)) {
1030 external_data = true;
1032 * For FIT with external data, figure out where
1033 * the external images start. This is the base
1034 * for the data-offset properties in each image.
1036 offset += ((fdt_totalsize(fit) + 3) & ~3);
1039 if (external_data) {
1040 debug("External Data\n");
1041 ret = fit_image_get_data_size(fit, noffset, &len);
1043 *data = fit + offset;
1047 ret = fit_image_get_data(fit, noffset, data, size);
1054 * fit_image_hash_get_algo - get hash algorithm name
1055 * @fit: pointer to the FIT format image header
1056 * @noffset: hash node offset
1057 * @algo: double pointer to char, will hold pointer to the algorithm name
1059 * fit_image_hash_get_algo() finds hash algorithm property in a given hash node.
1060 * If the property is found its data start address is returned to the caller.
1066 int fit_image_hash_get_algo(const void *fit, int noffset, const char **algo)
1070 *algo = (const char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1071 if (*algo == NULL) {
1072 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1080 * fit_image_hash_get_value - get hash value and length
1081 * @fit: pointer to the FIT format image header
1082 * @noffset: hash node offset
1083 * @value: double pointer to uint8_t, will hold address of a hash value data
1084 * @value_len: pointer to an int, will hold hash data length
1086 * fit_image_hash_get_value() finds hash value property in a given hash node.
1087 * If the property is found its data start address and size are returned to
1094 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1099 *value = (uint8_t *)fdt_getprop(fit, noffset, FIT_VALUE_PROP, &len);
1100 if (*value == NULL) {
1101 fit_get_debug(fit, noffset, FIT_VALUE_PROP, len);
1111 * fit_image_hash_get_ignore - get hash ignore flag
1112 * @fit: pointer to the FIT format image header
1113 * @noffset: hash node offset
1114 * @ignore: pointer to an int, will hold hash ignore flag
1116 * fit_image_hash_get_ignore() finds hash ignore property in a given hash node.
1117 * If the property is found and non-zero, the hash algorithm is not verified by
1118 * u-boot automatically.
1121 * 0, on ignore not found
1122 * value, on ignore found
1124 static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore)
1129 value = (int *)fdt_getprop(fit, noffset, FIT_IGNORE_PROP, &len);
1130 if (value == NULL || len != sizeof(int))
1139 * fit_image_cipher_get_algo - get cipher algorithm name
1140 * @fit: pointer to the FIT format image header
1141 * @noffset: cipher node offset
1142 * @algo: double pointer to char, will hold pointer to the algorithm name
1144 * fit_image_cipher_get_algo() finds cipher algorithm property in a given
1145 * cipher node. If the property is found its data start address is returned
1152 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo)
1156 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1158 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1165 ulong fit_get_end(const void *fit)
1167 return map_to_sysmem((void *)(fit + fdt_totalsize(fit)));
1171 * fit_set_timestamp - set node timestamp property
1172 * @fit: pointer to the FIT format image header
1173 * @noffset: node offset
1174 * @timestamp: timestamp value to be set
1176 * fit_set_timestamp() attempts to set timestamp property in the requested
1177 * node and returns operation status to the caller.
1181 * -ENOSPC if no space in device tree, -1 for other error
1183 int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
1188 t = cpu_to_uimage(timestamp);
1189 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
1192 debug("Can't set '%s' property for '%s' node (%s)\n",
1193 FIT_TIMESTAMP_PROP, fit_get_name(fit, noffset, NULL),
1195 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -1;
1202 * calculate_hash - calculate and return hash for provided input data
1203 * @data: pointer to the input data
1204 * @data_len: data length
1205 * @name: requested hash algorithm name
1206 * @value: pointer to the char, will hold hash value data (caller must
1207 * allocate enough free space)
1208 * value_len: length of the calculated hash
1210 * calculate_hash() computes input data hash according to the requested
1212 * Resulting hash value is placed in caller provided 'value' buffer, length
1213 * of the calculated hash is returned via value_len pointer argument.
1217 * -1, when algo is unsupported
1219 int calculate_hash(const void *data, int data_len, const char *name,
1220 uint8_t *value, int *value_len)
1222 #if !defined(USE_HOSTCC) && defined(CONFIG_DM_HASH)
1224 enum HASH_ALGO hash_algo;
1225 struct udevice *dev;
1227 rc = uclass_get_device(UCLASS_HASH, 0, &dev);
1229 debug("failed to get hash device, rc=%d\n", rc);
1233 hash_algo = hash_algo_lookup_by_name(name);
1234 if (hash_algo == HASH_ALGO_INVALID) {
1235 debug("Unsupported hash algorithm\n");
1239 rc = hash_digest_wd(dev, hash_algo, data, data_len, value, CHUNKSZ);
1241 debug("failed to get hash value, rc=%d\n", rc);
1245 *value_len = hash_algo_digest_size(hash_algo);
1247 struct hash_algo *algo;
1250 ret = hash_lookup_algo(name, &algo);
1252 debug("Unsupported hash alogrithm\n");
1256 algo->hash_func_ws(data, data_len, value, algo->chunk_size);
1257 *value_len = algo->digest_size;
1263 static int fit_image_check_hash(const void *fit, int noffset, const void *data,
1264 size_t size, char **err_msgp)
1266 ALLOC_CACHE_ALIGN_BUFFER(uint8_t, value, FIT_MAX_HASH_LEN);
1275 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
1276 *err_msgp = "Can't get hash algo property";
1281 if (!tools_build()) {
1282 fit_image_hash_get_ignore(fit, noffset, &ignore);
1284 printf("-skipped ");
1289 if (fit_image_hash_get_value(fit, noffset, &fit_value,
1291 *err_msgp = "Can't get hash value property";
1295 if (calculate_hash(data, size, algo, value, &value_len)) {
1296 *err_msgp = "Unsupported hash algorithm";
1300 if (value_len != fit_value_len) {
1301 *err_msgp = "Bad hash value len";
1303 } else if (memcmp(value, fit_value, value_len) != 0) {
1304 *err_msgp = "Bad hash value";
1311 int fit_image_verify_with_data(const void *fit, int image_noffset,
1312 const void *key_blob, const void *data,
1320 /* Verify all required signatures */
1321 if (FIT_IMAGE_ENABLE_VERIFY &&
1322 fit_image_verify_required_sigs(fit, image_noffset, data, size,
1323 key_blob, &verify_all)) {
1324 err_msg = "Unable to verify required signature";
1328 /* Process all hash subnodes of the component image node */
1329 fdt_for_each_subnode(noffset, fit, image_noffset) {
1330 const char *name = fit_get_name(fit, noffset, NULL);
1333 * Check subnode name, must be equal to "hash".
1334 * Multiple hash nodes require unique unit node
1335 * names, e.g. hash-1, hash-2, etc.
1337 if (!strncmp(name, FIT_HASH_NODENAME,
1338 strlen(FIT_HASH_NODENAME))) {
1339 if (fit_image_check_hash(fit, noffset, data, size,
1343 } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
1344 !strncmp(name, FIT_SIG_NODENAME,
1345 strlen(FIT_SIG_NODENAME))) {
1346 ret = fit_image_check_sig(fit, noffset, data, size,
1347 gd_fdt_blob(), -1, &err_msg);
1350 * Show an indication on failure, but do not return
1351 * an error. Only keys marked 'required' can cause
1352 * an image validation failure. See the call to
1353 * fit_image_verify_required_sigs() above.
1362 if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
1363 err_msg = "Corrupted or truncated tree";
1370 printf(" error!\n%s for '%s' hash node in '%s' image node\n",
1371 err_msg, fit_get_name(fit, noffset, NULL),
1372 fit_get_name(fit, image_noffset, NULL));
1377 * fit_image_verify - verify data integrity
1378 * @fit: pointer to the FIT format image header
1379 * @image_noffset: component image node offset
1381 * fit_image_verify() goes over component image hash nodes,
1382 * re-calculates each data hash and compares with the value stored in hash
1386 * 1, if all hashes are valid
1387 * 0, otherwise (or on error)
1389 int fit_image_verify(const void *fit, int image_noffset)
1391 const char *name = fit_get_name(fit, image_noffset, NULL);
1396 if (IS_ENABLED(CONFIG_FIT_SIGNATURE) && strchr(name, '@')) {
1398 * We don't support this since libfdt considers names with the
1399 * name root but different @ suffix to be equal
1401 err_msg = "Node name contains @";
1404 /* Get image data and data length */
1405 if (fit_image_get_data_and_size(fit, image_noffset, &data, &size)) {
1406 err_msg = "Can't get image data/size";
1410 return fit_image_verify_with_data(fit, image_noffset, gd_fdt_blob(),
1414 printf("error!\n%s in '%s' image node\n", err_msg,
1415 fit_get_name(fit, image_noffset, NULL));
1420 * fit_all_image_verify - verify data integrity for all images
1421 * @fit: pointer to the FIT format image header
1423 * fit_all_image_verify() goes over all images in the FIT and
1424 * for every images checks if all it's hashes are valid.
1427 * 1, if all hashes of all images are valid
1428 * 0, otherwise (or on error)
1430 int fit_all_image_verify(const void *fit)
1437 /* Find images parent node offset */
1438 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1439 if (images_noffset < 0) {
1440 printf("Can't find images parent node '%s' (%s)\n",
1441 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1445 /* Process all image subnodes, check hashes for each */
1446 printf("## Checking hash(es) for FIT Image at %08lx ...\n",
1448 for (ndepth = 0, count = 0,
1449 noffset = fdt_next_node(fit, images_noffset, &ndepth);
1450 (noffset >= 0) && (ndepth > 0);
1451 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1454 * Direct child node of the images parent node,
1455 * i.e. component image node.
1457 printf(" Hash(es) for Image %u (%s): ", count,
1458 fit_get_name(fit, noffset, NULL));
1461 if (!fit_image_verify(fit, noffset))
1469 static int fit_image_uncipher(const void *fit, int image_noffset,
1470 void **data, size_t *size)
1472 int cipher_noffset, ret;
1476 cipher_noffset = fdt_subnode_offset(fit, image_noffset,
1477 FIT_CIPHER_NODENAME);
1478 if (cipher_noffset < 0)
1481 ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
1482 *data, *size, &dst, &size_dst);
1494 * fit_image_check_os - check whether image node is of a given os type
1495 * @fit: pointer to the FIT format image header
1496 * @noffset: component image node offset
1497 * @os: requested image os
1499 * fit_image_check_os() reads image os property and compares its numeric
1500 * id with the requested os. Comparison result is returned to the caller.
1503 * 1 if image is of given os type
1504 * 0 otherwise (or on error)
1506 int fit_image_check_os(const void *fit, int noffset, uint8_t os)
1510 if (fit_image_get_os(fit, noffset, &image_os))
1512 return (os == image_os);
1516 * fit_image_check_arch - check whether image node is of a given arch
1517 * @fit: pointer to the FIT format image header
1518 * @noffset: component image node offset
1519 * @arch: requested imagearch
1521 * fit_image_check_arch() reads image arch property and compares its numeric
1522 * id with the requested arch. Comparison result is returned to the caller.
1525 * 1 if image is of given arch
1526 * 0 otherwise (or on error)
1528 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch)
1531 int aarch32_support = 0;
1533 /* Let's assume that sandbox can load any architecture */
1534 if (IS_ENABLED(CONFIG_SANDBOX))
1537 if (IS_ENABLED(CONFIG_ARM64_SUPPORT_AARCH32))
1538 aarch32_support = 1;
1540 if (fit_image_get_arch(fit, noffset, &image_arch))
1542 return (arch == image_arch) ||
1543 (arch == IH_ARCH_I386 && image_arch == IH_ARCH_X86_64) ||
1544 (arch == IH_ARCH_ARM64 && image_arch == IH_ARCH_ARM &&
1549 * fit_image_check_type - check whether image node is of a given type
1550 * @fit: pointer to the FIT format image header
1551 * @noffset: component image node offset
1552 * @type: requested image type
1554 * fit_image_check_type() reads image type property and compares its numeric
1555 * id with the requested type. Comparison result is returned to the caller.
1558 * 1 if image is of given type
1559 * 0 otherwise (or on error)
1561 int fit_image_check_type(const void *fit, int noffset, uint8_t type)
1565 if (fit_image_get_type(fit, noffset, &image_type))
1567 return (type == image_type);
1571 * fit_image_check_comp - check whether image node uses given compression
1572 * @fit: pointer to the FIT format image header
1573 * @noffset: component image node offset
1574 * @comp: requested image compression type
1576 * fit_image_check_comp() reads image compression property and compares its
1577 * numeric id with the requested compression type. Comparison result is
1578 * returned to the caller.
1581 * 1 if image uses requested compression
1582 * 0 otherwise (or on error)
1584 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp)
1588 if (fit_image_get_comp(fit, noffset, &image_comp))
1590 return (comp == image_comp);
1594 * fdt_check_no_at() - Check for nodes whose names contain '@'
1596 * This checks the parent node and all subnodes recursively
1598 * @fit: FIT to check
1599 * @parent: Parent node to check
1600 * Return: 0 if OK, -EADDRNOTAVAIL is a node has a name containing '@'
1602 static int fdt_check_no_at(const void *fit, int parent)
1608 name = fdt_get_name(fit, parent, NULL);
1609 if (!name || strchr(name, '@'))
1610 return -EADDRNOTAVAIL;
1612 fdt_for_each_subnode(node, fit, parent) {
1613 ret = fdt_check_no_at(fit, node);
1621 int fit_check_format(const void *fit, ulong size)
1625 /* A FIT image must be a valid FDT */
1626 ret = fdt_check_header(fit);
1628 log_debug("Wrong FIT format: not a flattened device tree (err=%d)\n",
1633 if (CONFIG_IS_ENABLED(FIT_FULL_CHECK)) {
1635 * If we are not given the size, make do wtih calculating it.
1636 * This is not as secure, so we should consider a flag to
1639 if (size == IMAGE_SIZE_INVAL)
1640 size = fdt_totalsize(fit);
1641 ret = fdt_check_full(fit, size);
1646 * U-Boot stopped using unit addressed in 2017. Since libfdt
1647 * can match nodes ignoring any unit address, signature
1648 * verification can see the wrong node if one is inserted with
1649 * the same name as a valid node but with a unit address
1650 * attached. Protect against this by disallowing unit addresses.
1652 if (!ret && CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
1653 ret = fdt_check_no_at(fit, 0);
1656 log_debug("FIT check error %d\n", ret);
1661 log_debug("FIT check error %d\n", ret);
1666 /* mandatory / node 'description' property */
1667 if (!fdt_getprop(fit, 0, FIT_DESC_PROP, NULL)) {
1668 log_debug("Wrong FIT format: no description\n");
1672 if (IMAGE_ENABLE_TIMESTAMP) {
1673 /* mandatory / node 'timestamp' property */
1674 if (!fdt_getprop(fit, 0, FIT_TIMESTAMP_PROP, NULL)) {
1675 log_debug("Wrong FIT format: no timestamp\n");
1680 /* mandatory subimages parent '/images' node */
1681 if (fdt_path_offset(fit, FIT_IMAGES_PATH) < 0) {
1682 log_debug("Wrong FIT format: no images parent node\n");
1689 int fit_conf_find_compat(const void *fit, const void *fdt)
1692 int noffset, confs_noffset, images_noffset;
1693 const void *fdt_compat;
1695 int best_match_offset = 0;
1696 int best_match_pos = 0;
1698 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1699 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1700 if (confs_noffset < 0 || images_noffset < 0) {
1701 debug("Can't find configurations or images nodes.\n");
1705 fdt_compat = fdt_getprop(fdt, 0, "compatible", &fdt_compat_len);
1707 debug("Fdt for comparison has no \"compatible\" property.\n");
1712 * Loop over the configurations in the FIT image.
1714 for (noffset = fdt_next_node(fit, confs_noffset, &ndepth);
1715 (noffset >= 0) && (ndepth > 0);
1716 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1718 const char *kfdt_name;
1719 int kfdt_noffset, compat_noffset;
1720 const char *cur_fdt_compat;
1728 /* If there's a compat property in the config node, use that. */
1729 if (fdt_getprop(fit, noffset, "compatible", NULL)) {
1730 fdt = fit; /* search in FIT image */
1731 compat_noffset = noffset; /* search under config node */
1732 } else { /* Otherwise extract it from the kernel FDT. */
1733 kfdt_name = fdt_getprop(fit, noffset, "fdt", &len);
1735 debug("No fdt property found.\n");
1738 kfdt_noffset = fdt_subnode_offset(fit, images_noffset,
1740 if (kfdt_noffset < 0) {
1741 debug("No image node named \"%s\" found.\n",
1746 if (!fit_image_check_comp(fit, kfdt_noffset,
1748 debug("Can't extract compat from \"%s\" "
1749 "(compressed)\n", kfdt_name);
1753 /* search in this config's kernel FDT */
1754 if (fit_image_get_data_and_size(fit, kfdt_noffset,
1756 debug("Failed to get fdt \"%s\".\n", kfdt_name);
1760 compat_noffset = 0; /* search kFDT under root node */
1763 len = fdt_compat_len;
1764 cur_fdt_compat = fdt_compat;
1766 * Look for a match for each U-Boot compatibility string in
1767 * turn in the compat string property.
1769 for (i = 0; len > 0 &&
1770 (!best_match_offset || best_match_pos > i); i++) {
1771 int cur_len = strlen(cur_fdt_compat) + 1;
1773 if (!fdt_node_check_compatible(fdt, compat_noffset,
1775 best_match_offset = noffset;
1780 cur_fdt_compat += cur_len;
1783 if (!best_match_offset) {
1784 debug("No match found.\n");
1788 return best_match_offset;
1791 int fit_conf_get_node(const void *fit, const char *conf_uname)
1793 int noffset, confs_noffset;
1796 char *conf_uname_copy = NULL;
1798 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1799 if (confs_noffset < 0) {
1800 debug("Can't find configurations parent node '%s' (%s)\n",
1801 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1802 return confs_noffset;
1805 if (conf_uname == NULL) {
1806 /* get configuration unit name from the default property */
1807 debug("No configuration specified, trying default...\n");
1808 if (!tools_build() && IS_ENABLED(CONFIG_MULTI_DTB_FIT)) {
1809 noffset = fit_find_config_node(fit);
1812 conf_uname = fdt_get_name(fit, noffset, NULL);
1814 conf_uname = (char *)fdt_getprop(fit, confs_noffset,
1815 FIT_DEFAULT_PROP, &len);
1816 if (conf_uname == NULL) {
1817 fit_get_debug(fit, confs_noffset, FIT_DEFAULT_PROP,
1822 debug("Found default configuration: '%s'\n", conf_uname);
1825 s = strchr(conf_uname, '#');
1827 len = s - conf_uname;
1828 conf_uname_copy = malloc(len + 1);
1829 if (!conf_uname_copy) {
1830 debug("Can't allocate uname copy: '%s'\n",
1834 memcpy(conf_uname_copy, conf_uname, len);
1835 conf_uname_copy[len] = '\0';
1836 conf_uname = conf_uname_copy;
1839 noffset = fdt_subnode_offset(fit, confs_noffset, conf_uname);
1841 debug("Can't get node offset for configuration unit name: '%s' (%s)\n",
1842 conf_uname, fdt_strerror(noffset));
1845 free(conf_uname_copy);
1850 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1851 const char *prop_name)
1853 return fdt_stringlist_count(fit, noffset, prop_name);
1856 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1857 const char *prop_name, int index)
1862 /* get kernel image unit name from configuration kernel property */
1863 uname = fdt_stringlist_get(fit, noffset, prop_name, index, &len);
1867 return fit_image_get_node(fit, uname);
1870 int fit_conf_get_prop_node(const void *fit, int noffset,
1871 const char *prop_name)
1873 return fit_conf_get_prop_node_index(fit, noffset, prop_name, 0);
1876 static int fit_get_data_tail(const void *fit, int noffset,
1877 const void **data, size_t *size)
1884 if (!fit_image_verify(fit, noffset))
1887 if (fit_image_get_data_and_size(fit, noffset, data, size))
1890 if (!fit_get_desc(fit, noffset, &desc))
1891 printf("%s\n", desc);
1896 int fit_get_data_node(const void *fit, const char *image_uname,
1897 const void **data, size_t *size)
1899 int noffset = fit_image_get_node(fit, image_uname);
1901 return fit_get_data_tail(fit, noffset, data, size);
1904 int fit_get_data_conf_prop(const void *fit, const char *prop_name,
1905 const void **data, size_t *size)
1907 int noffset = fit_conf_get_node(fit, NULL);
1909 noffset = fit_conf_get_prop_node(fit, noffset, prop_name);
1910 return fit_get_data_tail(fit, noffset, data, size);
1913 static int fit_image_select(const void *fit, int rd_noffset, int verify)
1915 fit_image_print(fit, rd_noffset, " ");
1918 puts(" Verifying Hash Integrity ... ");
1919 if (!fit_image_verify(fit, rd_noffset)) {
1920 puts("Bad Data Hash\n");
1929 int fit_get_node_from_config(struct bootm_headers *images,
1930 const char *prop_name, ulong addr)
1936 debug("* %s: using config '%s' from image at 0x%08lx\n",
1937 prop_name, images->fit_uname_cfg, addr);
1939 /* Check whether configuration has this property defined */
1940 fit_hdr = map_sysmem(addr, 0);
1941 cfg_noffset = fit_conf_get_node(fit_hdr, images->fit_uname_cfg);
1942 if (cfg_noffset < 0) {
1943 debug("* %s: no such config\n", prop_name);
1947 noffset = fit_conf_get_prop_node(fit_hdr, cfg_noffset, prop_name);
1949 debug("* %s: no '%s' in config\n", prop_name, prop_name);
1957 * fit_get_image_type_property() - get property name for IH_TYPE_...
1959 * Return: the properly name where we expect to find the image in the
1962 static const char *fit_get_image_type_property(int type)
1965 * This is sort-of available in the uimage_type[] table in image.c
1966 * but we don't have access to the short name, and "fdt" is different
1967 * anyway. So let's just keep it here.
1970 case IH_TYPE_FLATDT:
1971 return FIT_FDT_PROP;
1972 case IH_TYPE_KERNEL:
1973 return FIT_KERNEL_PROP;
1974 case IH_TYPE_FIRMWARE:
1975 return FIT_FIRMWARE_PROP;
1976 case IH_TYPE_RAMDISK:
1977 return FIT_RAMDISK_PROP;
1978 case IH_TYPE_X86_SETUP:
1979 return FIT_SETUP_PROP;
1980 case IH_TYPE_LOADABLE:
1981 return FIT_LOADABLE_PROP;
1983 return FIT_FPGA_PROP;
1984 case IH_TYPE_STANDALONE:
1985 return FIT_STANDALONE_PROP;
1991 int fit_image_load(struct bootm_headers *images, ulong addr,
1992 const char **fit_unamep, const char **fit_uname_configp,
1993 int arch, int image_type, int bootstage_id,
1994 enum fit_load_op load_op, ulong *datap, ulong *lenp)
1996 int cfg_noffset, noffset;
1997 const char *fit_uname;
1998 const char *fit_uname_config;
1999 const char *fit_base_uname_config;
2005 ulong load, load_end, data, len;
2007 const char *prop_name;
2010 fit = map_sysmem(addr, 0);
2011 fit_uname = fit_unamep ? *fit_unamep : NULL;
2012 fit_uname_config = fit_uname_configp ? *fit_uname_configp : NULL;
2013 fit_base_uname_config = NULL;
2014 prop_name = fit_get_image_type_property(image_type);
2015 printf("## Loading %s from FIT Image at %08lx ...\n", prop_name, addr);
2017 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2018 ret = fit_check_format(fit, IMAGE_SIZE_INVAL);
2020 printf("Bad FIT %s image format! (err=%d)\n", prop_name, ret);
2021 if (CONFIG_IS_ENABLED(FIT_SIGNATURE) && ret == -EADDRNOTAVAIL)
2022 printf("Signature checking prevents use of unit addresses (@) in nodes\n");
2023 bootstage_error(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2026 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT_OK);
2028 /* get FIT component image node offset */
2029 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_UNIT_NAME);
2030 noffset = fit_image_get_node(fit, fit_uname);
2033 * no image node unit name, try to get config
2034 * node first. If config unit node name is NULL
2035 * fit_conf_get_node() will try to find default config node
2037 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME);
2038 if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) {
2039 cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob());
2041 cfg_noffset = fit_conf_get_node(fit,
2044 if (cfg_noffset < 0) {
2045 puts("Could not find configuration node\n");
2046 bootstage_error(bootstage_id +
2047 BOOTSTAGE_SUB_NO_UNIT_NAME);
2051 fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
2052 printf(" Using '%s' configuration\n", fit_base_uname_config);
2053 /* Remember this config */
2054 if (image_type == IH_TYPE_KERNEL)
2055 images->fit_uname_cfg = fit_base_uname_config;
2057 if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
2058 puts(" Verifying Hash Integrity ... ");
2059 if (fit_config_verify(fit, cfg_noffset)) {
2060 puts("Bad Data Hash\n");
2061 bootstage_error(bootstage_id +
2062 BOOTSTAGE_SUB_HASH);
2068 bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
2070 noffset = fit_conf_get_prop_node(fit, cfg_noffset,
2072 fit_uname = fit_get_name(fit, noffset, NULL);
2075 printf("Could not find subimage node type '%s'\n", prop_name);
2076 bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE);
2080 printf(" Trying '%s' %s subimage\n", fit_uname, prop_name);
2082 ret = fit_image_select(fit, noffset, images->verify);
2084 bootstage_error(bootstage_id + BOOTSTAGE_SUB_HASH);
2088 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2089 if (!tools_build() && IS_ENABLED(CONFIG_SANDBOX)) {
2090 if (!fit_image_check_target_arch(fit, noffset)) {
2091 puts("Unsupported Architecture\n");
2092 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2101 fit_image_get_arch(fit, noffset, &os_arch);
2102 images->os.arch = os_arch;
2106 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2107 type_ok = fit_image_check_type(fit, noffset, image_type) ||
2108 fit_image_check_type(fit, noffset, IH_TYPE_FIRMWARE) ||
2109 fit_image_check_type(fit, noffset, IH_TYPE_TEE) ||
2110 (image_type == IH_TYPE_KERNEL &&
2111 fit_image_check_type(fit, noffset, IH_TYPE_KERNEL_NOLOAD));
2113 os_ok = image_type == IH_TYPE_FLATDT ||
2114 image_type == IH_TYPE_FPGA ||
2115 fit_image_check_os(fit, noffset, IH_OS_LINUX) ||
2116 fit_image_check_os(fit, noffset, IH_OS_U_BOOT) ||
2117 fit_image_check_os(fit, noffset, IH_OS_TEE) ||
2118 fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) ||
2119 fit_image_check_os(fit, noffset, IH_OS_EFI) ||
2120 fit_image_check_os(fit, noffset, IH_OS_VXWORKS);
2123 * If either of the checks fail, we should report an error, but
2124 * if the image type is coming from the "loadables" field, we
2125 * don't care what it is
2127 if ((!type_ok || !os_ok) && image_type != IH_TYPE_LOADABLE) {
2128 fit_image_get_os(fit, noffset, &os);
2129 printf("No %s %s %s Image\n",
2130 genimg_get_os_name(os),
2131 genimg_get_arch_name(arch),
2132 genimg_get_type_name(image_type));
2133 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2137 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL_OK);
2139 /* get image data address and length */
2140 if (fit_image_get_data_and_size(fit, noffset,
2141 (const void **)&buf, &size)) {
2142 printf("Could not find %s subimage data!\n", prop_name);
2143 bootstage_error(bootstage_id + BOOTSTAGE_SUB_GET_DATA);
2147 /* Decrypt data before uncompress/move */
2148 if (IS_ENABLED(CONFIG_FIT_CIPHER) && IMAGE_ENABLE_DECRYPT) {
2149 puts(" Decrypting Data ... ");
2150 if (fit_image_uncipher(fit, noffset, &buf, &size)) {
2157 /* perform any post-processing on the image data */
2158 if (!tools_build() && IS_ENABLED(CONFIG_FIT_IMAGE_POST_PROCESS))
2159 board_fit_image_post_process(fit, noffset, &buf, &size);
2163 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_GET_DATA_OK);
2165 data = map_to_sysmem(buf);
2167 if (load_op == FIT_LOAD_IGNORED) {
2169 } else if (fit_image_get_load(fit, noffset, &load)) {
2170 if (load_op == FIT_LOAD_REQUIRED) {
2171 printf("Can't get %s subimage load address!\n",
2173 bootstage_error(bootstage_id + BOOTSTAGE_SUB_LOAD);
2176 } else if (load_op != FIT_LOAD_OPTIONAL_NON_ZERO || load) {
2177 ulong image_start, image_end;
2180 * move image data to the load address,
2181 * make sure we don't overwrite initial image
2184 image_end = addr + fit_get_size(fit);
2186 load_end = load + len;
2187 if (image_type != IH_TYPE_KERNEL &&
2188 load < image_end && load_end > image_start) {
2189 printf("Error: %s overwritten\n", prop_name);
2193 printf(" Loading %s from 0x%08lx to 0x%08lx\n",
2194 prop_name, data, load);
2196 load = data; /* No load address specified */
2199 comp = IH_COMP_NONE;
2201 /* Kernel images get decompressed later in bootm_load_os(). */
2202 if (!fit_image_get_comp(fit, noffset, &comp) &&
2203 comp != IH_COMP_NONE &&
2204 !(image_type == IH_TYPE_KERNEL ||
2205 image_type == IH_TYPE_KERNEL_NOLOAD ||
2206 image_type == IH_TYPE_RAMDISK)) {
2207 ulong max_decomp_len = len * 20;
2209 loadbuf = malloc(max_decomp_len);
2210 load = map_to_sysmem(loadbuf);
2212 loadbuf = map_sysmem(load, max_decomp_len);
2214 if (image_decomp(comp, load, data, image_type,
2215 loadbuf, buf, len, max_decomp_len, &load_end)) {
2216 printf("Error decompressing %s\n", prop_name);
2220 len = load_end - load;
2221 } else if (load != data) {
2222 loadbuf = map_sysmem(load, len);
2223 memcpy(loadbuf, buf, len);
2226 if (image_type == IH_TYPE_RAMDISK && comp != IH_COMP_NONE)
2227 puts("WARNING: 'compression' nodes for ramdisks are deprecated,"
2228 " please fix your .its file!\n");
2230 /* verify that image data is a proper FDT blob */
2231 if (image_type == IH_TYPE_FLATDT && fdt_check_header(loadbuf)) {
2232 puts("Subimage data is not a FDT");
2236 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_LOAD);
2241 *fit_unamep = (char *)fit_uname;
2242 if (fit_uname_configp)
2243 *fit_uname_configp = (char *)(fit_uname_config ? :
2244 fit_base_uname_config);
2249 int boot_get_setup_fit(struct bootm_headers *images, uint8_t arch,
2250 ulong *setup_start, ulong *setup_len)
2257 addr = map_to_sysmem(images->fit_hdr_os);
2258 noffset = fit_get_node_from_config(images, FIT_SETUP_PROP, addr);
2262 ret = fit_image_load(images, addr, NULL, NULL, arch,
2263 IH_TYPE_X86_SETUP, BOOTSTAGE_ID_FIT_SETUP_START,
2264 FIT_LOAD_REQUIRED, setup_start, &len);
2270 int boot_get_fdt_fit(struct bootm_headers *images, ulong addr,
2271 const char **fit_unamep, const char **fit_uname_configp,
2272 int arch, ulong *datap, ulong *lenp)
2274 int fdt_noffset, cfg_noffset, count;
2276 const char *fit_uname = NULL;
2277 const char *fit_uname_config = NULL;
2278 char *fit_uname_config_copy = NULL;
2279 char *next_config = NULL;
2281 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2282 ulong image_start, image_end;
2283 ulong ovload, ovlen, ovcopylen;
2284 const char *uconfig;
2286 void *base, *ov, *ovcopy = NULL;
2287 int i, err, noffset, ov_noffset;
2290 fit_uname = fit_unamep ? *fit_unamep : NULL;
2292 if (fit_uname_configp && *fit_uname_configp) {
2293 fit_uname_config_copy = strdup(*fit_uname_configp);
2294 if (!fit_uname_config_copy)
2297 next_config = strchr(fit_uname_config_copy, '#');
2299 *next_config++ = '\0';
2300 if (next_config - 1 > fit_uname_config_copy)
2301 fit_uname_config = fit_uname_config_copy;
2304 fdt_noffset = fit_image_load(images,
2305 addr, &fit_uname, &fit_uname_config,
2306 arch, IH_TYPE_FLATDT,
2307 BOOTSTAGE_ID_FIT_FDT_START,
2308 FIT_LOAD_OPTIONAL, &load, &len);
2310 if (fdt_noffset < 0)
2313 debug("fit_uname=%s, fit_uname_config=%s\n",
2314 fit_uname ? fit_uname : "<NULL>",
2315 fit_uname_config ? fit_uname_config : "<NULL>");
2317 fit = map_sysmem(addr, 0);
2319 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
2321 /* single blob, or error just return as well */
2322 count = fit_conf_get_prop_node_count(fit, cfg_noffset, FIT_FDT_PROP);
2323 if (count <= 1 && !next_config)
2326 /* we need to apply overlays */
2328 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2330 image_end = addr + fit_get_size(fit);
2331 /* verify that relocation took place by load address not being in fit */
2332 if (load >= image_start && load < image_end) {
2333 /* check is simplified; fit load checks for overlaps */
2334 printf("Overlayed FDT requires relocation\n");
2335 fdt_noffset = -EBADF;
2339 base = map_sysmem(load, len);
2341 /* apply extra configs in FIT first, followed by args */
2342 for (i = 1; ; i++) {
2344 noffset = fit_conf_get_prop_node_index(fit, cfg_noffset,
2346 uname = fit_get_name(fit, noffset, NULL);
2351 uconfig = next_config;
2352 next_config = strchr(next_config, '#');
2354 *next_config++ = '\0';
2358 * fit_image_load() would load the first FDT from the
2359 * extra config only when uconfig is specified.
2360 * Check if the extra config contains multiple FDTs and
2363 cfg_noffset = fit_conf_get_node(fit, uconfig);
2366 count = fit_conf_get_prop_node_count(fit, cfg_noffset,
2370 debug("%d: using uname=%s uconfig=%s\n", i, uname, uconfig);
2372 ov_noffset = fit_image_load(images,
2373 addr, &uname, &uconfig,
2374 arch, IH_TYPE_FLATDT,
2375 BOOTSTAGE_ID_FIT_FDT_START,
2376 FIT_LOAD_IGNORED, &ovload, &ovlen);
2377 if (ov_noffset < 0) {
2378 printf("load of %s failed\n", uname);
2381 debug("%s loaded at 0x%08lx len=0x%08lx\n",
2382 uname, ovload, ovlen);
2383 ov = map_sysmem(ovload, ovlen);
2385 ovcopylen = ALIGN(fdt_totalsize(ov), SZ_4K);
2386 ovcopy = malloc(ovcopylen);
2388 printf("failed to duplicate DTO before application\n");
2389 fdt_noffset = -ENOMEM;
2393 err = fdt_open_into(ov, ovcopy, ovcopylen);
2395 printf("failed on fdt_open_into for DTO\n");
2400 base = map_sysmem(load, len + ovlen);
2401 err = fdt_open_into(base, base, len + ovlen);
2403 printf("failed on fdt_open_into\n");
2408 /* the verbose method prints out messages on error */
2409 err = fdt_overlay_apply_verbose(base, ovcopy);
2415 len = fdt_totalsize(base);
2418 printf("config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set\n");
2419 fdt_noffset = -EBADF;
2428 *fit_unamep = fit_uname;
2429 if (fit_uname_configp)
2430 *fit_uname_configp = fit_uname_config;
2432 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2435 free(fit_uname_config_copy);
projects / platform / kernel / u-boot.git / blob