1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
11 #define LOG_CATEGORY LOGC_BOOT
16 #include <linux/libfdt.h>
17 #include <u-boot/crc.h>
19 #include <linux/compiler.h>
20 #include <linux/sizes.h>
27 #include <asm/global_data.h>
30 #include <u-boot/hash.h>
32 DECLARE_GLOBAL_DATA_PTR;
33 #endif /* !USE_HOSTCC*/
37 #include <bootstage.h>
38 #include <linux/kconfig.h>
39 #include <u-boot/crc.h>
40 #include <u-boot/md5.h>
41 #include <u-boot/sha1.h>
42 #include <u-boot/sha256.h>
43 #include <u-boot/sha512.h>
45 /*****************************************************************************/
46 /* New uImage format routines */
47 /*****************************************************************************/
49 static int fit_parse_spec(const char *spec, char sepc, ulong addr_curr,
50 ulong *addr, const char **name)
57 sep = strchr(spec, sepc);
60 *addr = hextoul(spec, NULL);
70 * fit_parse_conf - parse FIT configuration spec
71 * @spec: input string, containing configuration spec
72 * @add_curr: current image address (to be used as a possible default)
73 * @addr: pointer to a ulong variable, will hold FIT image address of a given
75 * @conf_name double pointer to a char, will hold pointer to a configuration
78 * fit_parse_conf() expects configuration spec in the form of [<addr>]#<conf>,
79 * where <addr> is a FIT image address that contains configuration
80 * with a <conf> unit name.
82 * Address part is optional, and if omitted default add_curr will
86 * 1 if spec is a valid configuration string,
87 * addr and conf_name are set accordingly
90 int fit_parse_conf(const char *spec, ulong addr_curr,
91 ulong *addr, const char **conf_name)
93 return fit_parse_spec(spec, '#', addr_curr, addr, conf_name);
97 * fit_parse_subimage - parse FIT subimage spec
98 * @spec: input string, containing subimage spec
99 * @add_curr: current image address (to be used as a possible default)
100 * @addr: pointer to a ulong variable, will hold FIT image address of a given
102 * @image_name: double pointer to a char, will hold pointer to a subimage name
104 * fit_parse_subimage() expects subimage spec in the form of
105 * [<addr>]:<subimage>, where <addr> is a FIT image address that contains
106 * subimage with a <subimg> unit name.
108 * Address part is optional, and if omitted default add_curr will
112 * 1 if spec is a valid subimage string,
113 * addr and image_name are set accordingly
116 int fit_parse_subimage(const char *spec, ulong addr_curr,
117 ulong *addr, const char **image_name)
119 return fit_parse_spec(spec, ':', addr_curr, addr, image_name);
121 #endif /* !USE_HOSTCC */
124 /* Host tools use these implementations for Cipher and Signature support */
125 static void *host_blob;
127 void image_set_host_blob(void *blob)
132 void *image_get_host_blob(void)
136 #endif /* USE_HOSTCC */
138 static void fit_get_debug(const void *fit, int noffset,
139 char *prop_name, int err)
141 debug("Can't get '%s' property from FIT 0x%08lx, node: offset %d, name %s (%s)\n",
142 prop_name, (ulong)fit, noffset, fit_get_name(fit, noffset, NULL),
147 * fit_get_subimage_count - get component (sub-image) count
148 * @fit: pointer to the FIT format image header
149 * @images_noffset: offset of images node
152 * number of image components
154 int fit_get_subimage_count(const void *fit, int images_noffset)
160 /* Process its subnodes, print out component images details */
161 for (ndepth = 0, count = 0,
162 noffset = fdt_next_node(fit, images_noffset, &ndepth);
163 (noffset >= 0) && (ndepth > 0);
164 noffset = fdt_next_node(fit, noffset, &ndepth)) {
174 * fit_image_print_data() - prints out the hash node details
175 * @fit: pointer to the FIT format image header
176 * @noffset: offset of the hash node
177 * @p: pointer to prefix string
178 * @type: Type of information to print ("hash" or "sign")
180 * fit_image_print_data() lists properties for the processed hash node
182 * This function avoid using puts() since it prints a newline on the host
183 * but does not in U-Boot.
186 * no returned results
188 static void fit_image_print_data(const void *fit, int noffset, const char *p,
199 debug("%s %s node: '%s'\n", p, type,
200 fit_get_name(fit, noffset, NULL));
201 printf("%s %s algo: ", p, type);
202 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
203 printf("invalid/unsupported\n");
207 keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
208 required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL;
210 printf(":%s", keyname);
212 printf(" (required)");
215 padding = fdt_getprop(fit, noffset, "padding", NULL);
217 printf("%s %s padding: %s\n", p, type, padding);
219 ret = fit_image_hash_get_value(fit, noffset, &value,
221 printf("%s %s value: ", p, type);
223 printf("unavailable\n");
225 for (i = 0; i < value_len; i++)
226 printf("%02x", value[i]);
230 debug("%s %s len: %d\n", p, type, value_len);
232 /* Signatures have a time stamp */
233 if (IMAGE_ENABLE_TIMESTAMP && keyname) {
236 printf("%s Timestamp: ", p);
237 if (fit_get_timestamp(fit, noffset, ×tamp))
238 printf("unavailable\n");
240 genimg_print_time(timestamp);
245 * fit_image_print_verification_data() - prints out the hash/signature details
246 * @fit: pointer to the FIT format image header
247 * @noffset: offset of the hash or signature node
248 * @p: pointer to prefix string
250 * This lists properties for the processed hash node
253 * no returned results
255 static void fit_image_print_verification_data(const void *fit, int noffset,
261 * Check subnode name, must be equal to "hash" or "signature".
262 * Multiple hash/signature nodes require unique unit node
263 * names, e.g. hash-1, hash-2, signature-1, signature-2, etc.
265 name = fit_get_name(fit, noffset, NULL);
266 if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME))) {
267 fit_image_print_data(fit, noffset, p, "Hash");
268 } else if (!strncmp(name, FIT_SIG_NODENAME,
269 strlen(FIT_SIG_NODENAME))) {
270 fit_image_print_data(fit, noffset, p, "Sign");
275 * fit_conf_print - prints out the FIT configuration details
276 * @fit: pointer to the FIT format image header
277 * @noffset: offset of the configuration node
278 * @p: pointer to prefix string
280 * fit_conf_print() lists all mandatory properties for the processed
281 * configuration node.
284 * no returned results
286 static void fit_conf_print(const void *fit, int noffset, const char *p)
291 int fdt_index, loadables_index;
294 /* Mandatory properties */
295 ret = fit_get_desc(fit, noffset, &desc);
296 printf("%s Description: ", p);
298 printf("unavailable\n");
300 printf("%s\n", desc);
302 uname = fdt_getprop(fit, noffset, FIT_KERNEL_PROP, NULL);
303 printf("%s Kernel: ", p);
305 printf("unavailable\n");
307 printf("%s\n", uname);
309 /* Optional properties */
310 uname = fdt_getprop(fit, noffset, FIT_RAMDISK_PROP, NULL);
312 printf("%s Init Ramdisk: %s\n", p, uname);
314 uname = fdt_getprop(fit, noffset, FIT_FIRMWARE_PROP, NULL);
316 printf("%s Firmware: %s\n", p, uname);
319 uname = fdt_stringlist_get(fit, noffset, FIT_FDT_PROP,
320 fdt_index, NULL), uname;
323 printf("%s FDT: ", p);
326 printf("%s\n", uname);
329 uname = fdt_getprop(fit, noffset, FIT_FPGA_PROP, NULL);
331 printf("%s FPGA: %s\n", p, uname);
333 /* Print out all of the specified loadables */
334 for (loadables_index = 0;
335 uname = fdt_stringlist_get(fit, noffset, FIT_LOADABLE_PROP,
336 loadables_index, NULL), uname;
338 if (loadables_index == 0) {
339 printf("%s Loadables: ", p);
343 printf("%s\n", uname);
346 /* Process all hash subnodes of the component configuration node */
347 for (ndepth = 0, noffset = fdt_next_node(fit, noffset, &ndepth);
348 (noffset >= 0) && (ndepth > 0);
349 noffset = fdt_next_node(fit, noffset, &ndepth)) {
351 /* Direct child node of the component configuration node */
352 fit_image_print_verification_data(fit, noffset, p);
358 * fit_print_contents - prints out the contents of the FIT format image
359 * @fit: pointer to the FIT format image header
360 * @p: pointer to prefix string
362 * fit_print_contents() formats a multi line FIT image contents description.
363 * The routine prints out FIT image properties (root node level) followed by
364 * the details of each component image.
367 * no returned results
369 void fit_print_contents(const void *fit)
382 if (!CONFIG_IS_ENABLED(FIT_PRINT))
385 /* Indent string is defined in header image.h */
386 p = IMAGE_INDENT_STRING;
388 /* Root node properties */
389 ret = fit_get_desc(fit, 0, &desc);
390 printf("%sFIT description: ", p);
392 printf("unavailable\n");
394 printf("%s\n", desc);
396 if (IMAGE_ENABLE_TIMESTAMP) {
397 ret = fit_get_timestamp(fit, 0, ×tamp);
398 printf("%sCreated: ", p);
400 printf("unavailable\n");
402 genimg_print_time(timestamp);
405 /* Find images parent node offset */
406 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
407 if (images_noffset < 0) {
408 printf("Can't find images parent node '%s' (%s)\n",
409 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
413 /* Process its subnodes, print out component images details */
414 for (ndepth = 0, count = 0,
415 noffset = fdt_next_node(fit, images_noffset, &ndepth);
416 (noffset >= 0) && (ndepth > 0);
417 noffset = fdt_next_node(fit, noffset, &ndepth)) {
420 * Direct child node of the images parent node,
421 * i.e. component image node.
423 printf("%s Image %u (%s)\n", p, count++,
424 fit_get_name(fit, noffset, NULL));
426 fit_image_print(fit, noffset, p);
430 /* Find configurations parent node offset */
431 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
432 if (confs_noffset < 0) {
433 debug("Can't get configurations parent node '%s' (%s)\n",
434 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
438 /* get default configuration unit name from default property */
439 uname = (char *)fdt_getprop(fit, noffset, FIT_DEFAULT_PROP, NULL);
441 printf("%s Default Configuration: '%s'\n", p, uname);
443 /* Process its subnodes, print out configurations details */
444 for (ndepth = 0, count = 0,
445 noffset = fdt_next_node(fit, confs_noffset, &ndepth);
446 (noffset >= 0) && (ndepth > 0);
447 noffset = fdt_next_node(fit, noffset, &ndepth)) {
450 * Direct child node of the configurations parent node,
451 * i.e. configuration node.
453 printf("%s Configuration %u (%s)\n", p, count++,
454 fit_get_name(fit, noffset, NULL));
456 fit_conf_print(fit, noffset, p);
462 * fit_image_print - prints out the FIT component image details
463 * @fit: pointer to the FIT format image header
464 * @image_noffset: offset of the component image node
465 * @p: pointer to prefix string
467 * fit_image_print() lists all mandatory properties for the processed component
468 * image. If present, hash nodes are printed out as well. Load
469 * address for images of type firmware is also printed out. Since the load
470 * address is not mandatory for firmware images, it will be output as
471 * "unavailable" when not present.
474 * no returned results
476 void fit_image_print(const void *fit, int image_noffset, const char *p)
479 uint8_t type, arch, os, comp;
487 if (!CONFIG_IS_ENABLED(FIT_PRINT))
490 /* Mandatory properties */
491 ret = fit_get_desc(fit, image_noffset, &desc);
492 printf("%s Description: ", p);
494 printf("unavailable\n");
496 printf("%s\n", desc);
498 if (IMAGE_ENABLE_TIMESTAMP) {
501 ret = fit_get_timestamp(fit, 0, ×tamp);
502 printf("%s Created: ", p);
504 printf("unavailable\n");
506 genimg_print_time(timestamp);
509 fit_image_get_type(fit, image_noffset, &type);
510 printf("%s Type: %s\n", p, genimg_get_type_name(type));
512 fit_image_get_comp(fit, image_noffset, &comp);
513 printf("%s Compression: %s\n", p, genimg_get_comp_name(comp));
515 ret = fit_image_get_data_and_size(fit, image_noffset, &data, &size);
517 if (!tools_build()) {
518 printf("%s Data Start: ", p);
520 printf("unavailable\n");
522 void *vdata = (void *)data;
524 printf("0x%08lx\n", (ulong)map_to_sysmem(vdata));
528 printf("%s Data Size: ", p);
530 printf("unavailable\n");
532 genimg_print_size(size);
534 /* Remaining, type dependent properties */
535 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
536 (type == IH_TYPE_RAMDISK) || (type == IH_TYPE_FIRMWARE) ||
537 (type == IH_TYPE_FLATDT)) {
538 fit_image_get_arch(fit, image_noffset, &arch);
539 printf("%s Architecture: %s\n", p, genimg_get_arch_name(arch));
542 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_RAMDISK) ||
543 (type == IH_TYPE_FIRMWARE)) {
544 fit_image_get_os(fit, image_noffset, &os);
545 printf("%s OS: %s\n", p, genimg_get_os_name(os));
548 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
549 (type == IH_TYPE_FIRMWARE) || (type == IH_TYPE_RAMDISK) ||
550 (type == IH_TYPE_FPGA)) {
551 ret = fit_image_get_load(fit, image_noffset, &load);
552 printf("%s Load Address: ", p);
554 printf("unavailable\n");
556 printf("0x%08lx\n", load);
559 /* optional load address for FDT */
560 if (type == IH_TYPE_FLATDT && !fit_image_get_load(fit, image_noffset, &load))
561 printf("%s Load Address: 0x%08lx\n", p, load);
563 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
564 (type == IH_TYPE_RAMDISK)) {
565 ret = fit_image_get_entry(fit, image_noffset, &entry);
566 printf("%s Entry Point: ", p);
568 printf("unavailable\n");
570 printf("0x%08lx\n", entry);
573 /* Process all hash subnodes of the component image node */
574 for (ndepth = 0, noffset = fdt_next_node(fit, image_noffset, &ndepth);
575 (noffset >= 0) && (ndepth > 0);
576 noffset = fdt_next_node(fit, noffset, &ndepth)) {
578 /* Direct child node of the component image node */
579 fit_image_print_verification_data(fit, noffset, p);
585 * fit_get_desc - get node description property
586 * @fit: pointer to the FIT format image header
587 * @noffset: node offset
588 * @desc: double pointer to the char, will hold pointer to the description
590 * fit_get_desc() reads description property from a given node, if
591 * description is found pointer to it is returned in third call argument.
597 int fit_get_desc(const void *fit, int noffset, char **desc)
601 *desc = (char *)fdt_getprop(fit, noffset, FIT_DESC_PROP, &len);
603 fit_get_debug(fit, noffset, FIT_DESC_PROP, len);
611 * fit_get_timestamp - get node timestamp property
612 * @fit: pointer to the FIT format image header
613 * @noffset: node offset
614 * @timestamp: pointer to the time_t, will hold read timestamp
616 * fit_get_timestamp() reads timestamp property from given node, if timestamp
617 * is found and has a correct size its value is returned in third call
622 * -1, on property read failure
623 * -2, on wrong timestamp size
625 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp)
630 data = fdt_getprop(fit, noffset, FIT_TIMESTAMP_PROP, &len);
632 fit_get_debug(fit, noffset, FIT_TIMESTAMP_PROP, len);
635 if (len != sizeof(uint32_t)) {
636 debug("FIT timestamp with incorrect size of (%u)\n", len);
640 *timestamp = uimage_to_cpu(*((uint32_t *)data));
645 * fit_image_get_node - get node offset for component image of a given unit name
646 * @fit: pointer to the FIT format image header
647 * @image_uname: component image node unit name
649 * fit_image_get_node() finds a component image (within the '/images'
650 * node) of a provided unit name. If image is found its node offset is
651 * returned to the caller.
654 * image node offset when found (>=0)
655 * negative number on failure (FDT_ERR_* code)
657 int fit_image_get_node(const void *fit, const char *image_uname)
659 int noffset, images_noffset;
661 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
662 if (images_noffset < 0) {
663 debug("Can't find images parent node '%s' (%s)\n",
664 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
665 return images_noffset;
668 noffset = fdt_subnode_offset(fit, images_noffset, image_uname);
670 debug("Can't get node offset for image unit name: '%s' (%s)\n",
671 image_uname, fdt_strerror(noffset));
678 * fit_image_get_os - get os id for a given component image node
679 * @fit: pointer to the FIT format image header
680 * @noffset: component image node offset
681 * @os: pointer to the uint8_t, will hold os numeric id
683 * fit_image_get_os() finds os property in a given component image node.
684 * If the property is found, its (string) value is translated to the numeric
685 * id which is returned to the caller.
691 int fit_image_get_os(const void *fit, int noffset, uint8_t *os)
696 /* Get OS name from property data */
697 data = fdt_getprop(fit, noffset, FIT_OS_PROP, &len);
699 fit_get_debug(fit, noffset, FIT_OS_PROP, len);
704 /* Translate OS name to id */
705 *os = genimg_get_os_id(data);
710 * fit_image_get_arch - get arch id for a given component image node
711 * @fit: pointer to the FIT format image header
712 * @noffset: component image node offset
713 * @arch: pointer to the uint8_t, will hold arch numeric id
715 * fit_image_get_arch() finds arch property in a given component image node.
716 * If the property is found, its (string) value is translated to the numeric
717 * id which is returned to the caller.
723 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch)
728 /* Get architecture name from property data */
729 data = fdt_getprop(fit, noffset, FIT_ARCH_PROP, &len);
731 fit_get_debug(fit, noffset, FIT_ARCH_PROP, len);
736 /* Translate architecture name to id */
737 *arch = genimg_get_arch_id(data);
742 * fit_image_get_type - get type id for a given component image node
743 * @fit: pointer to the FIT format image header
744 * @noffset: component image node offset
745 * @type: pointer to the uint8_t, will hold type numeric id
747 * fit_image_get_type() finds type property in a given component image node.
748 * If the property is found, its (string) value is translated to the numeric
749 * id which is returned to the caller.
755 int fit_image_get_type(const void *fit, int noffset, uint8_t *type)
760 /* Get image type name from property data */
761 data = fdt_getprop(fit, noffset, FIT_TYPE_PROP, &len);
763 fit_get_debug(fit, noffset, FIT_TYPE_PROP, len);
768 /* Translate image type name to id */
769 *type = genimg_get_type_id(data);
774 * fit_image_get_comp - get comp id for a given component image node
775 * @fit: pointer to the FIT format image header
776 * @noffset: component image node offset
777 * @comp: pointer to the uint8_t, will hold comp numeric id
779 * fit_image_get_comp() finds comp property in a given component image node.
780 * If the property is found, its (string) value is translated to the numeric
781 * id which is returned to the caller.
787 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp)
792 /* Get compression name from property data */
793 data = fdt_getprop(fit, noffset, FIT_COMP_PROP, &len);
795 fit_get_debug(fit, noffset, FIT_COMP_PROP, len);
800 /* Translate compression name to id */
801 *comp = genimg_get_comp_id(data);
805 static int fit_image_get_address(const void *fit, int noffset, char *name,
812 cell = fdt_getprop(fit, noffset, name, &len);
814 fit_get_debug(fit, noffset, name, len);
819 /* Use load64 to avoid compiling warning for 32-bit target */
821 load64 = (load64 << 32) | uimage_to_cpu(*cell);
825 if (len > sizeof(ulong) && (uint32_t)(load64 >> 32)) {
826 printf("Unsupported %s address size\n", name);
830 *load = (ulong)load64;
835 * fit_image_get_load() - get load addr property for given component image node
836 * @fit: pointer to the FIT format image header
837 * @noffset: component image node offset
838 * @load: pointer to the uint32_t, will hold load address
840 * fit_image_get_load() finds load address property in a given component
841 * image node. If the property is found, its value is returned to the caller.
847 int fit_image_get_load(const void *fit, int noffset, ulong *load)
849 return fit_image_get_address(fit, noffset, FIT_LOAD_PROP, load);
853 * fit_image_get_entry() - get entry point address property
854 * @fit: pointer to the FIT format image header
855 * @noffset: component image node offset
856 * @entry: pointer to the uint32_t, will hold entry point address
858 * This gets the entry point address property for a given component image
861 * fit_image_get_entry() finds entry point address property in a given
862 * component image node. If the property is found, its value is returned
869 int fit_image_get_entry(const void *fit, int noffset, ulong *entry)
871 return fit_image_get_address(fit, noffset, FIT_ENTRY_PROP, entry);
875 * fit_image_get_data - get data property and its size for a given component image node
876 * @fit: pointer to the FIT format image header
877 * @noffset: component image node offset
878 * @data: double pointer to void, will hold data property's data address
879 * @size: pointer to size_t, will hold data property's data size
881 * fit_image_get_data() finds data property in a given component image node.
882 * If the property is found its data start address and size are returned to
889 int fit_image_get_data(const void *fit, int noffset,
890 const void **data, size_t *size)
894 *data = fdt_getprop(fit, noffset, FIT_DATA_PROP, &len);
896 fit_get_debug(fit, noffset, FIT_DATA_PROP, len);
906 * Get 'data-offset' property from a given image node.
908 * @fit: pointer to the FIT image header
909 * @noffset: component image node offset
910 * @data_offset: holds the data-offset property
914 * -ENOENT if the property could not be found
916 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset)
920 val = fdt_getprop(fit, noffset, FIT_DATA_OFFSET_PROP, NULL);
924 *data_offset = fdt32_to_cpu(*val);
930 * Get 'data-position' property from a given image node.
932 * @fit: pointer to the FIT image header
933 * @noffset: component image node offset
934 * @data_position: holds the data-position property
938 * -ENOENT if the property could not be found
940 int fit_image_get_data_position(const void *fit, int noffset,
945 val = fdt_getprop(fit, noffset, FIT_DATA_POSITION_PROP, NULL);
949 *data_position = fdt32_to_cpu(*val);
955 * Get 'data-size' property from a given image node.
957 * @fit: pointer to the FIT image header
958 * @noffset: component image node offset
959 * @data_size: holds the data-size property
963 * -ENOENT if the property could not be found
965 int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
969 val = fdt_getprop(fit, noffset, FIT_DATA_SIZE_PROP, NULL);
973 *data_size = fdt32_to_cpu(*val);
979 * Get 'data-size-unciphered' property from a given image node.
981 * @fit: pointer to the FIT image header
982 * @noffset: component image node offset
983 * @data_size: holds the data-size property
987 * -ENOENT if the property could not be found
989 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
994 val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
998 *data_size = (size_t)fdt32_to_cpu(*val);
1004 * fit_image_get_data_and_size - get data and its size including
1005 * both embedded and external data
1006 * @fit: pointer to the FIT format image header
1007 * @noffset: component image node offset
1008 * @data: double pointer to void, will hold data property's data address
1009 * @size: pointer to size_t, will hold data property's data size
1011 * fit_image_get_data_and_size() finds data and its size including
1012 * both embedded and external data. If the property is found
1013 * its data start address and size are returned to the caller.
1017 * otherwise, on failure
1019 int fit_image_get_data_and_size(const void *fit, int noffset,
1020 const void **data, size_t *size)
1022 bool external_data = false;
1027 if (!fit_image_get_data_position(fit, noffset, &offset)) {
1028 external_data = true;
1029 } else if (!fit_image_get_data_offset(fit, noffset, &offset)) {
1030 external_data = true;
1032 * For FIT with external data, figure out where
1033 * the external images start. This is the base
1034 * for the data-offset properties in each image.
1036 offset += ((fdt_totalsize(fit) + 3) & ~3);
1039 if (external_data) {
1040 debug("External Data\n");
1041 ret = fit_image_get_data_size(fit, noffset, &len);
1043 *data = fit + offset;
1047 ret = fit_image_get_data(fit, noffset, data, size);
1054 * fit_image_hash_get_algo - get hash algorithm name
1055 * @fit: pointer to the FIT format image header
1056 * @noffset: hash node offset
1057 * @algo: double pointer to char, will hold pointer to the algorithm name
1059 * fit_image_hash_get_algo() finds hash algorithm property in a given hash node.
1060 * If the property is found its data start address is returned to the caller.
1066 int fit_image_hash_get_algo(const void *fit, int noffset, const char **algo)
1070 *algo = (const char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1071 if (*algo == NULL) {
1072 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1080 * fit_image_hash_get_value - get hash value and length
1081 * @fit: pointer to the FIT format image header
1082 * @noffset: hash node offset
1083 * @value: double pointer to uint8_t, will hold address of a hash value data
1084 * @value_len: pointer to an int, will hold hash data length
1086 * fit_image_hash_get_value() finds hash value property in a given hash node.
1087 * If the property is found its data start address and size are returned to
1094 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1099 *value = (uint8_t *)fdt_getprop(fit, noffset, FIT_VALUE_PROP, &len);
1100 if (*value == NULL) {
1101 fit_get_debug(fit, noffset, FIT_VALUE_PROP, len);
1111 * fit_image_hash_get_ignore - get hash ignore flag
1112 * @fit: pointer to the FIT format image header
1113 * @noffset: hash node offset
1114 * @ignore: pointer to an int, will hold hash ignore flag
1116 * fit_image_hash_get_ignore() finds hash ignore property in a given hash node.
1117 * If the property is found and non-zero, the hash algorithm is not verified by
1118 * u-boot automatically.
1121 * 0, on ignore not found
1122 * value, on ignore found
1124 static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore)
1129 value = (int *)fdt_getprop(fit, noffset, FIT_IGNORE_PROP, &len);
1130 if (value == NULL || len != sizeof(int))
1139 * fit_image_cipher_get_algo - get cipher algorithm name
1140 * @fit: pointer to the FIT format image header
1141 * @noffset: cipher node offset
1142 * @algo: double pointer to char, will hold pointer to the algorithm name
1144 * fit_image_cipher_get_algo() finds cipher algorithm property in a given
1145 * cipher node. If the property is found its data start address is returned
1152 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo)
1156 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1158 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1165 ulong fit_get_end(const void *fit)
1167 return map_to_sysmem((void *)(fit + fdt_totalsize(fit)));
1171 * fit_set_timestamp - set node timestamp property
1172 * @fit: pointer to the FIT format image header
1173 * @noffset: node offset
1174 * @timestamp: timestamp value to be set
1176 * fit_set_timestamp() attempts to set timestamp property in the requested
1177 * node and returns operation status to the caller.
1181 * -ENOSPC if no space in device tree, -1 for other error
1183 int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
1188 t = cpu_to_uimage(timestamp);
1189 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
1192 debug("Can't set '%s' property for '%s' node (%s)\n",
1193 FIT_TIMESTAMP_PROP, fit_get_name(fit, noffset, NULL),
1195 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -1;
1202 * calculate_hash - calculate and return hash for provided input data
1203 * @data: pointer to the input data
1204 * @data_len: data length
1205 * @name: requested hash algorithm name
1206 * @value: pointer to the char, will hold hash value data (caller must
1207 * allocate enough free space)
1208 * value_len: length of the calculated hash
1210 * calculate_hash() computes input data hash according to the requested
1212 * Resulting hash value is placed in caller provided 'value' buffer, length
1213 * of the calculated hash is returned via value_len pointer argument.
1217 * -1, when algo is unsupported
1219 int calculate_hash(const void *data, int data_len, const char *name,
1220 uint8_t *value, int *value_len)
1222 #if !defined(USE_HOSTCC) && defined(CONFIG_DM_HASH)
1224 enum HASH_ALGO hash_algo;
1225 struct udevice *dev;
1227 rc = uclass_get_device(UCLASS_HASH, 0, &dev);
1229 debug("failed to get hash device, rc=%d\n", rc);
1233 hash_algo = hash_algo_lookup_by_name(name);
1234 if (hash_algo == HASH_ALGO_INVALID) {
1235 debug("Unsupported hash algorithm\n");
1239 rc = hash_digest_wd(dev, hash_algo, data, data_len, value, CHUNKSZ);
1241 debug("failed to get hash value, rc=%d\n", rc);
1245 *value_len = hash_algo_digest_size(hash_algo);
1247 struct hash_algo *algo;
1250 ret = hash_lookup_algo(name, &algo);
1252 debug("Unsupported hash alogrithm\n");
1256 algo->hash_func_ws(data, data_len, value, algo->chunk_size);
1257 *value_len = algo->digest_size;
1263 static int fit_image_check_hash(const void *fit, int noffset, const void *data,
1264 size_t size, char **err_msgp)
1266 uint8_t value[FIT_MAX_HASH_LEN];
1275 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
1276 *err_msgp = "Can't get hash algo property";
1281 if (!tools_build()) {
1282 fit_image_hash_get_ignore(fit, noffset, &ignore);
1284 printf("-skipped ");
1289 if (fit_image_hash_get_value(fit, noffset, &fit_value,
1291 *err_msgp = "Can't get hash value property";
1295 if (calculate_hash(data, size, algo, value, &value_len)) {
1296 *err_msgp = "Unsupported hash algorithm";
1300 if (value_len != fit_value_len) {
1301 *err_msgp = "Bad hash value len";
1303 } else if (memcmp(value, fit_value, value_len) != 0) {
1304 *err_msgp = "Bad hash value";
1311 int fit_image_verify_with_data(const void *fit, int image_noffset,
1312 const void *key_blob, const void *data,
1320 /* Verify all required signatures */
1321 if (FIT_IMAGE_ENABLE_VERIFY &&
1322 fit_image_verify_required_sigs(fit, image_noffset, data, size,
1323 key_blob, &verify_all)) {
1324 err_msg = "Unable to verify required signature";
1328 /* Process all hash subnodes of the component image node */
1329 fdt_for_each_subnode(noffset, fit, image_noffset) {
1330 const char *name = fit_get_name(fit, noffset, NULL);
1333 * Check subnode name, must be equal to "hash".
1334 * Multiple hash nodes require unique unit node
1335 * names, e.g. hash-1, hash-2, etc.
1337 if (!strncmp(name, FIT_HASH_NODENAME,
1338 strlen(FIT_HASH_NODENAME))) {
1339 if (fit_image_check_hash(fit, noffset, data, size,
1343 } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
1344 !strncmp(name, FIT_SIG_NODENAME,
1345 strlen(FIT_SIG_NODENAME))) {
1346 ret = fit_image_check_sig(fit, noffset, data, size,
1347 gd_fdt_blob(), -1, &err_msg);
1350 * Show an indication on failure, but do not return
1351 * an error. Only keys marked 'required' can cause
1352 * an image validation failure. See the call to
1353 * fit_image_verify_required_sigs() above.
1362 if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
1363 err_msg = "Corrupted or truncated tree";
1370 printf(" error!\n%s for '%s' hash node in '%s' image node\n",
1371 err_msg, fit_get_name(fit, noffset, NULL),
1372 fit_get_name(fit, image_noffset, NULL));
1377 * fit_image_verify - verify data integrity
1378 * @fit: pointer to the FIT format image header
1379 * @image_noffset: component image node offset
1381 * fit_image_verify() goes over component image hash nodes,
1382 * re-calculates each data hash and compares with the value stored in hash
1386 * 1, if all hashes are valid
1387 * 0, otherwise (or on error)
1389 int fit_image_verify(const void *fit, int image_noffset)
1391 const char *name = fit_get_name(fit, image_noffset, NULL);
1396 if (IS_ENABLED(CONFIG_FIT_SIGNATURE) && strchr(name, '@')) {
1398 * We don't support this since libfdt considers names with the
1399 * name root but different @ suffix to be equal
1401 err_msg = "Node name contains @";
1404 /* Get image data and data length */
1405 if (fit_image_get_data_and_size(fit, image_noffset, &data, &size)) {
1406 err_msg = "Can't get image data/size";
1410 return fit_image_verify_with_data(fit, image_noffset, gd_fdt_blob(),
1414 printf("error!\n%s in '%s' image node\n", err_msg,
1415 fit_get_name(fit, image_noffset, NULL));
1420 * fit_all_image_verify - verify data integrity for all images
1421 * @fit: pointer to the FIT format image header
1423 * fit_all_image_verify() goes over all images in the FIT and
1424 * for every images checks if all it's hashes are valid.
1427 * 1, if all hashes of all images are valid
1428 * 0, otherwise (or on error)
1430 int fit_all_image_verify(const void *fit)
1437 /* Find images parent node offset */
1438 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1439 if (images_noffset < 0) {
1440 printf("Can't find images parent node '%s' (%s)\n",
1441 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1445 /* Process all image subnodes, check hashes for each */
1446 printf("## Checking hash(es) for FIT Image at %08lx ...\n",
1448 for (ndepth = 0, count = 0,
1449 noffset = fdt_next_node(fit, images_noffset, &ndepth);
1450 (noffset >= 0) && (ndepth > 0);
1451 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1454 * Direct child node of the images parent node,
1455 * i.e. component image node.
1457 printf(" Hash(es) for Image %u (%s): ", count,
1458 fit_get_name(fit, noffset, NULL));
1461 if (!fit_image_verify(fit, noffset))
1469 static int fit_image_uncipher(const void *fit, int image_noffset,
1470 void **data, size_t *size)
1472 int cipher_noffset, ret;
1476 cipher_noffset = fdt_subnode_offset(fit, image_noffset,
1477 FIT_CIPHER_NODENAME);
1478 if (cipher_noffset < 0)
1481 ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
1482 *data, *size, &dst, &size_dst);
1494 * fit_image_check_os - check whether image node is of a given os type
1495 * @fit: pointer to the FIT format image header
1496 * @noffset: component image node offset
1497 * @os: requested image os
1499 * fit_image_check_os() reads image os property and compares its numeric
1500 * id with the requested os. Comparison result is returned to the caller.
1503 * 1 if image is of given os type
1504 * 0 otherwise (or on error)
1506 int fit_image_check_os(const void *fit, int noffset, uint8_t os)
1510 if (fit_image_get_os(fit, noffset, &image_os))
1512 return (os == image_os);
1516 * fit_image_check_arch - check whether image node is of a given arch
1517 * @fit: pointer to the FIT format image header
1518 * @noffset: component image node offset
1519 * @arch: requested imagearch
1521 * fit_image_check_arch() reads image arch property and compares its numeric
1522 * id with the requested arch. Comparison result is returned to the caller.
1525 * 1 if image is of given arch
1526 * 0 otherwise (or on error)
1528 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch)
1531 int aarch32_support = 0;
1533 /* Let's assume that sandbox can load any architecture */
1534 if (IS_ENABLED(CONFIG_SANDBOX))
1537 if (IS_ENABLED(CONFIG_ARM64_SUPPORT_AARCH32))
1538 aarch32_support = 1;
1540 if (fit_image_get_arch(fit, noffset, &image_arch))
1542 return (arch == image_arch) ||
1543 (arch == IH_ARCH_I386 && image_arch == IH_ARCH_X86_64) ||
1544 (arch == IH_ARCH_ARM64 && image_arch == IH_ARCH_ARM &&
1549 * fit_image_check_type - check whether image node is of a given type
1550 * @fit: pointer to the FIT format image header
1551 * @noffset: component image node offset
1552 * @type: requested image type
1554 * fit_image_check_type() reads image type property and compares its numeric
1555 * id with the requested type. Comparison result is returned to the caller.
1558 * 1 if image is of given type
1559 * 0 otherwise (or on error)
1561 int fit_image_check_type(const void *fit, int noffset, uint8_t type)
1565 if (fit_image_get_type(fit, noffset, &image_type))
1567 return (type == image_type);
1571 * fit_image_check_comp - check whether image node uses given compression
1572 * @fit: pointer to the FIT format image header
1573 * @noffset: component image node offset
1574 * @comp: requested image compression type
1576 * fit_image_check_comp() reads image compression property and compares its
1577 * numeric id with the requested compression type. Comparison result is
1578 * returned to the caller.
1581 * 1 if image uses requested compression
1582 * 0 otherwise (or on error)
1584 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp)
1588 if (fit_image_get_comp(fit, noffset, &image_comp))
1590 return (comp == image_comp);
1594 * fdt_check_no_at() - Check for nodes whose names contain '@'
1596 * This checks the parent node and all subnodes recursively
1598 * @fit: FIT to check
1599 * @parent: Parent node to check
1600 * Return: 0 if OK, -EADDRNOTAVAIL is a node has a name containing '@'
1602 static int fdt_check_no_at(const void *fit, int parent)
1608 name = fdt_get_name(fit, parent, NULL);
1609 if (!name || strchr(name, '@'))
1610 return -EADDRNOTAVAIL;
1612 fdt_for_each_subnode(node, fit, parent) {
1613 ret = fdt_check_no_at(fit, node);
1621 int fit_check_format(const void *fit, ulong size)
1625 /* A FIT image must be a valid FDT */
1626 ret = fdt_check_header(fit);
1628 log_debug("Wrong FIT format: not a flattened device tree (err=%d)\n",
1633 if (CONFIG_IS_ENABLED(FIT_FULL_CHECK)) {
1635 * If we are not given the size, make do wtih calculating it.
1636 * This is not as secure, so we should consider a flag to
1639 if (size == IMAGE_SIZE_INVAL)
1640 size = fdt_totalsize(fit);
1641 ret = fdt_check_full(fit, size);
1646 * U-Boot stopped using unit addressed in 2017. Since libfdt
1647 * can match nodes ignoring any unit address, signature
1648 * verification can see the wrong node if one is inserted with
1649 * the same name as a valid node but with a unit address
1650 * attached. Protect against this by disallowing unit addresses.
1652 if (!ret && CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
1653 ret = fdt_check_no_at(fit, 0);
1656 log_debug("FIT check error %d\n", ret);
1661 log_debug("FIT check error %d\n", ret);
1666 /* mandatory / node 'description' property */
1667 if (!fdt_getprop(fit, 0, FIT_DESC_PROP, NULL)) {
1668 log_debug("Wrong FIT format: no description\n");
1672 if (IMAGE_ENABLE_TIMESTAMP) {
1673 /* mandatory / node 'timestamp' property */
1674 if (!fdt_getprop(fit, 0, FIT_TIMESTAMP_PROP, NULL)) {
1675 log_debug("Wrong FIT format: no timestamp\n");
1680 /* mandatory subimages parent '/images' node */
1681 if (fdt_path_offset(fit, FIT_IMAGES_PATH) < 0) {
1682 log_debug("Wrong FIT format: no images parent node\n");
1690 * fit_conf_find_compat
1691 * @fit: pointer to the FIT format image header
1692 * @fdt: pointer to the device tree to compare against
1694 * fit_conf_find_compat() attempts to find the configuration whose fdt is the
1695 * most compatible with the passed in device tree.
1704 * |-o configurations
1712 * |-compatible = "foo,bar", "bim,bam"
1715 * |-compatible = "foo,bar",
1718 * |-compatible = "bim,bam", "baz,biz"
1720 * Configuration 1 would be picked because the first string in U-Boot's
1721 * compatible list, "foo,bar", matches a compatible string in the root of fdt1.
1722 * "bim,bam" in fdt2 matches the second string which isn't as good as fdt1.
1724 * As an optimization, the compatible property from the FDT's root node can be
1725 * copied into the configuration node in the FIT image. This is required to
1726 * match configurations with compressed FDTs.
1729 * offset to the configuration to use if one was found
1732 int fit_conf_find_compat(const void *fit, const void *fdt)
1735 int noffset, confs_noffset, images_noffset;
1736 const void *fdt_compat;
1738 int best_match_offset = 0;
1739 int best_match_pos = 0;
1741 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1742 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1743 if (confs_noffset < 0 || images_noffset < 0) {
1744 debug("Can't find configurations or images nodes.\n");
1748 fdt_compat = fdt_getprop(fdt, 0, "compatible", &fdt_compat_len);
1750 debug("Fdt for comparison has no \"compatible\" property.\n");
1755 * Loop over the configurations in the FIT image.
1757 for (noffset = fdt_next_node(fit, confs_noffset, &ndepth);
1758 (noffset >= 0) && (ndepth > 0);
1759 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1761 const char *kfdt_name;
1762 int kfdt_noffset, compat_noffset;
1763 const char *cur_fdt_compat;
1771 /* If there's a compat property in the config node, use that. */
1772 if (fdt_getprop(fit, noffset, "compatible", NULL)) {
1773 fdt = fit; /* search in FIT image */
1774 compat_noffset = noffset; /* search under config node */
1775 } else { /* Otherwise extract it from the kernel FDT. */
1776 kfdt_name = fdt_getprop(fit, noffset, "fdt", &len);
1778 debug("No fdt property found.\n");
1781 kfdt_noffset = fdt_subnode_offset(fit, images_noffset,
1783 if (kfdt_noffset < 0) {
1784 debug("No image node named \"%s\" found.\n",
1789 if (!fit_image_check_comp(fit, kfdt_noffset,
1791 debug("Can't extract compat from \"%s\" "
1792 "(compressed)\n", kfdt_name);
1796 /* search in this config's kernel FDT */
1797 if (fit_image_get_data_and_size(fit, kfdt_noffset,
1799 debug("Failed to get fdt \"%s\".\n", kfdt_name);
1803 compat_noffset = 0; /* search kFDT under root node */
1806 len = fdt_compat_len;
1807 cur_fdt_compat = fdt_compat;
1809 * Look for a match for each U-Boot compatibility string in
1810 * turn in the compat string property.
1812 for (i = 0; len > 0 &&
1813 (!best_match_offset || best_match_pos > i); i++) {
1814 int cur_len = strlen(cur_fdt_compat) + 1;
1816 if (!fdt_node_check_compatible(fdt, compat_noffset,
1818 best_match_offset = noffset;
1823 cur_fdt_compat += cur_len;
1826 if (!best_match_offset) {
1827 debug("No match found.\n");
1831 return best_match_offset;
1834 int fit_conf_get_node(const void *fit, const char *conf_uname)
1836 int noffset, confs_noffset;
1839 char *conf_uname_copy = NULL;
1841 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1842 if (confs_noffset < 0) {
1843 debug("Can't find configurations parent node '%s' (%s)\n",
1844 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1845 return confs_noffset;
1848 if (conf_uname == NULL) {
1849 /* get configuration unit name from the default property */
1850 debug("No configuration specified, trying default...\n");
1851 if (!tools_build() && IS_ENABLED(CONFIG_MULTI_DTB_FIT)) {
1852 noffset = fit_find_config_node(fit);
1855 conf_uname = fdt_get_name(fit, noffset, NULL);
1857 conf_uname = (char *)fdt_getprop(fit, confs_noffset,
1858 FIT_DEFAULT_PROP, &len);
1859 if (conf_uname == NULL) {
1860 fit_get_debug(fit, confs_noffset, FIT_DEFAULT_PROP,
1865 debug("Found default configuration: '%s'\n", conf_uname);
1868 s = strchr(conf_uname, '#');
1870 len = s - conf_uname;
1871 conf_uname_copy = malloc(len + 1);
1872 if (!conf_uname_copy) {
1873 debug("Can't allocate uname copy: '%s'\n",
1877 memcpy(conf_uname_copy, conf_uname, len);
1878 conf_uname_copy[len] = '\0';
1879 conf_uname = conf_uname_copy;
1882 noffset = fdt_subnode_offset(fit, confs_noffset, conf_uname);
1884 debug("Can't get node offset for configuration unit name: '%s' (%s)\n",
1885 conf_uname, fdt_strerror(noffset));
1888 if (conf_uname_copy)
1889 free(conf_uname_copy);
1894 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1895 const char *prop_name)
1897 return fdt_stringlist_count(fit, noffset, prop_name);
1900 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1901 const char *prop_name, int index)
1906 /* get kernel image unit name from configuration kernel property */
1907 uname = fdt_stringlist_get(fit, noffset, prop_name, index, &len);
1911 return fit_image_get_node(fit, uname);
1914 int fit_conf_get_prop_node(const void *fit, int noffset,
1915 const char *prop_name)
1917 return fit_conf_get_prop_node_index(fit, noffset, prop_name, 0);
1920 static int fit_image_select(const void *fit, int rd_noffset, int verify)
1922 fit_image_print(fit, rd_noffset, " ");
1925 puts(" Verifying Hash Integrity ... ");
1926 if (!fit_image_verify(fit, rd_noffset)) {
1927 puts("Bad Data Hash\n");
1936 int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name,
1943 debug("* %s: using config '%s' from image at 0x%08lx\n",
1944 prop_name, images->fit_uname_cfg, addr);
1946 /* Check whether configuration has this property defined */
1947 fit_hdr = map_sysmem(addr, 0);
1948 cfg_noffset = fit_conf_get_node(fit_hdr, images->fit_uname_cfg);
1949 if (cfg_noffset < 0) {
1950 debug("* %s: no such config\n", prop_name);
1954 noffset = fit_conf_get_prop_node(fit_hdr, cfg_noffset, prop_name);
1956 debug("* %s: no '%s' in config\n", prop_name, prop_name);
1964 * fit_get_image_type_property() - get property name for IH_TYPE_...
1966 * Return: the properly name where we expect to find the image in the
1969 static const char *fit_get_image_type_property(int type)
1972 * This is sort-of available in the uimage_type[] table in image.c
1973 * but we don't have access to the short name, and "fdt" is different
1974 * anyway. So let's just keep it here.
1977 case IH_TYPE_FLATDT:
1978 return FIT_FDT_PROP;
1979 case IH_TYPE_KERNEL:
1980 return FIT_KERNEL_PROP;
1981 case IH_TYPE_FIRMWARE:
1982 return FIT_FIRMWARE_PROP;
1983 case IH_TYPE_RAMDISK:
1984 return FIT_RAMDISK_PROP;
1985 case IH_TYPE_X86_SETUP:
1986 return FIT_SETUP_PROP;
1987 case IH_TYPE_LOADABLE:
1988 return FIT_LOADABLE_PROP;
1990 return FIT_FPGA_PROP;
1991 case IH_TYPE_STANDALONE:
1992 return FIT_STANDALONE_PROP;
1998 int fit_image_load(bootm_headers_t *images, ulong addr,
1999 const char **fit_unamep, const char **fit_uname_configp,
2000 int arch, int image_type, int bootstage_id,
2001 enum fit_load_op load_op, ulong *datap, ulong *lenp)
2003 int cfg_noffset, noffset;
2004 const char *fit_uname;
2005 const char *fit_uname_config;
2006 const char *fit_base_uname_config;
2012 ulong load, load_end, data, len;
2014 const char *prop_name;
2017 fit = map_sysmem(addr, 0);
2018 fit_uname = fit_unamep ? *fit_unamep : NULL;
2019 fit_uname_config = fit_uname_configp ? *fit_uname_configp : NULL;
2020 fit_base_uname_config = NULL;
2021 prop_name = fit_get_image_type_property(image_type);
2022 printf("## Loading %s from FIT Image at %08lx ...\n", prop_name, addr);
2024 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2025 ret = fit_check_format(fit, IMAGE_SIZE_INVAL);
2027 printf("Bad FIT %s image format! (err=%d)\n", prop_name, ret);
2028 if (CONFIG_IS_ENABLED(FIT_SIGNATURE) && ret == -EADDRNOTAVAIL)
2029 printf("Signature checking prevents use of unit addresses (@) in nodes\n");
2030 bootstage_error(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2033 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT_OK);
2035 /* get FIT component image node offset */
2036 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_UNIT_NAME);
2037 noffset = fit_image_get_node(fit, fit_uname);
2040 * no image node unit name, try to get config
2041 * node first. If config unit node name is NULL
2042 * fit_conf_get_node() will try to find default config node
2044 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME);
2045 if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) {
2046 cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob());
2048 cfg_noffset = fit_conf_get_node(fit,
2051 if (cfg_noffset < 0) {
2052 puts("Could not find configuration node\n");
2053 bootstage_error(bootstage_id +
2054 BOOTSTAGE_SUB_NO_UNIT_NAME);
2058 fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
2059 printf(" Using '%s' configuration\n", fit_base_uname_config);
2060 /* Remember this config */
2061 if (image_type == IH_TYPE_KERNEL)
2062 images->fit_uname_cfg = fit_base_uname_config;
2064 if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
2065 puts(" Verifying Hash Integrity ... ");
2066 if (fit_config_verify(fit, cfg_noffset)) {
2067 puts("Bad Data Hash\n");
2068 bootstage_error(bootstage_id +
2069 BOOTSTAGE_SUB_HASH);
2075 bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
2077 noffset = fit_conf_get_prop_node(fit, cfg_noffset,
2079 fit_uname = fit_get_name(fit, noffset, NULL);
2082 printf("Could not find subimage node type '%s'\n", prop_name);
2083 bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE);
2087 printf(" Trying '%s' %s subimage\n", fit_uname, prop_name);
2089 ret = fit_image_select(fit, noffset, images->verify);
2091 bootstage_error(bootstage_id + BOOTSTAGE_SUB_HASH);
2095 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2096 if (!tools_build() && IS_ENABLED(CONFIG_SANDBOX)) {
2097 if (!fit_image_check_target_arch(fit, noffset)) {
2098 puts("Unsupported Architecture\n");
2099 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2108 fit_image_get_arch(fit, noffset, &os_arch);
2109 images->os.arch = os_arch;
2113 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2114 type_ok = fit_image_check_type(fit, noffset, image_type) ||
2115 fit_image_check_type(fit, noffset, IH_TYPE_FIRMWARE) ||
2116 fit_image_check_type(fit, noffset, IH_TYPE_TEE) ||
2117 (image_type == IH_TYPE_KERNEL &&
2118 fit_image_check_type(fit, noffset, IH_TYPE_KERNEL_NOLOAD));
2120 os_ok = image_type == IH_TYPE_FLATDT ||
2121 image_type == IH_TYPE_FPGA ||
2122 fit_image_check_os(fit, noffset, IH_OS_LINUX) ||
2123 fit_image_check_os(fit, noffset, IH_OS_U_BOOT) ||
2124 fit_image_check_os(fit, noffset, IH_OS_TEE) ||
2125 fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) ||
2126 fit_image_check_os(fit, noffset, IH_OS_EFI) ||
2127 fit_image_check_os(fit, noffset, IH_OS_VXWORKS);
2130 * If either of the checks fail, we should report an error, but
2131 * if the image type is coming from the "loadables" field, we
2132 * don't care what it is
2134 if ((!type_ok || !os_ok) && image_type != IH_TYPE_LOADABLE) {
2135 fit_image_get_os(fit, noffset, &os);
2136 printf("No %s %s %s Image\n",
2137 genimg_get_os_name(os),
2138 genimg_get_arch_name(arch),
2139 genimg_get_type_name(image_type));
2140 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2144 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL_OK);
2146 /* get image data address and length */
2147 if (fit_image_get_data_and_size(fit, noffset,
2148 (const void **)&buf, &size)) {
2149 printf("Could not find %s subimage data!\n", prop_name);
2150 bootstage_error(bootstage_id + BOOTSTAGE_SUB_GET_DATA);
2154 /* Decrypt data before uncompress/move */
2155 if (IS_ENABLED(CONFIG_FIT_CIPHER) && IMAGE_ENABLE_DECRYPT) {
2156 puts(" Decrypting Data ... ");
2157 if (fit_image_uncipher(fit, noffset, &buf, &size)) {
2164 /* perform any post-processing on the image data */
2165 if (!tools_build() && IS_ENABLED(CONFIG_FIT_IMAGE_POST_PROCESS))
2166 board_fit_image_post_process(fit, noffset, &buf, &size);
2170 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_GET_DATA_OK);
2172 data = map_to_sysmem(buf);
2174 if (load_op == FIT_LOAD_IGNORED) {
2176 } else if (fit_image_get_load(fit, noffset, &load)) {
2177 if (load_op == FIT_LOAD_REQUIRED) {
2178 printf("Can't get %s subimage load address!\n",
2180 bootstage_error(bootstage_id + BOOTSTAGE_SUB_LOAD);
2183 } else if (load_op != FIT_LOAD_OPTIONAL_NON_ZERO || load) {
2184 ulong image_start, image_end;
2187 * move image data to the load address,
2188 * make sure we don't overwrite initial image
2191 image_end = addr + fit_get_size(fit);
2193 load_end = load + len;
2194 if (image_type != IH_TYPE_KERNEL &&
2195 load < image_end && load_end > image_start) {
2196 printf("Error: %s overwritten\n", prop_name);
2200 printf(" Loading %s from 0x%08lx to 0x%08lx\n",
2201 prop_name, data, load);
2203 load = data; /* No load address specified */
2206 comp = IH_COMP_NONE;
2208 /* Kernel images get decompressed later in bootm_load_os(). */
2209 if (!fit_image_get_comp(fit, noffset, &comp) &&
2210 comp != IH_COMP_NONE &&
2211 !(image_type == IH_TYPE_KERNEL ||
2212 image_type == IH_TYPE_KERNEL_NOLOAD ||
2213 image_type == IH_TYPE_RAMDISK)) {
2214 ulong max_decomp_len = len * 20;
2216 loadbuf = malloc(max_decomp_len);
2217 load = map_to_sysmem(loadbuf);
2219 loadbuf = map_sysmem(load, max_decomp_len);
2221 if (image_decomp(comp, load, data, image_type,
2222 loadbuf, buf, len, max_decomp_len, &load_end)) {
2223 printf("Error decompressing %s\n", prop_name);
2227 len = load_end - load;
2228 } else if (load != data) {
2229 loadbuf = map_sysmem(load, len);
2230 memcpy(loadbuf, buf, len);
2233 if (image_type == IH_TYPE_RAMDISK && comp != IH_COMP_NONE)
2234 puts("WARNING: 'compression' nodes for ramdisks are deprecated,"
2235 " please fix your .its file!\n");
2237 /* verify that image data is a proper FDT blob */
2238 if (image_type == IH_TYPE_FLATDT && fdt_check_header(loadbuf)) {
2239 puts("Subimage data is not a FDT");
2243 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_LOAD);
2248 *fit_unamep = (char *)fit_uname;
2249 if (fit_uname_configp)
2250 *fit_uname_configp = (char *)(fit_uname_config ? :
2251 fit_base_uname_config);
2256 int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch,
2257 ulong *setup_start, ulong *setup_len)
2264 addr = map_to_sysmem(images->fit_hdr_os);
2265 noffset = fit_get_node_from_config(images, FIT_SETUP_PROP, addr);
2269 ret = fit_image_load(images, addr, NULL, NULL, arch,
2270 IH_TYPE_X86_SETUP, BOOTSTAGE_ID_FIT_SETUP_START,
2271 FIT_LOAD_REQUIRED, setup_start, &len);
2277 int boot_get_fdt_fit(bootm_headers_t *images, ulong addr,
2278 const char **fit_unamep, const char **fit_uname_configp,
2279 int arch, ulong *datap, ulong *lenp)
2281 int fdt_noffset, cfg_noffset, count;
2283 const char *fit_uname = NULL;
2284 const char *fit_uname_config = NULL;
2285 char *fit_uname_config_copy = NULL;
2286 char *next_config = NULL;
2288 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2289 ulong image_start, image_end;
2290 ulong ovload, ovlen, ovcopylen;
2291 const char *uconfig;
2293 void *base, *ov, *ovcopy = NULL;
2294 int i, err, noffset, ov_noffset;
2297 fit_uname = fit_unamep ? *fit_unamep : NULL;
2299 if (fit_uname_configp && *fit_uname_configp) {
2300 fit_uname_config_copy = strdup(*fit_uname_configp);
2301 if (!fit_uname_config_copy)
2304 next_config = strchr(fit_uname_config_copy, '#');
2306 *next_config++ = '\0';
2307 if (next_config - 1 > fit_uname_config_copy)
2308 fit_uname_config = fit_uname_config_copy;
2311 fdt_noffset = fit_image_load(images,
2312 addr, &fit_uname, &fit_uname_config,
2313 arch, IH_TYPE_FLATDT,
2314 BOOTSTAGE_ID_FIT_FDT_START,
2315 FIT_LOAD_OPTIONAL, &load, &len);
2317 if (fdt_noffset < 0)
2320 debug("fit_uname=%s, fit_uname_config=%s\n",
2321 fit_uname ? fit_uname : "<NULL>",
2322 fit_uname_config ? fit_uname_config : "<NULL>");
2324 fit = map_sysmem(addr, 0);
2326 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
2328 /* single blob, or error just return as well */
2329 count = fit_conf_get_prop_node_count(fit, cfg_noffset, FIT_FDT_PROP);
2330 if (count <= 1 && !next_config)
2333 /* we need to apply overlays */
2335 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2337 image_end = addr + fit_get_size(fit);
2338 /* verify that relocation took place by load address not being in fit */
2339 if (load >= image_start && load < image_end) {
2340 /* check is simplified; fit load checks for overlaps */
2341 printf("Overlayed FDT requires relocation\n");
2342 fdt_noffset = -EBADF;
2346 base = map_sysmem(load, len);
2348 /* apply extra configs in FIT first, followed by args */
2349 for (i = 1; ; i++) {
2351 noffset = fit_conf_get_prop_node_index(fit, cfg_noffset,
2353 uname = fit_get_name(fit, noffset, NULL);
2358 uconfig = next_config;
2359 next_config = strchr(next_config, '#');
2361 *next_config++ = '\0';
2365 * fit_image_load() would load the first FDT from the
2366 * extra config only when uconfig is specified.
2367 * Check if the extra config contains multiple FDTs and
2370 cfg_noffset = fit_conf_get_node(fit, uconfig);
2373 count = fit_conf_get_prop_node_count(fit, cfg_noffset,
2377 debug("%d: using uname=%s uconfig=%s\n", i, uname, uconfig);
2379 ov_noffset = fit_image_load(images,
2380 addr, &uname, &uconfig,
2381 arch, IH_TYPE_FLATDT,
2382 BOOTSTAGE_ID_FIT_FDT_START,
2383 FIT_LOAD_IGNORED, &ovload, &ovlen);
2384 if (ov_noffset < 0) {
2385 printf("load of %s failed\n", uname);
2388 debug("%s loaded at 0x%08lx len=0x%08lx\n",
2389 uname, ovload, ovlen);
2390 ov = map_sysmem(ovload, ovlen);
2392 ovcopylen = ALIGN(fdt_totalsize(ov), SZ_4K);
2393 ovcopy = malloc(ovcopylen);
2395 printf("failed to duplicate DTO before application\n");
2396 fdt_noffset = -ENOMEM;
2400 err = fdt_open_into(ov, ovcopy, ovcopylen);
2402 printf("failed on fdt_open_into for DTO\n");
2407 base = map_sysmem(load, len + ovlen);
2408 err = fdt_open_into(base, base, len + ovlen);
2410 printf("failed on fdt_open_into\n");
2415 /* the verbose method prints out messages on error */
2416 err = fdt_overlay_apply_verbose(base, ovcopy);
2422 len = fdt_totalsize(base);
2428 printf("config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set\n");
2429 fdt_noffset = -EBADF;
2438 *fit_unamep = fit_uname;
2439 if (fit_uname_configp)
2440 *fit_uname_configp = fit_uname_config;
2442 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2446 if (fit_uname_config_copy)
2447 free(fit_uname_config_copy);
projects / platform / kernel / u-boot.git / blob