1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
11 #define LOG_CATEGORY LOGC_BOOT
16 #include <linux/libfdt.h>
17 #include <u-boot/crc.h>
19 #include <linux/compiler.h>
20 #include <linux/sizes.h>
27 #include <asm/global_data.h>
30 #include <u-boot/hash.h>
32 DECLARE_GLOBAL_DATA_PTR;
33 #endif /* !USE_HOSTCC*/
37 #include <bootstage.h>
38 #include <linux/kconfig.h>
39 #include <u-boot/crc.h>
40 #include <u-boot/md5.h>
41 #include <u-boot/sha1.h>
42 #include <u-boot/sha256.h>
43 #include <u-boot/sha512.h>
45 /*****************************************************************************/
46 /* New uImage format routines */
47 /*****************************************************************************/
49 static int fit_parse_spec(const char *spec, char sepc, ulong addr_curr,
50 ulong *addr, const char **name)
57 sep = strchr(spec, sepc);
60 *addr = hextoul(spec, NULL);
70 * fit_parse_conf - parse FIT configuration spec
71 * @spec: input string, containing configuration spec
72 * @add_curr: current image address (to be used as a possible default)
73 * @addr: pointer to a ulong variable, will hold FIT image address of a given
75 * @conf_name double pointer to a char, will hold pointer to a configuration
78 * fit_parse_conf() expects configuration spec in the form of [<addr>]#<conf>,
79 * where <addr> is a FIT image address that contains configuration
80 * with a <conf> unit name.
82 * Address part is optional, and if omitted default add_curr will
86 * 1 if spec is a valid configuration string,
87 * addr and conf_name are set accordingly
90 int fit_parse_conf(const char *spec, ulong addr_curr,
91 ulong *addr, const char **conf_name)
93 return fit_parse_spec(spec, '#', addr_curr, addr, conf_name);
97 * fit_parse_subimage - parse FIT subimage spec
98 * @spec: input string, containing subimage spec
99 * @add_curr: current image address (to be used as a possible default)
100 * @addr: pointer to a ulong variable, will hold FIT image address of a given
102 * @image_name: double pointer to a char, will hold pointer to a subimage name
104 * fit_parse_subimage() expects subimage spec in the form of
105 * [<addr>]:<subimage>, where <addr> is a FIT image address that contains
106 * subimage with a <subimg> unit name.
108 * Address part is optional, and if omitted default add_curr will
112 * 1 if spec is a valid subimage string,
113 * addr and image_name are set accordingly
116 int fit_parse_subimage(const char *spec, ulong addr_curr,
117 ulong *addr, const char **image_name)
119 return fit_parse_spec(spec, ':', addr_curr, addr, image_name);
121 #endif /* !USE_HOSTCC */
124 /* Host tools use these implementations for Cipher and Signature support */
125 static void *host_blob;
127 void image_set_host_blob(void *blob)
132 void *image_get_host_blob(void)
136 #endif /* USE_HOSTCC */
138 static void fit_get_debug(const void *fit, int noffset,
139 char *prop_name, int err)
141 debug("Can't get '%s' property from FIT 0x%08lx, node: offset %d, name %s (%s)\n",
142 prop_name, (ulong)fit, noffset, fit_get_name(fit, noffset, NULL),
147 * fit_get_subimage_count - get component (sub-image) count
148 * @fit: pointer to the FIT format image header
149 * @images_noffset: offset of images node
152 * number of image components
154 int fit_get_subimage_count(const void *fit, int images_noffset)
160 /* Process its subnodes, print out component images details */
161 for (ndepth = 0, count = 0,
162 noffset = fdt_next_node(fit, images_noffset, &ndepth);
163 (noffset >= 0) && (ndepth > 0);
164 noffset = fdt_next_node(fit, noffset, &ndepth)) {
173 #if CONFIG_IS_ENABLED(FIT_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT)
175 * fit_image_print_data() - prints out the hash node details
176 * @fit: pointer to the FIT format image header
177 * @noffset: offset of the hash node
178 * @p: pointer to prefix string
179 * @type: Type of information to print ("hash" or "sign")
181 * fit_image_print_data() lists properties for the processed hash node
183 * This function avoid using puts() since it prints a newline on the host
184 * but does not in U-Boot.
187 * no returned results
189 static void fit_image_print_data(const void *fit, int noffset, const char *p,
200 debug("%s %s node: '%s'\n", p, type,
201 fit_get_name(fit, noffset, NULL));
202 printf("%s %s algo: ", p, type);
203 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
204 printf("invalid/unsupported\n");
208 keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
209 required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL;
211 printf(":%s", keyname);
213 printf(" (required)");
216 padding = fdt_getprop(fit, noffset, "padding", NULL);
218 printf("%s %s padding: %s\n", p, type, padding);
220 ret = fit_image_hash_get_value(fit, noffset, &value,
222 printf("%s %s value: ", p, type);
224 printf("unavailable\n");
226 for (i = 0; i < value_len; i++)
227 printf("%02x", value[i]);
231 debug("%s %s len: %d\n", p, type, value_len);
233 /* Signatures have a time stamp */
234 if (IMAGE_ENABLE_TIMESTAMP && keyname) {
237 printf("%s Timestamp: ", p);
238 if (fit_get_timestamp(fit, noffset, ×tamp))
239 printf("unavailable\n");
241 genimg_print_time(timestamp);
246 * fit_image_print_verification_data() - prints out the hash/signature details
247 * @fit: pointer to the FIT format image header
248 * @noffset: offset of the hash or signature node
249 * @p: pointer to prefix string
251 * This lists properties for the processed hash node
254 * no returned results
256 static void fit_image_print_verification_data(const void *fit, int noffset,
262 * Check subnode name, must be equal to "hash" or "signature".
263 * Multiple hash/signature nodes require unique unit node
264 * names, e.g. hash-1, hash-2, signature-1, signature-2, etc.
266 name = fit_get_name(fit, noffset, NULL);
267 if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME))) {
268 fit_image_print_data(fit, noffset, p, "Hash");
269 } else if (!strncmp(name, FIT_SIG_NODENAME,
270 strlen(FIT_SIG_NODENAME))) {
271 fit_image_print_data(fit, noffset, p, "Sign");
276 * fit_conf_print - prints out the FIT configuration details
277 * @fit: pointer to the FIT format image header
278 * @noffset: offset of the configuration node
279 * @p: pointer to prefix string
281 * fit_conf_print() lists all mandatory properties for the processed
282 * configuration node.
285 * no returned results
287 static void fit_conf_print(const void *fit, int noffset, const char *p)
292 int fdt_index, loadables_index;
295 /* Mandatory properties */
296 ret = fit_get_desc(fit, noffset, &desc);
297 printf("%s Description: ", p);
299 printf("unavailable\n");
301 printf("%s\n", desc);
303 uname = fdt_getprop(fit, noffset, FIT_KERNEL_PROP, NULL);
304 printf("%s Kernel: ", p);
306 printf("unavailable\n");
308 printf("%s\n", uname);
310 /* Optional properties */
311 uname = fdt_getprop(fit, noffset, FIT_RAMDISK_PROP, NULL);
313 printf("%s Init Ramdisk: %s\n", p, uname);
315 uname = fdt_getprop(fit, noffset, FIT_FIRMWARE_PROP, NULL);
317 printf("%s Firmware: %s\n", p, uname);
320 uname = fdt_stringlist_get(fit, noffset, FIT_FDT_PROP,
321 fdt_index, NULL), uname;
324 printf("%s FDT: ", p);
327 printf("%s\n", uname);
330 uname = fdt_getprop(fit, noffset, FIT_FPGA_PROP, NULL);
332 printf("%s FPGA: %s\n", p, uname);
334 /* Print out all of the specified loadables */
335 for (loadables_index = 0;
336 uname = fdt_stringlist_get(fit, noffset, FIT_LOADABLE_PROP,
337 loadables_index, NULL), uname;
339 if (loadables_index == 0) {
340 printf("%s Loadables: ", p);
344 printf("%s\n", uname);
347 /* Process all hash subnodes of the component configuration node */
348 for (ndepth = 0, noffset = fdt_next_node(fit, noffset, &ndepth);
349 (noffset >= 0) && (ndepth > 0);
350 noffset = fdt_next_node(fit, noffset, &ndepth)) {
352 /* Direct child node of the component configuration node */
353 fit_image_print_verification_data(fit, noffset, p);
359 * fit_print_contents - prints out the contents of the FIT format image
360 * @fit: pointer to the FIT format image header
361 * @p: pointer to prefix string
363 * fit_print_contents() formats a multi line FIT image contents description.
364 * The routine prints out FIT image properties (root node level) followed by
365 * the details of each component image.
368 * no returned results
370 void fit_print_contents(const void *fit)
383 /* Indent string is defined in header image.h */
384 p = IMAGE_INDENT_STRING;
386 /* Root node properties */
387 ret = fit_get_desc(fit, 0, &desc);
388 printf("%sFIT description: ", p);
390 printf("unavailable\n");
392 printf("%s\n", desc);
394 if (IMAGE_ENABLE_TIMESTAMP) {
395 ret = fit_get_timestamp(fit, 0, ×tamp);
396 printf("%sCreated: ", p);
398 printf("unavailable\n");
400 genimg_print_time(timestamp);
403 /* Find images parent node offset */
404 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
405 if (images_noffset < 0) {
406 printf("Can't find images parent node '%s' (%s)\n",
407 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
411 /* Process its subnodes, print out component images details */
412 for (ndepth = 0, count = 0,
413 noffset = fdt_next_node(fit, images_noffset, &ndepth);
414 (noffset >= 0) && (ndepth > 0);
415 noffset = fdt_next_node(fit, noffset, &ndepth)) {
418 * Direct child node of the images parent node,
419 * i.e. component image node.
421 printf("%s Image %u (%s)\n", p, count++,
422 fit_get_name(fit, noffset, NULL));
424 fit_image_print(fit, noffset, p);
428 /* Find configurations parent node offset */
429 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
430 if (confs_noffset < 0) {
431 debug("Can't get configurations parent node '%s' (%s)\n",
432 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
436 /* get default configuration unit name from default property */
437 uname = (char *)fdt_getprop(fit, noffset, FIT_DEFAULT_PROP, NULL);
439 printf("%s Default Configuration: '%s'\n", p, uname);
441 /* Process its subnodes, print out configurations details */
442 for (ndepth = 0, count = 0,
443 noffset = fdt_next_node(fit, confs_noffset, &ndepth);
444 (noffset >= 0) && (ndepth > 0);
445 noffset = fdt_next_node(fit, noffset, &ndepth)) {
448 * Direct child node of the configurations parent node,
449 * i.e. configuration node.
451 printf("%s Configuration %u (%s)\n", p, count++,
452 fit_get_name(fit, noffset, NULL));
454 fit_conf_print(fit, noffset, p);
460 * fit_image_print - prints out the FIT component image details
461 * @fit: pointer to the FIT format image header
462 * @image_noffset: offset of the component image node
463 * @p: pointer to prefix string
465 * fit_image_print() lists all mandatory properties for the processed component
466 * image. If present, hash nodes are printed out as well. Load
467 * address for images of type firmware is also printed out. Since the load
468 * address is not mandatory for firmware images, it will be output as
469 * "unavailable" when not present.
472 * no returned results
474 void fit_image_print(const void *fit, int image_noffset, const char *p)
477 uint8_t type, arch, os, comp;
485 /* Mandatory properties */
486 ret = fit_get_desc(fit, image_noffset, &desc);
487 printf("%s Description: ", p);
489 printf("unavailable\n");
491 printf("%s\n", desc);
493 if (IMAGE_ENABLE_TIMESTAMP) {
496 ret = fit_get_timestamp(fit, 0, ×tamp);
497 printf("%s Created: ", p);
499 printf("unavailable\n");
501 genimg_print_time(timestamp);
504 fit_image_get_type(fit, image_noffset, &type);
505 printf("%s Type: %s\n", p, genimg_get_type_name(type));
507 fit_image_get_comp(fit, image_noffset, &comp);
508 printf("%s Compression: %s\n", p, genimg_get_comp_name(comp));
510 ret = fit_image_get_data_and_size(fit, image_noffset, &data, &size);
513 printf("%s Data Start: ", p);
515 printf("unavailable\n");
517 void *vdata = (void *)data;
519 printf("0x%08lx\n", (ulong)map_to_sysmem(vdata));
523 printf("%s Data Size: ", p);
525 printf("unavailable\n");
527 genimg_print_size(size);
529 /* Remaining, type dependent properties */
530 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
531 (type == IH_TYPE_RAMDISK) || (type == IH_TYPE_FIRMWARE) ||
532 (type == IH_TYPE_FLATDT)) {
533 fit_image_get_arch(fit, image_noffset, &arch);
534 printf("%s Architecture: %s\n", p, genimg_get_arch_name(arch));
537 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_RAMDISK) ||
538 (type == IH_TYPE_FIRMWARE)) {
539 fit_image_get_os(fit, image_noffset, &os);
540 printf("%s OS: %s\n", p, genimg_get_os_name(os));
543 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
544 (type == IH_TYPE_FIRMWARE) || (type == IH_TYPE_RAMDISK) ||
545 (type == IH_TYPE_FPGA)) {
546 ret = fit_image_get_load(fit, image_noffset, &load);
547 printf("%s Load Address: ", p);
549 printf("unavailable\n");
551 printf("0x%08lx\n", load);
554 /* optional load address for FDT */
555 if (type == IH_TYPE_FLATDT && !fit_image_get_load(fit, image_noffset, &load))
556 printf("%s Load Address: 0x%08lx\n", p, load);
558 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
559 (type == IH_TYPE_RAMDISK)) {
560 ret = fit_image_get_entry(fit, image_noffset, &entry);
561 printf("%s Entry Point: ", p);
563 printf("unavailable\n");
565 printf("0x%08lx\n", entry);
568 /* Process all hash subnodes of the component image node */
569 for (ndepth = 0, noffset = fdt_next_node(fit, image_noffset, &ndepth);
570 (noffset >= 0) && (ndepth > 0);
571 noffset = fdt_next_node(fit, noffset, &ndepth)) {
573 /* Direct child node of the component image node */
574 fit_image_print_verification_data(fit, noffset, p);
579 void fit_print_contents(const void *fit) { }
580 void fit_image_print(const void *fit, int image_noffset, const char *p) { }
581 #endif /* CONFIG_IS_ENABLED(FIR_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT) */
584 * fit_get_desc - get node description property
585 * @fit: pointer to the FIT format image header
586 * @noffset: node offset
587 * @desc: double pointer to the char, will hold pointer to the description
589 * fit_get_desc() reads description property from a given node, if
590 * description is found pointer to it is returned in third call argument.
596 int fit_get_desc(const void *fit, int noffset, char **desc)
600 *desc = (char *)fdt_getprop(fit, noffset, FIT_DESC_PROP, &len);
602 fit_get_debug(fit, noffset, FIT_DESC_PROP, len);
610 * fit_get_timestamp - get node timestamp property
611 * @fit: pointer to the FIT format image header
612 * @noffset: node offset
613 * @timestamp: pointer to the time_t, will hold read timestamp
615 * fit_get_timestamp() reads timestamp property from given node, if timestamp
616 * is found and has a correct size its value is returned in third call
621 * -1, on property read failure
622 * -2, on wrong timestamp size
624 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp)
629 data = fdt_getprop(fit, noffset, FIT_TIMESTAMP_PROP, &len);
631 fit_get_debug(fit, noffset, FIT_TIMESTAMP_PROP, len);
634 if (len != sizeof(uint32_t)) {
635 debug("FIT timestamp with incorrect size of (%u)\n", len);
639 *timestamp = uimage_to_cpu(*((uint32_t *)data));
644 * fit_image_get_node - get node offset for component image of a given unit name
645 * @fit: pointer to the FIT format image header
646 * @image_uname: component image node unit name
648 * fit_image_get_node() finds a component image (within the '/images'
649 * node) of a provided unit name. If image is found its node offset is
650 * returned to the caller.
653 * image node offset when found (>=0)
654 * negative number on failure (FDT_ERR_* code)
656 int fit_image_get_node(const void *fit, const char *image_uname)
658 int noffset, images_noffset;
660 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
661 if (images_noffset < 0) {
662 debug("Can't find images parent node '%s' (%s)\n",
663 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
664 return images_noffset;
667 noffset = fdt_subnode_offset(fit, images_noffset, image_uname);
669 debug("Can't get node offset for image unit name: '%s' (%s)\n",
670 image_uname, fdt_strerror(noffset));
677 * fit_image_get_os - get os id for a given component image node
678 * @fit: pointer to the FIT format image header
679 * @noffset: component image node offset
680 * @os: pointer to the uint8_t, will hold os numeric id
682 * fit_image_get_os() finds os property in a given component image node.
683 * If the property is found, its (string) value is translated to the numeric
684 * id which is returned to the caller.
690 int fit_image_get_os(const void *fit, int noffset, uint8_t *os)
695 /* Get OS name from property data */
696 data = fdt_getprop(fit, noffset, FIT_OS_PROP, &len);
698 fit_get_debug(fit, noffset, FIT_OS_PROP, len);
703 /* Translate OS name to id */
704 *os = genimg_get_os_id(data);
709 * fit_image_get_arch - get arch id for a given component image node
710 * @fit: pointer to the FIT format image header
711 * @noffset: component image node offset
712 * @arch: pointer to the uint8_t, will hold arch numeric id
714 * fit_image_get_arch() finds arch property in a given component image node.
715 * If the property is found, its (string) value is translated to the numeric
716 * id which is returned to the caller.
722 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch)
727 /* Get architecture name from property data */
728 data = fdt_getprop(fit, noffset, FIT_ARCH_PROP, &len);
730 fit_get_debug(fit, noffset, FIT_ARCH_PROP, len);
735 /* Translate architecture name to id */
736 *arch = genimg_get_arch_id(data);
741 * fit_image_get_type - get type id for a given component image node
742 * @fit: pointer to the FIT format image header
743 * @noffset: component image node offset
744 * @type: pointer to the uint8_t, will hold type numeric id
746 * fit_image_get_type() finds type property in a given component image node.
747 * If the property is found, its (string) value is translated to the numeric
748 * id which is returned to the caller.
754 int fit_image_get_type(const void *fit, int noffset, uint8_t *type)
759 /* Get image type name from property data */
760 data = fdt_getprop(fit, noffset, FIT_TYPE_PROP, &len);
762 fit_get_debug(fit, noffset, FIT_TYPE_PROP, len);
767 /* Translate image type name to id */
768 *type = genimg_get_type_id(data);
773 * fit_image_get_comp - get comp id for a given component image node
774 * @fit: pointer to the FIT format image header
775 * @noffset: component image node offset
776 * @comp: pointer to the uint8_t, will hold comp numeric id
778 * fit_image_get_comp() finds comp property in a given component image node.
779 * If the property is found, its (string) value is translated to the numeric
780 * id which is returned to the caller.
786 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp)
791 /* Get compression name from property data */
792 data = fdt_getprop(fit, noffset, FIT_COMP_PROP, &len);
794 fit_get_debug(fit, noffset, FIT_COMP_PROP, len);
799 /* Translate compression name to id */
800 *comp = genimg_get_comp_id(data);
804 static int fit_image_get_address(const void *fit, int noffset, char *name,
811 cell = fdt_getprop(fit, noffset, name, &len);
813 fit_get_debug(fit, noffset, name, len);
818 /* Use load64 to avoid compiling warning for 32-bit target */
820 load64 = (load64 << 32) | uimage_to_cpu(*cell);
824 if (len > sizeof(ulong) && (uint32_t)(load64 >> 32)) {
825 printf("Unsupported %s address size\n", name);
829 *load = (ulong)load64;
834 * fit_image_get_load() - get load addr property for given component image node
835 * @fit: pointer to the FIT format image header
836 * @noffset: component image node offset
837 * @load: pointer to the uint32_t, will hold load address
839 * fit_image_get_load() finds load address property in a given component
840 * image node. If the property is found, its value is returned to the caller.
846 int fit_image_get_load(const void *fit, int noffset, ulong *load)
848 return fit_image_get_address(fit, noffset, FIT_LOAD_PROP, load);
852 * fit_image_get_entry() - get entry point address property
853 * @fit: pointer to the FIT format image header
854 * @noffset: component image node offset
855 * @entry: pointer to the uint32_t, will hold entry point address
857 * This gets the entry point address property for a given component image
860 * fit_image_get_entry() finds entry point address property in a given
861 * component image node. If the property is found, its value is returned
868 int fit_image_get_entry(const void *fit, int noffset, ulong *entry)
870 return fit_image_get_address(fit, noffset, FIT_ENTRY_PROP, entry);
874 * fit_image_get_data - get data property and its size for a given component image node
875 * @fit: pointer to the FIT format image header
876 * @noffset: component image node offset
877 * @data: double pointer to void, will hold data property's data address
878 * @size: pointer to size_t, will hold data property's data size
880 * fit_image_get_data() finds data property in a given component image node.
881 * If the property is found its data start address and size are returned to
888 int fit_image_get_data(const void *fit, int noffset,
889 const void **data, size_t *size)
893 *data = fdt_getprop(fit, noffset, FIT_DATA_PROP, &len);
895 fit_get_debug(fit, noffset, FIT_DATA_PROP, len);
905 * Get 'data-offset' property from a given image node.
907 * @fit: pointer to the FIT image header
908 * @noffset: component image node offset
909 * @data_offset: holds the data-offset property
913 * -ENOENT if the property could not be found
915 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset)
919 val = fdt_getprop(fit, noffset, FIT_DATA_OFFSET_PROP, NULL);
923 *data_offset = fdt32_to_cpu(*val);
929 * Get 'data-position' property from a given image node.
931 * @fit: pointer to the FIT image header
932 * @noffset: component image node offset
933 * @data_position: holds the data-position property
937 * -ENOENT if the property could not be found
939 int fit_image_get_data_position(const void *fit, int noffset,
944 val = fdt_getprop(fit, noffset, FIT_DATA_POSITION_PROP, NULL);
948 *data_position = fdt32_to_cpu(*val);
954 * Get 'data-size' property from a given image node.
956 * @fit: pointer to the FIT image header
957 * @noffset: component image node offset
958 * @data_size: holds the data-size property
962 * -ENOENT if the property could not be found
964 int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
968 val = fdt_getprop(fit, noffset, FIT_DATA_SIZE_PROP, NULL);
972 *data_size = fdt32_to_cpu(*val);
978 * Get 'data-size-unciphered' property from a given image node.
980 * @fit: pointer to the FIT image header
981 * @noffset: component image node offset
982 * @data_size: holds the data-size property
986 * -ENOENT if the property could not be found
988 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
993 val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
997 *data_size = (size_t)fdt32_to_cpu(*val);
1003 * fit_image_get_data_and_size - get data and its size including
1004 * both embedded and external data
1005 * @fit: pointer to the FIT format image header
1006 * @noffset: component image node offset
1007 * @data: double pointer to void, will hold data property's data address
1008 * @size: pointer to size_t, will hold data property's data size
1010 * fit_image_get_data_and_size() finds data and its size including
1011 * both embedded and external data. If the property is found
1012 * its data start address and size are returned to the caller.
1016 * otherwise, on failure
1018 int fit_image_get_data_and_size(const void *fit, int noffset,
1019 const void **data, size_t *size)
1021 bool external_data = false;
1026 if (!fit_image_get_data_position(fit, noffset, &offset)) {
1027 external_data = true;
1028 } else if (!fit_image_get_data_offset(fit, noffset, &offset)) {
1029 external_data = true;
1031 * For FIT with external data, figure out where
1032 * the external images start. This is the base
1033 * for the data-offset properties in each image.
1035 offset += ((fdt_totalsize(fit) + 3) & ~3);
1038 if (external_data) {
1039 debug("External Data\n");
1040 ret = fit_image_get_data_size(fit, noffset, &len);
1042 *data = fit + offset;
1046 ret = fit_image_get_data(fit, noffset, data, size);
1053 * fit_image_hash_get_algo - get hash algorithm name
1054 * @fit: pointer to the FIT format image header
1055 * @noffset: hash node offset
1056 * @algo: double pointer to char, will hold pointer to the algorithm name
1058 * fit_image_hash_get_algo() finds hash algorithm property in a given hash node.
1059 * If the property is found its data start address is returned to the caller.
1065 int fit_image_hash_get_algo(const void *fit, int noffset, char **algo)
1069 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1070 if (*algo == NULL) {
1071 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1079 * fit_image_hash_get_value - get hash value and length
1080 * @fit: pointer to the FIT format image header
1081 * @noffset: hash node offset
1082 * @value: double pointer to uint8_t, will hold address of a hash value data
1083 * @value_len: pointer to an int, will hold hash data length
1085 * fit_image_hash_get_value() finds hash value property in a given hash node.
1086 * If the property is found its data start address and size are returned to
1093 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1098 *value = (uint8_t *)fdt_getprop(fit, noffset, FIT_VALUE_PROP, &len);
1099 if (*value == NULL) {
1100 fit_get_debug(fit, noffset, FIT_VALUE_PROP, len);
1110 * fit_image_hash_get_ignore - get hash ignore flag
1111 * @fit: pointer to the FIT format image header
1112 * @noffset: hash node offset
1113 * @ignore: pointer to an int, will hold hash ignore flag
1115 * fit_image_hash_get_ignore() finds hash ignore property in a given hash node.
1116 * If the property is found and non-zero, the hash algorithm is not verified by
1117 * u-boot automatically.
1120 * 0, on ignore not found
1121 * value, on ignore found
1123 static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore)
1128 value = (int *)fdt_getprop(fit, noffset, FIT_IGNORE_PROP, &len);
1129 if (value == NULL || len != sizeof(int))
1138 * fit_image_cipher_get_algo - get cipher algorithm name
1139 * @fit: pointer to the FIT format image header
1140 * @noffset: cipher node offset
1141 * @algo: double pointer to char, will hold pointer to the algorithm name
1143 * fit_image_cipher_get_algo() finds cipher algorithm property in a given
1144 * cipher node. If the property is found its data start address is returned
1151 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo)
1155 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1157 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1164 ulong fit_get_end(const void *fit)
1166 return map_to_sysmem((void *)(fit + fdt_totalsize(fit)));
1170 * fit_set_timestamp - set node timestamp property
1171 * @fit: pointer to the FIT format image header
1172 * @noffset: node offset
1173 * @timestamp: timestamp value to be set
1175 * fit_set_timestamp() attempts to set timestamp property in the requested
1176 * node and returns operation status to the caller.
1180 * -ENOSPC if no space in device tree, -1 for other error
1182 int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
1187 t = cpu_to_uimage(timestamp);
1188 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
1191 debug("Can't set '%s' property for '%s' node (%s)\n",
1192 FIT_TIMESTAMP_PROP, fit_get_name(fit, noffset, NULL),
1194 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -1;
1201 * calculate_hash - calculate and return hash for provided input data
1202 * @data: pointer to the input data
1203 * @data_len: data length
1204 * @algo: requested hash algorithm
1205 * @value: pointer to the char, will hold hash value data (caller must
1206 * allocate enough free space)
1207 * value_len: length of the calculated hash
1209 * calculate_hash() computes input data hash according to the requested
1211 * Resulting hash value is placed in caller provided 'value' buffer, length
1212 * of the calculated hash is returned via value_len pointer argument.
1216 * -1, when algo is unsupported
1218 int calculate_hash(const void *data, int data_len, const char *name,
1219 uint8_t *value, int *value_len)
1221 #if !defined(USE_HOSTCC) && defined(CONFIG_DM_HASH)
1223 enum HASH_ALGO hash_algo;
1224 struct udevice *dev;
1226 rc = uclass_get_device(UCLASS_HASH, 0, &dev);
1228 debug("failed to get hash device, rc=%d\n", rc);
1232 hash_algo = hash_algo_lookup_by_name(algo);
1233 if (hash_algo == HASH_ALGO_INVALID) {
1234 debug("Unsupported hash algorithm\n");
1238 rc = hash_digest_wd(dev, hash_algo, data, data_len, value, CHUNKSZ);
1240 debug("failed to get hash value, rc=%d\n", rc);
1244 *value_len = hash_algo_digest_size(hash_algo);
1246 struct hash_algo *algo;
1249 ret = hash_lookup_algo(name, &algo);
1251 debug("Unsupported hash alogrithm\n");
1255 algo->hash_func_ws(data, data_len, value, algo->chunk_size);
1256 *value_len = algo->digest_size;
1262 static int fit_image_check_hash(const void *fit, int noffset, const void *data,
1263 size_t size, char **err_msgp)
1265 uint8_t value[FIT_MAX_HASH_LEN];
1274 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
1275 *err_msgp = "Can't get hash algo property";
1280 if (IMAGE_ENABLE_IGNORE) {
1281 fit_image_hash_get_ignore(fit, noffset, &ignore);
1283 printf("-skipped ");
1288 if (fit_image_hash_get_value(fit, noffset, &fit_value,
1290 *err_msgp = "Can't get hash value property";
1294 if (calculate_hash(data, size, algo, value, &value_len)) {
1295 *err_msgp = "Unsupported hash algorithm";
1299 if (value_len != fit_value_len) {
1300 *err_msgp = "Bad hash value len";
1302 } else if (memcmp(value, fit_value, value_len) != 0) {
1303 *err_msgp = "Bad hash value";
1310 int fit_image_verify_with_data(const void *fit, int image_noffset,
1311 const void *data, size_t size)
1318 /* Verify all required signatures */
1319 if (FIT_IMAGE_ENABLE_VERIFY &&
1320 fit_image_verify_required_sigs(fit, image_noffset, data, size,
1321 gd_fdt_blob(), &verify_all)) {
1322 err_msg = "Unable to verify required signature";
1326 /* Process all hash subnodes of the component image node */
1327 fdt_for_each_subnode(noffset, fit, image_noffset) {
1328 const char *name = fit_get_name(fit, noffset, NULL);
1331 * Check subnode name, must be equal to "hash".
1332 * Multiple hash nodes require unique unit node
1333 * names, e.g. hash-1, hash-2, etc.
1335 if (!strncmp(name, FIT_HASH_NODENAME,
1336 strlen(FIT_HASH_NODENAME))) {
1337 if (fit_image_check_hash(fit, noffset, data, size,
1341 } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
1342 !strncmp(name, FIT_SIG_NODENAME,
1343 strlen(FIT_SIG_NODENAME))) {
1344 ret = fit_image_check_sig(fit, noffset, data,
1345 size, -1, &err_msg);
1348 * Show an indication on failure, but do not return
1349 * an error. Only keys marked 'required' can cause
1350 * an image validation failure. See the call to
1351 * fit_image_verify_required_sigs() above.
1360 if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
1361 err_msg = "Corrupted or truncated tree";
1368 printf(" error!\n%s for '%s' hash node in '%s' image node\n",
1369 err_msg, fit_get_name(fit, noffset, NULL),
1370 fit_get_name(fit, image_noffset, NULL));
1375 * fit_image_verify - verify data integrity
1376 * @fit: pointer to the FIT format image header
1377 * @image_noffset: component image node offset
1379 * fit_image_verify() goes over component image hash nodes,
1380 * re-calculates each data hash and compares with the value stored in hash
1384 * 1, if all hashes are valid
1385 * 0, otherwise (or on error)
1387 int fit_image_verify(const void *fit, int image_noffset)
1389 const char *name = fit_get_name(fit, image_noffset, NULL);
1394 if (IS_ENABLED(CONFIG_FIT_SIGNATURE) && strchr(name, '@')) {
1396 * We don't support this since libfdt considers names with the
1397 * name root but different @ suffix to be equal
1399 err_msg = "Node name contains @";
1402 /* Get image data and data length */
1403 if (fit_image_get_data_and_size(fit, image_noffset, &data, &size)) {
1404 err_msg = "Can't get image data/size";
1408 return fit_image_verify_with_data(fit, image_noffset, data, size);
1411 printf("error!\n%s in '%s' image node\n", err_msg,
1412 fit_get_name(fit, image_noffset, NULL));
1417 * fit_all_image_verify - verify data integrity for all images
1418 * @fit: pointer to the FIT format image header
1420 * fit_all_image_verify() goes over all images in the FIT and
1421 * for every images checks if all it's hashes are valid.
1424 * 1, if all hashes of all images are valid
1425 * 0, otherwise (or on error)
1427 int fit_all_image_verify(const void *fit)
1434 /* Find images parent node offset */
1435 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1436 if (images_noffset < 0) {
1437 printf("Can't find images parent node '%s' (%s)\n",
1438 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1442 /* Process all image subnodes, check hashes for each */
1443 printf("## Checking hash(es) for FIT Image at %08lx ...\n",
1445 for (ndepth = 0, count = 0,
1446 noffset = fdt_next_node(fit, images_noffset, &ndepth);
1447 (noffset >= 0) && (ndepth > 0);
1448 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1451 * Direct child node of the images parent node,
1452 * i.e. component image node.
1454 printf(" Hash(es) for Image %u (%s): ", count,
1455 fit_get_name(fit, noffset, NULL));
1458 if (!fit_image_verify(fit, noffset))
1466 static int fit_image_uncipher(const void *fit, int image_noffset,
1467 void **data, size_t *size)
1469 int cipher_noffset, ret;
1473 cipher_noffset = fdt_subnode_offset(fit, image_noffset,
1474 FIT_CIPHER_NODENAME);
1475 if (cipher_noffset < 0)
1478 ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
1479 *data, *size, &dst, &size_dst);
1491 * fit_image_check_os - check whether image node is of a given os type
1492 * @fit: pointer to the FIT format image header
1493 * @noffset: component image node offset
1494 * @os: requested image os
1496 * fit_image_check_os() reads image os property and compares its numeric
1497 * id with the requested os. Comparison result is returned to the caller.
1500 * 1 if image is of given os type
1501 * 0 otherwise (or on error)
1503 int fit_image_check_os(const void *fit, int noffset, uint8_t os)
1507 if (fit_image_get_os(fit, noffset, &image_os))
1509 return (os == image_os);
1513 * fit_image_check_arch - check whether image node is of a given arch
1514 * @fit: pointer to the FIT format image header
1515 * @noffset: component image node offset
1516 * @arch: requested imagearch
1518 * fit_image_check_arch() reads image arch property and compares its numeric
1519 * id with the requested arch. Comparison result is returned to the caller.
1522 * 1 if image is of given arch
1523 * 0 otherwise (or on error)
1525 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch)
1528 int aarch32_support = 0;
1530 /* Let's assume that sandbox can load any architecture */
1531 if (IS_ENABLED(CONFIG_SANDBOX))
1534 if (IS_ENABLED(CONFIG_ARM64_SUPPORT_AARCH32))
1535 aarch32_support = 1;
1537 if (fit_image_get_arch(fit, noffset, &image_arch))
1539 return (arch == image_arch) ||
1540 (arch == IH_ARCH_I386 && image_arch == IH_ARCH_X86_64) ||
1541 (arch == IH_ARCH_ARM64 && image_arch == IH_ARCH_ARM &&
1546 * fit_image_check_type - check whether image node is of a given type
1547 * @fit: pointer to the FIT format image header
1548 * @noffset: component image node offset
1549 * @type: requested image type
1551 * fit_image_check_type() reads image type property and compares its numeric
1552 * id with the requested type. Comparison result is returned to the caller.
1555 * 1 if image is of given type
1556 * 0 otherwise (or on error)
1558 int fit_image_check_type(const void *fit, int noffset, uint8_t type)
1562 if (fit_image_get_type(fit, noffset, &image_type))
1564 return (type == image_type);
1568 * fit_image_check_comp - check whether image node uses given compression
1569 * @fit: pointer to the FIT format image header
1570 * @noffset: component image node offset
1571 * @comp: requested image compression type
1573 * fit_image_check_comp() reads image compression property and compares its
1574 * numeric id with the requested compression type. Comparison result is
1575 * returned to the caller.
1578 * 1 if image uses requested compression
1579 * 0 otherwise (or on error)
1581 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp)
1585 if (fit_image_get_comp(fit, noffset, &image_comp))
1587 return (comp == image_comp);
1591 * fdt_check_no_at() - Check for nodes whose names contain '@'
1593 * This checks the parent node and all subnodes recursively
1595 * @fit: FIT to check
1596 * @parent: Parent node to check
1597 * @return 0 if OK, -EADDRNOTAVAIL is a node has a name containing '@'
1599 static int fdt_check_no_at(const void *fit, int parent)
1605 name = fdt_get_name(fit, parent, NULL);
1606 if (!name || strchr(name, '@'))
1607 return -EADDRNOTAVAIL;
1609 fdt_for_each_subnode(node, fit, parent) {
1610 ret = fdt_check_no_at(fit, node);
1618 int fit_check_format(const void *fit, ulong size)
1622 /* A FIT image must be a valid FDT */
1623 ret = fdt_check_header(fit);
1625 log_debug("Wrong FIT format: not a flattened device tree (err=%d)\n",
1630 if (CONFIG_IS_ENABLED(FIT_FULL_CHECK)) {
1632 * If we are not given the size, make do wtih calculating it.
1633 * This is not as secure, so we should consider a flag to
1636 if (size == IMAGE_SIZE_INVAL)
1637 size = fdt_totalsize(fit);
1638 ret = fdt_check_full(fit, size);
1643 * U-Boot stopped using unit addressed in 2017. Since libfdt
1644 * can match nodes ignoring any unit address, signature
1645 * verification can see the wrong node if one is inserted with
1646 * the same name as a valid node but with a unit address
1647 * attached. Protect against this by disallowing unit addresses.
1649 if (!ret && CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
1650 ret = fdt_check_no_at(fit, 0);
1653 log_debug("FIT check error %d\n", ret);
1658 log_debug("FIT check error %d\n", ret);
1663 /* mandatory / node 'description' property */
1664 if (!fdt_getprop(fit, 0, FIT_DESC_PROP, NULL)) {
1665 log_debug("Wrong FIT format: no description\n");
1669 if (IMAGE_ENABLE_TIMESTAMP) {
1670 /* mandatory / node 'timestamp' property */
1671 if (!fdt_getprop(fit, 0, FIT_TIMESTAMP_PROP, NULL)) {
1672 log_debug("Wrong FIT format: no timestamp\n");
1677 /* mandatory subimages parent '/images' node */
1678 if (fdt_path_offset(fit, FIT_IMAGES_PATH) < 0) {
1679 log_debug("Wrong FIT format: no images parent node\n");
1687 * fit_conf_find_compat
1688 * @fit: pointer to the FIT format image header
1689 * @fdt: pointer to the device tree to compare against
1691 * fit_conf_find_compat() attempts to find the configuration whose fdt is the
1692 * most compatible with the passed in device tree.
1701 * |-o configurations
1709 * |-compatible = "foo,bar", "bim,bam"
1712 * |-compatible = "foo,bar",
1715 * |-compatible = "bim,bam", "baz,biz"
1717 * Configuration 1 would be picked because the first string in U-Boot's
1718 * compatible list, "foo,bar", matches a compatible string in the root of fdt1.
1719 * "bim,bam" in fdt2 matches the second string which isn't as good as fdt1.
1721 * As an optimization, the compatible property from the FDT's root node can be
1722 * copied into the configuration node in the FIT image. This is required to
1723 * match configurations with compressed FDTs.
1726 * offset to the configuration to use if one was found
1729 int fit_conf_find_compat(const void *fit, const void *fdt)
1732 int noffset, confs_noffset, images_noffset;
1733 const void *fdt_compat;
1735 int best_match_offset = 0;
1736 int best_match_pos = 0;
1738 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1739 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1740 if (confs_noffset < 0 || images_noffset < 0) {
1741 debug("Can't find configurations or images nodes.\n");
1745 fdt_compat = fdt_getprop(fdt, 0, "compatible", &fdt_compat_len);
1747 debug("Fdt for comparison has no \"compatible\" property.\n");
1752 * Loop over the configurations in the FIT image.
1754 for (noffset = fdt_next_node(fit, confs_noffset, &ndepth);
1755 (noffset >= 0) && (ndepth > 0);
1756 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1758 const char *kfdt_name;
1759 int kfdt_noffset, compat_noffset;
1760 const char *cur_fdt_compat;
1768 /* If there's a compat property in the config node, use that. */
1769 if (fdt_getprop(fit, noffset, "compatible", NULL)) {
1770 fdt = fit; /* search in FIT image */
1771 compat_noffset = noffset; /* search under config node */
1772 } else { /* Otherwise extract it from the kernel FDT. */
1773 kfdt_name = fdt_getprop(fit, noffset, "fdt", &len);
1775 debug("No fdt property found.\n");
1778 kfdt_noffset = fdt_subnode_offset(fit, images_noffset,
1780 if (kfdt_noffset < 0) {
1781 debug("No image node named \"%s\" found.\n",
1786 if (!fit_image_check_comp(fit, kfdt_noffset,
1788 debug("Can't extract compat from \"%s\" "
1789 "(compressed)\n", kfdt_name);
1793 /* search in this config's kernel FDT */
1794 if (fit_image_get_data_and_size(fit, kfdt_noffset,
1796 debug("Failed to get fdt \"%s\".\n", kfdt_name);
1800 compat_noffset = 0; /* search kFDT under root node */
1803 len = fdt_compat_len;
1804 cur_fdt_compat = fdt_compat;
1806 * Look for a match for each U-Boot compatibility string in
1807 * turn in the compat string property.
1809 for (i = 0; len > 0 &&
1810 (!best_match_offset || best_match_pos > i); i++) {
1811 int cur_len = strlen(cur_fdt_compat) + 1;
1813 if (!fdt_node_check_compatible(fdt, compat_noffset,
1815 best_match_offset = noffset;
1820 cur_fdt_compat += cur_len;
1823 if (!best_match_offset) {
1824 debug("No match found.\n");
1828 return best_match_offset;
1831 int fit_conf_get_node(const void *fit, const char *conf_uname)
1833 int noffset, confs_noffset;
1836 char *conf_uname_copy = NULL;
1838 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1839 if (confs_noffset < 0) {
1840 debug("Can't find configurations parent node '%s' (%s)\n",
1841 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1842 return confs_noffset;
1845 if (conf_uname == NULL) {
1846 /* get configuration unit name from the default property */
1847 debug("No configuration specified, trying default...\n");
1848 if (!host_build() && IS_ENABLED(CONFIG_MULTI_DTB_FIT)) {
1849 noffset = fit_find_config_node(fit);
1852 conf_uname = fdt_get_name(fit, noffset, NULL);
1854 conf_uname = (char *)fdt_getprop(fit, confs_noffset,
1855 FIT_DEFAULT_PROP, &len);
1856 if (conf_uname == NULL) {
1857 fit_get_debug(fit, confs_noffset, FIT_DEFAULT_PROP,
1862 debug("Found default configuration: '%s'\n", conf_uname);
1865 s = strchr(conf_uname, '#');
1867 len = s - conf_uname;
1868 conf_uname_copy = malloc(len + 1);
1869 if (!conf_uname_copy) {
1870 debug("Can't allocate uname copy: '%s'\n",
1874 memcpy(conf_uname_copy, conf_uname, len);
1875 conf_uname_copy[len] = '\0';
1876 conf_uname = conf_uname_copy;
1879 noffset = fdt_subnode_offset(fit, confs_noffset, conf_uname);
1881 debug("Can't get node offset for configuration unit name: '%s' (%s)\n",
1882 conf_uname, fdt_strerror(noffset));
1885 if (conf_uname_copy)
1886 free(conf_uname_copy);
1891 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1892 const char *prop_name)
1894 return fdt_stringlist_count(fit, noffset, prop_name);
1897 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1898 const char *prop_name, int index)
1903 /* get kernel image unit name from configuration kernel property */
1904 uname = fdt_stringlist_get(fit, noffset, prop_name, index, &len);
1908 return fit_image_get_node(fit, uname);
1911 int fit_conf_get_prop_node(const void *fit, int noffset,
1912 const char *prop_name)
1914 return fit_conf_get_prop_node_index(fit, noffset, prop_name, 0);
1917 static int fit_image_select(const void *fit, int rd_noffset, int verify)
1919 fit_image_print(fit, rd_noffset, " ");
1922 puts(" Verifying Hash Integrity ... ");
1923 if (!fit_image_verify(fit, rd_noffset)) {
1924 puts("Bad Data Hash\n");
1933 int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name,
1940 debug("* %s: using config '%s' from image at 0x%08lx\n",
1941 prop_name, images->fit_uname_cfg, addr);
1943 /* Check whether configuration has this property defined */
1944 fit_hdr = map_sysmem(addr, 0);
1945 cfg_noffset = fit_conf_get_node(fit_hdr, images->fit_uname_cfg);
1946 if (cfg_noffset < 0) {
1947 debug("* %s: no such config\n", prop_name);
1951 noffset = fit_conf_get_prop_node(fit_hdr, cfg_noffset, prop_name);
1953 debug("* %s: no '%s' in config\n", prop_name, prop_name);
1961 * fit_get_image_type_property() - get property name for IH_TYPE_...
1963 * @return the properly name where we expect to find the image in the
1966 static const char *fit_get_image_type_property(int type)
1969 * This is sort-of available in the uimage_type[] table in image.c
1970 * but we don't have access to the short name, and "fdt" is different
1971 * anyway. So let's just keep it here.
1974 case IH_TYPE_FLATDT:
1975 return FIT_FDT_PROP;
1976 case IH_TYPE_KERNEL:
1977 return FIT_KERNEL_PROP;
1978 case IH_TYPE_FIRMWARE:
1979 return FIT_FIRMWARE_PROP;
1980 case IH_TYPE_RAMDISK:
1981 return FIT_RAMDISK_PROP;
1982 case IH_TYPE_X86_SETUP:
1983 return FIT_SETUP_PROP;
1984 case IH_TYPE_LOADABLE:
1985 return FIT_LOADABLE_PROP;
1987 return FIT_FPGA_PROP;
1988 case IH_TYPE_STANDALONE:
1989 return FIT_STANDALONE_PROP;
1995 int fit_image_load(bootm_headers_t *images, ulong addr,
1996 const char **fit_unamep, const char **fit_uname_configp,
1997 int arch, int image_type, int bootstage_id,
1998 enum fit_load_op load_op, ulong *datap, ulong *lenp)
2000 int cfg_noffset, noffset;
2001 const char *fit_uname;
2002 const char *fit_uname_config;
2003 const char *fit_base_uname_config;
2009 ulong load, load_end, data, len;
2014 const char *prop_name;
2017 fit = map_sysmem(addr, 0);
2018 fit_uname = fit_unamep ? *fit_unamep : NULL;
2019 fit_uname_config = fit_uname_configp ? *fit_uname_configp : NULL;
2020 fit_base_uname_config = NULL;
2021 prop_name = fit_get_image_type_property(image_type);
2022 printf("## Loading %s from FIT Image at %08lx ...\n", prop_name, addr);
2024 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2025 ret = fit_check_format(fit, IMAGE_SIZE_INVAL);
2027 printf("Bad FIT %s image format! (err=%d)\n", prop_name, ret);
2028 if (CONFIG_IS_ENABLED(FIT_SIGNATURE) && ret == -EADDRNOTAVAIL)
2029 printf("Signature checking prevents use of unit addresses (@) in nodes\n");
2030 bootstage_error(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2033 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT_OK);
2035 /* get FIT component image node offset */
2036 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_UNIT_NAME);
2037 noffset = fit_image_get_node(fit, fit_uname);
2040 * no image node unit name, try to get config
2041 * node first. If config unit node name is NULL
2042 * fit_conf_get_node() will try to find default config node
2044 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME);
2045 if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) {
2046 cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob());
2048 cfg_noffset = fit_conf_get_node(fit,
2051 if (cfg_noffset < 0) {
2052 puts("Could not find configuration node\n");
2053 bootstage_error(bootstage_id +
2054 BOOTSTAGE_SUB_NO_UNIT_NAME);
2058 fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
2059 printf(" Using '%s' configuration\n", fit_base_uname_config);
2060 /* Remember this config */
2061 if (image_type == IH_TYPE_KERNEL)
2062 images->fit_uname_cfg = fit_base_uname_config;
2064 if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
2065 puts(" Verifying Hash Integrity ... ");
2066 if (fit_config_verify(fit, cfg_noffset)) {
2067 puts("Bad Data Hash\n");
2068 bootstage_error(bootstage_id +
2069 BOOTSTAGE_SUB_HASH);
2075 bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
2077 noffset = fit_conf_get_prop_node(fit, cfg_noffset,
2079 fit_uname = fit_get_name(fit, noffset, NULL);
2082 printf("Could not find subimage node type '%s'\n", prop_name);
2083 bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE);
2087 printf(" Trying '%s' %s subimage\n", fit_uname, prop_name);
2089 ret = fit_image_select(fit, noffset, images->verify);
2091 bootstage_error(bootstage_id + BOOTSTAGE_SUB_HASH);
2095 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2096 if (!host_build() && IS_ENABLED(CONFIG_SANDBOX)) {
2097 if (!fit_image_check_target_arch(fit, noffset)) {
2098 puts("Unsupported Architecture\n");
2099 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2105 fit_image_get_arch(fit, noffset, &os_arch);
2106 images->os.arch = os_arch;
2109 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2110 type_ok = fit_image_check_type(fit, noffset, image_type) ||
2111 fit_image_check_type(fit, noffset, IH_TYPE_FIRMWARE) ||
2112 fit_image_check_type(fit, noffset, IH_TYPE_TEE) ||
2113 (image_type == IH_TYPE_KERNEL &&
2114 fit_image_check_type(fit, noffset, IH_TYPE_KERNEL_NOLOAD));
2116 os_ok = image_type == IH_TYPE_FLATDT ||
2117 image_type == IH_TYPE_FPGA ||
2118 fit_image_check_os(fit, noffset, IH_OS_LINUX) ||
2119 fit_image_check_os(fit, noffset, IH_OS_U_BOOT) ||
2120 fit_image_check_os(fit, noffset, IH_OS_TEE) ||
2121 fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) ||
2122 fit_image_check_os(fit, noffset, IH_OS_EFI) ||
2123 fit_image_check_os(fit, noffset, IH_OS_VXWORKS);
2126 * If either of the checks fail, we should report an error, but
2127 * if the image type is coming from the "loadables" field, we
2128 * don't care what it is
2130 if ((!type_ok || !os_ok) && image_type != IH_TYPE_LOADABLE) {
2131 fit_image_get_os(fit, noffset, &os);
2132 printf("No %s %s %s Image\n",
2133 genimg_get_os_name(os),
2134 genimg_get_arch_name(arch),
2135 genimg_get_type_name(image_type));
2136 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2140 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL_OK);
2142 /* get image data address and length */
2143 if (fit_image_get_data_and_size(fit, noffset,
2144 (const void **)&buf, &size)) {
2145 printf("Could not find %s subimage data!\n", prop_name);
2146 bootstage_error(bootstage_id + BOOTSTAGE_SUB_GET_DATA);
2150 /* Decrypt data before uncompress/move */
2151 if (IS_ENABLED(CONFIG_FIT_CIPHER) && IMAGE_ENABLE_DECRYPT) {
2152 puts(" Decrypting Data ... ");
2153 if (fit_image_uncipher(fit, noffset, &buf, &size)) {
2160 /* perform any post-processing on the image data */
2161 if (!host_build() && IS_ENABLED(CONFIG_FIT_IMAGE_POST_PROCESS))
2162 board_fit_image_post_process(fit, noffset, &buf, &size);
2166 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_GET_DATA_OK);
2168 data = map_to_sysmem(buf);
2170 if (load_op == FIT_LOAD_IGNORED) {
2172 } else if (fit_image_get_load(fit, noffset, &load)) {
2173 if (load_op == FIT_LOAD_REQUIRED) {
2174 printf("Can't get %s subimage load address!\n",
2176 bootstage_error(bootstage_id + BOOTSTAGE_SUB_LOAD);
2179 } else if (load_op != FIT_LOAD_OPTIONAL_NON_ZERO || load) {
2180 ulong image_start, image_end;
2183 * move image data to the load address,
2184 * make sure we don't overwrite initial image
2187 image_end = addr + fit_get_size(fit);
2189 load_end = load + len;
2190 if (image_type != IH_TYPE_KERNEL &&
2191 load < image_end && load_end > image_start) {
2192 printf("Error: %s overwritten\n", prop_name);
2196 printf(" Loading %s from 0x%08lx to 0x%08lx\n",
2197 prop_name, data, load);
2199 load = data; /* No load address specified */
2202 comp = IH_COMP_NONE;
2204 /* Kernel images get decompressed later in bootm_load_os(). */
2205 if (!fit_image_get_comp(fit, noffset, &comp) &&
2206 comp != IH_COMP_NONE &&
2207 !(image_type == IH_TYPE_KERNEL ||
2208 image_type == IH_TYPE_KERNEL_NOLOAD ||
2209 image_type == IH_TYPE_RAMDISK)) {
2210 ulong max_decomp_len = len * 20;
2212 loadbuf = malloc(max_decomp_len);
2213 load = map_to_sysmem(loadbuf);
2215 loadbuf = map_sysmem(load, max_decomp_len);
2217 if (image_decomp(comp, load, data, image_type,
2218 loadbuf, buf, len, max_decomp_len, &load_end)) {
2219 printf("Error decompressing %s\n", prop_name);
2223 len = load_end - load;
2224 } else if (load != data) {
2225 loadbuf = map_sysmem(load, len);
2226 memcpy(loadbuf, buf, len);
2229 if (image_type == IH_TYPE_RAMDISK && comp != IH_COMP_NONE)
2230 puts("WARNING: 'compression' nodes for ramdisks are deprecated,"
2231 " please fix your .its file!\n");
2233 /* verify that image data is a proper FDT blob */
2234 if (image_type == IH_TYPE_FLATDT && fdt_check_header(loadbuf)) {
2235 puts("Subimage data is not a FDT");
2239 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_LOAD);
2244 *fit_unamep = (char *)fit_uname;
2245 if (fit_uname_configp)
2246 *fit_uname_configp = (char *)(fit_uname_config ? :
2247 fit_base_uname_config);
2252 int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch,
2253 ulong *setup_start, ulong *setup_len)
2260 addr = map_to_sysmem(images->fit_hdr_os);
2261 noffset = fit_get_node_from_config(images, FIT_SETUP_PROP, addr);
2265 ret = fit_image_load(images, addr, NULL, NULL, arch,
2266 IH_TYPE_X86_SETUP, BOOTSTAGE_ID_FIT_SETUP_START,
2267 FIT_LOAD_REQUIRED, setup_start, &len);
2273 int boot_get_fdt_fit(bootm_headers_t *images, ulong addr,
2274 const char **fit_unamep, const char **fit_uname_configp,
2275 int arch, ulong *datap, ulong *lenp)
2277 int fdt_noffset, cfg_noffset, count;
2279 const char *fit_uname = NULL;
2280 const char *fit_uname_config = NULL;
2281 char *fit_uname_config_copy = NULL;
2282 char *next_config = NULL;
2284 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2285 ulong image_start, image_end;
2286 ulong ovload, ovlen, ovcopylen;
2287 const char *uconfig;
2289 void *base, *ov, *ovcopy = NULL;
2290 int i, err, noffset, ov_noffset;
2293 fit_uname = fit_unamep ? *fit_unamep : NULL;
2295 if (fit_uname_configp && *fit_uname_configp) {
2296 fit_uname_config_copy = strdup(*fit_uname_configp);
2297 if (!fit_uname_config_copy)
2300 next_config = strchr(fit_uname_config_copy, '#');
2302 *next_config++ = '\0';
2303 if (next_config - 1 > fit_uname_config_copy)
2304 fit_uname_config = fit_uname_config_copy;
2307 fdt_noffset = fit_image_load(images,
2308 addr, &fit_uname, &fit_uname_config,
2309 arch, IH_TYPE_FLATDT,
2310 BOOTSTAGE_ID_FIT_FDT_START,
2311 FIT_LOAD_OPTIONAL, &load, &len);
2313 if (fdt_noffset < 0)
2316 debug("fit_uname=%s, fit_uname_config=%s\n",
2317 fit_uname ? fit_uname : "<NULL>",
2318 fit_uname_config ? fit_uname_config : "<NULL>");
2320 fit = map_sysmem(addr, 0);
2322 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
2324 /* single blob, or error just return as well */
2325 count = fit_conf_get_prop_node_count(fit, cfg_noffset, FIT_FDT_PROP);
2326 if (count <= 1 && !next_config)
2329 /* we need to apply overlays */
2331 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2333 image_end = addr + fit_get_size(fit);
2334 /* verify that relocation took place by load address not being in fit */
2335 if (load >= image_start && load < image_end) {
2336 /* check is simplified; fit load checks for overlaps */
2337 printf("Overlayed FDT requires relocation\n");
2338 fdt_noffset = -EBADF;
2342 base = map_sysmem(load, len);
2344 /* apply extra configs in FIT first, followed by args */
2345 for (i = 1; ; i++) {
2347 noffset = fit_conf_get_prop_node_index(fit, cfg_noffset,
2349 uname = fit_get_name(fit, noffset, NULL);
2354 uconfig = next_config;
2355 next_config = strchr(next_config, '#');
2357 *next_config++ = '\0';
2361 * fit_image_load() would load the first FDT from the
2362 * extra config only when uconfig is specified.
2363 * Check if the extra config contains multiple FDTs and
2366 cfg_noffset = fit_conf_get_node(fit, uconfig);
2369 count = fit_conf_get_prop_node_count(fit, cfg_noffset,
2373 debug("%d: using uname=%s uconfig=%s\n", i, uname, uconfig);
2375 ov_noffset = fit_image_load(images,
2376 addr, &uname, &uconfig,
2377 arch, IH_TYPE_FLATDT,
2378 BOOTSTAGE_ID_FIT_FDT_START,
2379 FIT_LOAD_IGNORED, &ovload, &ovlen);
2380 if (ov_noffset < 0) {
2381 printf("load of %s failed\n", uname);
2384 debug("%s loaded at 0x%08lx len=0x%08lx\n",
2385 uname, ovload, ovlen);
2386 ov = map_sysmem(ovload, ovlen);
2388 ovcopylen = ALIGN(fdt_totalsize(ov), SZ_4K);
2389 ovcopy = malloc(ovcopylen);
2391 printf("failed to duplicate DTO before application\n");
2392 fdt_noffset = -ENOMEM;
2396 err = fdt_open_into(ov, ovcopy, ovcopylen);
2398 printf("failed on fdt_open_into for DTO\n");
2403 base = map_sysmem(load, len + ovlen);
2404 err = fdt_open_into(base, base, len + ovlen);
2406 printf("failed on fdt_open_into\n");
2411 /* the verbose method prints out messages on error */
2412 err = fdt_overlay_apply_verbose(base, ovcopy);
2418 len = fdt_totalsize(base);
2424 printf("config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set\n");
2425 fdt_noffset = -EBADF;
2434 *fit_unamep = fit_uname;
2435 if (fit_uname_configp)
2436 *fit_uname_configp = fit_uname_config;
2438 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2442 if (fit_uname_config_copy)
2443 free(fit_uname_config_copy);
projects / platform / kernel / u-boot.git / blob