1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
11 #define LOG_CATEGORY LOGC_BOOT
16 #include <linux/libfdt.h>
17 #include <u-boot/crc.h>
19 #include <linux/compiler.h>
20 #include <linux/sizes.h>
27 #include <asm/global_data.h>
28 DECLARE_GLOBAL_DATA_PTR;
29 #endif /* !USE_HOSTCC*/
33 #include <bootstage.h>
34 #include <linux/kconfig.h>
35 #include <u-boot/crc.h>
36 #include <u-boot/md5.h>
37 #include <u-boot/sha1.h>
38 #include <u-boot/sha256.h>
39 #include <u-boot/sha512.h>
41 /*****************************************************************************/
42 /* New uImage format routines */
43 /*****************************************************************************/
45 static int fit_parse_spec(const char *spec, char sepc, ulong addr_curr,
46 ulong *addr, const char **name)
53 sep = strchr(spec, sepc);
56 *addr = hextoul(spec, NULL);
66 * fit_parse_conf - parse FIT configuration spec
67 * @spec: input string, containing configuration spec
68 * @add_curr: current image address (to be used as a possible default)
69 * @addr: pointer to a ulong variable, will hold FIT image address of a given
71 * @conf_name double pointer to a char, will hold pointer to a configuration
74 * fit_parse_conf() expects configuration spec in the form of [<addr>]#<conf>,
75 * where <addr> is a FIT image address that contains configuration
76 * with a <conf> unit name.
78 * Address part is optional, and if omitted default add_curr will
82 * 1 if spec is a valid configuration string,
83 * addr and conf_name are set accordingly
86 int fit_parse_conf(const char *spec, ulong addr_curr,
87 ulong *addr, const char **conf_name)
89 return fit_parse_spec(spec, '#', addr_curr, addr, conf_name);
93 * fit_parse_subimage - parse FIT subimage spec
94 * @spec: input string, containing subimage spec
95 * @add_curr: current image address (to be used as a possible default)
96 * @addr: pointer to a ulong variable, will hold FIT image address of a given
98 * @image_name: double pointer to a char, will hold pointer to a subimage name
100 * fit_parse_subimage() expects subimage spec in the form of
101 * [<addr>]:<subimage>, where <addr> is a FIT image address that contains
102 * subimage with a <subimg> unit name.
104 * Address part is optional, and if omitted default add_curr will
108 * 1 if spec is a valid subimage string,
109 * addr and image_name are set accordingly
112 int fit_parse_subimage(const char *spec, ulong addr_curr,
113 ulong *addr, const char **image_name)
115 return fit_parse_spec(spec, ':', addr_curr, addr, image_name);
117 #endif /* !USE_HOSTCC */
120 /* Host tools use these implementations for Cipher and Signature support */
121 static void *host_blob;
123 void image_set_host_blob(void *blob)
128 void *image_get_host_blob(void)
132 #endif /* USE_HOSTCC */
134 static void fit_get_debug(const void *fit, int noffset,
135 char *prop_name, int err)
137 debug("Can't get '%s' property from FIT 0x%08lx, node: offset %d, name %s (%s)\n",
138 prop_name, (ulong)fit, noffset, fit_get_name(fit, noffset, NULL),
143 * fit_get_subimage_count - get component (sub-image) count
144 * @fit: pointer to the FIT format image header
145 * @images_noffset: offset of images node
148 * number of image components
150 int fit_get_subimage_count(const void *fit, int images_noffset)
156 /* Process its subnodes, print out component images details */
157 for (ndepth = 0, count = 0,
158 noffset = fdt_next_node(fit, images_noffset, &ndepth);
159 (noffset >= 0) && (ndepth > 0);
160 noffset = fdt_next_node(fit, noffset, &ndepth)) {
169 #if CONFIG_IS_ENABLED(FIT_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT)
171 * fit_image_print_data() - prints out the hash node details
172 * @fit: pointer to the FIT format image header
173 * @noffset: offset of the hash node
174 * @p: pointer to prefix string
175 * @type: Type of information to print ("hash" or "sign")
177 * fit_image_print_data() lists properties for the processed hash node
179 * This function avoid using puts() since it prints a newline on the host
180 * but does not in U-Boot.
183 * no returned results
185 static void fit_image_print_data(const void *fit, int noffset, const char *p,
196 debug("%s %s node: '%s'\n", p, type,
197 fit_get_name(fit, noffset, NULL));
198 printf("%s %s algo: ", p, type);
199 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
200 printf("invalid/unsupported\n");
204 keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
205 required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL;
207 printf(":%s", keyname);
209 printf(" (required)");
212 padding = fdt_getprop(fit, noffset, "padding", NULL);
214 printf("%s %s padding: %s\n", p, type, padding);
216 ret = fit_image_hash_get_value(fit, noffset, &value,
218 printf("%s %s value: ", p, type);
220 printf("unavailable\n");
222 for (i = 0; i < value_len; i++)
223 printf("%02x", value[i]);
227 debug("%s %s len: %d\n", p, type, value_len);
229 /* Signatures have a time stamp */
230 if (IMAGE_ENABLE_TIMESTAMP && keyname) {
233 printf("%s Timestamp: ", p);
234 if (fit_get_timestamp(fit, noffset, ×tamp))
235 printf("unavailable\n");
237 genimg_print_time(timestamp);
242 * fit_image_print_verification_data() - prints out the hash/signature details
243 * @fit: pointer to the FIT format image header
244 * @noffset: offset of the hash or signature node
245 * @p: pointer to prefix string
247 * This lists properties for the processed hash node
250 * no returned results
252 static void fit_image_print_verification_data(const void *fit, int noffset,
258 * Check subnode name, must be equal to "hash" or "signature".
259 * Multiple hash/signature nodes require unique unit node
260 * names, e.g. hash-1, hash-2, signature-1, signature-2, etc.
262 name = fit_get_name(fit, noffset, NULL);
263 if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME))) {
264 fit_image_print_data(fit, noffset, p, "Hash");
265 } else if (!strncmp(name, FIT_SIG_NODENAME,
266 strlen(FIT_SIG_NODENAME))) {
267 fit_image_print_data(fit, noffset, p, "Sign");
272 * fit_conf_print - prints out the FIT configuration details
273 * @fit: pointer to the FIT format image header
274 * @noffset: offset of the configuration node
275 * @p: pointer to prefix string
277 * fit_conf_print() lists all mandatory properties for the processed
278 * configuration node.
281 * no returned results
283 static void fit_conf_print(const void *fit, int noffset, const char *p)
288 int fdt_index, loadables_index;
291 /* Mandatory properties */
292 ret = fit_get_desc(fit, noffset, &desc);
293 printf("%s Description: ", p);
295 printf("unavailable\n");
297 printf("%s\n", desc);
299 uname = fdt_getprop(fit, noffset, FIT_KERNEL_PROP, NULL);
300 printf("%s Kernel: ", p);
302 printf("unavailable\n");
304 printf("%s\n", uname);
306 /* Optional properties */
307 uname = fdt_getprop(fit, noffset, FIT_RAMDISK_PROP, NULL);
309 printf("%s Init Ramdisk: %s\n", p, uname);
311 uname = fdt_getprop(fit, noffset, FIT_FIRMWARE_PROP, NULL);
313 printf("%s Firmware: %s\n", p, uname);
316 uname = fdt_stringlist_get(fit, noffset, FIT_FDT_PROP,
317 fdt_index, NULL), uname;
320 printf("%s FDT: ", p);
323 printf("%s\n", uname);
326 uname = fdt_getprop(fit, noffset, FIT_FPGA_PROP, NULL);
328 printf("%s FPGA: %s\n", p, uname);
330 /* Print out all of the specified loadables */
331 for (loadables_index = 0;
332 uname = fdt_stringlist_get(fit, noffset, FIT_LOADABLE_PROP,
333 loadables_index, NULL), uname;
335 if (loadables_index == 0) {
336 printf("%s Loadables: ", p);
340 printf("%s\n", uname);
343 /* Process all hash subnodes of the component configuration node */
344 for (ndepth = 0, noffset = fdt_next_node(fit, noffset, &ndepth);
345 (noffset >= 0) && (ndepth > 0);
346 noffset = fdt_next_node(fit, noffset, &ndepth)) {
348 /* Direct child node of the component configuration node */
349 fit_image_print_verification_data(fit, noffset, p);
355 * fit_print_contents - prints out the contents of the FIT format image
356 * @fit: pointer to the FIT format image header
357 * @p: pointer to prefix string
359 * fit_print_contents() formats a multi line FIT image contents description.
360 * The routine prints out FIT image properties (root node level) followed by
361 * the details of each component image.
364 * no returned results
366 void fit_print_contents(const void *fit)
379 /* Indent string is defined in header image.h */
380 p = IMAGE_INDENT_STRING;
382 /* Root node properties */
383 ret = fit_get_desc(fit, 0, &desc);
384 printf("%sFIT description: ", p);
386 printf("unavailable\n");
388 printf("%s\n", desc);
390 if (IMAGE_ENABLE_TIMESTAMP) {
391 ret = fit_get_timestamp(fit, 0, ×tamp);
392 printf("%sCreated: ", p);
394 printf("unavailable\n");
396 genimg_print_time(timestamp);
399 /* Find images parent node offset */
400 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
401 if (images_noffset < 0) {
402 printf("Can't find images parent node '%s' (%s)\n",
403 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
407 /* Process its subnodes, print out component images details */
408 for (ndepth = 0, count = 0,
409 noffset = fdt_next_node(fit, images_noffset, &ndepth);
410 (noffset >= 0) && (ndepth > 0);
411 noffset = fdt_next_node(fit, noffset, &ndepth)) {
414 * Direct child node of the images parent node,
415 * i.e. component image node.
417 printf("%s Image %u (%s)\n", p, count++,
418 fit_get_name(fit, noffset, NULL));
420 fit_image_print(fit, noffset, p);
424 /* Find configurations parent node offset */
425 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
426 if (confs_noffset < 0) {
427 debug("Can't get configurations parent node '%s' (%s)\n",
428 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
432 /* get default configuration unit name from default property */
433 uname = (char *)fdt_getprop(fit, noffset, FIT_DEFAULT_PROP, NULL);
435 printf("%s Default Configuration: '%s'\n", p, uname);
437 /* Process its subnodes, print out configurations details */
438 for (ndepth = 0, count = 0,
439 noffset = fdt_next_node(fit, confs_noffset, &ndepth);
440 (noffset >= 0) && (ndepth > 0);
441 noffset = fdt_next_node(fit, noffset, &ndepth)) {
444 * Direct child node of the configurations parent node,
445 * i.e. configuration node.
447 printf("%s Configuration %u (%s)\n", p, count++,
448 fit_get_name(fit, noffset, NULL));
450 fit_conf_print(fit, noffset, p);
456 * fit_image_print - prints out the FIT component image details
457 * @fit: pointer to the FIT format image header
458 * @image_noffset: offset of the component image node
459 * @p: pointer to prefix string
461 * fit_image_print() lists all mandatory properties for the processed component
462 * image. If present, hash nodes are printed out as well. Load
463 * address for images of type firmware is also printed out. Since the load
464 * address is not mandatory for firmware images, it will be output as
465 * "unavailable" when not present.
468 * no returned results
470 void fit_image_print(const void *fit, int image_noffset, const char *p)
473 uint8_t type, arch, os, comp;
481 /* Mandatory properties */
482 ret = fit_get_desc(fit, image_noffset, &desc);
483 printf("%s Description: ", p);
485 printf("unavailable\n");
487 printf("%s\n", desc);
489 if (IMAGE_ENABLE_TIMESTAMP) {
492 ret = fit_get_timestamp(fit, 0, ×tamp);
493 printf("%s Created: ", p);
495 printf("unavailable\n");
497 genimg_print_time(timestamp);
500 fit_image_get_type(fit, image_noffset, &type);
501 printf("%s Type: %s\n", p, genimg_get_type_name(type));
503 fit_image_get_comp(fit, image_noffset, &comp);
504 printf("%s Compression: %s\n", p, genimg_get_comp_name(comp));
506 ret = fit_image_get_data_and_size(fit, image_noffset, &data, &size);
509 printf("%s Data Start: ", p);
511 printf("unavailable\n");
513 void *vdata = (void *)data;
515 printf("0x%08lx\n", (ulong)map_to_sysmem(vdata));
519 printf("%s Data Size: ", p);
521 printf("unavailable\n");
523 genimg_print_size(size);
525 /* Remaining, type dependent properties */
526 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
527 (type == IH_TYPE_RAMDISK) || (type == IH_TYPE_FIRMWARE) ||
528 (type == IH_TYPE_FLATDT)) {
529 fit_image_get_arch(fit, image_noffset, &arch);
530 printf("%s Architecture: %s\n", p, genimg_get_arch_name(arch));
533 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_RAMDISK) ||
534 (type == IH_TYPE_FIRMWARE)) {
535 fit_image_get_os(fit, image_noffset, &os);
536 printf("%s OS: %s\n", p, genimg_get_os_name(os));
539 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
540 (type == IH_TYPE_FIRMWARE) || (type == IH_TYPE_RAMDISK) ||
541 (type == IH_TYPE_FPGA)) {
542 ret = fit_image_get_load(fit, image_noffset, &load);
543 printf("%s Load Address: ", p);
545 printf("unavailable\n");
547 printf("0x%08lx\n", load);
550 /* optional load address for FDT */
551 if (type == IH_TYPE_FLATDT && !fit_image_get_load(fit, image_noffset, &load))
552 printf("%s Load Address: 0x%08lx\n", p, load);
554 if ((type == IH_TYPE_KERNEL) || (type == IH_TYPE_STANDALONE) ||
555 (type == IH_TYPE_RAMDISK)) {
556 ret = fit_image_get_entry(fit, image_noffset, &entry);
557 printf("%s Entry Point: ", p);
559 printf("unavailable\n");
561 printf("0x%08lx\n", entry);
564 /* Process all hash subnodes of the component image node */
565 for (ndepth = 0, noffset = fdt_next_node(fit, image_noffset, &ndepth);
566 (noffset >= 0) && (ndepth > 0);
567 noffset = fdt_next_node(fit, noffset, &ndepth)) {
569 /* Direct child node of the component image node */
570 fit_image_print_verification_data(fit, noffset, p);
575 void fit_print_contents(const void *fit) { }
576 void fit_image_print(const void *fit, int image_noffset, const char *p) { }
577 #endif /* CONFIG_IS_ENABLED(FIR_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT) */
580 * fit_get_desc - get node description property
581 * @fit: pointer to the FIT format image header
582 * @noffset: node offset
583 * @desc: double pointer to the char, will hold pointer to the description
585 * fit_get_desc() reads description property from a given node, if
586 * description is found pointer to it is returned in third call argument.
592 int fit_get_desc(const void *fit, int noffset, char **desc)
596 *desc = (char *)fdt_getprop(fit, noffset, FIT_DESC_PROP, &len);
598 fit_get_debug(fit, noffset, FIT_DESC_PROP, len);
606 * fit_get_timestamp - get node timestamp property
607 * @fit: pointer to the FIT format image header
608 * @noffset: node offset
609 * @timestamp: pointer to the time_t, will hold read timestamp
611 * fit_get_timestamp() reads timestamp property from given node, if timestamp
612 * is found and has a correct size its value is returned in third call
617 * -1, on property read failure
618 * -2, on wrong timestamp size
620 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp)
625 data = fdt_getprop(fit, noffset, FIT_TIMESTAMP_PROP, &len);
627 fit_get_debug(fit, noffset, FIT_TIMESTAMP_PROP, len);
630 if (len != sizeof(uint32_t)) {
631 debug("FIT timestamp with incorrect size of (%u)\n", len);
635 *timestamp = uimage_to_cpu(*((uint32_t *)data));
640 * fit_image_get_node - get node offset for component image of a given unit name
641 * @fit: pointer to the FIT format image header
642 * @image_uname: component image node unit name
644 * fit_image_get_node() finds a component image (within the '/images'
645 * node) of a provided unit name. If image is found its node offset is
646 * returned to the caller.
649 * image node offset when found (>=0)
650 * negative number on failure (FDT_ERR_* code)
652 int fit_image_get_node(const void *fit, const char *image_uname)
654 int noffset, images_noffset;
656 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
657 if (images_noffset < 0) {
658 debug("Can't find images parent node '%s' (%s)\n",
659 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
660 return images_noffset;
663 noffset = fdt_subnode_offset(fit, images_noffset, image_uname);
665 debug("Can't get node offset for image unit name: '%s' (%s)\n",
666 image_uname, fdt_strerror(noffset));
673 * fit_image_get_os - get os id for a given component image node
674 * @fit: pointer to the FIT format image header
675 * @noffset: component image node offset
676 * @os: pointer to the uint8_t, will hold os numeric id
678 * fit_image_get_os() finds os property in a given component image node.
679 * If the property is found, its (string) value is translated to the numeric
680 * id which is returned to the caller.
686 int fit_image_get_os(const void *fit, int noffset, uint8_t *os)
691 /* Get OS name from property data */
692 data = fdt_getprop(fit, noffset, FIT_OS_PROP, &len);
694 fit_get_debug(fit, noffset, FIT_OS_PROP, len);
699 /* Translate OS name to id */
700 *os = genimg_get_os_id(data);
705 * fit_image_get_arch - get arch id for a given component image node
706 * @fit: pointer to the FIT format image header
707 * @noffset: component image node offset
708 * @arch: pointer to the uint8_t, will hold arch numeric id
710 * fit_image_get_arch() finds arch property in a given component image node.
711 * If the property is found, its (string) value is translated to the numeric
712 * id which is returned to the caller.
718 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch)
723 /* Get architecture name from property data */
724 data = fdt_getprop(fit, noffset, FIT_ARCH_PROP, &len);
726 fit_get_debug(fit, noffset, FIT_ARCH_PROP, len);
731 /* Translate architecture name to id */
732 *arch = genimg_get_arch_id(data);
737 * fit_image_get_type - get type id for a given component image node
738 * @fit: pointer to the FIT format image header
739 * @noffset: component image node offset
740 * @type: pointer to the uint8_t, will hold type numeric id
742 * fit_image_get_type() finds type property in a given component image node.
743 * If the property is found, its (string) value is translated to the numeric
744 * id which is returned to the caller.
750 int fit_image_get_type(const void *fit, int noffset, uint8_t *type)
755 /* Get image type name from property data */
756 data = fdt_getprop(fit, noffset, FIT_TYPE_PROP, &len);
758 fit_get_debug(fit, noffset, FIT_TYPE_PROP, len);
763 /* Translate image type name to id */
764 *type = genimg_get_type_id(data);
769 * fit_image_get_comp - get comp id for a given component image node
770 * @fit: pointer to the FIT format image header
771 * @noffset: component image node offset
772 * @comp: pointer to the uint8_t, will hold comp numeric id
774 * fit_image_get_comp() finds comp property in a given component image node.
775 * If the property is found, its (string) value is translated to the numeric
776 * id which is returned to the caller.
782 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp)
787 /* Get compression name from property data */
788 data = fdt_getprop(fit, noffset, FIT_COMP_PROP, &len);
790 fit_get_debug(fit, noffset, FIT_COMP_PROP, len);
795 /* Translate compression name to id */
796 *comp = genimg_get_comp_id(data);
800 static int fit_image_get_address(const void *fit, int noffset, char *name,
807 cell = fdt_getprop(fit, noffset, name, &len);
809 fit_get_debug(fit, noffset, name, len);
814 /* Use load64 to avoid compiling warning for 32-bit target */
816 load64 = (load64 << 32) | uimage_to_cpu(*cell);
820 if (len > sizeof(ulong) && (uint32_t)(load64 >> 32)) {
821 printf("Unsupported %s address size\n", name);
825 *load = (ulong)load64;
830 * fit_image_get_load() - get load addr property for given component image node
831 * @fit: pointer to the FIT format image header
832 * @noffset: component image node offset
833 * @load: pointer to the uint32_t, will hold load address
835 * fit_image_get_load() finds load address property in a given component
836 * image node. If the property is found, its value is returned to the caller.
842 int fit_image_get_load(const void *fit, int noffset, ulong *load)
844 return fit_image_get_address(fit, noffset, FIT_LOAD_PROP, load);
848 * fit_image_get_entry() - get entry point address property
849 * @fit: pointer to the FIT format image header
850 * @noffset: component image node offset
851 * @entry: pointer to the uint32_t, will hold entry point address
853 * This gets the entry point address property for a given component image
856 * fit_image_get_entry() finds entry point address property in a given
857 * component image node. If the property is found, its value is returned
864 int fit_image_get_entry(const void *fit, int noffset, ulong *entry)
866 return fit_image_get_address(fit, noffset, FIT_ENTRY_PROP, entry);
870 * fit_image_get_data - get data property and its size for a given component image node
871 * @fit: pointer to the FIT format image header
872 * @noffset: component image node offset
873 * @data: double pointer to void, will hold data property's data address
874 * @size: pointer to size_t, will hold data property's data size
876 * fit_image_get_data() finds data property in a given component image node.
877 * If the property is found its data start address and size are returned to
884 int fit_image_get_data(const void *fit, int noffset,
885 const void **data, size_t *size)
889 *data = fdt_getprop(fit, noffset, FIT_DATA_PROP, &len);
891 fit_get_debug(fit, noffset, FIT_DATA_PROP, len);
901 * Get 'data-offset' property from a given image node.
903 * @fit: pointer to the FIT image header
904 * @noffset: component image node offset
905 * @data_offset: holds the data-offset property
909 * -ENOENT if the property could not be found
911 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset)
915 val = fdt_getprop(fit, noffset, FIT_DATA_OFFSET_PROP, NULL);
919 *data_offset = fdt32_to_cpu(*val);
925 * Get 'data-position' property from a given image node.
927 * @fit: pointer to the FIT image header
928 * @noffset: component image node offset
929 * @data_position: holds the data-position property
933 * -ENOENT if the property could not be found
935 int fit_image_get_data_position(const void *fit, int noffset,
940 val = fdt_getprop(fit, noffset, FIT_DATA_POSITION_PROP, NULL);
944 *data_position = fdt32_to_cpu(*val);
950 * Get 'data-size' property from a given image node.
952 * @fit: pointer to the FIT image header
953 * @noffset: component image node offset
954 * @data_size: holds the data-size property
958 * -ENOENT if the property could not be found
960 int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
964 val = fdt_getprop(fit, noffset, FIT_DATA_SIZE_PROP, NULL);
968 *data_size = fdt32_to_cpu(*val);
974 * Get 'data-size-unciphered' property from a given image node.
976 * @fit: pointer to the FIT image header
977 * @noffset: component image node offset
978 * @data_size: holds the data-size property
982 * -ENOENT if the property could not be found
984 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
989 val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
993 *data_size = (size_t)fdt32_to_cpu(*val);
999 * fit_image_get_data_and_size - get data and its size including
1000 * both embedded and external data
1001 * @fit: pointer to the FIT format image header
1002 * @noffset: component image node offset
1003 * @data: double pointer to void, will hold data property's data address
1004 * @size: pointer to size_t, will hold data property's data size
1006 * fit_image_get_data_and_size() finds data and its size including
1007 * both embedded and external data. If the property is found
1008 * its data start address and size are returned to the caller.
1012 * otherwise, on failure
1014 int fit_image_get_data_and_size(const void *fit, int noffset,
1015 const void **data, size_t *size)
1017 bool external_data = false;
1022 if (!fit_image_get_data_position(fit, noffset, &offset)) {
1023 external_data = true;
1024 } else if (!fit_image_get_data_offset(fit, noffset, &offset)) {
1025 external_data = true;
1027 * For FIT with external data, figure out where
1028 * the external images start. This is the base
1029 * for the data-offset properties in each image.
1031 offset += ((fdt_totalsize(fit) + 3) & ~3);
1034 if (external_data) {
1035 debug("External Data\n");
1036 ret = fit_image_get_data_size(fit, noffset, &len);
1038 *data = fit + offset;
1042 ret = fit_image_get_data(fit, noffset, data, size);
1049 * fit_image_hash_get_algo - get hash algorithm name
1050 * @fit: pointer to the FIT format image header
1051 * @noffset: hash node offset
1052 * @algo: double pointer to char, will hold pointer to the algorithm name
1054 * fit_image_hash_get_algo() finds hash algorithm property in a given hash node.
1055 * If the property is found its data start address is returned to the caller.
1061 int fit_image_hash_get_algo(const void *fit, int noffset, char **algo)
1065 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1066 if (*algo == NULL) {
1067 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1075 * fit_image_hash_get_value - get hash value and length
1076 * @fit: pointer to the FIT format image header
1077 * @noffset: hash node offset
1078 * @value: double pointer to uint8_t, will hold address of a hash value data
1079 * @value_len: pointer to an int, will hold hash data length
1081 * fit_image_hash_get_value() finds hash value property in a given hash node.
1082 * If the property is found its data start address and size are returned to
1089 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1094 *value = (uint8_t *)fdt_getprop(fit, noffset, FIT_VALUE_PROP, &len);
1095 if (*value == NULL) {
1096 fit_get_debug(fit, noffset, FIT_VALUE_PROP, len);
1106 * fit_image_hash_get_ignore - get hash ignore flag
1107 * @fit: pointer to the FIT format image header
1108 * @noffset: hash node offset
1109 * @ignore: pointer to an int, will hold hash ignore flag
1111 * fit_image_hash_get_ignore() finds hash ignore property in a given hash node.
1112 * If the property is found and non-zero, the hash algorithm is not verified by
1113 * u-boot automatically.
1116 * 0, on ignore not found
1117 * value, on ignore found
1119 static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore)
1124 value = (int *)fdt_getprop(fit, noffset, FIT_IGNORE_PROP, &len);
1125 if (value == NULL || len != sizeof(int))
1134 * fit_image_cipher_get_algo - get cipher algorithm name
1135 * @fit: pointer to the FIT format image header
1136 * @noffset: cipher node offset
1137 * @algo: double pointer to char, will hold pointer to the algorithm name
1139 * fit_image_cipher_get_algo() finds cipher algorithm property in a given
1140 * cipher node. If the property is found its data start address is returned
1147 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo)
1151 *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
1153 fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
1160 ulong fit_get_end(const void *fit)
1162 return map_to_sysmem((void *)(fit + fdt_totalsize(fit)));
1166 * fit_set_timestamp - set node timestamp property
1167 * @fit: pointer to the FIT format image header
1168 * @noffset: node offset
1169 * @timestamp: timestamp value to be set
1171 * fit_set_timestamp() attempts to set timestamp property in the requested
1172 * node and returns operation status to the caller.
1176 * -ENOSPC if no space in device tree, -1 for other error
1178 int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
1183 t = cpu_to_uimage(timestamp);
1184 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
1187 debug("Can't set '%s' property for '%s' node (%s)\n",
1188 FIT_TIMESTAMP_PROP, fit_get_name(fit, noffset, NULL),
1190 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -1;
1197 * calculate_hash - calculate and return hash for provided input data
1198 * @data: pointer to the input data
1199 * @data_len: data length
1200 * @algo: requested hash algorithm
1201 * @value: pointer to the char, will hold hash value data (caller must
1202 * allocate enough free space)
1203 * value_len: length of the calculated hash
1205 * calculate_hash() computes input data hash according to the requested
1207 * Resulting hash value is placed in caller provided 'value' buffer, length
1208 * of the calculated hash is returned via value_len pointer argument.
1212 * -1, when algo is unsupported
1214 int calculate_hash(const void *data, int data_len, const char *algo,
1215 uint8_t *value, int *value_len)
1217 if (IMAGE_ENABLE_CRC32 && strcmp(algo, "crc32") == 0) {
1218 *((uint32_t *)value) = crc32_wd(0, data, data_len,
1220 *((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value));
1222 } else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) {
1223 sha1_csum_wd((unsigned char *)data, data_len,
1224 (unsigned char *)value, CHUNKSZ_SHA1);
1226 } else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) {
1227 sha256_csum_wd((unsigned char *)data, data_len,
1228 (unsigned char *)value, CHUNKSZ_SHA256);
1229 *value_len = SHA256_SUM_LEN;
1230 } else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) {
1231 sha384_csum_wd((unsigned char *)data, data_len,
1232 (unsigned char *)value, CHUNKSZ_SHA384);
1233 *value_len = SHA384_SUM_LEN;
1234 } else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) {
1235 sha512_csum_wd((unsigned char *)data, data_len,
1236 (unsigned char *)value, CHUNKSZ_SHA512);
1237 *value_len = SHA512_SUM_LEN;
1238 } else if (IMAGE_ENABLE_MD5 && strcmp(algo, "md5") == 0) {
1239 md5_wd((unsigned char *)data, data_len, value, CHUNKSZ_MD5);
1242 debug("Unsupported hash alogrithm\n");
1248 static int fit_image_check_hash(const void *fit, int noffset, const void *data,
1249 size_t size, char **err_msgp)
1251 uint8_t value[FIT_MAX_HASH_LEN];
1260 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
1261 *err_msgp = "Can't get hash algo property";
1266 if (IMAGE_ENABLE_IGNORE) {
1267 fit_image_hash_get_ignore(fit, noffset, &ignore);
1269 printf("-skipped ");
1274 if (fit_image_hash_get_value(fit, noffset, &fit_value,
1276 *err_msgp = "Can't get hash value property";
1280 if (calculate_hash(data, size, algo, value, &value_len)) {
1281 *err_msgp = "Unsupported hash algorithm";
1285 if (value_len != fit_value_len) {
1286 *err_msgp = "Bad hash value len";
1288 } else if (memcmp(value, fit_value, value_len) != 0) {
1289 *err_msgp = "Bad hash value";
1296 int fit_image_verify_with_data(const void *fit, int image_noffset,
1297 const void *data, size_t size)
1304 /* Verify all required signatures */
1305 if (FIT_IMAGE_ENABLE_VERIFY &&
1306 fit_image_verify_required_sigs(fit, image_noffset, data, size,
1307 gd_fdt_blob(), &verify_all)) {
1308 err_msg = "Unable to verify required signature";
1312 /* Process all hash subnodes of the component image node */
1313 fdt_for_each_subnode(noffset, fit, image_noffset) {
1314 const char *name = fit_get_name(fit, noffset, NULL);
1317 * Check subnode name, must be equal to "hash".
1318 * Multiple hash nodes require unique unit node
1319 * names, e.g. hash-1, hash-2, etc.
1321 if (!strncmp(name, FIT_HASH_NODENAME,
1322 strlen(FIT_HASH_NODENAME))) {
1323 if (fit_image_check_hash(fit, noffset, data, size,
1327 } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
1328 !strncmp(name, FIT_SIG_NODENAME,
1329 strlen(FIT_SIG_NODENAME))) {
1330 ret = fit_image_check_sig(fit, noffset, data,
1331 size, -1, &err_msg);
1334 * Show an indication on failure, but do not return
1335 * an error. Only keys marked 'required' can cause
1336 * an image validation failure. See the call to
1337 * fit_image_verify_required_sigs() above.
1346 if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
1347 err_msg = "Corrupted or truncated tree";
1354 printf(" error!\n%s for '%s' hash node in '%s' image node\n",
1355 err_msg, fit_get_name(fit, noffset, NULL),
1356 fit_get_name(fit, image_noffset, NULL));
1361 * fit_image_verify - verify data integrity
1362 * @fit: pointer to the FIT format image header
1363 * @image_noffset: component image node offset
1365 * fit_image_verify() goes over component image hash nodes,
1366 * re-calculates each data hash and compares with the value stored in hash
1370 * 1, if all hashes are valid
1371 * 0, otherwise (or on error)
1373 int fit_image_verify(const void *fit, int image_noffset)
1375 const char *name = fit_get_name(fit, image_noffset, NULL);
1380 if (IS_ENABLED(CONFIG_FIT_SIGNATURE) && strchr(name, '@')) {
1382 * We don't support this since libfdt considers names with the
1383 * name root but different @ suffix to be equal
1385 err_msg = "Node name contains @";
1388 /* Get image data and data length */
1389 if (fit_image_get_data_and_size(fit, image_noffset, &data, &size)) {
1390 err_msg = "Can't get image data/size";
1394 return fit_image_verify_with_data(fit, image_noffset, data, size);
1397 printf("error!\n%s in '%s' image node\n", err_msg,
1398 fit_get_name(fit, image_noffset, NULL));
1403 * fit_all_image_verify - verify data integrity for all images
1404 * @fit: pointer to the FIT format image header
1406 * fit_all_image_verify() goes over all images in the FIT and
1407 * for every images checks if all it's hashes are valid.
1410 * 1, if all hashes of all images are valid
1411 * 0, otherwise (or on error)
1413 int fit_all_image_verify(const void *fit)
1420 /* Find images parent node offset */
1421 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1422 if (images_noffset < 0) {
1423 printf("Can't find images parent node '%s' (%s)\n",
1424 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1428 /* Process all image subnodes, check hashes for each */
1429 printf("## Checking hash(es) for FIT Image at %08lx ...\n",
1431 for (ndepth = 0, count = 0,
1432 noffset = fdt_next_node(fit, images_noffset, &ndepth);
1433 (noffset >= 0) && (ndepth > 0);
1434 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1437 * Direct child node of the images parent node,
1438 * i.e. component image node.
1440 printf(" Hash(es) for Image %u (%s): ", count,
1441 fit_get_name(fit, noffset, NULL));
1444 if (!fit_image_verify(fit, noffset))
1452 static int fit_image_uncipher(const void *fit, int image_noffset,
1453 void **data, size_t *size)
1455 int cipher_noffset, ret;
1459 cipher_noffset = fdt_subnode_offset(fit, image_noffset,
1460 FIT_CIPHER_NODENAME);
1461 if (cipher_noffset < 0)
1464 ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
1465 *data, *size, &dst, &size_dst);
1477 * fit_image_check_os - check whether image node is of a given os type
1478 * @fit: pointer to the FIT format image header
1479 * @noffset: component image node offset
1480 * @os: requested image os
1482 * fit_image_check_os() reads image os property and compares its numeric
1483 * id with the requested os. Comparison result is returned to the caller.
1486 * 1 if image is of given os type
1487 * 0 otherwise (or on error)
1489 int fit_image_check_os(const void *fit, int noffset, uint8_t os)
1493 if (fit_image_get_os(fit, noffset, &image_os))
1495 return (os == image_os);
1499 * fit_image_check_arch - check whether image node is of a given arch
1500 * @fit: pointer to the FIT format image header
1501 * @noffset: component image node offset
1502 * @arch: requested imagearch
1504 * fit_image_check_arch() reads image arch property and compares its numeric
1505 * id with the requested arch. Comparison result is returned to the caller.
1508 * 1 if image is of given arch
1509 * 0 otherwise (or on error)
1511 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch)
1514 int aarch32_support = 0;
1516 /* Let's assume that sandbox can load any architecture */
1517 if (IS_ENABLED(CONFIG_SANDBOX))
1520 if (IS_ENABLED(CONFIG_ARM64_SUPPORT_AARCH32))
1521 aarch32_support = 1;
1523 if (fit_image_get_arch(fit, noffset, &image_arch))
1525 return (arch == image_arch) ||
1526 (arch == IH_ARCH_I386 && image_arch == IH_ARCH_X86_64) ||
1527 (arch == IH_ARCH_ARM64 && image_arch == IH_ARCH_ARM &&
1532 * fit_image_check_type - check whether image node is of a given type
1533 * @fit: pointer to the FIT format image header
1534 * @noffset: component image node offset
1535 * @type: requested image type
1537 * fit_image_check_type() reads image type property and compares its numeric
1538 * id with the requested type. Comparison result is returned to the caller.
1541 * 1 if image is of given type
1542 * 0 otherwise (or on error)
1544 int fit_image_check_type(const void *fit, int noffset, uint8_t type)
1548 if (fit_image_get_type(fit, noffset, &image_type))
1550 return (type == image_type);
1554 * fit_image_check_comp - check whether image node uses given compression
1555 * @fit: pointer to the FIT format image header
1556 * @noffset: component image node offset
1557 * @comp: requested image compression type
1559 * fit_image_check_comp() reads image compression property and compares its
1560 * numeric id with the requested compression type. Comparison result is
1561 * returned to the caller.
1564 * 1 if image uses requested compression
1565 * 0 otherwise (or on error)
1567 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp)
1571 if (fit_image_get_comp(fit, noffset, &image_comp))
1573 return (comp == image_comp);
1577 * fdt_check_no_at() - Check for nodes whose names contain '@'
1579 * This checks the parent node and all subnodes recursively
1581 * @fit: FIT to check
1582 * @parent: Parent node to check
1583 * @return 0 if OK, -EADDRNOTAVAIL is a node has a name containing '@'
1585 static int fdt_check_no_at(const void *fit, int parent)
1591 name = fdt_get_name(fit, parent, NULL);
1592 if (!name || strchr(name, '@'))
1593 return -EADDRNOTAVAIL;
1595 fdt_for_each_subnode(node, fit, parent) {
1596 ret = fdt_check_no_at(fit, node);
1604 int fit_check_format(const void *fit, ulong size)
1608 /* A FIT image must be a valid FDT */
1609 ret = fdt_check_header(fit);
1611 log_debug("Wrong FIT format: not a flattened device tree (err=%d)\n",
1616 if (CONFIG_IS_ENABLED(FIT_FULL_CHECK)) {
1618 * If we are not given the size, make do wtih calculating it.
1619 * This is not as secure, so we should consider a flag to
1622 if (size == IMAGE_SIZE_INVAL)
1623 size = fdt_totalsize(fit);
1624 ret = fdt_check_full(fit, size);
1629 * U-Boot stopped using unit addressed in 2017. Since libfdt
1630 * can match nodes ignoring any unit address, signature
1631 * verification can see the wrong node if one is inserted with
1632 * the same name as a valid node but with a unit address
1633 * attached. Protect against this by disallowing unit addresses.
1635 if (!ret && CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
1636 ret = fdt_check_no_at(fit, 0);
1639 log_debug("FIT check error %d\n", ret);
1644 log_debug("FIT check error %d\n", ret);
1649 /* mandatory / node 'description' property */
1650 if (!fdt_getprop(fit, 0, FIT_DESC_PROP, NULL)) {
1651 log_debug("Wrong FIT format: no description\n");
1655 if (IMAGE_ENABLE_TIMESTAMP) {
1656 /* mandatory / node 'timestamp' property */
1657 if (!fdt_getprop(fit, 0, FIT_TIMESTAMP_PROP, NULL)) {
1658 log_debug("Wrong FIT format: no timestamp\n");
1663 /* mandatory subimages parent '/images' node */
1664 if (fdt_path_offset(fit, FIT_IMAGES_PATH) < 0) {
1665 log_debug("Wrong FIT format: no images parent node\n");
1673 * fit_conf_find_compat
1674 * @fit: pointer to the FIT format image header
1675 * @fdt: pointer to the device tree to compare against
1677 * fit_conf_find_compat() attempts to find the configuration whose fdt is the
1678 * most compatible with the passed in device tree.
1687 * |-o configurations
1695 * |-compatible = "foo,bar", "bim,bam"
1698 * |-compatible = "foo,bar",
1701 * |-compatible = "bim,bam", "baz,biz"
1703 * Configuration 1 would be picked because the first string in U-Boot's
1704 * compatible list, "foo,bar", matches a compatible string in the root of fdt1.
1705 * "bim,bam" in fdt2 matches the second string which isn't as good as fdt1.
1707 * As an optimization, the compatible property from the FDT's root node can be
1708 * copied into the configuration node in the FIT image. This is required to
1709 * match configurations with compressed FDTs.
1712 * offset to the configuration to use if one was found
1715 int fit_conf_find_compat(const void *fit, const void *fdt)
1718 int noffset, confs_noffset, images_noffset;
1719 const void *fdt_compat;
1721 int best_match_offset = 0;
1722 int best_match_pos = 0;
1724 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1725 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1726 if (confs_noffset < 0 || images_noffset < 0) {
1727 debug("Can't find configurations or images nodes.\n");
1731 fdt_compat = fdt_getprop(fdt, 0, "compatible", &fdt_compat_len);
1733 debug("Fdt for comparison has no \"compatible\" property.\n");
1738 * Loop over the configurations in the FIT image.
1740 for (noffset = fdt_next_node(fit, confs_noffset, &ndepth);
1741 (noffset >= 0) && (ndepth > 0);
1742 noffset = fdt_next_node(fit, noffset, &ndepth)) {
1744 const char *kfdt_name;
1745 int kfdt_noffset, compat_noffset;
1746 const char *cur_fdt_compat;
1754 /* If there's a compat property in the config node, use that. */
1755 if (fdt_getprop(fit, noffset, "compatible", NULL)) {
1756 fdt = fit; /* search in FIT image */
1757 compat_noffset = noffset; /* search under config node */
1758 } else { /* Otherwise extract it from the kernel FDT. */
1759 kfdt_name = fdt_getprop(fit, noffset, "fdt", &len);
1761 debug("No fdt property found.\n");
1764 kfdt_noffset = fdt_subnode_offset(fit, images_noffset,
1766 if (kfdt_noffset < 0) {
1767 debug("No image node named \"%s\" found.\n",
1772 if (!fit_image_check_comp(fit, kfdt_noffset,
1774 debug("Can't extract compat from \"%s\" "
1775 "(compressed)\n", kfdt_name);
1779 /* search in this config's kernel FDT */
1780 if (fit_image_get_data_and_size(fit, kfdt_noffset,
1782 debug("Failed to get fdt \"%s\".\n", kfdt_name);
1786 compat_noffset = 0; /* search kFDT under root node */
1789 len = fdt_compat_len;
1790 cur_fdt_compat = fdt_compat;
1792 * Look for a match for each U-Boot compatibility string in
1793 * turn in the compat string property.
1795 for (i = 0; len > 0 &&
1796 (!best_match_offset || best_match_pos > i); i++) {
1797 int cur_len = strlen(cur_fdt_compat) + 1;
1799 if (!fdt_node_check_compatible(fdt, compat_noffset,
1801 best_match_offset = noffset;
1806 cur_fdt_compat += cur_len;
1809 if (!best_match_offset) {
1810 debug("No match found.\n");
1814 return best_match_offset;
1817 int fit_conf_get_node(const void *fit, const char *conf_uname)
1819 int noffset, confs_noffset;
1822 char *conf_uname_copy = NULL;
1824 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1825 if (confs_noffset < 0) {
1826 debug("Can't find configurations parent node '%s' (%s)\n",
1827 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1828 return confs_noffset;
1831 if (conf_uname == NULL) {
1832 /* get configuration unit name from the default property */
1833 debug("No configuration specified, trying default...\n");
1834 if (!host_build() && IS_ENABLED(CONFIG_MULTI_DTB_FIT)) {
1835 noffset = fit_find_config_node(fit);
1838 conf_uname = fdt_get_name(fit, noffset, NULL);
1840 conf_uname = (char *)fdt_getprop(fit, confs_noffset,
1841 FIT_DEFAULT_PROP, &len);
1842 if (conf_uname == NULL) {
1843 fit_get_debug(fit, confs_noffset, FIT_DEFAULT_PROP,
1848 debug("Found default configuration: '%s'\n", conf_uname);
1851 s = strchr(conf_uname, '#');
1853 len = s - conf_uname;
1854 conf_uname_copy = malloc(len + 1);
1855 if (!conf_uname_copy) {
1856 debug("Can't allocate uname copy: '%s'\n",
1860 memcpy(conf_uname_copy, conf_uname, len);
1861 conf_uname_copy[len] = '\0';
1862 conf_uname = conf_uname_copy;
1865 noffset = fdt_subnode_offset(fit, confs_noffset, conf_uname);
1867 debug("Can't get node offset for configuration unit name: '%s' (%s)\n",
1868 conf_uname, fdt_strerror(noffset));
1871 if (conf_uname_copy)
1872 free(conf_uname_copy);
1877 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1878 const char *prop_name)
1880 return fdt_stringlist_count(fit, noffset, prop_name);
1883 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1884 const char *prop_name, int index)
1889 /* get kernel image unit name from configuration kernel property */
1890 uname = fdt_stringlist_get(fit, noffset, prop_name, index, &len);
1894 return fit_image_get_node(fit, uname);
1897 int fit_conf_get_prop_node(const void *fit, int noffset,
1898 const char *prop_name)
1900 return fit_conf_get_prop_node_index(fit, noffset, prop_name, 0);
1903 static int fit_image_select(const void *fit, int rd_noffset, int verify)
1905 fit_image_print(fit, rd_noffset, " ");
1908 puts(" Verifying Hash Integrity ... ");
1909 if (!fit_image_verify(fit, rd_noffset)) {
1910 puts("Bad Data Hash\n");
1919 int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name,
1926 debug("* %s: using config '%s' from image at 0x%08lx\n",
1927 prop_name, images->fit_uname_cfg, addr);
1929 /* Check whether configuration has this property defined */
1930 fit_hdr = map_sysmem(addr, 0);
1931 cfg_noffset = fit_conf_get_node(fit_hdr, images->fit_uname_cfg);
1932 if (cfg_noffset < 0) {
1933 debug("* %s: no such config\n", prop_name);
1937 noffset = fit_conf_get_prop_node(fit_hdr, cfg_noffset, prop_name);
1939 debug("* %s: no '%s' in config\n", prop_name, prop_name);
1947 * fit_get_image_type_property() - get property name for IH_TYPE_...
1949 * @return the properly name where we expect to find the image in the
1952 static const char *fit_get_image_type_property(int type)
1955 * This is sort-of available in the uimage_type[] table in image.c
1956 * but we don't have access to the short name, and "fdt" is different
1957 * anyway. So let's just keep it here.
1960 case IH_TYPE_FLATDT:
1961 return FIT_FDT_PROP;
1962 case IH_TYPE_KERNEL:
1963 return FIT_KERNEL_PROP;
1964 case IH_TYPE_FIRMWARE:
1965 return FIT_FIRMWARE_PROP;
1966 case IH_TYPE_RAMDISK:
1967 return FIT_RAMDISK_PROP;
1968 case IH_TYPE_X86_SETUP:
1969 return FIT_SETUP_PROP;
1970 case IH_TYPE_LOADABLE:
1971 return FIT_LOADABLE_PROP;
1973 return FIT_FPGA_PROP;
1974 case IH_TYPE_STANDALONE:
1975 return FIT_STANDALONE_PROP;
1981 int fit_image_load(bootm_headers_t *images, ulong addr,
1982 const char **fit_unamep, const char **fit_uname_configp,
1983 int arch, int image_type, int bootstage_id,
1984 enum fit_load_op load_op, ulong *datap, ulong *lenp)
1986 int cfg_noffset, noffset;
1987 const char *fit_uname;
1988 const char *fit_uname_config;
1989 const char *fit_base_uname_config;
1995 ulong load, load_end, data, len;
2000 const char *prop_name;
2003 fit = map_sysmem(addr, 0);
2004 fit_uname = fit_unamep ? *fit_unamep : NULL;
2005 fit_uname_config = fit_uname_configp ? *fit_uname_configp : NULL;
2006 fit_base_uname_config = NULL;
2007 prop_name = fit_get_image_type_property(image_type);
2008 printf("## Loading %s from FIT Image at %08lx ...\n", prop_name, addr);
2010 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2011 ret = fit_check_format(fit, IMAGE_SIZE_INVAL);
2013 printf("Bad FIT %s image format! (err=%d)\n", prop_name, ret);
2014 if (CONFIG_IS_ENABLED(FIT_SIGNATURE) && ret == -EADDRNOTAVAIL)
2015 printf("Signature checking prevents use of unit addresses (@) in nodes\n");
2016 bootstage_error(bootstage_id + BOOTSTAGE_SUB_FORMAT);
2019 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_FORMAT_OK);
2021 /* get FIT component image node offset */
2022 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_UNIT_NAME);
2023 noffset = fit_image_get_node(fit, fit_uname);
2026 * no image node unit name, try to get config
2027 * node first. If config unit node name is NULL
2028 * fit_conf_get_node() will try to find default config node
2030 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME);
2031 if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) {
2032 cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob());
2034 cfg_noffset = fit_conf_get_node(fit,
2037 if (cfg_noffset < 0) {
2038 puts("Could not find configuration node\n");
2039 bootstage_error(bootstage_id +
2040 BOOTSTAGE_SUB_NO_UNIT_NAME);
2044 fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
2045 printf(" Using '%s' configuration\n", fit_base_uname_config);
2046 /* Remember this config */
2047 if (image_type == IH_TYPE_KERNEL)
2048 images->fit_uname_cfg = fit_base_uname_config;
2050 if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
2051 puts(" Verifying Hash Integrity ... ");
2052 if (fit_config_verify(fit, cfg_noffset)) {
2053 puts("Bad Data Hash\n");
2054 bootstage_error(bootstage_id +
2055 BOOTSTAGE_SUB_HASH);
2061 bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
2063 noffset = fit_conf_get_prop_node(fit, cfg_noffset,
2065 fit_uname = fit_get_name(fit, noffset, NULL);
2068 printf("Could not find subimage node type '%s'\n", prop_name);
2069 bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE);
2073 printf(" Trying '%s' %s subimage\n", fit_uname, prop_name);
2075 ret = fit_image_select(fit, noffset, images->verify);
2077 bootstage_error(bootstage_id + BOOTSTAGE_SUB_HASH);
2081 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2082 if (!host_build() && IS_ENABLED(CONFIG_SANDBOX)) {
2083 if (!fit_image_check_target_arch(fit, noffset)) {
2084 puts("Unsupported Architecture\n");
2085 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
2091 fit_image_get_arch(fit, noffset, &os_arch);
2092 images->os.arch = os_arch;
2095 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2096 type_ok = fit_image_check_type(fit, noffset, image_type) ||
2097 fit_image_check_type(fit, noffset, IH_TYPE_FIRMWARE) ||
2098 fit_image_check_type(fit, noffset, IH_TYPE_TEE) ||
2099 (image_type == IH_TYPE_KERNEL &&
2100 fit_image_check_type(fit, noffset, IH_TYPE_KERNEL_NOLOAD));
2102 os_ok = image_type == IH_TYPE_FLATDT ||
2103 image_type == IH_TYPE_FPGA ||
2104 fit_image_check_os(fit, noffset, IH_OS_LINUX) ||
2105 fit_image_check_os(fit, noffset, IH_OS_U_BOOT) ||
2106 fit_image_check_os(fit, noffset, IH_OS_TEE) ||
2107 fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) ||
2108 fit_image_check_os(fit, noffset, IH_OS_EFI) ||
2109 fit_image_check_os(fit, noffset, IH_OS_VXWORKS);
2112 * If either of the checks fail, we should report an error, but
2113 * if the image type is coming from the "loadables" field, we
2114 * don't care what it is
2116 if ((!type_ok || !os_ok) && image_type != IH_TYPE_LOADABLE) {
2117 fit_image_get_os(fit, noffset, &os);
2118 printf("No %s %s %s Image\n",
2119 genimg_get_os_name(os),
2120 genimg_get_arch_name(arch),
2121 genimg_get_type_name(image_type));
2122 bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL);
2126 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ALL_OK);
2128 /* get image data address and length */
2129 if (fit_image_get_data_and_size(fit, noffset,
2130 (const void **)&buf, &size)) {
2131 printf("Could not find %s subimage data!\n", prop_name);
2132 bootstage_error(bootstage_id + BOOTSTAGE_SUB_GET_DATA);
2136 /* Decrypt data before uncompress/move */
2137 if (IS_ENABLED(CONFIG_FIT_CIPHER) && IMAGE_ENABLE_DECRYPT) {
2138 puts(" Decrypting Data ... ");
2139 if (fit_image_uncipher(fit, noffset, &buf, &size)) {
2146 /* perform any post-processing on the image data */
2147 if (!host_build() && IS_ENABLED(CONFIG_FIT_IMAGE_POST_PROCESS))
2148 board_fit_image_post_process(fit, noffset, &buf, &size);
2152 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_GET_DATA_OK);
2154 data = map_to_sysmem(buf);
2156 if (load_op == FIT_LOAD_IGNORED) {
2158 } else if (fit_image_get_load(fit, noffset, &load)) {
2159 if (load_op == FIT_LOAD_REQUIRED) {
2160 printf("Can't get %s subimage load address!\n",
2162 bootstage_error(bootstage_id + BOOTSTAGE_SUB_LOAD);
2165 } else if (load_op != FIT_LOAD_OPTIONAL_NON_ZERO || load) {
2166 ulong image_start, image_end;
2169 * move image data to the load address,
2170 * make sure we don't overwrite initial image
2173 image_end = addr + fit_get_size(fit);
2175 load_end = load + len;
2176 if (image_type != IH_TYPE_KERNEL &&
2177 load < image_end && load_end > image_start) {
2178 printf("Error: %s overwritten\n", prop_name);
2182 printf(" Loading %s from 0x%08lx to 0x%08lx\n",
2183 prop_name, data, load);
2185 load = data; /* No load address specified */
2188 comp = IH_COMP_NONE;
2190 /* Kernel images get decompressed later in bootm_load_os(). */
2191 if (!fit_image_get_comp(fit, noffset, &comp) &&
2192 comp != IH_COMP_NONE &&
2193 !(image_type == IH_TYPE_KERNEL ||
2194 image_type == IH_TYPE_KERNEL_NOLOAD ||
2195 image_type == IH_TYPE_RAMDISK)) {
2196 ulong max_decomp_len = len * 20;
2198 loadbuf = malloc(max_decomp_len);
2199 load = map_to_sysmem(loadbuf);
2201 loadbuf = map_sysmem(load, max_decomp_len);
2203 if (image_decomp(comp, load, data, image_type,
2204 loadbuf, buf, len, max_decomp_len, &load_end)) {
2205 printf("Error decompressing %s\n", prop_name);
2209 len = load_end - load;
2210 } else if (load != data) {
2211 loadbuf = map_sysmem(load, len);
2212 memcpy(loadbuf, buf, len);
2215 if (image_type == IH_TYPE_RAMDISK && comp != IH_COMP_NONE)
2216 puts("WARNING: 'compression' nodes for ramdisks are deprecated,"
2217 " please fix your .its file!\n");
2219 /* verify that image data is a proper FDT blob */
2220 if (image_type == IH_TYPE_FLATDT && fdt_check_header(loadbuf)) {
2221 puts("Subimage data is not a FDT");
2225 bootstage_mark(bootstage_id + BOOTSTAGE_SUB_LOAD);
2230 *fit_unamep = (char *)fit_uname;
2231 if (fit_uname_configp)
2232 *fit_uname_configp = (char *)(fit_uname_config ? :
2233 fit_base_uname_config);
2238 int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch,
2239 ulong *setup_start, ulong *setup_len)
2246 addr = map_to_sysmem(images->fit_hdr_os);
2247 noffset = fit_get_node_from_config(images, FIT_SETUP_PROP, addr);
2251 ret = fit_image_load(images, addr, NULL, NULL, arch,
2252 IH_TYPE_X86_SETUP, BOOTSTAGE_ID_FIT_SETUP_START,
2253 FIT_LOAD_REQUIRED, setup_start, &len);
2259 int boot_get_fdt_fit(bootm_headers_t *images, ulong addr,
2260 const char **fit_unamep, const char **fit_uname_configp,
2261 int arch, ulong *datap, ulong *lenp)
2263 int fdt_noffset, cfg_noffset, count;
2265 const char *fit_uname = NULL;
2266 const char *fit_uname_config = NULL;
2267 char *fit_uname_config_copy = NULL;
2268 char *next_config = NULL;
2270 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2271 ulong image_start, image_end;
2272 ulong ovload, ovlen, ovcopylen;
2273 const char *uconfig;
2275 void *base, *ov, *ovcopy = NULL;
2276 int i, err, noffset, ov_noffset;
2279 fit_uname = fit_unamep ? *fit_unamep : NULL;
2281 if (fit_uname_configp && *fit_uname_configp) {
2282 fit_uname_config_copy = strdup(*fit_uname_configp);
2283 if (!fit_uname_config_copy)
2286 next_config = strchr(fit_uname_config_copy, '#');
2288 *next_config++ = '\0';
2289 if (next_config - 1 > fit_uname_config_copy)
2290 fit_uname_config = fit_uname_config_copy;
2293 fdt_noffset = fit_image_load(images,
2294 addr, &fit_uname, &fit_uname_config,
2295 arch, IH_TYPE_FLATDT,
2296 BOOTSTAGE_ID_FIT_FDT_START,
2297 FIT_LOAD_OPTIONAL, &load, &len);
2299 if (fdt_noffset < 0)
2302 debug("fit_uname=%s, fit_uname_config=%s\n",
2303 fit_uname ? fit_uname : "<NULL>",
2304 fit_uname_config ? fit_uname_config : "<NULL>");
2306 fit = map_sysmem(addr, 0);
2308 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
2310 /* single blob, or error just return as well */
2311 count = fit_conf_get_prop_node_count(fit, cfg_noffset, FIT_FDT_PROP);
2312 if (count <= 1 && !next_config)
2315 /* we need to apply overlays */
2317 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2319 image_end = addr + fit_get_size(fit);
2320 /* verify that relocation took place by load address not being in fit */
2321 if (load >= image_start && load < image_end) {
2322 /* check is simplified; fit load checks for overlaps */
2323 printf("Overlayed FDT requires relocation\n");
2324 fdt_noffset = -EBADF;
2328 base = map_sysmem(load, len);
2330 /* apply extra configs in FIT first, followed by args */
2331 for (i = 1; ; i++) {
2333 noffset = fit_conf_get_prop_node_index(fit, cfg_noffset,
2335 uname = fit_get_name(fit, noffset, NULL);
2340 uconfig = next_config;
2341 next_config = strchr(next_config, '#');
2343 *next_config++ = '\0';
2347 * fit_image_load() would load the first FDT from the
2348 * extra config only when uconfig is specified.
2349 * Check if the extra config contains multiple FDTs and
2352 cfg_noffset = fit_conf_get_node(fit, uconfig);
2355 count = fit_conf_get_prop_node_count(fit, cfg_noffset,
2359 debug("%d: using uname=%s uconfig=%s\n", i, uname, uconfig);
2361 ov_noffset = fit_image_load(images,
2362 addr, &uname, &uconfig,
2363 arch, IH_TYPE_FLATDT,
2364 BOOTSTAGE_ID_FIT_FDT_START,
2365 FIT_LOAD_IGNORED, &ovload, &ovlen);
2366 if (ov_noffset < 0) {
2367 printf("load of %s failed\n", uname);
2370 debug("%s loaded at 0x%08lx len=0x%08lx\n",
2371 uname, ovload, ovlen);
2372 ov = map_sysmem(ovload, ovlen);
2374 ovcopylen = ALIGN(fdt_totalsize(ov), SZ_4K);
2375 ovcopy = malloc(ovcopylen);
2377 printf("failed to duplicate DTO before application\n");
2378 fdt_noffset = -ENOMEM;
2382 err = fdt_open_into(ov, ovcopy, ovcopylen);
2384 printf("failed on fdt_open_into for DTO\n");
2389 base = map_sysmem(load, len + ovlen);
2390 err = fdt_open_into(base, base, len + ovlen);
2392 printf("failed on fdt_open_into\n");
2397 /* the verbose method prints out messages on error */
2398 err = fdt_overlay_apply_verbose(base, ovcopy);
2404 len = fdt_totalsize(base);
2410 printf("config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set\n");
2411 fdt_noffset = -EBADF;
2420 *fit_unamep = fit_uname;
2421 if (fit_uname_configp)
2422 *fit_uname_configp = fit_uname_config;
2424 #ifdef CONFIG_OF_LIBFDT_OVERLAY
2428 if (fit_uname_config_copy)
2429 free(fit_uname_config_copy);
projects / platform / kernel / u-boot.git / blob