1 // SPDX-License-Identifier: GPL-2.0+
3 * Image manipulator for Marvell SoCs
4 * supports Kirkwood, Dove, Armada 370, Armada XP, and Armada 38x
6 * (C) Copyright 2013 Thomas Petazzoni
7 * <thomas.petazzoni@free-electrons.com>
9 * Not implemented: support for the register headers in v1 images
12 #include "imagetool.h"
19 #ifdef CONFIG_KWB_SECURE
20 #include <openssl/bn.h>
21 #include <openssl/rsa.h>
22 #include <openssl/pem.h>
23 #include <openssl/err.h>
24 #include <openssl/evp.h>
26 #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
27 (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
28 static void RSA_get0_key(const RSA *r,
29 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
39 #elif !defined(LIBRESSL_VERSION_NUMBER)
40 void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
42 EVP_MD_CTX_reset(ctx);
47 static struct image_cfg_element *image_cfg;
49 #ifdef CONFIG_KWB_SECURE
50 static int verbose_mode;
65 struct boot_mode boot_modes[] = {
76 struct nand_ecc_mode {
81 struct nand_ecc_mode nand_ecc_modes[] = {
89 /* Used to identify an undefined execution or destination address */
90 #define ADDR_INVALID ((uint32_t)-1)
92 #define BINARY_MAX_ARGS 255
94 /* In-memory representation of a line of the configuration file */
97 IMAGE_CFG_VERSION = 0x1,
101 IMAGE_CFG_NAND_BLKSZ,
102 IMAGE_CFG_NAND_BADBLK_LOCATION,
103 IMAGE_CFG_NAND_ECC_MODE,
104 IMAGE_CFG_NAND_PAGESZ,
113 IMAGE_CFG_JTAG_DELAY,
116 IMAGE_CFG_SEC_COMMON_IMG,
117 IMAGE_CFG_SEC_SPECIALIZED_IMG,
118 IMAGE_CFG_SEC_BOOT_DEV,
119 IMAGE_CFG_SEC_FUSE_DUMP,
124 static const char * const id_strs[] = {
125 [IMAGE_CFG_VERSION] = "VERSION",
126 [IMAGE_CFG_BOOT_FROM] = "BOOT_FROM",
127 [IMAGE_CFG_DEST_ADDR] = "DEST_ADDR",
128 [IMAGE_CFG_EXEC_ADDR] = "EXEC_ADDR",
129 [IMAGE_CFG_NAND_BLKSZ] = "NAND_BLKSZ",
130 [IMAGE_CFG_NAND_BADBLK_LOCATION] = "NAND_BADBLK_LOCATION",
131 [IMAGE_CFG_NAND_ECC_MODE] = "NAND_ECC_MODE",
132 [IMAGE_CFG_NAND_PAGESZ] = "NAND_PAGE_SIZE",
133 [IMAGE_CFG_BINARY] = "BINARY",
134 [IMAGE_CFG_PAYLOAD] = "PAYLOAD",
135 [IMAGE_CFG_DATA] = "DATA",
136 [IMAGE_CFG_BAUDRATE] = "BAUDRATE",
137 [IMAGE_CFG_DEBUG] = "DEBUG",
138 [IMAGE_CFG_KAK] = "KAK",
139 [IMAGE_CFG_CSK] = "CSK",
140 [IMAGE_CFG_CSK_INDEX] = "CSK_INDEX",
141 [IMAGE_CFG_JTAG_DELAY] = "JTAG_DELAY",
142 [IMAGE_CFG_BOX_ID] = "BOX_ID",
143 [IMAGE_CFG_FLASH_ID] = "FLASH_ID",
144 [IMAGE_CFG_SEC_COMMON_IMG] = "SEC_COMMON_IMG",
145 [IMAGE_CFG_SEC_SPECIALIZED_IMG] = "SEC_SPECIALIZED_IMG",
146 [IMAGE_CFG_SEC_BOOT_DEV] = "SEC_BOOT_DEV",
147 [IMAGE_CFG_SEC_FUSE_DUMP] = "SEC_FUSE_DUMP"
150 struct image_cfg_element {
151 enum image_cfg_type type;
153 unsigned int version;
154 unsigned int bootfrom;
157 unsigned int args[BINARY_MAX_ARGS];
161 unsigned int dstaddr;
162 unsigned int execaddr;
163 unsigned int nandblksz;
164 unsigned int nandbadblklocation;
165 unsigned int nandeccmode;
166 unsigned int nandpagesz;
167 struct ext_hdr_v0_reg regdata;
168 unsigned int baudrate;
170 const char *key_name;
175 bool sec_specialized_img;
176 unsigned int sec_boot_dev;
181 #define IMAGE_CFG_ELEMENT_MAX 256
184 * Utility functions to manipulate boot mode and ecc modes (convert
185 * them back and forth between description strings and the
186 * corresponding numerical identifiers).
189 static const char *image_boot_mode_name(unsigned int id)
193 for (i = 0; boot_modes[i].name; i++)
194 if (boot_modes[i].id == id)
195 return boot_modes[i].name;
199 int image_boot_mode_id(const char *boot_mode_name)
203 for (i = 0; boot_modes[i].name; i++)
204 if (!strcmp(boot_modes[i].name, boot_mode_name))
205 return boot_modes[i].id;
210 int image_nand_ecc_mode_id(const char *nand_ecc_mode_name)
214 for (i = 0; nand_ecc_modes[i].name; i++)
215 if (!strcmp(nand_ecc_modes[i].name, nand_ecc_mode_name))
216 return nand_ecc_modes[i].id;
220 static struct image_cfg_element *
221 image_find_option(unsigned int optiontype)
225 for (i = 0; i < cfgn; i++) {
226 if (image_cfg[i].type == optiontype)
227 return &image_cfg[i];
234 image_count_options(unsigned int optiontype)
237 unsigned int count = 0;
239 for (i = 0; i < cfgn; i++)
240 if (image_cfg[i].type == optiontype)
246 #if defined(CONFIG_KWB_SECURE)
248 static int image_get_csk_index(void)
250 struct image_cfg_element *e;
252 e = image_find_option(IMAGE_CFG_CSK_INDEX);
259 static bool image_get_spezialized_img(void)
261 struct image_cfg_element *e;
263 e = image_find_option(IMAGE_CFG_SEC_SPECIALIZED_IMG);
267 return e->sec_specialized_img;
273 * Compute a 8-bit checksum of a memory area. This algorithm follows
274 * the requirements of the Marvell SoC BootROM specifications.
276 static uint8_t image_checksum8(void *start, uint32_t len)
281 /* check len and return zero checksum if invalid */
293 size_t kwbimage_header_size(unsigned char *ptr)
295 if (image_version((void *)ptr) == 0)
296 return sizeof(struct main_hdr_v0);
298 return KWBHEADER_V1_SIZE((struct main_hdr_v1 *)ptr);
302 * Verify checksum over a complete header that includes the checksum field.
303 * Return 1 when OK, otherwise 0.
305 static int main_hdr_checksum_ok(void *hdr)
307 /* Offsets of checksum in v0 and v1 headers are the same */
308 struct main_hdr_v0 *main_hdr = (struct main_hdr_v0 *)hdr;
311 checksum = image_checksum8(hdr, kwbimage_header_size(hdr));
312 /* Calculated checksum includes the header checksum field. Compensate
315 checksum -= main_hdr->checksum;
317 return checksum == main_hdr->checksum;
320 static uint32_t image_checksum32(void *start, uint32_t len)
325 /* check len and return zero checksum if invalid */
329 if (len % sizeof(uint32_t)) {
330 fprintf(stderr, "Length %d is not in multiple of %zu\n",
331 len, sizeof(uint32_t));
338 len -= sizeof(uint32_t);
344 static uint8_t baudrate_to_option(unsigned int baudrate)
348 return MAIN_HDR_V1_OPT_BAUD_2400;
350 return MAIN_HDR_V1_OPT_BAUD_4800;
352 return MAIN_HDR_V1_OPT_BAUD_9600;
354 return MAIN_HDR_V1_OPT_BAUD_19200;
356 return MAIN_HDR_V1_OPT_BAUD_38400;
358 return MAIN_HDR_V1_OPT_BAUD_57600;
360 return MAIN_HDR_V1_OPT_BAUD_115200;
362 return MAIN_HDR_V1_OPT_BAUD_DEFAULT;
366 #if defined(CONFIG_KWB_SECURE)
367 static void kwb_msg(const char *fmt, ...)
373 vfprintf(stdout, fmt, ap);
378 static int openssl_err(const char *msg)
380 unsigned long ssl_err = ERR_get_error();
382 fprintf(stderr, "%s", msg);
383 fprintf(stderr, ": %s\n",
384 ERR_error_string(ssl_err, 0));
389 static int kwb_load_rsa_key(const char *keydir, const char *name, RSA **p_rsa)
398 snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
399 f = fopen(path, "r");
401 fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",
402 path, strerror(errno));
406 rsa = PEM_read_RSAPrivateKey(f, 0, NULL, "");
408 openssl_err("Failure reading private key");
418 static int kwb_load_cfg_key(struct image_tool_params *params,
419 unsigned int cfg_option, const char *key_name,
422 struct image_cfg_element *e_key;
428 e_key = image_find_option(cfg_option);
430 fprintf(stderr, "%s not configured\n", key_name);
434 res = kwb_load_rsa_key(params->keydir, e_key->key_name, &key);
436 fprintf(stderr, "Failed to load %s\n", key_name);
445 static int kwb_load_kak(struct image_tool_params *params, RSA **p_kak)
447 return kwb_load_cfg_key(params, IMAGE_CFG_KAK, "KAK", p_kak);
450 static int kwb_load_csk(struct image_tool_params *params, RSA **p_csk)
452 return kwb_load_cfg_key(params, IMAGE_CFG_CSK, "CSK", p_csk);
455 static int kwb_compute_pubkey_hash(struct pubkey_der_v1 *pk,
456 struct hash_v1 *hash)
459 unsigned int key_size;
460 unsigned int hash_size;
463 if (!pk || !hash || pk->key[0] != 0x30 || pk->key[1] != 0x82)
466 key_size = (pk->key[2] << 8) + pk->key[3] + 4;
468 ctx = EVP_MD_CTX_create();
470 return openssl_err("EVP context creation failed");
472 EVP_MD_CTX_init(ctx);
473 if (!EVP_DigestInit(ctx, EVP_sha256())) {
474 ret = openssl_err("Digest setup failed");
478 if (!EVP_DigestUpdate(ctx, pk->key, key_size)) {
479 ret = openssl_err("Hashing data failed");
483 if (!EVP_DigestFinal(ctx, hash->hash, &hash_size)) {
484 ret = openssl_err("Could not obtain hash");
488 EVP_MD_CTX_cleanup(ctx);
491 EVP_MD_CTX_destroy(ctx);
495 static int kwb_import_pubkey(RSA **key, struct pubkey_der_v1 *src, char *keyname)
498 const unsigned char *ptr;
504 rsa = d2i_RSAPublicKey(key, &ptr, sizeof(src->key));
506 openssl_err("error decoding public key");
512 fprintf(stderr, "Failed to decode %s pubkey\n", keyname);
516 static int kwb_export_pubkey(RSA *key, struct pubkey_der_v1 *dst, FILE *hashf,
519 int size_exp, size_mod, size_seq;
520 const BIGNUM *key_e, *key_n;
522 char *errmsg = "Failed to encode %s\n";
524 RSA_get0_key(key, NULL, &key_e, NULL);
525 RSA_get0_key(key, &key_n, NULL, NULL);
527 if (!key || !key_e || !key_n || !dst) {
528 fprintf(stderr, "export pk failed: (%p, %p, %p, %p)",
529 key, key_e, key_n, dst);
530 fprintf(stderr, errmsg, keyname);
535 * According to the specs, the key should be PKCS#1 DER encoded.
536 * But unfortunately the really required encoding seems to be different;
537 * it violates DER...! (But it still conformes to BER.)
538 * (Length always in long form w/ 2 byte length code; no leading zero
539 * when MSB of first byte is set...)
540 * So we cannot use the encoding func provided by OpenSSL and have to
541 * do the encoding manually.
544 size_exp = BN_num_bytes(key_e);
545 size_mod = BN_num_bytes(key_n);
546 size_seq = 4 + size_mod + 4 + size_exp;
548 if (size_mod > 256) {
549 fprintf(stderr, "export pk failed: wrong mod size: %d\n",
551 fprintf(stderr, errmsg, keyname);
555 if (4 + size_seq > sizeof(dst->key)) {
556 fprintf(stderr, "export pk failed: seq too large (%d, %lu)\n",
557 4 + size_seq, sizeof(dst->key));
558 fprintf(stderr, errmsg, keyname);
564 /* PKCS#1 (RFC3447) RSAPublicKey structure */
565 *cur++ = 0x30; /* SEQUENCE */
567 *cur++ = (size_seq >> 8) & 0xFF;
568 *cur++ = size_seq & 0xFF;
570 *cur++ = 0x02; /* INTEGER */
572 *cur++ = (size_mod >> 8) & 0xFF;
573 *cur++ = size_mod & 0xFF;
574 BN_bn2bin(key_n, cur);
577 *cur++ = 0x02; /* INTEGER */
579 *cur++ = (size_exp >> 8) & 0xFF;
580 *cur++ = size_exp & 0xFF;
581 BN_bn2bin(key_e, cur);
584 struct hash_v1 pk_hash;
588 ret = kwb_compute_pubkey_hash(dst, &pk_hash);
590 fprintf(stderr, errmsg, keyname);
594 fprintf(hashf, "SHA256 = ");
595 for (i = 0 ; i < sizeof(pk_hash.hash); ++i)
596 fprintf(hashf, "%02X", pk_hash.hash[i]);
597 fprintf(hashf, "\n");
603 int kwb_sign(RSA *key, void *data, int datasz, struct sig_v1 *sig, char *signame)
607 unsigned int sig_size;
611 evp_key = EVP_PKEY_new();
613 return openssl_err("EVP_PKEY object creation failed");
615 if (!EVP_PKEY_set1_RSA(evp_key, key)) {
616 ret = openssl_err("EVP key setup failed");
620 size = EVP_PKEY_size(evp_key);
621 if (size > sizeof(sig->sig)) {
622 fprintf(stderr, "Buffer to small for signature (%d bytes)\n",
628 ctx = EVP_MD_CTX_create();
630 ret = openssl_err("EVP context creation failed");
633 EVP_MD_CTX_init(ctx);
634 if (!EVP_SignInit(ctx, EVP_sha256())) {
635 ret = openssl_err("Signer setup failed");
639 if (!EVP_SignUpdate(ctx, data, datasz)) {
640 ret = openssl_err("Signing data failed");
644 if (!EVP_SignFinal(ctx, sig->sig, &sig_size, evp_key)) {
645 ret = openssl_err("Could not obtain signature");
649 EVP_MD_CTX_cleanup(ctx);
650 EVP_MD_CTX_destroy(ctx);
651 EVP_PKEY_free(evp_key);
656 EVP_MD_CTX_destroy(ctx);
658 EVP_PKEY_free(evp_key);
659 fprintf(stderr, "Failed to create %s signature\n", signame);
663 int kwb_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
671 evp_key = EVP_PKEY_new();
673 return openssl_err("EVP_PKEY object creation failed");
675 if (!EVP_PKEY_set1_RSA(evp_key, key)) {
676 ret = openssl_err("EVP key setup failed");
680 size = EVP_PKEY_size(evp_key);
681 if (size > sizeof(sig->sig)) {
682 fprintf(stderr, "Invalid signature size (%d bytes)\n",
688 ctx = EVP_MD_CTX_create();
690 ret = openssl_err("EVP context creation failed");
693 EVP_MD_CTX_init(ctx);
694 if (!EVP_VerifyInit(ctx, EVP_sha256())) {
695 ret = openssl_err("Verifier setup failed");
699 if (!EVP_VerifyUpdate(ctx, data, datasz)) {
700 ret = openssl_err("Hashing data failed");
704 if (EVP_VerifyFinal(ctx, sig->sig, sizeof(sig->sig), evp_key) != 1) {
705 ret = openssl_err("Could not verify signature");
709 EVP_MD_CTX_cleanup(ctx);
710 EVP_MD_CTX_destroy(ctx);
711 EVP_PKEY_free(evp_key);
716 EVP_MD_CTX_destroy(ctx);
718 EVP_PKEY_free(evp_key);
719 fprintf(stderr, "Failed to verify %s signature\n", signame);
723 int kwb_sign_and_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
726 if (kwb_sign(key, data, datasz, sig, signame) < 0)
729 if (kwb_verify(key, data, datasz, sig, signame) < 0)
736 int kwb_dump_fuse_cmds_38x(FILE *out, struct secure_hdr_v1 *sec_hdr)
738 struct hash_v1 kak_pub_hash;
739 struct image_cfg_element *e;
740 unsigned int fuse_line;
746 if (!out || !sec_hdr)
749 ret = kwb_compute_pubkey_hash(&sec_hdr->kak, &kak_pub_hash);
753 fprintf(out, "# burn KAK pub key hash\n");
754 ptr = kak_pub_hash.hash;
755 for (fuse_line = 26; fuse_line <= 30; ++fuse_line) {
756 fprintf(out, "fuse prog -y %u 0 ", fuse_line);
758 for (i = 4; i-- > 0;)
759 fprintf(out, "%02hx", (ushort)ptr[i]);
763 if (fuse_line < 30) {
764 for (i = 3; i-- > 0;)
765 fprintf(out, "%02hx", (ushort)ptr[i]);
768 fprintf(out, "000000");
771 fprintf(out, " 1\n");
774 fprintf(out, "# burn CSK selection\n");
776 idx = image_get_csk_index();
777 if (idx < 0 || idx > 15) {
782 for (fuse_line = 31; fuse_line < 31 + idx; ++fuse_line)
783 fprintf(out, "fuse prog -y %u 0 00000001 00000000 1\n",
786 fprintf(out, "# CSK index is 0; no mods needed\n");
789 e = image_find_option(IMAGE_CFG_BOX_ID);
791 fprintf(out, "# set box ID\n");
792 fprintf(out, "fuse prog -y 48 0 %08x 00000000 1\n", e->boxid);
795 e = image_find_option(IMAGE_CFG_FLASH_ID);
797 fprintf(out, "# set flash ID\n");
798 fprintf(out, "fuse prog -y 47 0 %08x 00000000 1\n", e->flashid);
801 fprintf(out, "# enable secure mode ");
802 fprintf(out, "(must be the last fuse line written)\n");
805 e = image_find_option(IMAGE_CFG_SEC_BOOT_DEV);
807 fprintf(stderr, "ERROR: secured mode boot device not given\n");
812 if (e->sec_boot_dev > 0xff) {
813 fprintf(stderr, "ERROR: secured mode boot device invalid\n");
818 val |= (e->sec_boot_dev << 8);
820 fprintf(out, "fuse prog -y 24 0 %08x 0103e0a9 1\n", val);
822 fprintf(out, "# lock (unused) fuse lines (0-23)s\n");
823 for (fuse_line = 0; fuse_line < 24; ++fuse_line)
824 fprintf(out, "fuse prog -y %u 2 1\n", fuse_line);
826 fprintf(out, "# OK, that's all :-)\n");
832 static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
835 struct image_cfg_element *e;
837 e = image_find_option(IMAGE_CFG_SEC_FUSE_DUMP);
841 if (!strcmp(e->name, "a38x")) {
842 FILE *out = fopen("kwb_fuses_a38x.txt", "w+");
844 kwb_dump_fuse_cmds_38x(out, sec_hdr);
857 static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
860 struct image_cfg_element *e;
862 struct main_hdr_v0 *main_hdr;
867 * Calculate the size of the header and the size of the
870 headersz = sizeof(struct main_hdr_v0);
872 if (image_count_options(IMAGE_CFG_DATA) > 0) {
874 headersz += sizeof(struct ext_hdr_v0);
877 if (image_count_options(IMAGE_CFG_PAYLOAD) > 1) {
878 fprintf(stderr, "More than one payload, not possible\n");
882 image = malloc(headersz);
884 fprintf(stderr, "Cannot allocate memory for image\n");
888 memset(image, 0, headersz);
890 main_hdr = (struct main_hdr_v0 *)image;
892 /* Fill in the main header */
893 main_hdr->blocksize =
894 cpu_to_le32(payloadsz - headersz);
895 main_hdr->srcaddr = cpu_to_le32(headersz);
896 main_hdr->ext = has_ext;
897 main_hdr->destaddr = cpu_to_le32(params->addr);
898 main_hdr->execaddr = cpu_to_le32(params->ep);
900 e = image_find_option(IMAGE_CFG_BOOT_FROM);
902 main_hdr->blockid = e->bootfrom;
903 e = image_find_option(IMAGE_CFG_NAND_ECC_MODE);
905 main_hdr->nandeccmode = e->nandeccmode;
906 e = image_find_option(IMAGE_CFG_NAND_PAGESZ);
908 main_hdr->nandpagesize = cpu_to_le16(e->nandpagesz);
909 main_hdr->checksum = image_checksum8(image,
910 sizeof(struct main_hdr_v0));
912 /* Generate the ext header */
914 struct ext_hdr_v0 *ext_hdr;
917 ext_hdr = (struct ext_hdr_v0 *)
918 (image + sizeof(struct main_hdr_v0));
919 ext_hdr->offset = cpu_to_le32(0x40);
921 for (cfgi = 0, datai = 0; cfgi < cfgn; cfgi++) {
922 e = &image_cfg[cfgi];
923 if (e->type != IMAGE_CFG_DATA)
926 ext_hdr->rcfg[datai].raddr =
927 cpu_to_le32(e->regdata.raddr);
928 ext_hdr->rcfg[datai].rdata =
929 cpu_to_le32(e->regdata.rdata);
933 ext_hdr->checksum = image_checksum8(ext_hdr,
934 sizeof(struct ext_hdr_v0));
941 static size_t image_headersz_v1(int *hasext)
943 struct image_cfg_element *binarye;
948 * Calculate the size of the header and the size of the
951 headersz = sizeof(struct main_hdr_v1);
953 if (image_count_options(IMAGE_CFG_PAYLOAD) > 1) {
954 fprintf(stderr, "More than one payload, not possible\n");
958 for (cfgi = 0; cfgi < cfgn; cfgi++) {
962 binarye = &image_cfg[cfgi];
963 if (binarye->type != IMAGE_CFG_BINARY)
966 ret = stat(binarye->binary.file, &s);
971 memset(cwd, 0, sizeof(cwd));
972 if (!getcwd(cwd, sizeof(cwd))) {
973 dir = "current working directory";
974 perror("getcwd() failed");
978 "Didn't find the file '%s' in '%s' which is mandatory to generate the image\n"
979 "This file generally contains the DDR3 training code, and should be extracted from an existing bootable\n"
980 "image for your board. See 'kwbimage -x' to extract it from an existing image.\n",
981 binarye->binary.file, dir);
985 headersz += sizeof(struct opt_hdr_v1) +
986 ALIGN(s.st_size, 4) +
987 (binarye->binary.nargs + 2) * sizeof(uint32_t);
992 #if defined(CONFIG_KWB_SECURE)
993 if (image_get_csk_index() >= 0) {
994 headersz += sizeof(struct secure_hdr_v1);
1000 #if defined(CONFIG_SYS_U_BOOT_OFFS)
1001 if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
1003 "Error: Image header (incl. SPL image) too big!\n");
1004 fprintf(stderr, "header=0x%x CONFIG_SYS_U_BOOT_OFFS=0x%x!\n",
1005 (int)headersz, CONFIG_SYS_U_BOOT_OFFS);
1006 fprintf(stderr, "Increase CONFIG_SYS_U_BOOT_OFFS!\n");
1010 headersz = CONFIG_SYS_U_BOOT_OFFS;
1014 * The payload should be aligned on some reasonable
1017 return ALIGN(headersz, 4096);
1020 int add_binary_header_v1(uint8_t **cur, uint8_t **next_ext,
1021 struct image_cfg_element *binarye)
1023 struct opt_hdr_v1 *hdr = (struct opt_hdr_v1 *)*cur;
1031 hdr->headertype = OPT_HDR_V1_BINARY_TYPE;
1033 bin = fopen(binarye->binary.file, "r");
1035 fprintf(stderr, "Cannot open binary file %s\n",
1036 binarye->binary.file);
1040 if (fstat(fileno(bin), &s)) {
1041 fprintf(stderr, "Cannot stat binary file %s\n",
1042 binarye->binary.file);
1046 binhdrsz = sizeof(struct opt_hdr_v1) +
1047 (binarye->binary.nargs + 2) * sizeof(uint32_t) +
1048 ALIGN(s.st_size, 4);
1049 hdr->headersz_lsb = cpu_to_le16(binhdrsz & 0xFFFF);
1050 hdr->headersz_msb = (binhdrsz & 0xFFFF0000) >> 16;
1052 *cur += sizeof(struct opt_hdr_v1);
1054 args = (uint32_t *)*cur;
1055 *args = cpu_to_le32(binarye->binary.nargs);
1057 for (argi = 0; argi < binarye->binary.nargs; argi++)
1058 args[argi] = cpu_to_le32(binarye->binary.args[argi]);
1060 *cur += (binarye->binary.nargs + 1) * sizeof(uint32_t);
1062 ret = fread(*cur, s.st_size, 1, bin);
1065 "Could not read binary image %s\n",
1066 binarye->binary.file);
1072 *cur += ALIGN(s.st_size, 4);
1074 *((uint32_t *)*cur) = 0x00000000;
1078 *cur += sizeof(uint32_t);
1088 #if defined(CONFIG_KWB_SECURE)
1090 int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
1095 hashf = fopen("pub_kak_hash.txt", "w");
1097 res = kwb_export_pubkey(kak, &secure_hdr->kak, hashf, "KAK");
1101 return res < 0 ? 1 : 0;
1104 int kwb_sign_csk_with_kak(struct image_tool_params *params,
1105 struct secure_hdr_v1 *secure_hdr, RSA *csk)
1108 RSA *kak_pub = NULL;
1109 int csk_idx = image_get_csk_index();
1110 struct sig_v1 tmp_sig;
1112 if (csk_idx >= 16) {
1113 fprintf(stderr, "Invalid CSK index %d\n", csk_idx);
1117 if (kwb_load_kak(params, &kak) < 0)
1120 if (export_pub_kak_hash(kak, secure_hdr))
1123 if (kwb_import_pubkey(&kak_pub, &secure_hdr->kak, "KAK") < 0)
1126 if (kwb_export_pubkey(csk, &secure_hdr->csk[csk_idx], NULL, "CSK") < 0)
1129 if (kwb_sign_and_verify(kak, &secure_hdr->csk,
1130 sizeof(secure_hdr->csk) +
1131 sizeof(secure_hdr->csksig),
1132 &tmp_sig, "CSK") < 0)
1135 if (kwb_verify(kak_pub, &secure_hdr->csk,
1136 sizeof(secure_hdr->csk) +
1137 sizeof(secure_hdr->csksig),
1138 &tmp_sig, "CSK (2)") < 0)
1141 secure_hdr->csksig = tmp_sig;
1146 int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
1147 int payloadsz, size_t headersz, uint8_t *image,
1148 struct secure_hdr_v1 *secure_hdr)
1150 struct image_cfg_element *e_jtagdelay;
1151 struct image_cfg_element *e_boxid;
1152 struct image_cfg_element *e_flashid;
1154 unsigned char *image_ptr;
1156 struct sig_v1 tmp_sig;
1157 bool specialized_img = image_get_spezialized_img();
1159 kwb_msg("Create secure header content\n");
1161 e_jtagdelay = image_find_option(IMAGE_CFG_JTAG_DELAY);
1162 e_boxid = image_find_option(IMAGE_CFG_BOX_ID);
1163 e_flashid = image_find_option(IMAGE_CFG_FLASH_ID);
1165 if (kwb_load_csk(params, &csk) < 0)
1168 secure_hdr->headertype = OPT_HDR_V1_SECURE_TYPE;
1169 secure_hdr->headersz_msb = 0;
1170 secure_hdr->headersz_lsb = cpu_to_le16(sizeof(struct secure_hdr_v1));
1172 secure_hdr->jtag_delay = e_jtagdelay->jtag_delay;
1173 if (e_boxid && specialized_img)
1174 secure_hdr->boxid = cpu_to_le32(e_boxid->boxid);
1175 if (e_flashid && specialized_img)
1176 secure_hdr->flashid = cpu_to_le32(e_flashid->flashid);
1178 if (kwb_sign_csk_with_kak(params, secure_hdr, csk))
1181 image_ptr = ptr + headersz;
1182 image_size = payloadsz - headersz;
1184 if (kwb_sign_and_verify(csk, image_ptr, image_size,
1185 &secure_hdr->imgsig, "image") < 0)
1188 if (kwb_sign_and_verify(csk, image, headersz, &tmp_sig, "header") < 0)
1191 secure_hdr->hdrsig = tmp_sig;
1193 kwb_dump_fuse_cmds(secure_hdr);
1199 static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
1200 uint8_t *ptr, int payloadsz)
1202 struct image_cfg_element *e;
1203 struct main_hdr_v1 *main_hdr;
1204 #if defined(CONFIG_KWB_SECURE)
1205 struct secure_hdr_v1 *secure_hdr = NULL;
1208 uint8_t *image, *cur;
1210 uint8_t *next_ext = NULL;
1214 * Calculate the size of the header and the size of the
1217 headersz = image_headersz_v1(&hasext);
1221 image = malloc(headersz);
1223 fprintf(stderr, "Cannot allocate memory for image\n");
1227 memset(image, 0, headersz);
1229 main_hdr = (struct main_hdr_v1 *)image;
1231 cur += sizeof(struct main_hdr_v1);
1232 next_ext = &main_hdr->ext;
1234 /* Fill the main header */
1235 main_hdr->blocksize =
1236 cpu_to_le32(payloadsz - headersz);
1237 main_hdr->headersz_lsb = cpu_to_le16(headersz & 0xFFFF);
1238 main_hdr->headersz_msb = (headersz & 0xFFFF0000) >> 16;
1239 main_hdr->destaddr = cpu_to_le32(params->addr);
1240 main_hdr->execaddr = cpu_to_le32(params->ep);
1241 main_hdr->srcaddr = cpu_to_le32(headersz);
1242 main_hdr->ext = hasext;
1243 main_hdr->version = 1;
1244 e = image_find_option(IMAGE_CFG_BOOT_FROM);
1246 main_hdr->blockid = e->bootfrom;
1247 e = image_find_option(IMAGE_CFG_NAND_BLKSZ);
1249 main_hdr->nandblocksize = e->nandblksz / (64 * 1024);
1250 e = image_find_option(IMAGE_CFG_NAND_BADBLK_LOCATION);
1252 main_hdr->nandbadblklocation = e->nandbadblklocation;
1253 e = image_find_option(IMAGE_CFG_BAUDRATE);
1255 main_hdr->options = baudrate_to_option(e->baudrate);
1256 e = image_find_option(IMAGE_CFG_DEBUG);
1258 main_hdr->flags = e->debug ? 0x1 : 0;
1261 * For SATA srcaddr is specified in number of sectors starting from
1262 * sector 0. The main header is stored at sector number 1.
1263 * This expects the sector size to be 512 bytes.
1264 * Header size is already aligned.
1266 if (main_hdr->blockid == IBR_HDR_SATA_ID)
1267 main_hdr->srcaddr = cpu_to_le32(headersz / 512 + 1);
1270 * For SDIO srcaddr is specified in number of sectors starting from
1271 * sector 0. The main header is stored at sector number 0.
1272 * This expects sector size to be 512 bytes.
1273 * Header size is already aligned.
1275 if (main_hdr->blockid == IBR_HDR_SDIO_ID)
1276 main_hdr->srcaddr = cpu_to_le32(headersz / 512);
1278 /* For PCIe srcaddr is not used and must be set to 0xFFFFFFFF. */
1279 if (main_hdr->blockid == IBR_HDR_PEX_ID)
1280 main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
1282 #if defined(CONFIG_KWB_SECURE)
1283 if (image_get_csk_index() >= 0) {
1285 * only reserve the space here; we fill the header later since
1286 * we need the header to be complete to compute the signatures
1288 secure_hdr = (struct secure_hdr_v1 *)cur;
1289 cur += sizeof(struct secure_hdr_v1);
1291 next_ext = &secure_hdr->next;
1295 for (cfgi = 0; cfgi < cfgn; cfgi++) {
1296 e = &image_cfg[cfgi];
1297 if (e->type != IMAGE_CFG_BINARY)
1300 if (add_binary_header_v1(&cur, &next_ext, e))
1304 #if defined(CONFIG_KWB_SECURE)
1305 if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
1306 headersz, image, secure_hdr))
1310 /* Calculate and set the header checksum */
1311 main_hdr->checksum = image_checksum8(main_hdr, headersz);
1313 *imagesz = headersz;
1317 int recognize_keyword(char *keyword)
1321 for (kw_id = 1; kw_id < IMAGE_CFG_COUNT; ++kw_id)
1322 if (!strcmp(keyword, id_strs[kw_id]))
1328 static int image_create_config_parse_oneline(char *line,
1329 struct image_cfg_element *el)
1331 char *keyword, *saveptr, *value1, *value2;
1332 char delimiters[] = " \t";
1333 int keyword_id, ret, argi;
1334 char *unknown_msg = "Ignoring unknown line '%s'\n";
1336 keyword = strtok_r(line, delimiters, &saveptr);
1337 keyword_id = recognize_keyword(keyword);
1340 fprintf(stderr, unknown_msg, line);
1344 el->type = keyword_id;
1346 value1 = strtok_r(NULL, delimiters, &saveptr);
1349 fprintf(stderr, "Parameter missing in line '%s'\n", line);
1353 switch (keyword_id) {
1354 case IMAGE_CFG_VERSION:
1355 el->version = atoi(value1);
1357 case IMAGE_CFG_BOOT_FROM:
1358 ret = image_boot_mode_id(value1);
1361 fprintf(stderr, "Invalid boot media '%s'\n", value1);
1366 case IMAGE_CFG_NAND_BLKSZ:
1367 el->nandblksz = strtoul(value1, NULL, 16);
1369 case IMAGE_CFG_NAND_BADBLK_LOCATION:
1370 el->nandbadblklocation = strtoul(value1, NULL, 16);
1372 case IMAGE_CFG_NAND_ECC_MODE:
1373 ret = image_nand_ecc_mode_id(value1);
1376 fprintf(stderr, "Invalid NAND ECC mode '%s'\n", value1);
1379 el->nandeccmode = ret;
1381 case IMAGE_CFG_NAND_PAGESZ:
1382 el->nandpagesz = strtoul(value1, NULL, 16);
1384 case IMAGE_CFG_BINARY:
1387 el->binary.file = strdup(value1);
1389 char *value = strtok_r(NULL, delimiters, &saveptr);
1393 el->binary.args[argi] = strtoul(value, NULL, 16);
1395 if (argi >= BINARY_MAX_ARGS) {
1397 "Too many arguments for BINARY\n");
1401 el->binary.nargs = argi;
1403 case IMAGE_CFG_DATA:
1404 value2 = strtok_r(NULL, delimiters, &saveptr);
1406 if (!value1 || !value2) {
1408 "Invalid number of arguments for DATA\n");
1412 el->regdata.raddr = strtoul(value1, NULL, 16);
1413 el->regdata.rdata = strtoul(value2, NULL, 16);
1415 case IMAGE_CFG_BAUDRATE:
1416 el->baudrate = strtoul(value1, NULL, 10);
1418 case IMAGE_CFG_DEBUG:
1419 el->debug = strtoul(value1, NULL, 10);
1422 el->key_name = strdup(value1);
1425 el->key_name = strdup(value1);
1427 case IMAGE_CFG_CSK_INDEX:
1428 el->csk_idx = strtol(value1, NULL, 0);
1430 case IMAGE_CFG_JTAG_DELAY:
1431 el->jtag_delay = strtoul(value1, NULL, 0);
1433 case IMAGE_CFG_BOX_ID:
1434 el->boxid = strtoul(value1, NULL, 0);
1436 case IMAGE_CFG_FLASH_ID:
1437 el->flashid = strtoul(value1, NULL, 0);
1439 case IMAGE_CFG_SEC_SPECIALIZED_IMG:
1440 el->sec_specialized_img = true;
1442 case IMAGE_CFG_SEC_COMMON_IMG:
1443 el->sec_specialized_img = false;
1445 case IMAGE_CFG_SEC_BOOT_DEV:
1446 el->sec_boot_dev = strtoul(value1, NULL, 0);
1448 case IMAGE_CFG_SEC_FUSE_DUMP:
1449 el->name = strdup(value1);
1452 fprintf(stderr, unknown_msg, line);
1459 * Parse the configuration file 'fcfg' into the array of configuration
1460 * elements 'image_cfg', and return the number of configuration
1461 * elements in 'cfgn'.
1463 static int image_create_config_parse(FILE *fcfg)
1468 /* Parse the configuration file */
1469 while (!feof(fcfg)) {
1473 /* Read the current line */
1474 memset(buf, 0, sizeof(buf));
1475 line = fgets(buf, sizeof(buf), fcfg);
1479 /* Ignore useless lines */
1480 if (line[0] == '\n' || line[0] == '#')
1483 /* Strip final newline */
1484 if (line[strlen(line) - 1] == '\n')
1485 line[strlen(line) - 1] = 0;
1487 /* Parse the current line */
1488 ret = image_create_config_parse_oneline(line,
1495 if (cfgi >= IMAGE_CFG_ELEMENT_MAX) {
1497 "Too many configuration elements in .cfg file\n");
1506 static int image_get_version(void)
1508 struct image_cfg_element *e;
1510 e = image_find_option(IMAGE_CFG_VERSION);
1517 static int image_get_bootfrom(void)
1519 struct image_cfg_element *e;
1521 e = image_find_option(IMAGE_CFG_BOOT_FROM);
1528 static void kwbimage_set_header(void *ptr, struct stat *sbuf, int ifd,
1529 struct image_tool_params *params)
1534 size_t headersz = 0;
1538 fcfg = fopen(params->imagename, "r");
1540 fprintf(stderr, "Could not open input file %s\n",
1545 image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
1546 sizeof(struct image_cfg_element));
1548 fprintf(stderr, "Cannot allocate memory\n");
1553 memset(image_cfg, 0,
1554 IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
1557 ret = image_create_config_parse(fcfg);
1564 version = image_get_version();
1567 * Fallback to version 0 if no version is provided in the
1572 image = image_create_v0(&headersz, params, sbuf->st_size);
1576 image = image_create_v1(&headersz, params, ptr, sbuf->st_size);
1580 fprintf(stderr, "Unsupported version %d\n", version);
1586 fprintf(stderr, "Could not create image\n");
1593 /* Build and add image checksum header */
1594 checksum = cpu_to_le32(image_checksum32((uint8_t *)ptr + headersz,
1595 sbuf->st_size - headersz - sizeof(uint32_t)));
1596 memcpy((uint8_t *)ptr + sbuf->st_size - sizeof(uint32_t), &checksum,
1599 /* Finally copy the header into the image area */
1600 memcpy(ptr, image, headersz);
1605 static void kwbimage_print_header(const void *ptr)
1607 struct main_hdr_v0 *mhdr = (struct main_hdr_v0 *)ptr;
1609 printf("Image Type: MVEBU Boot from %s Image\n",
1610 image_boot_mode_name(mhdr->blockid));
1611 printf("Image version:%d\n", image_version((void *)ptr));
1612 if (image_version((void *)ptr) == 1) {
1613 struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr;
1615 if (mhdr->ext & 0x1) {
1616 struct opt_hdr_v1 *ohdr = (struct opt_hdr_v1 *)
1623 ohdr_size = (ohdr->headersz_msb << 16) |
1624 le16_to_cpu(ohdr->headersz_lsb);
1625 if (ohdr->headertype == OPT_HDR_V1_BINARY_TYPE) {
1626 printf("BIN Hdr Size: ");
1627 genimg_print_size(ohdr_size - 12 - 4 * ohdr->data[0]);
1629 if (!(*((uint8_t *)ohdr + ohdr_size - 4) & 0x1))
1631 ohdr = (struct opt_hdr_v1 *)((uint8_t *)ohdr +
1636 printf("Data Size: ");
1637 genimg_print_size(mhdr->blocksize - sizeof(uint32_t));
1638 printf("Load Address: %08x\n", mhdr->destaddr);
1639 printf("Entry Point: %08x\n", mhdr->execaddr);
1642 static int kwbimage_check_image_types(uint8_t type)
1644 if (type == IH_TYPE_KWBIMAGE)
1645 return EXIT_SUCCESS;
1647 return EXIT_FAILURE;
1650 static int kwbimage_verify_header(unsigned char *ptr, int image_size,
1651 struct image_tool_params *params)
1654 size_t header_size = kwbimage_header_size(ptr);
1656 if (header_size > image_size)
1657 return -FDT_ERR_BADSTRUCTURE;
1659 if (!main_hdr_checksum_ok(ptr))
1660 return -FDT_ERR_BADSTRUCTURE;
1662 /* Only version 0 extended header has checksum */
1663 if (image_version((void *)ptr) == 0) {
1664 struct main_hdr_v0 *mhdr = (struct main_hdr_v0 *)ptr;
1666 if (mhdr->ext & 0x1) {
1667 struct ext_hdr_v0 *ext_hdr;
1669 ext_hdr = (struct ext_hdr_v0 *)
1670 (ptr + sizeof(struct main_hdr_v0));
1671 checksum = image_checksum8(ext_hdr,
1672 sizeof(struct ext_hdr_v0)
1674 if (checksum != ext_hdr->checksum)
1675 return -FDT_ERR_BADSTRUCTURE;
1679 if (image_version((void *)ptr) == 1) {
1680 struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr;
1684 if (mhdr->ext & 0x1) {
1686 struct opt_hdr_v1 *ohdr = (struct opt_hdr_v1 *)
1687 (ptr + sizeof(*mhdr));
1690 if ((uint8_t *)ohdr + sizeof(*ohdr) >
1691 (uint8_t *)mhdr + header_size)
1692 return -FDT_ERR_BADSTRUCTURE;
1694 ohdr_size = (ohdr->headersz_msb << 16) |
1695 le16_to_cpu(ohdr->headersz_lsb);
1697 if (ohdr_size < 8 ||
1698 (uint8_t *)ohdr + ohdr_size >
1699 (uint8_t *)mhdr + header_size)
1700 return -FDT_ERR_BADSTRUCTURE;
1702 if (!(*((uint8_t *)ohdr + ohdr_size - 4) & 0x1))
1704 ohdr = (struct opt_hdr_v1 *)((uint8_t *)ohdr +
1709 offset = le32_to_cpu(mhdr->srcaddr);
1712 * For SATA srcaddr is specified in number of sectors.
1713 * The main header is must be stored at sector number 1.
1714 * This expects that sector size is 512 bytes and recalculates
1715 * data offset to bytes relative to the main header.
1717 if (mhdr->blockid == IBR_HDR_SATA_ID) {
1719 return -FDT_ERR_BADSTRUCTURE;
1725 * For SDIO srcaddr is specified in number of sectors.
1726 * This expects that sector size is 512 bytes and recalculates
1727 * data offset to bytes.
1729 if (mhdr->blockid == IBR_HDR_SDIO_ID)
1733 * For PCIe srcaddr is always set to 0xFFFFFFFF.
1734 * This expects that data starts after all headers.
1736 if (mhdr->blockid == IBR_HDR_PEX_ID && offset == 0xFFFFFFFF)
1737 offset = header_size;
1739 if (offset > image_size || offset % 4 != 0)
1740 return -FDT_ERR_BADSTRUCTURE;
1742 size = le32_to_cpu(mhdr->blocksize);
1743 if (offset + size > image_size || size % 4 != 0)
1744 return -FDT_ERR_BADSTRUCTURE;
1746 if (image_checksum32(ptr + offset, size - 4) !=
1747 *(uint32_t *)(ptr + offset + size - 4))
1748 return -FDT_ERR_BADSTRUCTURE;
1754 static int kwbimage_generate(struct image_tool_params *params,
1755 struct image_type_params *tparams)
1765 fcfg = fopen(params->imagename, "r");
1767 fprintf(stderr, "Could not open input file %s\n",
1772 if (stat(params->datafile, &s)) {
1773 fprintf(stderr, "Could not stat data file %s: %s\n",
1774 params->datafile, strerror(errno));
1778 image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
1779 sizeof(struct image_cfg_element));
1781 fprintf(stderr, "Cannot allocate memory\n");
1786 memset(image_cfg, 0,
1787 IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
1790 ret = image_create_config_parse(fcfg);
1797 bootfrom = image_get_bootfrom();
1798 version = image_get_version();
1801 * Fallback to version 0 if no version is provided in the
1806 alloc_len = sizeof(struct main_hdr_v0) +
1807 sizeof(struct ext_hdr_v0);
1811 alloc_len = image_headersz_v1(NULL);
1815 fprintf(stderr, "Unsupported version %d\n", version);
1822 hdr = malloc(alloc_len);
1824 fprintf(stderr, "%s: malloc return failure: %s\n",
1825 params->cmdname, strerror(errno));
1829 memset(hdr, 0, alloc_len);
1830 tparams->header_size = alloc_len;
1834 * The resulting image needs to be 4-byte aligned. At least
1835 * the Marvell hdrparser tool complains if its unaligned.
1836 * After the image data is stored 4-byte checksum.
1837 * Final SPI and NAND images must be aligned to 256 bytes.
1838 * Final SATA and SDIO images must be aligned to 512 bytes.
1840 if (bootfrom == IBR_HDR_SPI_ID || bootfrom == IBR_HDR_NAND_ID)
1841 return 4 + (256 - (alloc_len + s.st_size + 4) % 256) % 256;
1842 else if (bootfrom == IBR_HDR_SATA_ID || bootfrom == IBR_HDR_SDIO_ID)
1843 return 4 + (512 - (alloc_len + s.st_size + 4) % 512) % 512;
1845 return 4 + (4 - s.st_size % 4) % 4;
1849 * Report Error if xflag is set in addition to default
1851 static int kwbimage_check_params(struct image_tool_params *params)
1853 if (!strlen(params->imagename)) {
1854 char *msg = "Configuration file for kwbimage creation omitted";
1856 fprintf(stderr, "Error:%s - %s\n", params->cmdname, msg);
1860 return (params->dflag && (params->fflag || params->lflag)) ||
1861 (params->fflag && (params->dflag || params->lflag)) ||
1862 (params->lflag && (params->dflag || params->fflag)) ||
1863 (params->xflag) || !(strlen(params->imagename));
1867 * kwbimage type parameters definition
1871 "Marvell MVEBU Boot Image support",
1874 kwbimage_check_params,
1875 kwbimage_verify_header,
1876 kwbimage_print_header,
1877 kwbimage_set_header,
1879 kwbimage_check_image_types,