1 // SPDX-License-Identifier: GPL-2.0+
3 * Image manipulator for Marvell SoCs
4 * supports Kirkwood, Dove, Armada 370, Armada XP, Armada 375, Armada 38x and
7 * (C) Copyright 2013 Thomas Petazzoni
8 * <thomas.petazzoni@free-electrons.com>
10 * (C) Copyright 2022 Pali Rohár <pali@kernel.org>
13 #define OPENSSL_API_COMPAT 0x10101000L
15 #include "imagetool.h"
22 #include <openssl/bn.h>
23 #include <openssl/rsa.h>
24 #include <openssl/pem.h>
25 #include <openssl/err.h>
26 #include <openssl/evp.h>
28 #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
29 (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
30 static void RSA_get0_key(const RSA *r,
31 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
41 #elif !defined(LIBRESSL_VERSION_NUMBER)
42 void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
44 EVP_MD_CTX_reset(ctx);
48 /* fls - find last (most-significant) bit set in 4-bit integer */
49 static inline int fls4(int num)
63 static struct image_cfg_element *image_cfg;
65 static int verbose_mode;
79 struct boot_mode boot_modes[] = {
80 { IBR_HDR_I2C_ID, "i2c" },
81 { IBR_HDR_SPI_ID, "spi" },
82 { IBR_HDR_NAND_ID, "nand" },
83 { IBR_HDR_SATA_ID, "sata" },
84 { IBR_HDR_PEX_ID, "pex" },
85 { IBR_HDR_UART_ID, "uart" },
86 { IBR_HDR_SDIO_ID, "sdio" },
90 struct nand_ecc_mode {
95 struct nand_ecc_mode nand_ecc_modes[] = {
96 { IBR_HDR_ECC_DEFAULT, "default" },
97 { IBR_HDR_ECC_FORCED_HAMMING, "hamming" },
98 { IBR_HDR_ECC_FORCED_RS, "rs" },
99 { IBR_HDR_ECC_DISABLED, "disabled" },
103 /* Used to identify an undefined execution or destination address */
104 #define ADDR_INVALID ((uint32_t)-1)
106 #define BINARY_MAX_ARGS 255
108 /* In-memory representation of a line of the configuration file */
110 enum image_cfg_type {
111 IMAGE_CFG_VERSION = 0x1,
115 IMAGE_CFG_NAND_BLKSZ,
116 IMAGE_CFG_NAND_BADBLK_LOCATION,
117 IMAGE_CFG_NAND_ECC_MODE,
118 IMAGE_CFG_NAND_PAGESZ,
122 IMAGE_CFG_DATA_DELAY,
130 IMAGE_CFG_JTAG_DELAY,
133 IMAGE_CFG_SEC_COMMON_IMG,
134 IMAGE_CFG_SEC_SPECIALIZED_IMG,
135 IMAGE_CFG_SEC_BOOT_DEV,
136 IMAGE_CFG_SEC_FUSE_DUMP,
141 static const char * const id_strs[] = {
142 [IMAGE_CFG_VERSION] = "VERSION",
143 [IMAGE_CFG_BOOT_FROM] = "BOOT_FROM",
144 [IMAGE_CFG_DEST_ADDR] = "DEST_ADDR",
145 [IMAGE_CFG_EXEC_ADDR] = "EXEC_ADDR",
146 [IMAGE_CFG_NAND_BLKSZ] = "NAND_BLKSZ",
147 [IMAGE_CFG_NAND_BADBLK_LOCATION] = "NAND_BADBLK_LOCATION",
148 [IMAGE_CFG_NAND_ECC_MODE] = "NAND_ECC_MODE",
149 [IMAGE_CFG_NAND_PAGESZ] = "NAND_PAGE_SIZE",
150 [IMAGE_CFG_CPU] = "CPU",
151 [IMAGE_CFG_BINARY] = "BINARY",
152 [IMAGE_CFG_DATA] = "DATA",
153 [IMAGE_CFG_DATA_DELAY] = "DATA_DELAY",
154 [IMAGE_CFG_BAUDRATE] = "BAUDRATE",
155 [IMAGE_CFG_UART_PORT] = "UART_PORT",
156 [IMAGE_CFG_UART_MPP] = "UART_MPP",
157 [IMAGE_CFG_DEBUG] = "DEBUG",
158 [IMAGE_CFG_KAK] = "KAK",
159 [IMAGE_CFG_CSK] = "CSK",
160 [IMAGE_CFG_CSK_INDEX] = "CSK_INDEX",
161 [IMAGE_CFG_JTAG_DELAY] = "JTAG_DELAY",
162 [IMAGE_CFG_BOX_ID] = "BOX_ID",
163 [IMAGE_CFG_FLASH_ID] = "FLASH_ID",
164 [IMAGE_CFG_SEC_COMMON_IMG] = "SEC_COMMON_IMG",
165 [IMAGE_CFG_SEC_SPECIALIZED_IMG] = "SEC_SPECIALIZED_IMG",
166 [IMAGE_CFG_SEC_BOOT_DEV] = "SEC_BOOT_DEV",
167 [IMAGE_CFG_SEC_FUSE_DUMP] = "SEC_FUSE_DUMP"
170 struct image_cfg_element {
171 enum image_cfg_type type;
173 unsigned int version;
174 unsigned int cpu_sheeva;
175 unsigned int bootfrom;
178 unsigned int loadaddr;
179 unsigned int args[BINARY_MAX_ARGS];
182 unsigned int dstaddr;
183 unsigned int execaddr;
184 unsigned int nandblksz;
185 unsigned int nandbadblklocation;
186 unsigned int nandeccmode;
187 unsigned int nandpagesz;
188 struct ext_hdr_v0_reg regdata;
189 unsigned int regdata_delay;
190 unsigned int baudrate;
191 unsigned int uart_port;
192 unsigned int uart_mpp;
194 const char *key_name;
199 bool sec_specialized_img;
200 unsigned int sec_boot_dev;
205 #define IMAGE_CFG_ELEMENT_MAX 256
208 * Utility functions to manipulate boot mode and ecc modes (convert
209 * them back and forth between description strings and the
210 * corresponding numerical identifiers).
213 static const char *image_boot_mode_name(unsigned int id)
217 for (i = 0; boot_modes[i].name; i++)
218 if (boot_modes[i].id == id)
219 return boot_modes[i].name;
223 static int image_boot_mode_id(const char *boot_mode_name)
227 for (i = 0; boot_modes[i].name; i++)
228 if (!strcmp(boot_modes[i].name, boot_mode_name))
229 return boot_modes[i].id;
234 static const char *image_nand_ecc_mode_name(unsigned int id)
238 for (i = 0; nand_ecc_modes[i].name; i++)
239 if (nand_ecc_modes[i].id == id)
240 return nand_ecc_modes[i].name;
245 static int image_nand_ecc_mode_id(const char *nand_ecc_mode_name)
249 for (i = 0; nand_ecc_modes[i].name; i++)
250 if (!strcmp(nand_ecc_modes[i].name, nand_ecc_mode_name))
251 return nand_ecc_modes[i].id;
255 static struct image_cfg_element *
256 image_find_option(unsigned int optiontype)
260 for (i = 0; i < cfgn; i++) {
261 if (image_cfg[i].type == optiontype)
262 return &image_cfg[i];
269 image_count_options(unsigned int optiontype)
272 unsigned int count = 0;
274 for (i = 0; i < cfgn; i++)
275 if (image_cfg[i].type == optiontype)
281 static int image_get_csk_index(void)
283 struct image_cfg_element *e;
285 e = image_find_option(IMAGE_CFG_CSK_INDEX);
292 static bool image_get_spezialized_img(void)
294 struct image_cfg_element *e;
296 e = image_find_option(IMAGE_CFG_SEC_SPECIALIZED_IMG);
300 return e->sec_specialized_img;
303 static int image_get_bootfrom(void)
305 struct image_cfg_element *e;
307 e = image_find_option(IMAGE_CFG_BOOT_FROM);
309 /* fallback to SPI if no BOOT_FROM is not provided */
310 return IBR_HDR_SPI_ID;
315 static int image_is_cpu_sheeva(void)
317 struct image_cfg_element *e;
319 e = image_find_option(IMAGE_CFG_CPU);
323 return e->cpu_sheeva;
327 * Compute a 8-bit checksum of a memory area. This algorithm follows
328 * the requirements of the Marvell SoC BootROM specifications.
330 static uint8_t image_checksum8(void *start, uint32_t len)
335 /* check len and return zero checksum if invalid */
348 * Verify checksum over a complete header that includes the checksum field.
349 * Return 1 when OK, otherwise 0.
351 static int main_hdr_checksum_ok(void *hdr)
353 /* Offsets of checksum in v0 and v1 headers are the same */
354 struct main_hdr_v0 *main_hdr = (struct main_hdr_v0 *)hdr;
357 checksum = image_checksum8(hdr, kwbheader_size_for_csum(hdr));
358 /* Calculated checksum includes the header checksum field. Compensate
361 checksum -= main_hdr->checksum;
363 return checksum == main_hdr->checksum;
366 static uint32_t image_checksum32(void *start, uint32_t len)
371 /* check len and return zero checksum if invalid */
375 if (len % sizeof(uint32_t)) {
376 fprintf(stderr, "Length %d is not in multiple of %zu\n",
377 len, sizeof(uint32_t));
384 len -= sizeof(uint32_t);
390 static unsigned int options_to_baudrate(uint8_t options)
392 switch (options & 0x7) {
393 case MAIN_HDR_V1_OPT_BAUD_2400:
395 case MAIN_HDR_V1_OPT_BAUD_4800:
397 case MAIN_HDR_V1_OPT_BAUD_9600:
399 case MAIN_HDR_V1_OPT_BAUD_19200:
401 case MAIN_HDR_V1_OPT_BAUD_38400:
403 case MAIN_HDR_V1_OPT_BAUD_57600:
405 case MAIN_HDR_V1_OPT_BAUD_115200:
407 case MAIN_HDR_V1_OPT_BAUD_DEFAULT:
413 static uint8_t baudrate_to_option(unsigned int baudrate)
417 return MAIN_HDR_V1_OPT_BAUD_2400;
419 return MAIN_HDR_V1_OPT_BAUD_4800;
421 return MAIN_HDR_V1_OPT_BAUD_9600;
423 return MAIN_HDR_V1_OPT_BAUD_19200;
425 return MAIN_HDR_V1_OPT_BAUD_38400;
427 return MAIN_HDR_V1_OPT_BAUD_57600;
429 return MAIN_HDR_V1_OPT_BAUD_115200;
431 return MAIN_HDR_V1_OPT_BAUD_DEFAULT;
435 static void kwb_msg(const char *fmt, ...)
441 vfprintf(stdout, fmt, ap);
446 static int openssl_err(const char *msg)
448 unsigned long ssl_err = ERR_get_error();
450 fprintf(stderr, "%s", msg);
451 fprintf(stderr, ": %s\n",
452 ERR_error_string(ssl_err, 0));
457 static int kwb_load_rsa_key(const char *keydir, const char *name, RSA **p_rsa)
466 snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
467 f = fopen(path, "r");
469 fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",
470 path, strerror(errno));
474 rsa = PEM_read_RSAPrivateKey(f, 0, NULL, "");
476 openssl_err("Failure reading private key");
486 static int kwb_load_cfg_key(struct image_tool_params *params,
487 unsigned int cfg_option, const char *key_name,
490 struct image_cfg_element *e_key;
496 e_key = image_find_option(cfg_option);
498 fprintf(stderr, "%s not configured\n", key_name);
502 res = kwb_load_rsa_key(params->keydir, e_key->key_name, &key);
504 fprintf(stderr, "Failed to load %s\n", key_name);
513 static int kwb_load_kak(struct image_tool_params *params, RSA **p_kak)
515 return kwb_load_cfg_key(params, IMAGE_CFG_KAK, "KAK", p_kak);
518 static int kwb_load_csk(struct image_tool_params *params, RSA **p_csk)
520 return kwb_load_cfg_key(params, IMAGE_CFG_CSK, "CSK", p_csk);
523 static int kwb_compute_pubkey_hash(struct pubkey_der_v1 *pk,
524 struct hash_v1 *hash)
527 unsigned int key_size;
528 unsigned int hash_size;
531 if (!pk || !hash || pk->key[0] != 0x30 || pk->key[1] != 0x82)
534 key_size = (pk->key[2] << 8) + pk->key[3] + 4;
536 ctx = EVP_MD_CTX_create();
538 return openssl_err("EVP context creation failed");
540 EVP_MD_CTX_init(ctx);
541 if (!EVP_DigestInit(ctx, EVP_sha256())) {
542 ret = openssl_err("Digest setup failed");
546 if (!EVP_DigestUpdate(ctx, pk->key, key_size)) {
547 ret = openssl_err("Hashing data failed");
551 if (!EVP_DigestFinal(ctx, hash->hash, &hash_size)) {
552 ret = openssl_err("Could not obtain hash");
556 EVP_MD_CTX_cleanup(ctx);
559 EVP_MD_CTX_destroy(ctx);
563 static int kwb_import_pubkey(RSA **key, struct pubkey_der_v1 *src, char *keyname)
566 const unsigned char *ptr;
572 rsa = d2i_RSAPublicKey(key, &ptr, sizeof(src->key));
574 openssl_err("error decoding public key");
580 fprintf(stderr, "Failed to decode %s pubkey\n", keyname);
584 static int kwb_export_pubkey(RSA *key, struct pubkey_der_v1 *dst, FILE *hashf,
587 int size_exp, size_mod, size_seq;
588 const BIGNUM *key_e, *key_n;
590 char *errmsg = "Failed to encode %s\n";
592 RSA_get0_key(key, NULL, &key_e, NULL);
593 RSA_get0_key(key, &key_n, NULL, NULL);
595 if (!key || !key_e || !key_n || !dst) {
596 fprintf(stderr, "export pk failed: (%p, %p, %p, %p)",
597 key, key_e, key_n, dst);
598 fprintf(stderr, errmsg, keyname);
603 * According to the specs, the key should be PKCS#1 DER encoded.
604 * But unfortunately the really required encoding seems to be different;
605 * it violates DER...! (But it still conformes to BER.)
606 * (Length always in long form w/ 2 byte length code; no leading zero
607 * when MSB of first byte is set...)
608 * So we cannot use the encoding func provided by OpenSSL and have to
609 * do the encoding manually.
612 size_exp = BN_num_bytes(key_e);
613 size_mod = BN_num_bytes(key_n);
614 size_seq = 4 + size_mod + 4 + size_exp;
616 if (size_mod > 256) {
617 fprintf(stderr, "export pk failed: wrong mod size: %d\n",
619 fprintf(stderr, errmsg, keyname);
623 if (4 + size_seq > sizeof(dst->key)) {
624 fprintf(stderr, "export pk failed: seq too large (%d, %zu)\n",
625 4 + size_seq, sizeof(dst->key));
626 fprintf(stderr, errmsg, keyname);
632 /* PKCS#1 (RFC3447) RSAPublicKey structure */
633 *cur++ = 0x30; /* SEQUENCE */
635 *cur++ = (size_seq >> 8) & 0xFF;
636 *cur++ = size_seq & 0xFF;
638 *cur++ = 0x02; /* INTEGER */
640 *cur++ = (size_mod >> 8) & 0xFF;
641 *cur++ = size_mod & 0xFF;
642 BN_bn2bin(key_n, cur);
645 *cur++ = 0x02; /* INTEGER */
647 *cur++ = (size_exp >> 8) & 0xFF;
648 *cur++ = size_exp & 0xFF;
649 BN_bn2bin(key_e, cur);
652 struct hash_v1 pk_hash;
656 ret = kwb_compute_pubkey_hash(dst, &pk_hash);
658 fprintf(stderr, errmsg, keyname);
662 fprintf(hashf, "SHA256 = ");
663 for (i = 0 ; i < sizeof(pk_hash.hash); ++i)
664 fprintf(hashf, "%02X", pk_hash.hash[i]);
665 fprintf(hashf, "\n");
671 static int kwb_sign(RSA *key, void *data, int datasz, struct sig_v1 *sig,
676 unsigned int sig_size;
680 evp_key = EVP_PKEY_new();
682 return openssl_err("EVP_PKEY object creation failed");
684 if (!EVP_PKEY_set1_RSA(evp_key, key)) {
685 ret = openssl_err("EVP key setup failed");
689 size = EVP_PKEY_size(evp_key);
690 if (size > sizeof(sig->sig)) {
691 fprintf(stderr, "Buffer to small for signature (%d bytes)\n",
697 ctx = EVP_MD_CTX_create();
699 ret = openssl_err("EVP context creation failed");
702 EVP_MD_CTX_init(ctx);
703 if (!EVP_SignInit(ctx, EVP_sha256())) {
704 ret = openssl_err("Signer setup failed");
708 if (!EVP_SignUpdate(ctx, data, datasz)) {
709 ret = openssl_err("Signing data failed");
713 if (!EVP_SignFinal(ctx, sig->sig, &sig_size, evp_key)) {
714 ret = openssl_err("Could not obtain signature");
718 EVP_MD_CTX_cleanup(ctx);
719 EVP_MD_CTX_destroy(ctx);
720 EVP_PKEY_free(evp_key);
725 EVP_MD_CTX_destroy(ctx);
727 EVP_PKEY_free(evp_key);
728 fprintf(stderr, "Failed to create %s signature\n", signame);
732 static int kwb_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
740 evp_key = EVP_PKEY_new();
742 return openssl_err("EVP_PKEY object creation failed");
744 if (!EVP_PKEY_set1_RSA(evp_key, key)) {
745 ret = openssl_err("EVP key setup failed");
749 size = EVP_PKEY_size(evp_key);
750 if (size > sizeof(sig->sig)) {
751 fprintf(stderr, "Invalid signature size (%d bytes)\n",
757 ctx = EVP_MD_CTX_create();
759 ret = openssl_err("EVP context creation failed");
762 EVP_MD_CTX_init(ctx);
763 if (!EVP_VerifyInit(ctx, EVP_sha256())) {
764 ret = openssl_err("Verifier setup failed");
768 if (!EVP_VerifyUpdate(ctx, data, datasz)) {
769 ret = openssl_err("Hashing data failed");
773 if (EVP_VerifyFinal(ctx, sig->sig, sizeof(sig->sig), evp_key) != 1) {
774 ret = openssl_err("Could not verify signature");
778 EVP_MD_CTX_cleanup(ctx);
779 EVP_MD_CTX_destroy(ctx);
780 EVP_PKEY_free(evp_key);
785 EVP_MD_CTX_destroy(ctx);
787 EVP_PKEY_free(evp_key);
788 fprintf(stderr, "Failed to verify %s signature\n", signame);
792 static int kwb_sign_and_verify(RSA *key, void *data, int datasz,
793 struct sig_v1 *sig, char *signame)
795 if (kwb_sign(key, data, datasz, sig, signame) < 0)
798 if (kwb_verify(key, data, datasz, sig, signame) < 0)
805 static int kwb_dump_fuse_cmds_38x(FILE *out, struct secure_hdr_v1 *sec_hdr)
807 struct hash_v1 kak_pub_hash;
808 struct image_cfg_element *e;
809 unsigned int fuse_line;
815 if (!out || !sec_hdr)
818 ret = kwb_compute_pubkey_hash(&sec_hdr->kak, &kak_pub_hash);
822 fprintf(out, "# burn KAK pub key hash\n");
823 ptr = kak_pub_hash.hash;
824 for (fuse_line = 26; fuse_line <= 30; ++fuse_line) {
825 fprintf(out, "fuse prog -y %u 0 ", fuse_line);
827 for (i = 4; i-- > 0;)
828 fprintf(out, "%02hx", (ushort)ptr[i]);
832 if (fuse_line < 30) {
833 for (i = 3; i-- > 0;)
834 fprintf(out, "%02hx", (ushort)ptr[i]);
837 fprintf(out, "000000");
840 fprintf(out, " 1\n");
843 fprintf(out, "# burn CSK selection\n");
845 idx = image_get_csk_index();
846 if (idx < 0 || idx > 15) {
851 for (fuse_line = 31; fuse_line < 31 + idx; ++fuse_line)
852 fprintf(out, "fuse prog -y %u 0 00000001 00000000 1\n",
855 fprintf(out, "# CSK index is 0; no mods needed\n");
858 e = image_find_option(IMAGE_CFG_BOX_ID);
860 fprintf(out, "# set box ID\n");
861 fprintf(out, "fuse prog -y 48 0 %08x 00000000 1\n", e->boxid);
864 e = image_find_option(IMAGE_CFG_FLASH_ID);
866 fprintf(out, "# set flash ID\n");
867 fprintf(out, "fuse prog -y 47 0 %08x 00000000 1\n", e->flashid);
870 fprintf(out, "# enable secure mode ");
871 fprintf(out, "(must be the last fuse line written)\n");
874 e = image_find_option(IMAGE_CFG_SEC_BOOT_DEV);
876 fprintf(stderr, "ERROR: secured mode boot device not given\n");
881 if (e->sec_boot_dev > 0xff) {
882 fprintf(stderr, "ERROR: secured mode boot device invalid\n");
887 val |= (e->sec_boot_dev << 8);
889 fprintf(out, "fuse prog -y 24 0 %08x 0103e0a9 1\n", val);
891 fprintf(out, "# lock (unused) fuse lines (0-23)s\n");
892 for (fuse_line = 0; fuse_line < 24; ++fuse_line)
893 fprintf(out, "fuse prog -y %u 2 1\n", fuse_line);
895 fprintf(out, "# OK, that's all :-)\n");
901 static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
904 struct image_cfg_element *e;
906 e = image_find_option(IMAGE_CFG_SEC_FUSE_DUMP);
910 if (!strcmp(e->name, "a38x")) {
911 FILE *out = fopen("kwb_fuses_a38x.txt", "w+");
914 fprintf(stderr, "Couldn't open eFuse settings: '%s': %s\n",
915 "kwb_fuses_a38x.txt", strerror(errno));
919 kwb_dump_fuse_cmds_38x(out, sec_hdr);
930 static size_t image_headersz_align(size_t headersz, uint8_t blockid)
933 * Header needs to be 4-byte aligned, which is already ensured by code
934 * above. Moreover UART images must have header aligned to 128 bytes
935 * (xmodem block size), NAND images to 256 bytes (ECC calculation),
936 * and SATA and SDIO images to 512 bytes (storage block size).
937 * Note that SPI images do not have to have header size aligned
938 * to 256 bytes because it is possible to read from SPI storage from
939 * any offset (read offset does not have to be aligned to block size).
941 if (blockid == IBR_HDR_UART_ID)
942 return ALIGN(headersz, 128);
943 else if (blockid == IBR_HDR_NAND_ID)
944 return ALIGN(headersz, 256);
945 else if (blockid == IBR_HDR_SATA_ID || blockid == IBR_HDR_SDIO_ID)
946 return ALIGN(headersz, 512);
951 static size_t image_headersz_v0(int *hasext)
955 headersz = sizeof(struct main_hdr_v0);
956 if (image_count_options(IMAGE_CFG_DATA) > 0) {
957 headersz += sizeof(struct ext_hdr_v0);
962 return image_headersz_align(headersz, image_get_bootfrom());
965 static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
968 struct image_cfg_element *e;
970 struct main_hdr_v0 *main_hdr;
975 * Calculate the size of the header and the size of the
978 headersz = image_headersz_v0(&has_ext);
980 image = malloc(headersz);
982 fprintf(stderr, "Cannot allocate memory for image\n");
986 memset(image, 0, headersz);
988 main_hdr = (struct main_hdr_v0 *)image;
990 /* Fill in the main header */
991 main_hdr->blocksize =
992 cpu_to_le32(payloadsz);
993 main_hdr->srcaddr = cpu_to_le32(headersz);
994 main_hdr->ext = has_ext;
995 main_hdr->version = 0;
996 main_hdr->destaddr = cpu_to_le32(params->addr);
997 main_hdr->execaddr = cpu_to_le32(params->ep);
998 main_hdr->blockid = image_get_bootfrom();
1000 e = image_find_option(IMAGE_CFG_NAND_ECC_MODE);
1002 main_hdr->nandeccmode = e->nandeccmode;
1003 e = image_find_option(IMAGE_CFG_NAND_BLKSZ);
1005 main_hdr->nandblocksize = e->nandblksz / (64 * 1024);
1006 e = image_find_option(IMAGE_CFG_NAND_PAGESZ);
1008 main_hdr->nandpagesize = cpu_to_le16(e->nandpagesz);
1009 e = image_find_option(IMAGE_CFG_NAND_BADBLK_LOCATION);
1011 main_hdr->nandbadblklocation = e->nandbadblklocation;
1012 main_hdr->checksum = image_checksum8(image,
1013 sizeof(struct main_hdr_v0));
1016 * For SATA srcaddr is specified in number of sectors.
1017 * This expects the sector size to be 512 bytes.
1018 * Header size is already aligned.
1020 if (main_hdr->blockid == IBR_HDR_SATA_ID)
1021 main_hdr->srcaddr = cpu_to_le32(headersz / 512);
1023 /* For PCIe srcaddr is not used and must be set to 0xFFFFFFFF. */
1024 if (main_hdr->blockid == IBR_HDR_PEX_ID)
1025 main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
1027 /* Generate the ext header */
1029 struct ext_hdr_v0 *ext_hdr;
1032 ext_hdr = (struct ext_hdr_v0 *)
1033 (image + sizeof(struct main_hdr_v0));
1034 ext_hdr->offset = cpu_to_le32(0x40);
1036 for (cfgi = 0, datai = 0; cfgi < cfgn; cfgi++) {
1037 e = &image_cfg[cfgi];
1038 if (e->type != IMAGE_CFG_DATA)
1041 ext_hdr->rcfg[datai].raddr =
1042 cpu_to_le32(e->regdata.raddr);
1043 ext_hdr->rcfg[datai].rdata =
1044 cpu_to_le32(e->regdata.rdata);
1048 ext_hdr->checksum = image_checksum8(ext_hdr,
1049 sizeof(struct ext_hdr_v0));
1052 *imagesz = headersz;
1056 static size_t image_headersz_v1(int *hasext)
1058 struct image_cfg_element *e;
1067 * Calculate the size of the header and the size of the
1070 headersz = sizeof(struct main_hdr_v1);
1072 if (image_get_csk_index() >= 0) {
1073 headersz += sizeof(struct secure_hdr_v1);
1078 cpu_sheeva = image_is_cpu_sheeva();
1081 for (cfgi = 0; cfgi < cfgn; cfgi++) {
1082 e = &image_cfg[cfgi];
1084 if (e->type == IMAGE_CFG_DATA)
1087 if (e->type == IMAGE_CFG_DATA_DELAY ||
1088 (e->type == IMAGE_CFG_BINARY && count > 0)) {
1089 headersz += sizeof(struct register_set_hdr_v1) + 8 * count + 4;
1093 if (e->type != IMAGE_CFG_BINARY)
1096 ret = stat(e->binary.file, &s);
1101 memset(cwd, 0, sizeof(cwd));
1102 if (!getcwd(cwd, sizeof(cwd))) {
1103 dir = "current working directory";
1104 perror("getcwd() failed");
1108 "Didn't find the file '%s' in '%s' which is mandatory to generate the image\n"
1109 "This file generally contains the DDR3 training code, and should be extracted from an existing bootable\n"
1110 "image for your board. Use 'dumpimage -T kwbimage -p 1' to extract it from an existing image.\n",
1111 e->binary.file, dir);
1115 headersz += sizeof(struct opt_hdr_v1) + sizeof(uint32_t) +
1116 (e->binary.nargs) * sizeof(uint32_t);
1118 if (e->binary.loadaddr) {
1120 * BootROM loads kwbimage header (in which the
1121 * executable code is also stored) to address
1122 * 0x40004000 or 0x40000000. Thus there is
1123 * restriction for the load address of the N-th
1126 unsigned int base_addr, low_addr, high_addr;
1128 base_addr = cpu_sheeva ? 0x40004000 : 0x40000000;
1129 low_addr = base_addr + headersz;
1130 high_addr = low_addr +
1131 (BINARY_MAX_ARGS - e->binary.nargs) * sizeof(uint32_t);
1133 if (cpu_sheeva && e->binary.loadaddr % 16) {
1135 "Invalid LOAD_ADDRESS 0x%08x for BINARY %s with %d args.\n"
1136 "Address for CPU SHEEVA must be 16-byte aligned.\n",
1137 e->binary.loadaddr, e->binary.file, e->binary.nargs);
1141 if (e->binary.loadaddr % 4 || e->binary.loadaddr < low_addr ||
1142 e->binary.loadaddr > high_addr) {
1144 "Invalid LOAD_ADDRESS 0x%08x for BINARY %s with %d args.\n"
1145 "Address must be 4-byte aligned and in range 0x%08x-0x%08x.\n",
1146 e->binary.loadaddr, e->binary.file,
1147 e->binary.nargs, low_addr, high_addr);
1150 headersz = e->binary.loadaddr - base_addr;
1151 } else if (cpu_sheeva) {
1152 headersz = ALIGN(headersz, 16);
1154 headersz = ALIGN(headersz, 4);
1157 headersz += ALIGN(s.st_size, 4) + sizeof(uint32_t);
1163 headersz += sizeof(struct register_set_hdr_v1) + 8 * count + 4;
1165 return image_headersz_align(headersz, image_get_bootfrom());
1168 static int add_binary_header_v1(uint8_t **cur, uint8_t **next_ext,
1169 struct image_cfg_element *binarye,
1170 struct main_hdr_v1 *main_hdr)
1172 struct opt_hdr_v1 *hdr = (struct opt_hdr_v1 *)*cur;
1184 hdr->headertype = OPT_HDR_V1_BINARY_TYPE;
1186 bin = fopen(binarye->binary.file, "r");
1188 fprintf(stderr, "Cannot open binary file %s\n",
1189 binarye->binary.file);
1193 if (fstat(fileno(bin), &s)) {
1194 fprintf(stderr, "Cannot stat binary file %s\n",
1195 binarye->binary.file);
1199 *cur += sizeof(struct opt_hdr_v1);
1201 args = (uint32_t *)*cur;
1202 *args = cpu_to_le32(binarye->binary.nargs);
1204 for (argi = 0; argi < binarye->binary.nargs; argi++)
1205 args[argi] = cpu_to_le32(binarye->binary.args[argi]);
1207 *cur += (binarye->binary.nargs + 1) * sizeof(uint32_t);
1210 * ARM executable code inside the BIN header on platforms with Sheeva
1211 * CPU (A370 and AXP) must always be aligned with the 128-bit boundary.
1212 * In the case when this code is not position independent (e.g. ARM
1213 * SPL), it must be placed at fixed load and execute address.
1214 * This requirement can be met by inserting dummy arguments into
1215 * BIN header, if needed.
1217 cpu_sheeva = image_is_cpu_sheeva();
1218 base_addr = cpu_sheeva ? 0x40004000 : 0x40000000;
1219 offset = *cur - (uint8_t *)main_hdr;
1220 if (binarye->binary.loadaddr)
1221 add_args = (binarye->binary.loadaddr - base_addr - offset) / sizeof(uint32_t);
1222 else if (cpu_sheeva)
1223 add_args = ((16 - offset % 16) % 16) / sizeof(uint32_t);
1227 *(args - 1) = cpu_to_le32(binarye->binary.nargs + add_args);
1228 *cur += add_args * sizeof(uint32_t);
1231 ret = fread(*cur, s.st_size, 1, bin);
1234 "Could not read binary image %s\n",
1235 binarye->binary.file);
1241 *cur += ALIGN(s.st_size, 4);
1243 *((uint32_t *)*cur) = 0x00000000;
1247 *cur += sizeof(uint32_t);
1249 binhdrsz = sizeof(struct opt_hdr_v1) +
1250 (binarye->binary.nargs + add_args + 2) * sizeof(uint32_t) +
1251 ALIGN(s.st_size, 4);
1252 hdr->headersz_lsb = cpu_to_le16(binhdrsz & 0xFFFF);
1253 hdr->headersz_msb = (binhdrsz & 0xFFFF0000) >> 16;
1263 static int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
1268 hashf = fopen("pub_kak_hash.txt", "w");
1270 fprintf(stderr, "Couldn't open hash file: '%s': %s\n",
1271 "pub_kak_hash.txt", strerror(errno));
1275 res = kwb_export_pubkey(kak, &secure_hdr->kak, hashf, "KAK");
1279 return res < 0 ? 1 : 0;
1282 static int kwb_sign_csk_with_kak(struct image_tool_params *params,
1283 struct secure_hdr_v1 *secure_hdr, RSA *csk)
1286 RSA *kak_pub = NULL;
1287 int csk_idx = image_get_csk_index();
1288 struct sig_v1 tmp_sig;
1290 if (csk_idx < 0 || csk_idx > 15) {
1291 fprintf(stderr, "Invalid CSK index %d\n", csk_idx);
1295 if (kwb_load_kak(params, &kak) < 0)
1298 if (export_pub_kak_hash(kak, secure_hdr))
1301 if (kwb_import_pubkey(&kak_pub, &secure_hdr->kak, "KAK") < 0)
1304 if (kwb_export_pubkey(csk, &secure_hdr->csk[csk_idx], NULL, "CSK") < 0)
1307 if (kwb_sign_and_verify(kak, &secure_hdr->csk,
1308 sizeof(secure_hdr->csk) +
1309 sizeof(secure_hdr->csksig),
1310 &tmp_sig, "CSK") < 0)
1313 if (kwb_verify(kak_pub, &secure_hdr->csk,
1314 sizeof(secure_hdr->csk) +
1315 sizeof(secure_hdr->csksig),
1316 &tmp_sig, "CSK (2)") < 0)
1319 secure_hdr->csksig = tmp_sig;
1324 static int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
1325 int payloadsz, size_t headersz, uint8_t *image,
1326 struct secure_hdr_v1 *secure_hdr)
1328 struct image_cfg_element *e_jtagdelay;
1329 struct image_cfg_element *e_boxid;
1330 struct image_cfg_element *e_flashid;
1332 unsigned char *image_ptr;
1334 struct sig_v1 tmp_sig;
1335 bool specialized_img = image_get_spezialized_img();
1337 kwb_msg("Create secure header content\n");
1339 e_jtagdelay = image_find_option(IMAGE_CFG_JTAG_DELAY);
1340 e_boxid = image_find_option(IMAGE_CFG_BOX_ID);
1341 e_flashid = image_find_option(IMAGE_CFG_FLASH_ID);
1343 if (kwb_load_csk(params, &csk) < 0)
1346 secure_hdr->headertype = OPT_HDR_V1_SECURE_TYPE;
1347 secure_hdr->headersz_msb = 0;
1348 secure_hdr->headersz_lsb = cpu_to_le16(sizeof(struct secure_hdr_v1));
1350 secure_hdr->jtag_delay = e_jtagdelay->jtag_delay;
1351 if (e_boxid && specialized_img)
1352 secure_hdr->boxid = cpu_to_le32(e_boxid->boxid);
1353 if (e_flashid && specialized_img)
1354 secure_hdr->flashid = cpu_to_le32(e_flashid->flashid);
1356 if (kwb_sign_csk_with_kak(params, secure_hdr, csk))
1359 image_ptr = ptr + headersz;
1360 image_size = payloadsz - headersz;
1362 if (kwb_sign_and_verify(csk, image_ptr, image_size,
1363 &secure_hdr->imgsig, "image") < 0)
1366 if (kwb_sign_and_verify(csk, image, headersz, &tmp_sig, "header") < 0)
1369 secure_hdr->hdrsig = tmp_sig;
1371 kwb_dump_fuse_cmds(secure_hdr);
1376 static void finish_register_set_header_v1(uint8_t **cur, uint8_t **next_ext,
1377 struct register_set_hdr_v1 *register_set_hdr,
1378 int *datai, uint8_t delay)
1380 int size = sizeof(struct register_set_hdr_v1) + 8 * (*datai) + 4;
1382 register_set_hdr->headertype = OPT_HDR_V1_REGISTER_TYPE;
1383 register_set_hdr->headersz_lsb = cpu_to_le16(size & 0xFFFF);
1384 register_set_hdr->headersz_msb = size >> 16;
1385 register_set_hdr->data[*datai].last_entry.delay = delay;
1388 *next_ext = ®ister_set_hdr->data[*datai].last_entry.next;
1392 static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
1393 uint8_t *ptr, int payloadsz)
1395 struct image_cfg_element *e;
1396 struct main_hdr_v1 *main_hdr;
1397 struct opt_hdr_v1 *ohdr;
1398 struct register_set_hdr_v1 *register_set_hdr;
1399 struct secure_hdr_v1 *secure_hdr = NULL;
1401 uint8_t *image, *cur;
1403 uint8_t *next_ext = NULL;
1408 * Calculate the size of the header and the size of the
1411 headersz = image_headersz_v1(&hasext);
1415 image = malloc(headersz);
1417 fprintf(stderr, "Cannot allocate memory for image\n");
1421 memset(image, 0, headersz);
1423 main_hdr = (struct main_hdr_v1 *)image;
1425 cur += sizeof(struct main_hdr_v1);
1426 next_ext = &main_hdr->ext;
1428 /* Fill the main header */
1429 main_hdr->blocksize =
1430 cpu_to_le32(payloadsz);
1431 main_hdr->headersz_lsb = cpu_to_le16(headersz & 0xFFFF);
1432 main_hdr->headersz_msb = (headersz & 0xFFFF0000) >> 16;
1433 main_hdr->destaddr = cpu_to_le32(params->addr);
1434 main_hdr->execaddr = cpu_to_le32(params->ep);
1435 main_hdr->srcaddr = cpu_to_le32(headersz);
1436 main_hdr->ext = hasext;
1437 main_hdr->version = 1;
1438 main_hdr->blockid = image_get_bootfrom();
1440 e = image_find_option(IMAGE_CFG_NAND_BLKSZ);
1442 main_hdr->nandblocksize = e->nandblksz / (64 * 1024);
1443 e = image_find_option(IMAGE_CFG_NAND_PAGESZ);
1445 main_hdr->nandpagesize = cpu_to_le16(e->nandpagesz);
1446 e = image_find_option(IMAGE_CFG_NAND_BADBLK_LOCATION);
1448 main_hdr->nandbadblklocation = e->nandbadblklocation;
1449 e = image_find_option(IMAGE_CFG_BAUDRATE);
1451 main_hdr->options |= baudrate_to_option(e->baudrate);
1452 e = image_find_option(IMAGE_CFG_UART_PORT);
1454 main_hdr->options |= (e->uart_port & 3) << 3;
1455 e = image_find_option(IMAGE_CFG_UART_MPP);
1457 main_hdr->options |= (e->uart_mpp & 7) << 5;
1458 e = image_find_option(IMAGE_CFG_DEBUG);
1460 main_hdr->flags = e->debug ? 0x1 : 0;
1463 * For SATA srcaddr is specified in number of sectors.
1464 * This expects the sector size to be 512 bytes.
1465 * Header size is already aligned.
1467 if (main_hdr->blockid == IBR_HDR_SATA_ID)
1468 main_hdr->srcaddr = cpu_to_le32(headersz / 512);
1470 /* For PCIe srcaddr is not used and must be set to 0xFFFFFFFF. */
1471 if (main_hdr->blockid == IBR_HDR_PEX_ID)
1472 main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
1474 if (image_get_csk_index() >= 0) {
1476 * only reserve the space here; we fill the header later since
1477 * we need the header to be complete to compute the signatures
1479 secure_hdr = (struct secure_hdr_v1 *)cur;
1480 cur += sizeof(struct secure_hdr_v1);
1482 next_ext = &secure_hdr->next;
1486 for (cfgi = 0; cfgi < cfgn; cfgi++) {
1487 e = &image_cfg[cfgi];
1488 if (e->type != IMAGE_CFG_DATA &&
1489 e->type != IMAGE_CFG_DATA_DELAY &&
1490 e->type != IMAGE_CFG_BINARY)
1494 register_set_hdr = (struct register_set_hdr_v1 *)cur;
1496 /* If delay is not specified, use the smallest possible value. */
1497 if (e->type == IMAGE_CFG_DATA_DELAY)
1498 delay = e->regdata_delay;
1500 delay = REGISTER_SET_HDR_OPT_DELAY_MS(0);
1503 * DATA_DELAY command is the last entry in the register set
1504 * header and BINARY command inserts new binary header.
1505 * Therefore BINARY command requires to finish register set
1506 * header if some DATA command was specified. And DATA_DELAY
1507 * command automatically finish register set header even when
1508 * there was no DATA command.
1510 if (e->type == IMAGE_CFG_DATA_DELAY ||
1511 (e->type == IMAGE_CFG_BINARY && datai != 0))
1512 finish_register_set_header_v1(&cur, &next_ext, register_set_hdr,
1515 if (e->type == IMAGE_CFG_DATA) {
1516 register_set_hdr->data[datai].entry.address =
1517 cpu_to_le32(e->regdata.raddr);
1518 register_set_hdr->data[datai].entry.value =
1519 cpu_to_le32(e->regdata.rdata);
1523 if (e->type == IMAGE_CFG_BINARY) {
1524 if (add_binary_header_v1(&cur, &next_ext, e, main_hdr))
1529 /* Set delay to the smallest possible value. */
1530 delay = REGISTER_SET_HDR_OPT_DELAY_MS(0);
1531 finish_register_set_header_v1(&cur, &next_ext, register_set_hdr,
1535 if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz + headersz,
1536 headersz, image, secure_hdr))
1539 *imagesz = headersz;
1541 /* Fill the real header size without padding into the main header */
1542 headersz = sizeof(*main_hdr);
1543 for_each_opt_hdr_v1 (ohdr, main_hdr)
1544 headersz += opt_hdr_v1_size(ohdr);
1545 main_hdr->headersz_lsb = cpu_to_le16(headersz & 0xFFFF);
1546 main_hdr->headersz_msb = (headersz & 0xFFFF0000) >> 16;
1548 /* Calculate and set the header checksum */
1549 main_hdr->checksum = image_checksum8(main_hdr, headersz);
1554 static int recognize_keyword(char *keyword)
1558 for (kw_id = 1; kw_id < IMAGE_CFG_COUNT; ++kw_id)
1559 if (!strcmp(keyword, id_strs[kw_id]))
1565 static int image_create_config_parse_oneline(char *line,
1566 struct image_cfg_element *el)
1568 char *keyword, *saveptr, *value1, *value2;
1569 char delimiters[] = " \t";
1570 int keyword_id, ret, argi;
1571 char *unknown_msg = "Ignoring unknown line '%s'\n";
1573 keyword = strtok_r(line, delimiters, &saveptr);
1574 keyword_id = recognize_keyword(keyword);
1577 fprintf(stderr, unknown_msg, line);
1581 el->type = keyword_id;
1583 value1 = strtok_r(NULL, delimiters, &saveptr);
1586 fprintf(stderr, "Parameter missing in line '%s'\n", line);
1590 switch (keyword_id) {
1591 case IMAGE_CFG_VERSION:
1592 el->version = atoi(value1);
1595 if (strcmp(value1, "FEROCEON") == 0)
1597 else if (strcmp(value1, "SHEEVA") == 0)
1599 else if (strcmp(value1, "A9") == 0)
1602 fprintf(stderr, "Invalid CPU %s\n", value1);
1606 case IMAGE_CFG_BOOT_FROM:
1607 ret = image_boot_mode_id(value1);
1610 fprintf(stderr, "Invalid boot media '%s'\n", value1);
1615 case IMAGE_CFG_NAND_BLKSZ:
1616 el->nandblksz = strtoul(value1, NULL, 16);
1618 case IMAGE_CFG_NAND_BADBLK_LOCATION:
1619 el->nandbadblklocation = strtoul(value1, NULL, 16);
1621 case IMAGE_CFG_NAND_ECC_MODE:
1622 ret = image_nand_ecc_mode_id(value1);
1625 fprintf(stderr, "Invalid NAND ECC mode '%s'\n", value1);
1628 el->nandeccmode = ret;
1630 case IMAGE_CFG_NAND_PAGESZ:
1631 el->nandpagesz = strtoul(value1, NULL, 16);
1633 case IMAGE_CFG_BINARY:
1636 el->binary.file = strdup(value1);
1638 char *value = strtok_r(NULL, delimiters, &saveptr);
1644 if (!strcmp(value, "LOAD_ADDRESS")) {
1645 value = strtok_r(NULL, delimiters, &saveptr);
1648 "Missing address argument for BINARY LOAD_ADDRESS\n");
1651 el->binary.loadaddr = strtoul(value, &endptr, 16);
1654 "Invalid argument '%s' for BINARY LOAD_ADDRESS\n",
1658 value = strtok_r(NULL, delimiters, &saveptr);
1661 "Unexpected argument '%s' after BINARY LOAD_ADDRESS\n",
1668 el->binary.args[argi] = strtoul(value, &endptr, 16);
1670 fprintf(stderr, "Invalid argument '%s' for BINARY\n", value);
1674 if (argi >= BINARY_MAX_ARGS) {
1676 "Too many arguments for BINARY\n");
1680 el->binary.nargs = argi;
1682 case IMAGE_CFG_DATA:
1683 value2 = strtok_r(NULL, delimiters, &saveptr);
1685 if (!value1 || !value2) {
1687 "Invalid number of arguments for DATA\n");
1691 el->regdata.raddr = strtoul(value1, NULL, 16);
1692 el->regdata.rdata = strtoul(value2, NULL, 16);
1694 case IMAGE_CFG_DATA_DELAY:
1695 if (!strcmp(value1, "SDRAM_SETUP"))
1696 el->regdata_delay = REGISTER_SET_HDR_OPT_DELAY_SDRAM_SETUP;
1698 el->regdata_delay = REGISTER_SET_HDR_OPT_DELAY_MS(strtoul(value1, NULL, 10));
1699 if (el->regdata_delay > 255) {
1700 fprintf(stderr, "Maximal DATA_DELAY is 255\n");
1704 case IMAGE_CFG_BAUDRATE:
1705 el->baudrate = strtoul(value1, NULL, 10);
1707 case IMAGE_CFG_UART_PORT:
1708 el->uart_port = strtoul(value1, NULL, 16);
1710 case IMAGE_CFG_UART_MPP:
1711 el->uart_mpp = strtoul(value1, NULL, 16);
1713 case IMAGE_CFG_DEBUG:
1714 el->debug = strtoul(value1, NULL, 10);
1717 el->key_name = strdup(value1);
1720 el->key_name = strdup(value1);
1722 case IMAGE_CFG_CSK_INDEX:
1723 el->csk_idx = strtol(value1, NULL, 0);
1725 case IMAGE_CFG_JTAG_DELAY:
1726 el->jtag_delay = strtoul(value1, NULL, 0);
1728 case IMAGE_CFG_BOX_ID:
1729 el->boxid = strtoul(value1, NULL, 0);
1731 case IMAGE_CFG_FLASH_ID:
1732 el->flashid = strtoul(value1, NULL, 0);
1734 case IMAGE_CFG_SEC_SPECIALIZED_IMG:
1735 el->sec_specialized_img = true;
1737 case IMAGE_CFG_SEC_COMMON_IMG:
1738 el->sec_specialized_img = false;
1740 case IMAGE_CFG_SEC_BOOT_DEV:
1741 el->sec_boot_dev = strtoul(value1, NULL, 0);
1743 case IMAGE_CFG_SEC_FUSE_DUMP:
1744 el->name = strdup(value1);
1747 fprintf(stderr, unknown_msg, line);
1754 * Parse the configuration file 'fcfg' into the array of configuration
1755 * elements 'image_cfg', and return the number of configuration
1756 * elements in 'cfgn'.
1758 static int image_create_config_parse(FILE *fcfg)
1763 /* Parse the configuration file */
1764 while (!feof(fcfg)) {
1768 /* Read the current line */
1769 memset(buf, 0, sizeof(buf));
1770 line = fgets(buf, sizeof(buf), fcfg);
1774 /* Ignore useless lines */
1775 if (line[0] == '\n' || line[0] == '#')
1778 /* Strip final newline */
1779 if (line[strlen(line) - 1] == '\n')
1780 line[strlen(line) - 1] = 0;
1782 /* Parse the current line */
1783 ret = image_create_config_parse_oneline(line,
1790 if (cfgi >= IMAGE_CFG_ELEMENT_MAX) {
1792 "Too many configuration elements in .cfg file\n");
1801 static int image_get_version(void)
1803 struct image_cfg_element *e;
1805 e = image_find_option(IMAGE_CFG_VERSION);
1812 static void kwbimage_set_header(void *ptr, struct stat *sbuf, int ifd,
1813 struct image_tool_params *params)
1818 size_t headersz = 0;
1825 * Do not use sbuf->st_size as it contains size with padding.
1826 * We need original image data size, so stat original file.
1828 if (stat(params->datafile, &s)) {
1829 fprintf(stderr, "Could not stat data file %s: %s\n",
1830 params->datafile, strerror(errno));
1833 datasz = ALIGN(s.st_size, 4);
1835 fcfg = fopen(params->imagename, "r");
1837 fprintf(stderr, "Could not open input file %s\n",
1842 image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
1843 sizeof(struct image_cfg_element));
1845 fprintf(stderr, "Cannot allocate memory\n");
1850 memset(image_cfg, 0,
1851 IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
1854 ret = image_create_config_parse(fcfg);
1861 version = image_get_version();
1864 * Fallback to version 0 if no version is provided in the
1869 image = image_create_v0(&headersz, params, datasz + 4);
1873 image = image_create_v1(&headersz, params, ptr, datasz + 4);
1877 fprintf(stderr, "Unsupported version %d\n", version);
1883 fprintf(stderr, "Could not create image\n");
1890 /* Build and add image data checksum */
1891 checksum = cpu_to_le32(image_checksum32((uint8_t *)ptr + headersz,
1893 memcpy((uint8_t *)ptr + headersz + datasz, &checksum, sizeof(uint32_t));
1895 /* Finally copy the header into the image area */
1896 memcpy(ptr, image, headersz);
1901 static void kwbimage_print_header(const void *ptr)
1903 struct main_hdr_v0 *mhdr = (struct main_hdr_v0 *)ptr;
1904 struct bin_hdr_v0 *bhdr;
1905 struct opt_hdr_v1 *ohdr;
1907 printf("Image Type: MVEBU Boot from %s Image\n",
1908 image_boot_mode_name(mhdr->blockid));
1909 printf("Image version:%d\n", kwbimage_version(ptr));
1911 for_each_opt_hdr_v1 (ohdr, mhdr) {
1912 if (ohdr->headertype == OPT_HDR_V1_BINARY_TYPE) {
1913 printf("BIN Img Size: ");
1914 genimg_print_size(opt_hdr_v1_size(ohdr) - 12 -
1916 printf("BIN Img Offs: %08x\n",
1917 (unsigned)((uint8_t *)ohdr - (uint8_t *)mhdr) +
1918 8 + 4 * ohdr->data[0]);
1922 for_each_bin_hdr_v0(bhdr, mhdr) {
1923 printf("BIN Img Size: ");
1924 genimg_print_size(le32_to_cpu(bhdr->size));
1925 printf("BIN Img Addr: %08x\n", le32_to_cpu(bhdr->destaddr));
1926 printf("BIN Img Entr: %08x\n", le32_to_cpu(bhdr->execaddr));
1929 printf("Data Size: ");
1930 genimg_print_size(mhdr->blocksize - sizeof(uint32_t));
1931 printf("Load Address: %08x\n", mhdr->destaddr);
1932 printf("Entry Point: %08x\n", mhdr->execaddr);
1935 static int kwbimage_check_image_types(uint8_t type)
1937 if (type == IH_TYPE_KWBIMAGE)
1938 return EXIT_SUCCESS;
1940 return EXIT_FAILURE;
1943 static int kwbimage_verify_header(unsigned char *ptr, int image_size,
1944 struct image_tool_params *params)
1946 size_t header_size = kwbheader_size(ptr);
1952 if (header_size > 192*1024)
1953 return -FDT_ERR_BADSTRUCTURE;
1955 if (header_size > image_size)
1956 return -FDT_ERR_BADSTRUCTURE;
1958 if (!main_hdr_checksum_ok(ptr))
1959 return -FDT_ERR_BADSTRUCTURE;
1961 /* Only version 0 extended header has checksum */
1962 if (kwbimage_version(ptr) == 0) {
1963 struct main_hdr_v0 *mhdr = (struct main_hdr_v0 *)ptr;
1964 struct ext_hdr_v0 *ext_hdr;
1965 struct bin_hdr_v0 *bhdr;
1967 for_each_ext_hdr_v0(ext_hdr, ptr) {
1968 csum = image_checksum8(ext_hdr, sizeof(*ext_hdr) - 1);
1969 if (csum != ext_hdr->checksum)
1970 return -FDT_ERR_BADSTRUCTURE;
1973 for_each_bin_hdr_v0(bhdr, ptr) {
1974 csum = image_checksum8(bhdr, (uint8_t *)&bhdr->checksum - (uint8_t *)bhdr - 1);
1975 if (csum != bhdr->checksum)
1976 return -FDT_ERR_BADSTRUCTURE;
1978 if (bhdr->offset > sizeof(*bhdr) || bhdr->offset % 4 != 0)
1979 return -FDT_ERR_BADSTRUCTURE;
1981 if (bhdr->offset + bhdr->size + 4 > sizeof(*bhdr) || bhdr->size % 4 != 0)
1982 return -FDT_ERR_BADSTRUCTURE;
1984 if (image_checksum32((uint8_t *)bhdr + bhdr->offset, bhdr->size) !=
1985 *(uint32_t *)((uint8_t *)bhdr + bhdr->offset + bhdr->size))
1986 return -FDT_ERR_BADSTRUCTURE;
1989 blockid = mhdr->blockid;
1990 offset = le32_to_cpu(mhdr->srcaddr);
1991 size = le32_to_cpu(mhdr->blocksize);
1992 } else if (kwbimage_version(ptr) == 1) {
1993 struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr;
1994 const uint8_t *mhdr_end;
1995 struct opt_hdr_v1 *ohdr;
1997 mhdr_end = (uint8_t *)mhdr + header_size;
1998 for_each_opt_hdr_v1 (ohdr, ptr)
1999 if (!opt_hdr_v1_valid_size(ohdr, mhdr_end))
2000 return -FDT_ERR_BADSTRUCTURE;
2002 blockid = mhdr->blockid;
2003 offset = le32_to_cpu(mhdr->srcaddr);
2004 size = le32_to_cpu(mhdr->blocksize);
2006 return -FDT_ERR_BADSTRUCTURE;
2010 * For SATA srcaddr is specified in number of sectors.
2011 * This expects that sector size is 512 bytes.
2013 if (blockid == IBR_HDR_SATA_ID)
2017 * For PCIe srcaddr is always set to 0xFFFFFFFF.
2018 * This expects that data starts after all headers.
2020 if (blockid == IBR_HDR_PEX_ID && offset == 0xFFFFFFFF)
2021 offset = header_size;
2023 if (offset > image_size || offset % 4 != 0)
2024 return -FDT_ERR_BADSTRUCTURE;
2026 if (size < 4 || offset + size > image_size || size % 4 != 0)
2027 return -FDT_ERR_BADSTRUCTURE;
2029 if (image_checksum32(ptr + offset, size - 4) !=
2030 *(uint32_t *)(ptr + offset + size - 4))
2031 return -FDT_ERR_BADSTRUCTURE;
2036 static int kwbimage_generate(struct image_tool_params *params,
2037 struct image_type_params *tparams)
2047 fcfg = fopen(params->imagename, "r");
2049 fprintf(stderr, "Could not open input file %s\n",
2054 if (stat(params->datafile, &s)) {
2055 fprintf(stderr, "Could not stat data file %s: %s\n",
2056 params->datafile, strerror(errno));
2060 image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
2061 sizeof(struct image_cfg_element));
2063 fprintf(stderr, "Cannot allocate memory\n");
2068 memset(image_cfg, 0,
2069 IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
2072 ret = image_create_config_parse(fcfg);
2079 bootfrom = image_get_bootfrom();
2080 version = image_get_version();
2083 * Fallback to version 0 if no version is provided in the
2088 alloc_len = image_headersz_v0(NULL);
2092 alloc_len = image_headersz_v1(NULL);
2097 if (alloc_len > 192*1024) {
2098 fprintf(stderr, "Header is too big (%u bytes), maximal kwbimage header size is %u bytes\n", alloc_len, 192*1024);
2105 fprintf(stderr, "Unsupported version %d\n", version);
2112 hdr = malloc(alloc_len);
2114 fprintf(stderr, "%s: malloc return failure: %s\n",
2115 params->cmdname, strerror(errno));
2119 memset(hdr, 0, alloc_len);
2120 tparams->header_size = alloc_len;
2124 * The resulting image needs to be 4-byte aligned. At least
2125 * the Marvell hdrparser tool complains if its unaligned.
2126 * After the image data is stored 4-byte checksum.
2127 * Final UART image must be aligned to 128 bytes.
2128 * Final SPI and NAND images must be aligned to 256 bytes.
2129 * Final SATA and SDIO images must be aligned to 512 bytes.
2131 if (bootfrom == IBR_HDR_SPI_ID || bootfrom == IBR_HDR_NAND_ID)
2132 return 4 + (256 - (alloc_len + s.st_size + 4) % 256) % 256;
2133 else if (bootfrom == IBR_HDR_SATA_ID || bootfrom == IBR_HDR_SDIO_ID)
2134 return 4 + (512 - (alloc_len + s.st_size + 4) % 512) % 512;
2135 else if (bootfrom == IBR_HDR_UART_ID)
2136 return 4 + (128 - (alloc_len + s.st_size + 4) % 128) % 128;
2138 return 4 + (4 - s.st_size % 4) % 4;
2141 static int kwbimage_generate_config(void *ptr, struct image_tool_params *params)
2143 struct main_hdr_v0 *mhdr0 = (struct main_hdr_v0 *)ptr;
2144 struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr;
2145 size_t header_size = kwbheader_size(ptr);
2146 struct register_set_hdr_v1 *regset_hdr;
2147 struct ext_hdr_v0_reg *regdata;
2148 struct ext_hdr_v0 *ehdr0;
2149 struct bin_hdr_v0 *bhdr0;
2150 struct opt_hdr_v1 *ohdr;
2159 f = fopen(params->outfile, "w");
2161 fprintf(stderr, "Can't open \"%s\": %s\n", params->outfile, strerror(errno));
2165 version = kwbimage_version(ptr);
2169 if (mhdr0->ext > 1 || mhdr0->bin ||
2170 ((ehdr0 = ext_hdr_v0_first(ptr)) &&
2171 (ehdr0->match_addr || ehdr0->match_mask || ehdr0->match_value)))
2176 fprintf(f, "VERSION %d\n", version);
2178 fprintf(f, "BOOT_FROM %s\n", image_boot_mode_name(mhdr->blockid) ?: "<unknown>");
2180 if (version == 0 && mhdr->blockid == IBR_HDR_NAND_ID)
2181 fprintf(f, "NAND_ECC_MODE %s\n", image_nand_ecc_mode_name(mhdr0->nandeccmode));
2183 if (mhdr->blockid == IBR_HDR_NAND_ID)
2184 fprintf(f, "NAND_PAGE_SIZE 0x%x\n", (unsigned)mhdr->nandpagesize);
2186 if (version != 0 && mhdr->blockid == IBR_HDR_NAND_ID)
2187 fprintf(f, "NAND_BLKSZ 0x%x\n", (unsigned)mhdr->nandblocksize);
2189 if (mhdr->blockid == IBR_HDR_NAND_ID && (mhdr->nandbadblklocation != 0 || is_v0_ext))
2190 fprintf(f, "NAND_BADBLK_LOCATION 0x%x\n", (unsigned)mhdr->nandbadblklocation);
2192 if (version == 0 && mhdr->blockid == IBR_HDR_SATA_ID)
2193 fprintf(f, "SATA_PIO_MODE %u\n", (unsigned)mhdr0->satapiomode);
2196 * Addresses and sizes which are specified by mkimage command line
2197 * arguments and not in kwbimage config file
2201 fprintf(f, "#HEADER_SIZE 0x%x\n",
2202 ((unsigned)mhdr->headersz_msb << 8) | le16_to_cpu(mhdr->headersz_lsb));
2204 fprintf(f, "#SRC_ADDRESS 0x%x\n", le32_to_cpu(mhdr->srcaddr));
2205 fprintf(f, "#BLOCK_SIZE 0x%x\n", le32_to_cpu(mhdr->blocksize));
2206 fprintf(f, "#DEST_ADDRESS 0x%08x\n", le32_to_cpu(mhdr->destaddr));
2207 fprintf(f, "#EXEC_ADDRESS 0x%08x\n", le32_to_cpu(mhdr->execaddr));
2210 if (options_to_baudrate(mhdr->options))
2211 fprintf(f, "BAUDRATE %u\n", options_to_baudrate(mhdr->options));
2212 if (options_to_baudrate(mhdr->options) ||
2213 ((mhdr->options >> 3) & 0x3) || ((mhdr->options >> 5) & 0x7)) {
2214 fprintf(f, "UART_PORT %u\n", (unsigned)((mhdr->options >> 3) & 0x3));
2215 fprintf(f, "UART_MPP 0x%x\n", (unsigned)((mhdr->options >> 5) & 0x7));
2217 if (mhdr->flags & 0x1)
2218 fprintf(f, "DEBUG 1\n");
2222 for_each_opt_hdr_v1(ohdr, ptr) {
2223 if (ohdr->headertype == OPT_HDR_V1_SECURE_TYPE) {
2224 fprintf(f, "#SECURE_HEADER\n");
2225 } else if (ohdr->headertype == OPT_HDR_V1_BINARY_TYPE) {
2226 fprintf(f, "BINARY binary%d.bin", cur_idx);
2227 for (i = 0; i < ohdr->data[0]; i++)
2228 fprintf(f, " 0x%x", le32_to_cpu(((uint32_t *)ohdr->data)[i + 1]));
2229 offset = (unsigned)((uint8_t *)ohdr - (uint8_t *)mhdr) + 8 + 4 * ohdr->data[0];
2230 fprintf(f, " LOAD_ADDRESS 0x%08x\n", 0x40000000 + offset);
2231 fprintf(f, " # for CPU SHEEVA: LOAD_ADDRESS 0x%08x\n", 0x40004000 + offset);
2233 } else if (ohdr->headertype == OPT_HDR_V1_REGISTER_TYPE) {
2234 regset_hdr = (struct register_set_hdr_v1 *)ohdr;
2236 i < opt_hdr_v1_size(ohdr) - sizeof(struct opt_hdr_v1) -
2237 sizeof(regset_hdr->data[0].last_entry);
2239 fprintf(f, "DATA 0x%08x 0x%08x\n",
2240 le32_to_cpu(regset_hdr->data[i].entry.address),
2241 le32_to_cpu(regset_hdr->data[i].entry.value));
2242 if (opt_hdr_v1_size(ohdr) - sizeof(struct opt_hdr_v1) >=
2243 sizeof(regset_hdr->data[0].last_entry)) {
2244 if (regset_hdr->data[0].last_entry.delay)
2245 fprintf(f, "DATA_DELAY %u\n",
2246 (unsigned)regset_hdr->data[0].last_entry.delay);
2248 fprintf(f, "DATA_DELAY SDRAM_SETUP\n");
2253 if (version == 0 && !is_v0_ext && le16_to_cpu(mhdr0->ddrinitdelay))
2254 fprintf(f, "DDR_INIT_DELAY %u\n", (unsigned)le16_to_cpu(mhdr0->ddrinitdelay));
2256 for_each_ext_hdr_v0(ehdr0, ptr) {
2258 fprintf(f, "\nMATCH ADDRESS 0x%08x MASK 0x%08x VALUE 0x%08x\n",
2259 le32_to_cpu(ehdr0->match_addr),
2260 le32_to_cpu(ehdr0->match_mask),
2261 le32_to_cpu(ehdr0->match_value));
2262 if (ehdr0->rsvd1[0] || ehdr0->rsvd1[1] || ehdr0->rsvd1[2] ||
2263 ehdr0->rsvd1[3] || ehdr0->rsvd1[4] || ehdr0->rsvd1[5] ||
2264 ehdr0->rsvd1[6] || ehdr0->rsvd1[7])
2265 fprintf(f, "#DDR_RSVD1 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n",
2266 ehdr0->rsvd1[0], ehdr0->rsvd1[1], ehdr0->rsvd1[2],
2267 ehdr0->rsvd1[3], ehdr0->rsvd1[4], ehdr0->rsvd1[5],
2268 ehdr0->rsvd1[6], ehdr0->rsvd1[7]);
2269 if (ehdr0->rsvd2[0] || ehdr0->rsvd2[1] || ehdr0->rsvd2[2] ||
2270 ehdr0->rsvd2[3] || ehdr0->rsvd2[4] || ehdr0->rsvd2[5] ||
2272 fprintf(f, "#DDR_RSVD2 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n",
2273 ehdr0->rsvd2[0], ehdr0->rsvd2[1], ehdr0->rsvd2[2],
2274 ehdr0->rsvd2[3], ehdr0->rsvd2[4], ehdr0->rsvd2[5],
2276 if (ehdr0->ddrwritetype)
2277 fprintf(f, "DDR_WRITE_TYPE %u\n", (unsigned)ehdr0->ddrwritetype);
2278 if (ehdr0->ddrresetmpp)
2279 fprintf(f, "DDR_RESET_MPP 0x%x\n", (unsigned)ehdr0->ddrresetmpp);
2280 if (ehdr0->ddrclkenmpp)
2281 fprintf(f, "DDR_CLKEN_MPP 0x%x\n", (unsigned)ehdr0->ddrclkenmpp);
2282 if (ehdr0->ddrinitdelay)
2283 fprintf(f, "DDR_INIT_DELAY %u\n", (unsigned)ehdr0->ddrinitdelay);
2286 if (ehdr0->offset) {
2287 for (regdata = (struct ext_hdr_v0_reg *)((uint8_t *)ptr + ehdr0->offset);
2288 (uint8_t *)regdata < (uint8_t *)ptr + header_size &&
2289 (regdata->raddr || regdata->rdata);
2291 fprintf(f, "DATA 0x%08x 0x%08x\n", le32_to_cpu(regdata->raddr),
2292 le32_to_cpu(regdata->rdata));
2293 if ((uint8_t *)regdata != (uint8_t *)ptr + ehdr0->offset)
2294 fprintf(f, "DATA 0x0 0x0\n");
2297 if (le32_to_cpu(ehdr0->enddelay))
2298 fprintf(f, "DATA_DELAY %u\n", le32_to_cpu(ehdr0->enddelay));
2300 fprintf(f, "DATA_DELAY SDRAM_SETUP\n");
2304 for_each_bin_hdr_v0(bhdr0, ptr) {
2305 fprintf(f, "\nMATCH ADDRESS 0x%08x MASK 0x%08x VALUE 0x%08x\n",
2306 le32_to_cpu(bhdr0->match_addr),
2307 le32_to_cpu(bhdr0->match_mask),
2308 le32_to_cpu(bhdr0->match_value));
2310 fprintf(f, "BINARY binary%d.bin", cur_idx);
2311 params_count = fls4(bhdr0->params_flags & 0xF);
2312 for (i = 0; i < params_count; i++)
2313 fprintf(f, " 0x%x", (bhdr0->params[i] & (1 << i)) ? bhdr0->params[i] : 0);
2314 fprintf(f, " LOAD_ADDRESS 0x%08x", le32_to_cpu(bhdr0->destaddr));
2315 fprintf(f, " EXEC_ADDRESS 0x%08x", le32_to_cpu(bhdr0->execaddr));
2318 fprintf(f, "#BINARY_OFFSET 0x%x\n", le32_to_cpu(bhdr0->offset));
2319 fprintf(f, "#BINARY_SIZE 0x%x\n", le32_to_cpu(bhdr0->size));
2322 fprintf(f, "#BINARY_RSVD1 0x%x\n", (unsigned)bhdr0->rsvd1);
2324 fprintf(f, "#BINARY_RSVD2 0x%x\n", (unsigned)bhdr0->rsvd2);
2329 /* Undocumented reserved fields */
2331 if (version == 0 && (mhdr0->rsvd1[0] || mhdr0->rsvd1[1] || mhdr0->rsvd1[2]))
2332 fprintf(f, "#RSVD1 0x%x 0x%x 0x%x\n", (unsigned)mhdr0->rsvd1[0],
2333 (unsigned)mhdr0->rsvd1[1], (unsigned)mhdr0->rsvd1[2]);
2335 if (version == 0 && le16_to_cpu(mhdr0->rsvd2))
2336 fprintf(f, "#RSVD2 0x%x\n", (unsigned)le16_to_cpu(mhdr0->rsvd2));
2338 if (version != 0 && mhdr->reserved4)
2339 fprintf(f, "#RESERVED4 0x%x\n", (unsigned)mhdr->reserved4);
2341 if (version != 0 && mhdr->reserved5)
2342 fprintf(f, "#RESERVED5 0x%x\n", (unsigned)le16_to_cpu(mhdr->reserved5));
2349 static int kwbimage_extract_subimage(void *ptr, struct image_tool_params *params)
2351 struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr;
2352 size_t header_size = kwbheader_size(ptr);
2353 struct bin_hdr_v0 *bhdr;
2354 struct opt_hdr_v1 *ohdr;
2355 int idx = params->pflag;
2361 /* Generate kwbimage config file when '-p -1' is specified */
2363 return kwbimage_generate_config(ptr, params);
2369 /* Extract data image when -p is not specified or when '-p 0' is specified */
2370 offset = le32_to_cpu(mhdr->srcaddr);
2372 if (mhdr->blockid == IBR_HDR_SATA_ID)
2375 if (mhdr->blockid == IBR_HDR_PEX_ID && offset == 0xFFFFFFFF)
2376 offset = header_size;
2378 image = (ulong)((uint8_t *)ptr + offset);
2379 size = le32_to_cpu(mhdr->blocksize) - 4;
2381 /* Extract N-th binary header executabe image when other '-p N' is specified */
2383 for_each_opt_hdr_v1(ohdr, ptr) {
2384 if (ohdr->headertype != OPT_HDR_V1_BINARY_TYPE)
2387 if (idx == cur_idx) {
2388 image = (ulong)&ohdr->data[4 + 4 * ohdr->data[0]];
2389 size = opt_hdr_v1_size(ohdr) - 12 - 4 * ohdr->data[0];
2395 for_each_bin_hdr_v0(bhdr, ptr) {
2396 if (idx == cur_idx) {
2397 image = (ulong)bhdr + bhdr->offset;
2405 fprintf(stderr, "Argument -p %d is invalid\n", idx);
2406 fprintf(stderr, "Available subimages:\n");
2407 fprintf(stderr, " -p -1 - kwbimage config file\n");
2408 fprintf(stderr, " -p 0 - data image\n");
2409 if (cur_idx - 1 > 0)
2410 fprintf(stderr, " -p N - Nth binary header image (totally: %d)\n",
2416 return imagetool_save_subimage(params->outfile, image, size);
2420 * Report Error if xflag is set in addition to default
2422 static int kwbimage_check_params(struct image_tool_params *params)
2424 if (!params->lflag && !params->iflag && !params->pflag &&
2425 (!params->imagename || !strlen(params->imagename))) {
2426 char *msg = "Configuration file for kwbimage creation omitted";
2428 fprintf(stderr, "Error:%s - %s\n", params->cmdname, msg);
2432 return (params->dflag && (params->fflag || params->lflag)) ||
2433 (params->fflag && (params->dflag || params->lflag)) ||
2434 (params->lflag && (params->dflag || params->fflag)) ||
2439 * kwbimage type parameters definition
2443 "Marvell MVEBU Boot Image support",
2446 kwbimage_check_params,
2447 kwbimage_verify_header,
2448 kwbimage_print_header,
2449 kwbimage_set_header,
2450 kwbimage_extract_subimage,
2451 kwbimage_check_image_types,
projects / platform / kernel / u-boot.git / blob