X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=board%2Ffreescale%2Fcommon%2Ffsl_validate.c;h=3424d49208fe2f1c6c3ddc386ebab0bff070aced;hb=6cc04547cb3bbd3a3d78947f200acbae19e3c67f;hp=2b723a4b9cb995af5f4398412010aa9dde8387d1;hpb=c14d4b0051df5f569fa33d9937af1db267ed6d34;p=platform%2Fkernel%2Fu-boot.git

diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index 2b723a4..3424d49 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -1,23 +1,25 @@
+// SPDX-License-Identifier: GPL-2.0+
 /*
  * Copyright 2015 Freescale Semiconductor, Inc.
- *
- * SPDX-License-Identifier:	GPL-2.0+
+ * Copyright 2021-2022 NXP
  */
 
 #include <common.h>
+#include <dm.h>
 #include <fsl_validate.h>
 #include <fsl_secboot_err.h>
 #include <fsl_sfp.h>
 #include <fsl_sec.h>
 #include <command.h>
+#include <log.h>
 #include <malloc.h>
-#include <dm/uclass.h>
 #include <u-boot/rsa-mod-exp.h>
 #include <hash.h>
 #include <fsl_secboot_err.h>
-#ifdef CONFIG_LS102XA
+#ifdef CONFIG_ARCH_LS1021A
 #include <asm/arch/immap_ls102xa.h>
 #endif
+#include <dm/lists.h>
 
 #define SHA256_BITS	256
 #define SHA256_BYTES	(256/8)
@@ -27,6 +29,10 @@
 #define CHECK_KEY_LEN(key_len)	(((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
 				 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
 				 ((key_len) == 2 * KEY_SIZE_BYTES))
+#if defined(CONFIG_FSL_ISBC_KEY_EXT)
+/* Global data structure */
+static struct fsl_secboot_glb glb;
+#endif
 
 /* This array contains DER value for SHA-256 */
 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
@@ -60,7 +66,7 @@ self:
 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
 static u32 check_ie(struct fsl_secboot_img_priv *img)
 {
-	if (img->hdr.ie_flag)
+	if (img->hdr.ie_flag & IE_FLAG_MASK)
 		return 1;
 
 	return 0;
@@ -73,9 +79,11 @@ static u32 check_ie(struct fsl_secboot_img_priv *img)
  * address
  */
 #if defined(CONFIG_MPC85xx)
+#include <flash.h>
+
 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
 {
-	struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
+	struct ccsr_gur __iomem *gur = (void *)(CFG_SYS_MPC85xx_GUTS_ADDR);
 	u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
 	u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
 	u32 flash_addr, addr;
@@ -106,7 +114,7 @@ int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
  */
 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
 {
-	struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
+	struct ccsr_gur __iomem *gur = (void *)(CFG_SYS_FSL_GUTS_ADDR);
 	u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
 
 	if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
@@ -119,7 +127,21 @@ int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
 }
 #endif
 
-static int get_ie_info_addr(u32 *ie_addr)
+#if defined(CONFIG_ESBC_HDR_LS)
+static int get_ie_info_addr(uintptr_t *ie_addr)
+{
+	struct ccsr_gur __iomem *gur = (void *)(CFG_SYS_FSL_GUTS_ADDR);
+	/* For LS-CH3, the address of IE Table is
+	 * stated in Scratch13 and scratch14 of DCFG.
+	 * Bootrom validates this table while validating uboot.
+	 * DCFG is LE*/
+	*ie_addr = in_le32(&gur->scratchrw[SCRATCH_IE_HIGH_ADR - 1]);
+	*ie_addr = *ie_addr << 32;
+	*ie_addr |= in_le32(&gur->scratchrw[SCRATCH_IE_LOW_ADR - 1]);
+	return 0;
+}
+#else /* CONFIG_ESBC_HDR_LS */
+static int get_ie_info_addr(uintptr_t *ie_addr)
 {
 	struct fsl_secboot_img_hdr *hdr;
 	struct fsl_secboot_sg_table *sg_tbl;
@@ -147,16 +169,17 @@ static int get_ie_info_addr(u32 *ie_addr)
 
 	/* IE Key Table is the first entry in the SG Table */
 #if defined(CONFIG_MPC85xx)
-	*ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
-		   flash_base_addr;
+	*ie_addr = (uintptr_t)((sg_tbl->src_addr &
+			~(CONFIG_SYS_PBI_FLASH_BASE)) +
+			flash_base_addr);
 #else
-	*ie_addr = sg_tbl->src_addr;
+	*ie_addr = (uintptr_t)sg_tbl->src_addr;
 #endif
 
-	debug("IE Table address is %x\n", *ie_addr);
+	debug("IE Table address is %lx\n", *ie_addr);
 	return 0;
 }
-
+#endif /* CONFIG_ESBC_HDR_LS */
 #endif
 
 #ifdef CONFIG_KEY_REVOCATION
@@ -164,7 +187,10 @@ static int get_ie_info_addr(u32 *ie_addr)
 static u32 check_srk(struct fsl_secboot_img_priv *img)
 {
 #ifdef CONFIG_ESBC_HDR_LS
-	/* In LS, No SRK Flag as SRK is always present*/
+	/* In LS, No SRK Flag as SRK is always present if IE not present*/
+#if defined(CONFIG_FSL_ISBC_KEY_EXT)
+	return !check_ie(img);
+#endif
 	return 1;
 #else
 	if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
@@ -253,14 +279,29 @@ static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
 #endif /* CONFIG_ESBC_HDR_LS */
 
 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
+
+static void install_ie_tbl(uintptr_t ie_tbl_addr,
+		struct fsl_secboot_img_priv *img)
+{
+	/* Copy IE tbl to Global Data */
+	memcpy(&glb.ie_tbl, (u8 *)ie_tbl_addr, sizeof(struct ie_key_info));
+	img->ie_addr = (uintptr_t)&glb.ie_tbl;
+	glb.ie_addr = img->ie_addr;
+}
+
 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
 {
 	struct fsl_secboot_img_hdr *hdr = &img->hdr;
 	u32 ie_key_len, ie_revoc_flag, ie_num;
 	struct ie_key_info *ie_info;
 
-	if (get_ie_info_addr(&img->ie_addr))
-		return ERROR_IE_TABLE_NOT_FOUND;
+	if (!img->ie_addr) {
+		if (get_ie_info_addr(&img->ie_addr))
+			return ERROR_IE_TABLE_NOT_FOUND;
+		else
+			install_ie_tbl(img->ie_addr, img);
+		}
+
 	ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
 	if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
 		return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
@@ -356,6 +397,7 @@ static void fsl_secboot_bootscript_parse_failure(void)
  */
 void fsl_secboot_handle_error(int error)
 {
+#ifndef CONFIG_SPL_BUILD
 	const struct fsl_secboot_errcode *e;
 
 	for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
@@ -363,6 +405,9 @@ void fsl_secboot_handle_error(int error)
 		if (e->errcode == error)
 			printf("ERROR :: %x :: %s\n", error, e->name);
 	}
+#else
+	printf("ERROR :: %x\n", error);
+#endif
 
 	/* If Boot Mode is secure, transition the SNVS state and issue
 	 * reset based on type of failure and ITS setting.
@@ -458,7 +503,6 @@ static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
 	ret = algo->hash_init(algo, &ctx);
 	if (ret)
 		return ret;
-
 	/* Update hash for ESBC key */
 #ifdef CONFIG_KEY_REVOCATION
 	if (check_srk(img)) {
@@ -473,12 +517,12 @@ static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
 			img->img_key, img->key_len, 1);
 	if (ret)
 		return ret;
-
 	/* Copy hash at destination buffer */
 	ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
-
+	}
 	for (i = 0; i < SHA256_BYTES; i++)
 		img->img_key_hash[i] = hash_val[i];
 
@@ -541,9 +585,10 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
 #endif
 	if (ret)
 		return ret;
-	if (!key_hash)
+	if (!key_hash) {
+		free(ctx);
 		return ERROR_KEY_TABLE_NOT_FOUND;
-
+	}
 	/* Update hash for actual Image */
 	ret = algo->hash_update(algo, ctx,
 		(u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
@@ -552,9 +597,10 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
 
 	/* Copy hash at destination buffer */
 	ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
-	if (ret)
+	if (ret) {
+		free(ctx);
 		return ret;
-
+	}
 	return 0;
 }
 
@@ -725,7 +771,7 @@ static inline int str2longbe(const char *p, ulong *num)
 	if (!p) {
 		return 0;
 	} else {
-		tmp = simple_strtoul(p, &endptr, 16);
+		tmp = hextoul(p, &endptr);
 		if (sizeof(ulong) == 4)
 			*num = cpu_to_be32(tmp);
 		else
@@ -762,6 +808,13 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
 	prop.num_bits = key_len * 8;
 	prop.exp_len = key_len;
 
+#if defined(CONFIG_SPL_BUILD)
+	ret = device_bind_driver(NULL, "fsl_rsa_mod_exp", "fsl_rsa_mod_exp", NULL);
+	if (ret) {
+		printf("Couldn't bind fsl_rsa_mod_exp driver (%d)\n", ret);
+		return -EINVAL;
+	}
+#endif
 	ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
 	if (ret) {
 		printf("RSA: Can't find Modular Exp implementation\n");
@@ -786,6 +839,26 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
 
 	return 0;
 }
+/* Function to initialize img priv and global data structure
+ */
+static int secboot_init(struct fsl_secboot_img_priv **img_ptr)
+{
+	*img_ptr = malloc(sizeof(struct fsl_secboot_img_priv));
+
+	struct fsl_secboot_img_priv *img = *img_ptr;
+
+	if (!img)
+		return -ENOMEM;
+	memset(img, 0, sizeof(struct fsl_secboot_img_priv));
+
+#if defined(CONFIG_FSL_ISBC_KEY_EXT)
+	if (glb.ie_addr)
+		img->ie_addr = glb.ie_addr;
+#endif
+	return 0;
+}
+
+
 /* haddr - Address of the header of image to be validated.
  * arg_hash_str - Option hash string. If provided, this
  * overrides the key hash in the SFP fuses.
@@ -807,7 +880,7 @@ int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
 	int ret, i, hash_cmd = 0;
 	u32 srk_hash[8];
 
-	if (arg_hash_str != NULL) {
+	if (strlen(arg_hash_str) != 0) {
 		const char *cp = arg_hash_str;
 		int i = 0;
 
@@ -839,12 +912,9 @@ int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
 		hash_cmd = 1;
 	}
 
-	img = malloc(sizeof(struct fsl_secboot_img_priv));
-
-	if (!img)
-		return -1;
-
-	memset(img, 0, sizeof(struct fsl_secboot_img_priv));
+	ret = secboot_init(&img);
+	if (ret)
+		goto exit;
 
 	/* Update the information in Private Struct */
 	hdr = &img->hdr;
@@ -899,5 +969,7 @@ int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
 	}
 
 exit:
+	/* Free Img as it was malloc'ed*/
+	free(img);
 	return ret;
 }