X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=include%2Fimage.h;h=97e5f2eb24d6c5222608bdb3de536c7a0d5003e7;hb=d2e5250be49fce4653689c41a5dc7e2d7e7ecf33;hp=aeb0d37ac0212b752df3534ea38c58e8aaca51d6;hpb=3f2e3c7845df11ca8359a6cc804bfd6eb5ce215b;p=platform%2Fkernel%2Fu-boot.git diff --git a/include/image.h b/include/image.h index aeb0d37..97e5f2e 100644 --- a/include/image.h +++ b/include/image.h @@ -25,21 +25,8 @@ struct fdt_region; #ifdef USE_HOSTCC #include +#include -/* new uImage format support enabled on host */ -#define IMAGE_ENABLE_FIT 1 -#define IMAGE_ENABLE_OF_LIBFDT 1 -#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ -#define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1 -#define CONFIG_FIT_ENABLE_SHA256_SUPPORT -#define CONFIG_FIT_ENABLE_SHA384_SUPPORT -#define CONFIG_FIT_ENABLE_SHA512_SUPPORT -#define CONFIG_SHA1 -#define CONFIG_SHA256 -#define CONFIG_SHA384 -#define CONFIG_SHA512 - -#define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" #else @@ -47,88 +34,16 @@ struct fdt_region; #include #include #include +#include -/* Take notice of the 'ignore' property for hashes */ -#define IMAGE_ENABLE_IGNORE 1 #define IMAGE_INDENT_STRING " " -#define IMAGE_ENABLE_FIT CONFIG_IS_ENABLED(FIT) -#define IMAGE_ENABLE_OF_LIBFDT CONFIG_IS_ENABLED(OF_LIBFDT) - #endif /* USE_HOSTCC */ -#if IMAGE_ENABLE_FIT #include #include #include -# ifdef CONFIG_SPL_BUILD -# ifdef CONFIG_SPL_CRC32_SUPPORT -# define IMAGE_ENABLE_CRC32 1 -# endif -# ifdef CONFIG_SPL_MD5_SUPPORT -# define IMAGE_ENABLE_MD5 1 -# endif -# ifdef CONFIG_SPL_SHA1_SUPPORT -# define IMAGE_ENABLE_SHA1 1 -# endif -# else -# define IMAGE_ENABLE_CRC32 1 -# define IMAGE_ENABLE_MD5 1 -# define IMAGE_ENABLE_SHA1 1 -# endif - -#ifndef IMAGE_ENABLE_CRC32 -#define IMAGE_ENABLE_CRC32 0 -#endif - -#ifndef IMAGE_ENABLE_MD5 -#define IMAGE_ENABLE_MD5 0 -#endif - -#ifndef IMAGE_ENABLE_SHA1 -#define IMAGE_ENABLE_SHA1 0 -#endif - -#if defined(CONFIG_FIT_ENABLE_SHA256_SUPPORT) || \ - defined(CONFIG_SPL_SHA256_SUPPORT) -#define IMAGE_ENABLE_SHA256 1 -#else -#define IMAGE_ENABLE_SHA256 0 -#endif - -#if defined(CONFIG_FIT_ENABLE_SHA384_SUPPORT) || \ - defined(CONFIG_SPL_SHA384_SUPPORT) -#define IMAGE_ENABLE_SHA384 1 -#else -#define IMAGE_ENABLE_SHA384 0 -#endif - -#if defined(CONFIG_FIT_ENABLE_SHA512_SUPPORT) || \ - defined(CONFIG_SPL_SHA512_SUPPORT) -#define IMAGE_ENABLE_SHA512 1 -#else -#define IMAGE_ENABLE_SHA512 0 -#endif - -#endif /* IMAGE_ENABLE_FIT */ - -#ifdef CONFIG_SYS_BOOT_GET_CMDLINE -# define IMAGE_BOOT_GET_CMDLINE 1 -#else -# define IMAGE_BOOT_GET_CMDLINE 0 -#endif - -#ifdef CONFIG_OF_BOARD_SETUP -# define IMAGE_OF_BOARD_SETUP 1 -#else -# define IMAGE_OF_BOARD_SETUP 0 -#endif - -#ifdef CONFIG_OF_SYSTEM_SETUP -# define IMAGE_OF_SYSTEM_SETUP 1 -#else -# define IMAGE_OF_SYSTEM_SETUP 0 -#endif +#include extern ulong image_load_addr; /* Default Load Address */ extern ulong image_save_addr; /* Default Save Address */ @@ -383,7 +298,11 @@ typedef struct bootm_headers { image_header_t legacy_hdr_os_copy; /* header copy */ ulong legacy_hdr_valid; -#if IMAGE_ENABLE_FIT + /* + * The fit_ members are only used with FIT, but it involves a lot of + * #ifdefs to avoid compiling that code. Since FIT is the standard + * format, even for SPL, this extra data size seems worth it. + */ const char *fit_uname_cfg; /* configuration node unit name */ void *fit_hdr_os; /* os FIT image header */ @@ -401,7 +320,6 @@ typedef struct bootm_headers { void *fit_hdr_setup; /* x86 setup FIT image header */ const char *fit_uname_setup; /* x86 setup subimage node name */ int fit_noffset_setup;/* x86 setup subimage node offset */ -#endif #ifndef USE_HOSTCC image_info_t os; /* os image info */ @@ -434,7 +352,7 @@ typedef struct bootm_headers { #define BOOTM_STATE_OS_GO (0x00000400) int state; -#ifdef CONFIG_LMB +#if defined(CONFIG_LMB) && !defined(USE_HOSTCC) struct lmb lmb; /* for memory mgmt */ #endif } bootm_headers_t; @@ -504,7 +422,7 @@ const char *genimg_get_os_name(uint8_t os); * genimg_get_os_short_name() - get the short name for an OS * * @param os OS (IH_OS_...) - * @return OS short name, or "unknown" if unknown + * Return: OS short name, or "unknown" if unknown */ const char *genimg_get_os_short_name(uint8_t comp); @@ -514,7 +432,7 @@ const char *genimg_get_arch_name(uint8_t arch); * genimg_get_arch_short_name() - get the short name for an architecture * * @param arch Architecture type (IH_ARCH_...) - * @return architecture short name, or "unknown" if unknown + * Return: architecture short name, or "unknown" if unknown */ const char *genimg_get_arch_short_name(uint8_t arch); @@ -524,7 +442,7 @@ const char *genimg_get_type_name(uint8_t type); * genimg_get_type_short_name() - get the short name for an image type * * @param type Image type (IH_TYPE_...) - * @return image short name, or "unknown" if unknown + * Return: image short name, or "unknown" if unknown */ const char *genimg_get_type_short_name(uint8_t type); @@ -534,7 +452,7 @@ const char *genimg_get_comp_name(uint8_t comp); * genimg_get_comp_short_name() - get the short name for a compression method * * @param comp compression method (IH_COMP_...) - * @return compression method short name, or "unknown" if unknown + * Return: compression method short name, or "unknown" if unknown */ const char *genimg_get_comp_short_name(uint8_t comp); @@ -543,7 +461,7 @@ const char *genimg_get_comp_short_name(uint8_t comp); * * @category: Category of item * @id: Item ID - * @return name of item, or "Unknown ..." if unknown + * Return: name of item, or "Unknown ..." if unknown */ const char *genimg_get_cat_name(enum ih_category category, uint id); @@ -552,7 +470,7 @@ const char *genimg_get_cat_name(enum ih_category category, uint id); * * @category: Category of item * @id: Item ID - * @return short name of item, or "Unknown ..." if unknown + * Return: short name of item, or "Unknown ..." if unknown */ const char *genimg_get_cat_short_name(enum ih_category category, uint id); @@ -560,7 +478,7 @@ const char *genimg_get_cat_short_name(enum ih_category category, uint id); * genimg_get_cat_count() - Get the number of items in a category * * @category: Category to check - * @return the number of items in the category (IH_xxx_COUNT) + * Return: the number of items in the category (IH_xxx_COUNT) */ int genimg_get_cat_count(enum ih_category category); @@ -568,7 +486,7 @@ int genimg_get_cat_count(enum ih_category category); * genimg_get_cat_desc() - Get the description of a category * * @category: Category to check - * @return the description of a category, e.g. "architecture". This + * Return: the description of a category, e.g. "architecture". This * effectively converts the enum to a string. */ const char *genimg_get_cat_desc(enum ih_category category); @@ -578,7 +496,7 @@ const char *genimg_get_cat_desc(enum ih_category category); * * @category: Category to check * @id: Item ID - * @return true or false as to whether a category has an item + * Return: true or false as to whether a category has an item */ bool genimg_cat_has_id(enum ih_category category, uint id); @@ -588,8 +506,7 @@ int genimg_get_type_id(const char *name); int genimg_get_comp_id(const char *name); void genimg_print_size(uint32_t size); -#if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || \ - defined(USE_HOSTCC) +#if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || defined(USE_HOSTCC) #define IMAGE_ENABLE_TIMESTAMP 1 #else #define IMAGE_ENABLE_TIMESTAMP 0 @@ -607,12 +524,9 @@ enum fit_load_op { int boot_get_setup(bootm_headers_t *images, uint8_t arch, ulong *setup_start, ulong *setup_len); -#ifndef USE_HOSTCC /* Image format types, returned by _get_format() routine */ #define IMAGE_FORMAT_INVALID 0x00 -#if defined(CONFIG_LEGACY_IMAGE_FORMAT) #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */ -#endif #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */ #define IMAGE_FORMAT_ANDROID 0x03 /* Android boot image */ @@ -651,7 +565,6 @@ int boot_get_ramdisk(int argc, char *const argv[], bootm_headers_t *images, */ int boot_get_loadable(int argc, char *const argv[], bootm_headers_t *images, uint8_t arch, const ulong *ld_start, ulong *const ld_len); -#endif /* !USE_HOSTCC */ int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch, ulong *setup_start, ulong *setup_len); @@ -675,7 +588,7 @@ int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch, * @param datap Returns address of loaded image * @param lenp Returns length of loaded image * - * @return node offset of base image, or -ve error code on error + * Return: node offset of base image, or -ve error code on error */ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, const char **fit_unamep, const char **fit_uname_configp, @@ -709,7 +622,7 @@ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, * @param load_op Decribes what to do with the load address * @param datap Returns address of loaded image * @param lenp Returns length of loaded image - * @return node offset of image, or -ve error code on error + * Return: node offset of image, or -ve error code on error */ int fit_image_load(bootm_headers_t *images, ulong addr, const char **fit_unamep, const char **fit_uname_configp, @@ -724,11 +637,10 @@ int fit_image_load(bootm_headers_t *images, ulong addr, * * @addr: Address of script * @fit_uname: FIT subimage name - * @return result code (enum command_ret_t) + * Return: result code (enum command_ret_t) */ int image_source_script(ulong addr, const char *fit_uname); -#ifndef USE_HOSTCC /** * fit_get_node_from_config() - Look up an image a FIT by type * @@ -768,10 +680,7 @@ int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size); int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len, ulong *initrd_start, ulong *initrd_end); int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end); -#ifdef CONFIG_SYS_BOOT_GET_KBD int boot_get_kbd(struct lmb *lmb, struct bd_info **kbd); -#endif /* CONFIG_SYS_BOOT_GET_KBD */ -#endif /* !USE_HOSTCC */ /*******************************************************************/ /* Legacy format specific code (prefixed with image_) */ @@ -886,11 +795,9 @@ static inline int image_check_type(const image_header_t *hdr, uint8_t type) } static inline int image_check_arch(const image_header_t *hdr, uint8_t arch) { -#ifndef USE_HOSTCC /* Let's assume that sandbox can load any architecture */ - if (IS_ENABLED(CONFIG_SANDBOX)) + if (!tools_build() && IS_ENABLED(CONFIG_SANDBOX)) return true; -#endif return (image_get_arch(hdr) == arch) || (image_get_arch(hdr) == IH_ARCH_ARM && arch == IH_ARCH_ARM64); } @@ -920,7 +827,7 @@ static inline int image_check_target_arch(const image_header_t *hdr) * * @buf: Address in U-Boot memory where image is loaded. * @len: Length of the compressed image. - * @return compression type or IH_COMP_NONE if not compressed. + * Return: compression type or IH_COMP_NONE if not compressed. * * Note: Only following compression types are supported now. * lzo, lzma, gzip, bzip2 @@ -938,7 +845,7 @@ int image_decomp_type(const unsigned char *buf, ulong len); * @image_buf: Address to decompress from * @image_len: Number of bytes in @image_buf to decompress * @unc_len: Available space for decompression - * @return 0 if OK, -ve on error (BOOTM_ERR_...) + * Return: 0 if OK, -ve on error (BOOTM_ERR_...) */ int image_decomp(int comp, ulong load, ulong image_start, int type, void *load_buf, void *image_buf, ulong image_len, @@ -953,7 +860,7 @@ int image_decomp(int comp, ulong load, ulong image_start, int type, * @blob: FDT to update * @of_size: Size of the FDT * @lmb: Points to logical memory block structure - * @return 0 if ok, <0 on failure + * Return: 0 if ok, <0 on failure */ int image_setup_libfdt(bootm_headers_t *images, void *blob, int of_size, struct lmb *lmb); @@ -965,7 +872,7 @@ int image_setup_libfdt(bootm_headers_t *images, void *blob, * paramters to the FDT if libfdt is available. * * @param images Images information - * @return 0 if ok, <0 on failure + * Return: 0 if ok, <0 on failure */ int image_setup_linux(bootm_headers_t *images); @@ -975,7 +882,7 @@ int image_setup_linux(bootm_headers_t *images); * @image: Address of image * @start: Returns start address of image * @end : Returns end address of image - * @return 0 if OK, 1 if the image was not recognised + * Return: 0 if OK, 1 if the image was not recognised */ int bootz_setup(ulong image, ulong *start, ulong *end); @@ -986,7 +893,7 @@ int bootz_setup(ulong image, ulong *start, ulong *end); * @start: Returns start address of image * @size : Returns size image * @force_reloc: Ignore image->ep field, always place image to RAM start - * @return 0 if OK, 1 if the image was not recognised + * Return: 0 if OK, 1 if the image was not recognised */ int booti_setup(ulong image, ulong *relocated_addr, ulong *size, bool force_reloc); @@ -1038,7 +945,6 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong *size, #define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE -#if IMAGE_ENABLE_FIT /* cmdline argument format parsing */ int fit_parse_conf(const char *spec, ulong addr_curr, ulong *addr, const char **conf_name); @@ -1105,7 +1011,7 @@ int fit_image_get_data_size_unciphered(const void *fit, int noffset, int fit_image_get_data_and_size(const void *fit, int noffset, const void **data, size_t *size); -int fit_image_hash_get_algo(const void *fit, int noffset, char **algo); +int fit_image_hash_get_algo(const void *fit, int noffset, const char **algo); int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, int *value_len); @@ -1115,16 +1021,37 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit, const char *comment, int require_keys, const char *engine_id, const char *cmdname); +#define NODE_MAX_NAME_LEN 80 + +/** + * struct image_summary - Provides information about signing info added + * + * @sig_offset: Offset of the node in the blob devicetree where the signature + * was wriiten + * @sig_path: Path to @sig_offset + * @keydest_offset: Offset of the node in the keydest devicetree where the + * public key was written (-1 if none) + * @keydest_path: Path to @keydest_offset + */ +struct image_summary { + int sig_offset; + char sig_path[NODE_MAX_NAME_LEN]; + int keydest_offset; + char keydest_path[NODE_MAX_NAME_LEN]; +}; + /** * fit_add_verification_data() - add verification data to FIT image nodes * * @keydir: Directory containing keys - * @kwydest: FDT blob to write public key information to + * @kwydest: FDT blob to write public key information to (NULL if none) * @fit: Pointer to the FIT format image header * @comment: Comment to add to signature nodes * @require_keys: Mark all keys as 'required' * @engine_id: Engine to use for signing * @cmdname: Command name used when reporting errors + * @algo_name: Algorithm name, or NULL if to be read from FIT + * @summary: Returns information about what data was written * * Adds hash values for all component images in the FIT blob. * Hashes are calculated for all component images which have hash subnodes @@ -1136,12 +1063,25 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit, * 0, on success * libfdt error code, on failure */ -int fit_add_verification_data(const char *keydir, void *keydest, void *fit, - const char *comment, int require_keys, - const char *engine_id, const char *cmdname); +int fit_add_verification_data(const char *keydir, const char *keyfile, + void *keydest, void *fit, const char *comment, + int require_keys, const char *engine_id, + const char *cmdname, const char *algo_name, + struct image_summary *summary); +/** + * fit_image_verify_with_data() - Verify an image with given data + * + * @fit: Pointer to the FIT format image header + * @image_offset: Offset in @fit of image to verify + * @key_blob: FDT containing public keys + * @data: Image data to verify + * @size: Size of image data + */ int fit_image_verify_with_data(const void *fit, int image_noffset, - const void *data, size_t size); + const void *key_blob, const void *data, + size_t size); + int fit_image_verify(const void *fit, int noffset); int fit_config_verify(const void *fit, int conf_noffset); int fit_all_image_verify(const void *fit); @@ -1161,7 +1101,7 @@ int fit_image_check_comp(const void *fit, int noffset, uint8_t comp); * sure that there are no strange tags or broken nodes in the FIT. * * @fit: pointer to the FIT format image header - * @return 0 if OK, -ENOEXEC if not an FDT file, -EINVAL if the full FDT check + * Return: 0 if OK, -ENOEXEC if not an FDT file, -EINVAL if the full FDT check * failed (e.g. due to bad structure), -ENOMSG if the description is * missing, -EBADMSG if the timestamp is missing, -ENOENT if the /images * path is missing @@ -1211,7 +1151,6 @@ int fit_conf_get_prop_node(const void *fit, int noffset, int fit_check_ramdisk(const void *fit, int os_noffset, uint8_t arch, int verify); -#endif /* IMAGE_ENABLE_FIT */ int calculate_hash(const void *data, int data_len, const char *algo, uint8_t *value, int *value_len); @@ -1223,21 +1162,17 @@ int calculate_hash(const void *data, int data_len, const char *algo, #if defined(USE_HOSTCC) # if defined(CONFIG_FIT_SIGNATURE) # define IMAGE_ENABLE_SIGN 1 -# define IMAGE_ENABLE_VERIFY 1 # define FIT_IMAGE_ENABLE_VERIFY 1 # include # else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY 0 # define FIT_IMAGE_ENABLE_VERIFY 0 # endif #else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(RSA_VERIFY) # define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE) #endif -#if IMAGE_ENABLE_FIT #ifdef USE_HOSTCC void *image_get_host_blob(void); void image_set_host_blob(void *host_blob); @@ -1246,18 +1181,18 @@ void image_set_host_blob(void *host_blob); # define gd_fdt_blob() (gd->fdt_blob) #endif -#ifdef CONFIG_FIT_BEST_MATCH -#define IMAGE_ENABLE_BEST_MATCH 1 -#else -#define IMAGE_ENABLE_BEST_MATCH 0 -#endif -#endif /* IMAGE_ENABLE_FIT */ - -/* Information passed to the signing routines */ +/* + * Information passed to the signing routines + * + * Either 'keydir', 'keyname', or 'keyfile' can be NULL. However, either + * 'keyfile', or both 'keydir' and 'keyname' should have valid values. If + * neither are valid, some operations might fail with EINVAL. + */ struct image_sign_info { const char *keydir; /* Directory conaining keys */ const char *keyname; /* Name of key to use */ - void *fit; /* Pointer to FIT blob */ + const char *keyfile; /* Filename of private or public key */ + const void *fit; /* Pointer to FIT blob */ int node_offset; /* Offset of signature node */ const char *name; /* Algorithm name */ struct checksum_algo *checksum; /* Checksum algorithm information */ @@ -1282,9 +1217,6 @@ struct image_region { int size; }; -#if IMAGE_ENABLE_VERIFY -# include -#endif struct checksum_algo { const char *name; const int checksum_len; @@ -1294,7 +1226,7 @@ struct checksum_algo { const EVP_MD *(*calculate_sign)(void); #endif int (*calculate)(const char *name, - const struct image_region region[], + const struct image_region *region, int region_count, uint8_t *checksum); }; @@ -1332,7 +1264,8 @@ struct crypto_algo { * * @info: Specifies key and FIT information * @keydest: Destination FDT blob for public key data - * @return: 0, on success, -ve on error + * @return: node offset within the FDT blob where the data was written, + * or -ve on error */ int (*add_verify_data)(struct image_sign_info *info, void *keydest); @@ -1351,6 +1284,10 @@ struct crypto_algo { uint8_t *sig, uint sig_len); }; +/* Declare a new U-Boot crypto algorithm handler */ +#define U_BOOT_CRYPTO_ALGO(__name) \ +ll_entry_declare(struct crypto_algo, __name, cryptos) + struct padding_algo { const char *name; int (*verify)(struct image_sign_info *info, @@ -1358,11 +1295,15 @@ struct padding_algo { const uint8_t *hash, int hash_len); }; +/* Declare a new U-Boot padding algorithm handler */ +#define U_BOOT_PADDING_ALGO(__name) \ +ll_entry_declare(struct padding_algo, __name, paddings) + /** * image_get_checksum_algo() - Look up a checksum algorithm * * @param full_name Name of algorithm in the form "checksum,crypto" - * @return pointer to algorithm information, or NULL if not found + * Return: pointer to algorithm information, or NULL if not found */ struct checksum_algo *image_get_checksum_algo(const char *full_name); @@ -1370,7 +1311,7 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name); * image_get_crypto_algo() - Look up a cryptosystem algorithm * * @param full_name Name of algorithm in the form "checksum,crypto" - * @return pointer to algorithm information, or NULL if not found + * Return: pointer to algorithm information, or NULL if not found */ struct crypto_algo *image_get_crypto_algo(const char *full_name); @@ -1378,12 +1319,10 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name); * image_get_padding_algo() - Look up a padding algorithm * * @param name Name of padding algorithm - * @return pointer to algorithm information, or NULL if not found + * Return: pointer to algorithm information, or NULL if not found */ struct padding_algo *image_get_padding_algo(const char *name); -#if IMAGE_ENABLE_FIT - /** * fit_image_verify_required_sigs() - Verify signatures marked as 'required' * @@ -1391,15 +1330,15 @@ struct padding_algo *image_get_padding_algo(const char *name); * @image_noffset: Offset of image node to check * @data: Image data to check * @size: Size of image data - * @sig_blob: FDT containing public keys + * @key_blob: FDT containing public keys * @no_sigsp: Returns 1 if no signatures were required, and * therefore nothing was checked. The caller may wish * to fall back to other mechanisms, or refuse to * boot. - * @return 0 if all verified ok, <0 on error + * Return: 0 if all verified ok, <0 on error */ int fit_image_verify_required_sigs(const void *fit, int image_noffset, - const char *data, size_t size, const void *sig_blob, + const char *data, size_t size, const void *key_blob, int *no_sigsp); /** @@ -1409,16 +1348,18 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, * @noffset: Offset of signature node to check * @data: Image data to check * @size: Size of image data - * @required_keynode: Offset in the control FDT of the required key node, + * @keyblob: Key blob to check (typically the control FDT) + * @required_keynode: Offset in the keyblob of the required key node, * if any. If this is given, then the image wil not * pass verification unless that key is used. If this is * -1 then any signature will do. * @err_msgp: In the event of an error, this will be pointed to a * help error string to display to the user. - * @return 0 if all verified ok, <0 on error + * Return: 0 if all verified ok, <0 on error */ int fit_image_check_sig(const void *fit, int noffset, const void *data, - size_t size, int required_keynode, char **err_msgp); + size_t size, const void *key_blob, int required_keynode, + char **err_msgp); int fit_image_decrypt_data(const void *fit, int image_noffset, int cipher_noffset, @@ -1436,7 +1377,7 @@ int fit_image_decrypt_data(const void *fit, * @fdt_regions: Regions as returned by libfdt * @count: Number of regions returned by libfdt * @region: Place to put list of regions (NULL to allocate it) - * @return pointer to list of regions, or NULL if out of memory + * Return: pointer to list of regions, or NULL if out of memory */ struct image_region *fit_region_make_list(const void *fit, struct fdt_region *fdt_regions, int count, @@ -1509,23 +1450,6 @@ int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo); struct cipher_algo *image_get_cipher_algo(const char *full_name); -#ifdef CONFIG_FIT_VERBOSE -#define fit_unsupported(msg) printf("! %s:%d " \ - "FIT images not supported for '%s'\n", \ - __FILE__, __LINE__, (msg)) - -#define fit_unsupported_reset(msg) printf("! %s:%d " \ - "FIT images not supported for '%s' " \ - "- must reset board to recover!\n", \ - __FILE__, __LINE__, (msg)) -#else -#define fit_unsupported(msg) -#define fit_unsupported_reset(msg) -#endif /* CONFIG_FIT_VERBOSE */ -#endif /* CONFIG_FIT */ - -#if !defined(USE_HOSTCC) -#if defined(CONFIG_ANDROID_BOOT_IMAGE) struct andr_img_hdr; int android_image_check_header(const struct andr_img_hdr *hdr); int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify, @@ -1541,12 +1465,7 @@ ulong android_image_get_end(const struct andr_img_hdr *hdr); ulong android_image_get_kload(const struct andr_img_hdr *hdr); ulong android_image_get_kcomp(const struct andr_img_hdr *hdr); void android_print_contents(const struct andr_img_hdr *hdr); -#if !defined(CONFIG_SPL_BUILD) bool android_image_print_dtb_contents(ulong hdr_addr); -#endif - -#endif /* CONFIG_ANDROID_BOOT_IMAGE */ -#endif /* !USE_HOSTCC */ /** * board_fit_config_name_match() - Check for a matching board name @@ -1557,7 +1476,7 @@ bool android_image_print_dtb_contents(ulong hdr_addr); * in each (FDT) image node. * * @name: Device tree description - * @return 0 if this device tree should be used, non-zero to try the next + * Return: 0 if this device tree should be used, non-zero to try the next */ int board_fit_config_name_match(const char *name); @@ -1570,11 +1489,14 @@ int board_fit_config_name_match(const char *name); * into the FIT creation (i.e. the binary blobs would have been pre-processed * before being added to the FIT image). * + * @fit: pointer to fit image + * @node: offset of image node * @image: pointer to the image start pointer * @size: pointer to the image size - * @return no return value (failure should be handled internally) + * Return: no return value (failure should be handled internally) */ -void board_fit_image_post_process(void **p_image, size_t *p_size); +void board_fit_image_post_process(const void *fit, int node, void **p_image, + size_t *p_size); #define FDT_ERROR ((ulong)(-1)) @@ -1590,7 +1512,7 @@ ulong fdt_getprop_u32(const void *fdt, int node, const char *prop); * the node described by the default configuration if it exists. * * @fdt: pointer to flat device tree - * @return the node if found, -ve otherwise + * Return: the node if found, -ve otherwise */ int fit_find_config_node(const void *fdt);