1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (C) 2020 Stefan Roese <sr@denx.de>
4 */
5
6 #include <common.h>
7 #include <image.h>
8 #include <log.h>
9 #include <malloc.h>
10 #include <asm/sections.h>
11 #include <spl.h>
12
13 #include <lzma/LzmaTypes.h>
14 #include <lzma/LzmaDec.h>
15 #include <lzma/LzmaTools.h>
16
17 #define LZMA_LEN (1 << 20)
18
spl_parse_legacy_validate(uintptr_t start,uintptr_t size)19 static void spl_parse_legacy_validate(uintptr_t start, uintptr_t size)
20 {
21 uintptr_t spl_start = (uintptr_t)_start;
22 uintptr_t spl_end = (uintptr_t)_image_binary_end;
23 uintptr_t end = start + size;
24
25 if ((start >= spl_start && start < spl_end) ||
26 (end > spl_start && end <= spl_end) ||
27 (start < spl_start && end >= spl_end) ||
28 (start > end && end > spl_start))
29 panic("SPL: Image overlaps SPL\n");
30
31 if (size > CONFIG_SYS_BOOTM_LEN)
32 panic("SPL: Image too large\n");
33 }
34
spl_parse_legacy_header(struct spl_image_info * spl_image,const struct legacy_img_hdr * header)35 int spl_parse_legacy_header(struct spl_image_info *spl_image,
36 const struct legacy_img_hdr *header)
37 {
38 u32 header_size = sizeof(struct legacy_img_hdr);
39
40 /* check uImage header CRC */
41 if (IS_ENABLED(CONFIG_SPL_LEGACY_IMAGE_CRC_CHECK) &&
42 !image_check_hcrc(header)) {
43 puts("SPL: Image header CRC check failed!\n");
44 return -EINVAL;
45 }
46
47 if (spl_image->flags & SPL_COPY_PAYLOAD_ONLY) {
48 /*
49 * On some system (e.g. powerpc), the load-address and
50 * entry-point is located at address 0. We can't load
51 * to 0-0x40. So skip header in this case.
52 */
53 spl_image->load_addr = image_get_load(header);
54 spl_image->entry_point = image_get_ep(header);
55 spl_image->size = image_get_data_size(header);
56 } else {
57 spl_image->entry_point = image_get_ep(header);
58 /* Load including the header */
59 spl_image->load_addr = image_get_load(header) -
60 header_size;
61 spl_image->size = image_get_data_size(header) +
62 header_size;
63 }
64
65 #ifdef CONFIG_SPL_LEGACY_IMAGE_CRC_CHECK
66 /* store uImage data length and CRC to check later */
67 spl_image->dcrc_data = image_get_load(header);
68 spl_image->dcrc_length = image_get_data_size(header);
69 spl_image->dcrc = image_get_dcrc(header);
70 #endif
71
72 spl_image->os = image_get_os(header);
73 spl_image->name = image_get_name(header);
74 debug(SPL_TPL_PROMPT
75 "payload image: %32s load addr: 0x%lx size: %d\n",
76 spl_image->name, spl_image->load_addr, spl_image->size);
77
78 spl_parse_legacy_validate(spl_image->load_addr, spl_image->size);
79 spl_parse_legacy_validate(spl_image->entry_point, 0);
80
81 return 0;
82 }
83
84 /*
85 * This function is added explicitly to avoid code size increase, when
86 * no compression method is enabled. The compiler will optimize the
87 * following switch/case statement in spl_load_legacy_img() away due to
88 * Dead Code Elimination.
89 */
spl_image_get_comp(const struct legacy_img_hdr * hdr)90 static inline int spl_image_get_comp(const struct legacy_img_hdr *hdr)
91 {
92 if (IS_ENABLED(CONFIG_SPL_LZMA))
93 return image_get_comp(hdr);
94
95 return IH_COMP_NONE;
96 }
97
spl_load_legacy_img(struct spl_image_info * spl_image,struct spl_boot_device * bootdev,struct spl_load_info * load,ulong offset,struct legacy_img_hdr * hdr)98 int spl_load_legacy_img(struct spl_image_info *spl_image,
99 struct spl_boot_device *bootdev,
100 struct spl_load_info *load, ulong offset,
101 struct legacy_img_hdr *hdr)
102 {
103 __maybe_unused SizeT lzma_len;
104 __maybe_unused void *src;
105 ulong dataptr;
106 int ret;
107
108 /*
109 * If the payload is compressed, the decompressed data should be
110 * directly write to its load address.
111 */
112 if (spl_image_get_comp(hdr) != IH_COMP_NONE)
113 spl_image->flags |= SPL_COPY_PAYLOAD_ONLY;
114
115 ret = spl_parse_image_header(spl_image, bootdev, hdr);
116 if (ret)
117 return ret;
118
119 /* Read image */
120 switch (spl_image_get_comp(hdr)) {
121 case IH_COMP_NONE:
122 dataptr = offset;
123
124 /*
125 * Image header will be skipped only if SPL_COPY_PAYLOAD_ONLY
126 * is set
127 */
128 if (spl_image->flags & SPL_COPY_PAYLOAD_ONLY)
129 dataptr += sizeof(*hdr);
130
131 load->read(load, dataptr, spl_image->size,
132 (void *)(unsigned long)spl_image->load_addr);
133 break;
134
135 case IH_COMP_LZMA:
136 lzma_len = LZMA_LEN;
137
138 /* dataptr points to compressed payload */
139 dataptr = offset + sizeof(*hdr);
140
141 debug("LZMA: Decompressing %08lx to %08lx\n",
142 dataptr, spl_image->load_addr);
143 src = malloc(spl_image->size);
144 if (!src) {
145 printf("Unable to allocate %d bytes for LZMA\n",
146 spl_image->size);
147 return -ENOMEM;
148 }
149
150 load->read(load, dataptr, spl_image->size, src);
151 ret = lzmaBuffToBuffDecompress((void *)spl_image->load_addr,
152 &lzma_len, src, spl_image->size);
153 if (ret) {
154 printf("LZMA decompression error: %d\n", ret);
155 return ret;
156 }
157
158 spl_image->size = lzma_len;
159 break;
160
161 default:
162 debug("Compression method %s is not supported\n",
163 genimg_get_comp_short_name(image_get_comp(hdr)));
164 return -EINVAL;
165 }
166
167 return 0;
168 }
169