1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (C) 2016 Marvell International Ltd.
4 * https://spdx.org/licenses
5 */
6
7 #include <config.h>
8 #include <common.h>
9 #include <command.h>
10 #include <env.h>
11 #include <image.h>
12 #include <net.h>
13 #include <vsprintf.h>
14 #include <errno.h>
15 #include <dm.h>
16 #include <fuse.h>
17 #include <mach/efuse.h>
18
19 #include <spi_flash.h>
20 #include <spi.h>
21 #include <nand.h>
22 #include <scsi.h>
23 #include <usb.h>
24 #include <fs.h>
25 #include <mmc.h>
26 #ifdef CONFIG_BLK
27 #include <blk.h>
28 #endif
29 #include <u-boot/sha1.h>
30 #include <u-boot/sha256.h>
31 #include <u-boot/sha512.h>
32
33 #if defined(CONFIG_ARMADA_8K)
34 #define MAIN_HDR_MAGIC 0xB105B002
35
36 struct mvebu_image_header {
37 u32 magic; /* 0-3 */
38 u32 prolog_size; /* 4-7 */
39 u32 prolog_checksum; /* 8-11 */
40 u32 boot_image_size; /* 12-15 */
41 u32 boot_image_checksum; /* 16-19 */
42 u32 rsrvd0; /* 20-23 */
43 u32 load_addr; /* 24-27 */
44 u32 exec_addr; /* 28-31 */
45 u8 uart_cfg; /* 32 */
46 u8 baudrate; /* 33 */
47 u8 ext_count; /* 34 */
48 u8 aux_flags; /* 35 */
49 u32 io_arg_0; /* 36-39 */
50 u32 io_arg_1; /* 40-43 */
51 u32 io_arg_2; /* 43-47 */
52 u32 io_arg_3; /* 48-51 */
53 u32 rsrvd1; /* 52-55 */
54 u32 rsrvd2; /* 56-59 */
55 u32 rsrvd3; /* 60-63 */
56 };
57 #elif defined(CONFIG_ARMADA_3700) /* A3700 */
58 #define HASH_SUM_LEN 16
59 #define IMAGE_VERSION_3_6_0 0x030600
60 #define IMAGE_VERSION_3_5_0 0x030500
61
62 struct tim_boot_flash_sign {
63 unsigned int id;
64 const char *name;
65 };
66
67 struct tim_boot_flash_sign tim_boot_flash_signs[] = {
68 { 0x454d4d08, "mmc" },
69 { 0x454d4d0b, "mmc" },
70 { 0x5350490a, "spi" },
71 { 0x5350491a, "nand" },
72 { 0x55415223, "uart" },
73 { 0x53415432, "sata" },
74 {},
75 };
76
77 struct common_tim_data {
78 u32 version;
79 u32 identifier;
80 u32 trusted;
81 u32 issue_date;
82 u32 oem_unique_id;
83 u32 reserved[5]; /* Reserve 20 bytes */
84 u32 boot_flash_sign;
85 u32 num_images;
86 u32 num_keys;
87 u32 size_of_reserved;
88 };
89
90 struct mvebu_image_info {
91 u32 image_id;
92 u32 next_image_id;
93 u32 flash_entry_addr;
94 u32 load_addr;
95 u32 image_size;
96 u32 image_size_to_hash;
97 u32 hash_algorithm_id;
98 u32 hash[HASH_SUM_LEN]; /* Reserve 512 bits for the hash */
99 u32 partition_number;
100 u32 enc_algorithm_id;
101 u32 encrypt_start_offset;
102 u32 encrypt_size;
103 };
104 #elif defined(CONFIG_ARMADA_32BIT)
105
106 /* Structure of the main header, version 1 (Armada 370/XP/375/38x/39x) */
107 struct a38x_main_hdr_v1 {
108 u8 blockid; /* 0x0 */
109 u8 flags; /* 0x1 */
110 u16 nandpagesize; /* 0x2-0x3 */
111 u32 blocksize; /* 0x4-0x7 */
112 u8 version; /* 0x8 */
113 u8 headersz_msb; /* 0x9 */
114 u16 headersz_lsb; /* 0xA-0xB */
115 u32 srcaddr; /* 0xC-0xF */
116 u32 destaddr; /* 0x10-0x13 */
117 u32 execaddr; /* 0x14-0x17 */
118 u8 options; /* 0x18 */
119 u8 nandblocksize; /* 0x19 */
120 u8 nandbadblklocation; /* 0x1A */
121 u8 reserved4; /* 0x1B */
122 u16 reserved5; /* 0x1C-0x1D */
123 u8 ext; /* 0x1E */
124 u8 checksum; /* 0x1F */
125 };
126
127 /*
128 * Header for the optional headers, version 1 (Armada 370/XP/375/38x/39x)
129 */
130 struct a38x_opt_hdr_v1 {
131 u8 headertype;
132 u8 headersz_msb;
133 u16 headersz_lsb;
134 u8 data[0];
135 };
136 #define A38X_OPT_HDR_V1_SECURE_TYPE 0x1
137
138 struct a38x_boot_mode {
139 unsigned int id;
140 const char *name;
141 };
142
143 /* The blockid header field values used to indicate boot device of image */
144 struct a38x_boot_mode a38x_boot_modes[] = {
145 { 0x4D, "i2c" },
146 { 0x5A, "spi" },
147 { 0x69, "uart" },
148 { 0x78, "sata" },
149 { 0x8B, "nand" },
150 { 0x9C, "pex" },
151 { 0xAE, "mmc" },
152 {},
153 };
154
155 #endif
156
157 struct bubt_dev {
158 char name[8];
159 size_t (*read)(const char *file_name);
160 int (*write)(size_t image_size);
161 int (*active)(void);
162 };
163
get_load_addr(void)164 static ulong get_load_addr(void)
165 {
166 const char *addr_str;
167 unsigned long addr;
168
169 addr_str = env_get("loadaddr");
170 if (addr_str)
171 addr = hextoul(addr_str, NULL);
172 else
173 addr = CONFIG_SYS_LOAD_ADDR;
174
175 return addr;
176 }
177
178 /********************************************************************
179 * eMMC services
180 ********************************************************************/
181 #if CONFIG_IS_ENABLED(DM_MMC) && CONFIG_IS_ENABLED(MMC_WRITE)
mmc_burn_image(size_t image_size)182 static int mmc_burn_image(size_t image_size)
183 {
184 struct mmc *mmc;
185 lbaint_t start_lba;
186 lbaint_t blk_count;
187 ulong blk_written;
188 int err;
189 const u8 mmc_dev_num = CONFIG_SYS_MMC_ENV_DEV;
190 #ifdef CONFIG_BLK
191 struct blk_desc *blk_desc;
192 #endif
193 #ifdef CONFIG_SUPPORT_EMMC_BOOT
194 u8 part;
195 u8 orig_part;
196 #endif
197
198 mmc = find_mmc_device(mmc_dev_num);
199 if (!mmc) {
200 printf("No SD/MMC/eMMC card found\n");
201 return -ENOMEDIUM;
202 }
203
204 err = mmc_init(mmc);
205 if (err) {
206 printf("%s(%d) init failed\n", IS_SD(mmc) ? "SD" : "MMC",
207 mmc_dev_num);
208 return err;
209 }
210
211 #ifdef CONFIG_BLK
212 blk_desc = mmc_get_blk_desc(mmc);
213 if (!blk_desc) {
214 printf("Error - failed to obtain block descriptor\n");
215 return -ENODEV;
216 }
217 #endif
218
219 #ifdef CONFIG_SUPPORT_EMMC_BOOT
220 #ifdef CONFIG_BLK
221 orig_part = blk_desc->hwpart;
222 #else
223 orig_part = mmc->block_dev.hwpart;
224 #endif
225
226 part = EXT_CSD_EXTRACT_BOOT_PART(mmc->part_config);
227 if (part == 7)
228 part = 0;
229
230 #ifdef CONFIG_BLK
231 err = blk_dselect_hwpart(blk_desc, part);
232 #else
233 err = mmc_switch_part(mmc, part);
234 #endif
235
236 if (err) {
237 printf("Error - MMC partition switch failed\n");
238 return err;
239 }
240 #endif
241
242 /* SD reserves LBA-0 for MBR and boots from LBA-1,
243 * MMC/eMMC boots from LBA-0
244 */
245 start_lba = IS_SD(mmc) ? 1 : 0;
246 #ifdef CONFIG_BLK
247 blk_count = image_size / mmc->write_bl_len;
248 if (image_size % mmc->write_bl_len)
249 blk_count += 1;
250
251 blk_written = blk_dwrite(blk_desc, start_lba, blk_count,
252 (void *)get_load_addr());
253 #else
254 blk_count = image_size / mmc->block_dev.blksz;
255 if (image_size % mmc->block_dev.blksz)
256 blk_count += 1;
257
258 blk_written = mmc->block_dev.block_write(mmc_dev_num,
259 start_lba, blk_count,
260 (void *)get_load_addr());
261 #endif /* CONFIG_BLK */
262
263 #ifdef CONFIG_SUPPORT_EMMC_BOOT
264 #ifdef CONFIG_BLK
265 err = blk_dselect_hwpart(blk_desc, orig_part);
266 #else
267 err = mmc_switch_part(mmc, orig_part);
268 #endif
269 if (err)
270 printf("Error - MMC failed to switch back to original partition\n");
271 #endif
272
273 if (blk_written != blk_count) {
274 printf("Error - written %#lx blocks\n", blk_written);
275 return -ENOSPC;
276 }
277 printf("Done!\n");
278
279 return 0;
280 }
281
mmc_read_file(const char * file_name)282 static size_t mmc_read_file(const char *file_name)
283 {
284 loff_t act_read = 0;
285 int rc;
286 struct mmc *mmc;
287 const u8 mmc_dev_num = CONFIG_SYS_MMC_ENV_DEV;
288
289 mmc = find_mmc_device(mmc_dev_num);
290 if (!mmc) {
291 printf("No SD/MMC/eMMC card found\n");
292 return 0;
293 }
294
295 if (mmc_init(mmc)) {
296 printf("%s(%d) init failed\n", IS_SD(mmc) ? "SD" : "MMC",
297 mmc_dev_num);
298 return 0;
299 }
300
301 /* Load from data partition (0) */
302 if (fs_set_blk_dev("mmc", "0", FS_TYPE_ANY)) {
303 printf("Error: MMC 0 not found\n");
304 return 0;
305 }
306
307 /* Perfrom file read */
308 rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
309 if (rc)
310 return 0;
311
312 return act_read;
313 }
314
is_mmc_active(void)315 static int is_mmc_active(void)
316 {
317 return 1;
318 }
319 #else /* CONFIG_DM_MMC */
mmc_burn_image(size_t image_size)320 static int mmc_burn_image(size_t image_size)
321 {
322 return -ENODEV;
323 }
324
mmc_read_file(const char * file_name)325 static size_t mmc_read_file(const char *file_name)
326 {
327 return 0;
328 }
329
is_mmc_active(void)330 static int is_mmc_active(void)
331 {
332 return 0;
333 }
334 #endif /* CONFIG_DM_MMC */
335
336 /********************************************************************
337 * SATA services
338 ********************************************************************/
339 #if defined(CONFIG_SCSI) && defined(CONFIG_BLK)
sata_burn_image(size_t image_size)340 static int sata_burn_image(size_t image_size)
341 {
342 #if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_32BIT)
343 lbaint_t start_lba;
344 lbaint_t blk_count;
345 ulong blk_written;
346 struct blk_desc *blk_desc;
347 #ifdef CONFIG_ARMADA_3700
348 struct disk_partition info;
349 int part;
350 #endif
351
352 scsi_scan(false);
353
354 blk_desc = blk_get_devnum_by_uclass_id(UCLASS_SCSI, 0);
355 if (!blk_desc)
356 return -ENODEV;
357
358 #ifdef CONFIG_ARMADA_3700
359 /*
360 * 64-bit Armada 3700 BootROM loads SATA firmware from
361 * GPT 'Marvell Armada 3700 Boot partition' or from
362 * MBR 'M' (0x4d) partition.
363 */
364 switch (blk_desc->part_type) {
365 case PART_TYPE_DOS:
366 for (part = 1; part <= 4; part++) {
367 info.sys_ind = 0;
368 if (part_get_info(blk_desc, part, &info))
369 continue;
370 if (info.sys_ind == 'M')
371 break;
372 }
373 if (part > 4) {
374 printf("Error - cannot find MBR 'M' (0x4d) partition on SATA disk\n");
375 return -ENODEV;
376 }
377 start_lba = info.start;
378 break;
379 case PART_TYPE_EFI:
380 for (part = 1; part <= 64; part++) {
381 info.type_guid[0] = 0;
382 if (part_get_info(blk_desc, part, &info))
383 continue;
384 /* Check for GPT type GUID of 'Marvell Armada 3700 Boot partition' */
385 if (strcmp(info.type_guid, "6828311A-BA55-42A4-BCDE-A89BB5EDECAE") == 0)
386 break;
387 }
388 if (part > 64) {
389 printf("Error - cannot find GPT 'Marvell Armada 3700 Boot partition' on SATA disk\n");
390 return -ENODEV;
391 }
392 start_lba = info.start;
393 break;
394 default:
395 printf("Error - no partitions on SATA disk\n");
396 return -ENODEV;
397 }
398 #else
399 /* 32-bit Armada BootROM loads SATA firmware from the sector 1. */
400 start_lba = 1;
401 #endif
402
403 blk_count = image_size / blk_desc->blksz;
404 if (image_size % blk_desc->blksz)
405 blk_count += 1;
406
407 blk_written = blk_dwrite(blk_desc, start_lba, blk_count,
408 (void *)get_load_addr());
409
410 if (blk_written != blk_count) {
411 printf("Error - written %#lx blocks\n", blk_written);
412 return -ENOSPC;
413 }
414
415 printf("Done!\n");
416 return 0;
417 #else
418 return -ENODEV;
419 #endif
420 }
421
sata_read_file(const char * file_name)422 static size_t sata_read_file(const char *file_name)
423 {
424 loff_t act_read = 0;
425 struct udevice *dev;
426 int rc;
427
428 /* try to recognize storage devices immediately */
429 scsi_scan(false);
430
431 /* Try to recognize storage devices immediately */
432 blk_first_device(UCLASS_SCSI, &dev);
433 if (!dev) {
434 printf("Error: SATA device not found\n");
435 return 0;
436 }
437
438 /* Always load from scsi 0 */
439 if (fs_set_blk_dev("scsi", "0", FS_TYPE_ANY)) {
440 printf("Error: SATA 0 not found\n");
441 return 0;
442 }
443
444 /* Perfrom file read */
445 rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
446 if (rc)
447 return 0;
448
449 return act_read;
450 }
451
is_sata_active(void)452 static int is_sata_active(void)
453 {
454 return 1;
455 }
456 #else /* CONFIG_SCSI */
sata_burn_image(size_t image_size)457 static int sata_burn_image(size_t image_size)
458 {
459 return -ENODEV;
460 }
461
sata_read_file(const char * file_name)462 static size_t sata_read_file(const char *file_name)
463 {
464 return 0;
465 }
466
is_sata_active(void)467 static int is_sata_active(void)
468 {
469 return 0;
470 }
471 #endif /* CONFIG_SCSI */
472
473 /********************************************************************
474 * SPI services
475 ********************************************************************/
476 #ifdef CONFIG_SPI_FLASH
spi_burn_image(size_t image_size)477 static int spi_burn_image(size_t image_size)
478 {
479 int ret;
480 struct spi_flash *flash;
481 u32 erase_bytes;
482
483 /* Probe the SPI bus to get the flash device */
484 flash = spi_flash_probe(CONFIG_SF_DEFAULT_BUS,
485 CONFIG_SF_DEFAULT_CS,
486 CONFIG_SF_DEFAULT_SPEED,
487 CONFIG_SF_DEFAULT_MODE);
488 if (!flash) {
489 printf("Failed to probe SPI Flash\n");
490 return -ENOMEDIUM;
491 }
492
493 erase_bytes = image_size +
494 (flash->erase_size - image_size % flash->erase_size);
495 printf("Erasing %d bytes (%d blocks) at offset 0 ...",
496 erase_bytes, erase_bytes / flash->erase_size);
497 ret = spi_flash_erase(flash, 0, erase_bytes);
498 if (ret)
499 printf("Error!\n");
500 else
501 printf("Done!\n");
502
503 printf("Writing %d bytes from 0x%lx to offset 0 ...",
504 (int)image_size, get_load_addr());
505 ret = spi_flash_write(flash, 0, image_size, (void *)get_load_addr());
506 if (ret)
507 printf("Error!\n");
508 else
509 printf("Done!\n");
510
511 return ret;
512 }
513
is_spi_active(void)514 static int is_spi_active(void)
515 {
516 return 1;
517 }
518
519 #else /* CONFIG_SPI_FLASH */
spi_burn_image(size_t image_size)520 static int spi_burn_image(size_t image_size)
521 {
522 return -ENODEV;
523 }
524
is_spi_active(void)525 static int is_spi_active(void)
526 {
527 return 0;
528 }
529 #endif /* CONFIG_SPI_FLASH */
530
531 /********************************************************************
532 * NAND services
533 ********************************************************************/
534 #ifdef CONFIG_CMD_NAND
nand_burn_image(size_t image_size)535 static int nand_burn_image(size_t image_size)
536 {
537 int ret;
538 uint32_t block_size;
539 struct mtd_info *mtd;
540
541 mtd = get_nand_dev_by_index(nand_curr_device);
542 if (!mtd) {
543 puts("\nno devices available\n");
544 return -ENOMEDIUM;
545 }
546 block_size = mtd->erasesize;
547
548 /* Align U-Boot size to currently used blocksize */
549 image_size = ((image_size + (block_size - 1)) & (~(block_size - 1)));
550
551 /* Erase the U-Boot image space */
552 printf("Erasing 0x%x - 0x%x:...", 0, (int)image_size);
553 ret = nand_erase(mtd, 0, image_size);
554 if (ret) {
555 printf("Error!\n");
556 goto error;
557 }
558 printf("Done!\n");
559
560 /* Write the image to flash */
561 printf("Writing %d bytes from 0x%lx to offset 0 ... ",
562 (int)image_size, get_load_addr());
563 ret = nand_write(mtd, 0, &image_size, (void *)get_load_addr());
564 if (ret)
565 printf("Error!\n");
566 else
567 printf("Done!\n");
568
569 error:
570 return ret;
571 }
572
is_nand_active(void)573 static int is_nand_active(void)
574 {
575 return 1;
576 }
577
578 #else /* CONFIG_CMD_NAND */
nand_burn_image(size_t image_size)579 static int nand_burn_image(size_t image_size)
580 {
581 return -ENODEV;
582 }
583
is_nand_active(void)584 static int is_nand_active(void)
585 {
586 return 0;
587 }
588 #endif /* CONFIG_CMD_NAND */
589
590 /********************************************************************
591 * USB services
592 ********************************************************************/
593 #if defined(CONFIG_USB_STORAGE) && defined(CONFIG_BLK)
usb_read_file(const char * file_name)594 static size_t usb_read_file(const char *file_name)
595 {
596 loff_t act_read = 0;
597 struct udevice *dev;
598 int rc;
599
600 usb_stop();
601
602 if (usb_init() < 0) {
603 printf("Error: usb_init failed\n");
604 return 0;
605 }
606
607 /* Try to recognize storage devices immediately */
608 blk_first_device(UCLASS_USB, &dev);
609 if (!dev) {
610 printf("Error: USB storage device not found\n");
611 return 0;
612 }
613
614 /* Always load from usb 0 */
615 if (fs_set_blk_dev("usb", "0", FS_TYPE_ANY)) {
616 printf("Error: USB 0 not found\n");
617 return 0;
618 }
619
620 /* Perfrom file read */
621 rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
622 if (rc)
623 return 0;
624
625 return act_read;
626 }
627
is_usb_active(void)628 static int is_usb_active(void)
629 {
630 return 1;
631 }
632
633 #else /* defined(CONFIG_USB_STORAGE) && defined (CONFIG_BLK) */
usb_read_file(const char * file_name)634 static size_t usb_read_file(const char *file_name)
635 {
636 return 0;
637 }
638
is_usb_active(void)639 static int is_usb_active(void)
640 {
641 return 0;
642 }
643 #endif /* defined(CONFIG_USB_STORAGE) && defined (CONFIG_BLK) */
644
645 /********************************************************************
646 * Network services
647 ********************************************************************/
648 #ifdef CONFIG_CMD_NET
tftp_read_file(const char * file_name)649 static size_t tftp_read_file(const char *file_name)
650 {
651 int ret;
652
653 /*
654 * update global variable image_load_addr before tftp file from network
655 */
656 image_load_addr = get_load_addr();
657 ret = net_loop(TFTPGET);
658 return ret > 0 ? ret : 0;
659 }
660
is_tftp_active(void)661 static int is_tftp_active(void)
662 {
663 return 1;
664 }
665
666 #else
tftp_read_file(const char * file_name)667 static size_t tftp_read_file(const char *file_name)
668 {
669 return 0;
670 }
671
is_tftp_active(void)672 static int is_tftp_active(void)
673 {
674 return 0;
675 }
676 #endif /* CONFIG_CMD_NET */
677
678 enum bubt_devices {
679 BUBT_DEV_NET = 0,
680 BUBT_DEV_USB,
681 BUBT_DEV_MMC,
682 BUBT_DEV_SATA,
683 BUBT_DEV_SPI,
684 BUBT_DEV_NAND,
685
686 BUBT_MAX_DEV
687 };
688
689 static struct bubt_dev bubt_devs[BUBT_MAX_DEV] = {
690 {"tftp", tftp_read_file, NULL, is_tftp_active},
691 {"usb", usb_read_file, NULL, is_usb_active},
692 {"mmc", mmc_read_file, mmc_burn_image, is_mmc_active},
693 {"sata", sata_read_file, sata_burn_image, is_sata_active},
694 {"spi", NULL, spi_burn_image, is_spi_active},
695 {"nand", NULL, nand_burn_image, is_nand_active},
696 };
697
bubt_write_file(struct bubt_dev * dst,size_t image_size)698 static int bubt_write_file(struct bubt_dev *dst, size_t image_size)
699 {
700 if (!dst->write) {
701 printf("Error: Write not supported on device %s\n", dst->name);
702 return -ENOTSUPP;
703 }
704
705 return dst->write(image_size);
706 }
707
708 #if defined(CONFIG_ARMADA_8K)
do_checksum32(u32 * start,int32_t len)709 static u32 do_checksum32(u32 *start, int32_t len)
710 {
711 u32 sum = 0;
712 u32 *startp = start;
713
714 do {
715 sum += *startp;
716 startp++;
717 len -= 4;
718 } while (len > 0);
719
720 return sum;
721 }
722
check_image_header(void)723 static int check_image_header(void)
724 {
725 struct mvebu_image_header *hdr =
726 (struct mvebu_image_header *)get_load_addr();
727 u32 checksum;
728 u32 checksum_ref;
729
730 /*
731 * For now compare checksum, and magic. Later we can
732 * verify more stuff on the header like interface type, etc
733 */
734 if (hdr->magic != MAIN_HDR_MAGIC) {
735 printf("ERROR: Bad MAGIC 0x%08x != 0x%08x\n",
736 hdr->magic, MAIN_HDR_MAGIC);
737 return -ENOEXEC;
738 }
739
740 checksum_ref = hdr->prolog_checksum;
741 checksum = do_checksum32((u32 *)hdr, hdr->prolog_size);
742 checksum -= hdr->prolog_checksum;
743 if (checksum != checksum_ref) {
744 printf("Error: Bad Prolog checksum. 0x%x != 0x%x\n",
745 checksum, checksum_ref);
746 return -ENOEXEC;
747 }
748
749 checksum_ref = hdr->boot_image_checksum;
750 checksum = do_checksum32((u32 *)((u8 *)hdr + hdr->prolog_size), hdr->boot_image_size);
751 if (checksum != checksum_ref) {
752 printf("Error: Bad Image checksum. 0x%x != 0x%x\n",
753 checksum, checksum_ref);
754 return -ENOEXEC;
755 }
756
757 printf("Image checksum...OK!\n");
758
759 return 0;
760 }
761 #elif defined(CONFIG_ARMADA_3700) /* Armada 3700 */
check_image_header(void)762 static int check_image_header(void)
763 {
764 struct common_tim_data *hdr = (struct common_tim_data *)get_load_addr();
765 int image_num;
766 u8 hash_160_output[SHA1_SUM_LEN];
767 u8 hash_256_output[SHA256_SUM_LEN];
768 u8 hash_512_output[SHA512_SUM_LEN];
769 sha1_context hash1_text;
770 sha256_context hash256_text;
771 sha512_context hash512_text;
772 u8 *hash_output;
773 u32 hash_algorithm_id;
774 u32 image_size_to_hash;
775 u32 flash_entry_addr;
776 u32 *hash_value;
777 u32 internal_hash[HASH_SUM_LEN];
778 const u8 *buff;
779 u32 num_of_image = hdr->num_images;
780 u32 version = hdr->version;
781 u32 trusted = hdr->trusted;
782
783 /* bubt checksum validation only supports nontrusted images */
784 if (trusted == 1) {
785 printf("bypass image validation, ");
786 printf("only untrusted image is supported now\n");
787 return 0;
788 }
789 /* only supports image version 3.5 and 3.6 */
790 if (version != IMAGE_VERSION_3_5_0 && version != IMAGE_VERSION_3_6_0) {
791 printf("Error: Unsupported Image version = 0x%08x\n", version);
792 return -ENOEXEC;
793 }
794 /* validate images hash value */
795 for (image_num = 0; image_num < num_of_image; image_num++) {
796 struct mvebu_image_info *info =
797 (struct mvebu_image_info *)(get_load_addr() +
798 sizeof(struct common_tim_data) +
799 image_num * sizeof(struct mvebu_image_info));
800 hash_algorithm_id = info->hash_algorithm_id;
801 image_size_to_hash = info->image_size_to_hash;
802 flash_entry_addr = info->flash_entry_addr;
803 hash_value = info->hash;
804 buff = (const u8 *)(get_load_addr() + flash_entry_addr);
805
806 if (image_num == 0) {
807 /*
808 * The first image includes hash values in its content.
809 * For hash calculation, we need to save the original
810 * hash values to a local variable that will be
811 * copied back for comparsion and set all zeros to
812 * the orignal hash values for calculating new value.
813 * First image original format :
814 * x...x (datum1) x...x(orig. hash values) x...x(datum2)
815 * Replaced first image format :
816 * x...x (datum1) 0...0(hash values) x...x(datum2)
817 */
818 memcpy(internal_hash, hash_value,
819 sizeof(internal_hash));
820 memset(hash_value, 0, sizeof(internal_hash));
821 }
822 if (image_size_to_hash == 0) {
823 printf("Warning: Image_%d hash checksum is disabled, ",
824 image_num);
825 printf("skip the image validation.\n");
826 continue;
827 }
828 switch (hash_algorithm_id) {
829 case SHA1_SUM_LEN:
830 sha1_starts(&hash1_text);
831 sha1_update(&hash1_text, buff, image_size_to_hash);
832 sha1_finish(&hash1_text, hash_160_output);
833 hash_output = hash_160_output;
834 break;
835 case SHA256_SUM_LEN:
836 sha256_starts(&hash256_text);
837 sha256_update(&hash256_text, buff, image_size_to_hash);
838 sha256_finish(&hash256_text, hash_256_output);
839 hash_output = hash_256_output;
840 break;
841 case SHA512_SUM_LEN:
842 sha512_starts(&hash512_text);
843 sha512_update(&hash512_text, buff, image_size_to_hash);
844 sha512_finish(&hash512_text, hash_512_output);
845 hash_output = hash_512_output;
846 break;
847 default:
848 printf("Error: Unsupported hash_algorithm_id = %d\n",
849 hash_algorithm_id);
850 return -ENOEXEC;
851 }
852 if (image_num == 0)
853 memcpy(hash_value, internal_hash,
854 sizeof(internal_hash));
855 if (memcmp(hash_value, hash_output, hash_algorithm_id) != 0) {
856 printf("Error: Image_%d checksum is not correct\n",
857 image_num);
858 return -ENOEXEC;
859 }
860 }
861 printf("Image checksum...OK!\n");
862
863 return 0;
864 }
865 #elif defined(CONFIG_ARMADA_32BIT)
a38x_header_size(const struct a38x_main_hdr_v1 * h)866 static size_t a38x_header_size(const struct a38x_main_hdr_v1 *h)
867 {
868 if (h->version == 1)
869 return (h->headersz_msb << 16) | le16_to_cpu(h->headersz_lsb);
870
871 printf("Error: Invalid A38x image (header version 0x%x unknown)!\n",
872 h->version);
873 return 0;
874 }
875
image_checksum8(const void * start,size_t len)876 static uint8_t image_checksum8(const void *start, size_t len)
877 {
878 u8 csum = 0;
879 const u8 *p = start;
880
881 while (len) {
882 csum += *p;
883 ++p;
884 --len;
885 }
886
887 return csum;
888 }
889
image_checksum32(const void * start,size_t len)890 static uint32_t image_checksum32(const void *start, size_t len)
891 {
892 u32 csum = 0;
893 const u32 *p = start;
894
895 while (len) {
896 csum += *p;
897 ++p;
898 len -= sizeof(u32);
899 }
900
901 return csum;
902 }
903
check_image_header(void)904 static int check_image_header(void)
905 {
906 u8 checksum;
907 u32 checksum32, exp_checksum32;
908 u32 offset, size;
909 const struct a38x_main_hdr_v1 *hdr =
910 (struct a38x_main_hdr_v1 *)get_load_addr();
911 const size_t hdr_size = a38x_header_size(hdr);
912
913 if (!hdr_size)
914 return -ENOEXEC;
915
916 checksum = image_checksum8(hdr, hdr_size);
917 checksum -= hdr->checksum;
918 if (checksum != hdr->checksum) {
919 printf("Error: Bad A38x image header checksum. 0x%x != 0x%x\n",
920 checksum, hdr->checksum);
921 return -ENOEXEC;
922 }
923
924 offset = le32_to_cpu(hdr->srcaddr);
925 size = le32_to_cpu(hdr->blocksize);
926
927 if (hdr->blockid == 0x78) { /* SATA id */
928 struct blk_desc *blk_dev = IS_ENABLED(BLK) ? blk_get_devnum_by_uclass_id(UCLASS_SCSI, 0) : NULL;
929 unsigned long blksz = blk_dev ? blk_dev->blksz : 512;
930 offset *= blksz;
931 }
932
933 if (offset % 4 != 0 || size < 4 || size % 4 != 0) {
934 printf("Error: Bad A38x image blocksize.\n");
935 return -ENOEXEC;
936 }
937
938 checksum32 = image_checksum32((u8 *)hdr + offset, size - 4);
939 exp_checksum32 = *(u32 *)((u8 *)hdr + offset + size - 4);
940 if (checksum32 != exp_checksum32) {
941 printf("Error: Bad A38x image data checksum. 0x%08x != 0x%08x\n",
942 checksum32, exp_checksum32);
943 return -ENOEXEC;
944 }
945
946 printf("Image checksum...OK!\n");
947 return 0;
948 }
949
950 #if defined(CONFIG_ARMADA_38X)
a38x_image_is_secure(const struct a38x_main_hdr_v1 * hdr)951 static int a38x_image_is_secure(const struct a38x_main_hdr_v1 *hdr)
952 {
953 const size_t hdr_size = a38x_header_size(hdr);
954 struct a38x_opt_hdr_v1 *ohdr;
955 u32 ohdr_size;
956
957 if (hdr->version != 1)
958 return 0;
959
960 if (!hdr->ext)
961 return 0;
962
963 ohdr = (struct a38x_opt_hdr_v1 *)(hdr + 1);
964 do {
965 if (ohdr->headertype == A38X_OPT_HDR_V1_SECURE_TYPE)
966 return 1;
967
968 ohdr_size = (ohdr->headersz_msb << 16) | le16_to_cpu(ohdr->headersz_lsb);
969
970 if (!*((u8 *)ohdr + ohdr_size - 4))
971 break;
972
973 ohdr = (struct a38x_opt_hdr_v1 *)((u8 *)ohdr + ohdr_size);
974 if ((u8 *)ohdr >= (u8 *)hdr + hdr_size)
975 break;
976 } while (1);
977
978 return 0;
979 }
980 #endif
981 #else /* Not ARMADA? */
check_image_header(void)982 static int check_image_header(void)
983 {
984 printf("bubt cmd does not support this SoC device or family!\n");
985 return -ENOEXEC;
986 }
987 #endif
988
989 #if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_38X)
fuse_read_u64(u32 bank)990 static u64 fuse_read_u64(u32 bank)
991 {
992 u32 val[2];
993 int ret;
994
995 ret = fuse_read(bank, 0, &val[0]);
996 if (ret < 0)
997 return -1;
998
999 ret = fuse_read(bank, 1, &val[1]);
1000 if (ret < 0)
1001 return -1;
1002
1003 return ((u64)val[1] << 32) | val[0];
1004 }
1005 #endif
1006
1007 #if defined(CONFIG_ARMADA_3700)
maj3(u8 val)1008 static inline u8 maj3(u8 val)
1009 {
1010 /* return majority vote of 3 bits */
1011 return ((val & 0x7) == 3 || (val & 0x7) > 4) ? 1 : 0;
1012 }
1013 #endif
1014
bubt_check_boot_mode(const struct bubt_dev * dst)1015 static int bubt_check_boot_mode(const struct bubt_dev *dst)
1016 {
1017 #if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_32BIT)
1018 int mode;
1019 #if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_38X)
1020 int secure_mode;
1021 #endif
1022 #if defined(CONFIG_ARMADA_3700)
1023 const struct tim_boot_flash_sign *boot_modes = tim_boot_flash_signs;
1024 const struct common_tim_data *hdr =
1025 (struct common_tim_data *)get_load_addr();
1026 u32 id = hdr->boot_flash_sign;
1027 int is_secure = hdr->trusted != 0;
1028 u64 otp_secure_bits = fuse_read_u64(1);
1029 int otp_secure_boot = ((maj3(otp_secure_bits >> 0) << 0) |
1030 (maj3(otp_secure_bits >> 4) << 1)) == 2;
1031 unsigned int otp_boot_device = (maj3(otp_secure_bits >> 48) << 0) |
1032 (maj3(otp_secure_bits >> 52) << 1) |
1033 (maj3(otp_secure_bits >> 56) << 2) |
1034 (maj3(otp_secure_bits >> 60) << 3);
1035 #elif defined(CONFIG_ARMADA_32BIT)
1036 const struct a38x_boot_mode *boot_modes = a38x_boot_modes;
1037 const struct a38x_main_hdr_v1 *hdr =
1038 (struct a38x_main_hdr_v1 *)get_load_addr();
1039 u32 id = hdr->blockid;
1040 #if defined(CONFIG_ARMADA_38X)
1041 int is_secure = a38x_image_is_secure(hdr);
1042 u64 otp_secure_bits = fuse_read_u64(EFUSE_LINE_SECURE_BOOT);
1043 int otp_secure_boot = otp_secure_bits & 0x1;
1044 unsigned int otp_boot_device = (otp_secure_bits >> 8) & 0x7;
1045 #endif
1046 #endif
1047
1048 for (mode = 0; boot_modes[mode].name; mode++) {
1049 if (boot_modes[mode].id == id)
1050 break;
1051 }
1052
1053 if (!boot_modes[mode].name) {
1054 printf("Error: unknown boot device in image header: 0x%x\n", id);
1055 return -ENOEXEC;
1056 }
1057
1058 if (strcmp(boot_modes[mode].name, dst->name) != 0) {
1059 printf("Error: image meant to be booted from \"%s\", not \"%s\"!\n",
1060 boot_modes[mode].name, dst->name);
1061 return -ENOEXEC;
1062 }
1063
1064 #if defined(CONFIG_ARMADA_38X) || defined(CONFIG_ARMADA_3700)
1065 if (otp_secure_bits == (u64)-1) {
1066 printf("Error: cannot read OTP secure bits\n");
1067 return -ENOEXEC;
1068 } else {
1069 if (otp_secure_boot && !is_secure) {
1070 printf("Error: secure boot is enabled in OTP but image does not have secure boot header!\n");
1071 return -ENOEXEC;
1072 } else if (!otp_secure_boot && is_secure) {
1073 #if defined(CONFIG_ARMADA_3700)
1074 /*
1075 * Armada 3700 BootROM rejects trusted image when secure boot is not enabled.
1076 * Armada 385 BootROM accepts image with secure boot header also when secure boot is not enabled.
1077 */
1078 printf("Error: secure boot is disabled in OTP but image has secure boot header!\n");
1079 return -ENOEXEC;
1080 #endif
1081 } else if (otp_boot_device && otp_boot_device != id) {
1082 for (secure_mode = 0; boot_modes[secure_mode].name; secure_mode++) {
1083 if (boot_modes[secure_mode].id == otp_boot_device)
1084 break;
1085 }
1086 printf("Error: boot source is set to \"%s\" in OTP but image is for \"%s\"!\n",
1087 boot_modes[secure_mode].name ?: "unknown", dst->name);
1088 return -ENOEXEC;
1089 }
1090 }
1091 #endif
1092 #endif
1093 return 0;
1094 }
1095
bubt_verify(const struct bubt_dev * dst)1096 static int bubt_verify(const struct bubt_dev *dst)
1097 {
1098 int err;
1099
1100 /* Check a correct image header exists */
1101 err = check_image_header();
1102 if (err) {
1103 printf("Error: Image header verification failed\n");
1104 return err;
1105 }
1106
1107 err = bubt_check_boot_mode(dst);
1108 if (err) {
1109 printf("Error: Image boot mode verification failed\n");
1110 return err;
1111 }
1112
1113 return 0;
1114 }
1115
bubt_read_file(struct bubt_dev * src)1116 static int bubt_read_file(struct bubt_dev *src)
1117 {
1118 size_t image_size;
1119
1120 if (!src->read) {
1121 printf("Error: Read not supported on device \"%s\"\n",
1122 src->name);
1123 return 0;
1124 }
1125
1126 image_size = src->read(net_boot_file_name);
1127 if (image_size <= 0) {
1128 printf("Error: Failed to read file %s from %s\n",
1129 net_boot_file_name, src->name);
1130 return 0;
1131 }
1132
1133 return image_size;
1134 }
1135
bubt_is_dev_active(struct bubt_dev * dev)1136 static int bubt_is_dev_active(struct bubt_dev *dev)
1137 {
1138 if (!dev->active) {
1139 printf("Device \"%s\" not supported by U-Boot image\n",
1140 dev->name);
1141 return 0;
1142 }
1143
1144 if (!dev->active()) {
1145 printf("Device \"%s\" is inactive\n", dev->name);
1146 return 0;
1147 }
1148
1149 return 1;
1150 }
1151
find_bubt_dev(char * dev_name)1152 static struct bubt_dev *find_bubt_dev(char *dev_name)
1153 {
1154 int dev;
1155
1156 for (dev = 0; dev < BUBT_MAX_DEV; dev++) {
1157 if (strcmp(bubt_devs[dev].name, dev_name) == 0)
1158 return &bubt_devs[dev];
1159 }
1160
1161 return 0;
1162 }
1163
1164 #define DEFAULT_BUBT_SRC "tftp"
1165
1166 #ifndef DEFAULT_BUBT_DST
1167 #ifdef CONFIG_MVEBU_SPI_BOOT
1168 #define DEFAULT_BUBT_DST "spi"
1169 #elif defined(CONFIG_MVEBU_NAND_BOOT)
1170 #define DEFAULT_BUBT_DST "nand"
1171 #elif defined(CONFIG_MVEBU_MMC_BOOT)
1172 #define DEFAULT_BUBT_DST "mmc"
1173 #elif defined(CONFIG_MVEBU_SATA_BOOT)
1174 #define DEFAULT_BUBT_DST "sata"
1175 #else
1176 #define DEFAULT_BUBT_DST "error"
1177 #endif
1178 #endif /* DEFAULT_BUBT_DST */
1179
do_bubt_cmd(struct cmd_tbl * cmdtp,int flag,int argc,char * const argv[])1180 static int do_bubt_cmd(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
1181 {
1182 struct bubt_dev *src, *dst;
1183 size_t image_size;
1184 char src_dev_name[8];
1185 char dst_dev_name[8];
1186 char *name;
1187 int err;
1188
1189 if (argc < 2)
1190 copy_filename(net_boot_file_name,
1191 CONFIG_MVEBU_UBOOT_DFLT_NAME,
1192 sizeof(net_boot_file_name));
1193 else
1194 copy_filename(net_boot_file_name, argv[1],
1195 sizeof(net_boot_file_name));
1196
1197 if (argc >= 3) {
1198 strncpy(dst_dev_name, argv[2], 8);
1199 } else {
1200 name = DEFAULT_BUBT_DST;
1201 strncpy(dst_dev_name, name, 8);
1202 }
1203
1204 if (argc >= 4)
1205 strncpy(src_dev_name, argv[3], 8);
1206 else
1207 strncpy(src_dev_name, DEFAULT_BUBT_SRC, 8);
1208
1209 /* Figure out the destination device */
1210 dst = find_bubt_dev(dst_dev_name);
1211 if (!dst) {
1212 printf("Error: Unknown destination \"%s\"\n", dst_dev_name);
1213 return 1;
1214 }
1215
1216 if (!bubt_is_dev_active(dst))
1217 return 1;
1218
1219 /* Figure out the source device */
1220 src = find_bubt_dev(src_dev_name);
1221 if (!src) {
1222 printf("Error: Unknown source \"%s\"\n", src_dev_name);
1223 return 1;
1224 }
1225
1226 if (!bubt_is_dev_active(src))
1227 return -ENODEV;
1228
1229 printf("Burning U-Boot image \"%s\" from \"%s\" to \"%s\"\n",
1230 net_boot_file_name, src->name, dst->name);
1231
1232 image_size = bubt_read_file(src);
1233 if (!image_size)
1234 return 1;
1235
1236 err = bubt_verify(dst);
1237 if (err)
1238 return 1;
1239
1240 err = bubt_write_file(dst, image_size);
1241 if (err)
1242 return 1;
1243
1244 return 0;
1245 }
1246
1247 U_BOOT_CMD(
1248 bubt, 4, 0, do_bubt_cmd,
1249 "Burn a u-boot image to flash",
1250 "[file-name] [destination [source]]\n"
1251 "\t-file-name The image file name to burn. Default = " CONFIG_MVEBU_UBOOT_DFLT_NAME "\n"
1252 "\t-destination Flash to burn to [spi, nand, mmc, sata]. Default = " DEFAULT_BUBT_DST "\n"
1253 "\t-source The source to load image from [tftp, usb, mmc, sata]. Default = " DEFAULT_BUBT_SRC "\n"
1254 "Examples:\n"
1255 "\tbubt - Burn flash-image.bin from tftp to active boot device\n"
1256 "\tbubt flash-image-new.bin nand - Burn flash-image-new.bin from tftp to NAND flash\n"
1257 "\tbubt backup-flash-image.bin mmc usb - Burn backup-flash-image.bin from usb to MMC\n"
1258
1259 );
1260