u-boot/cmd/mvebu/bubt.c
Pali Rohár c624c1cbcf cmd: mvebu/bubt: Fix warnings: unused variable 'secure_mode' and 'fuse_read_u64' defined but not used
'secure_mode' and 'fuse_read_u64' are used only on A38x and A37xx.

Fixes: f7b0bbca2b ("cmd: mvebu/bubt: Check for A38x/A37xx OTP secure bits and secure boot")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00

1257 lines
29 KiB
C

// SPDX-License-Identifier: GPL-2.0
/*
* Copyright (C) 2016 Marvell International Ltd.
* https://spdx.org/licenses
*/
#include <config.h>
#include <common.h>
#include <command.h>
#include <env.h>
#include <image.h>
#include <net.h>
#include <vsprintf.h>
#include <errno.h>
#include <dm.h>
#include <fuse.h>
#include <mach/efuse.h>
#include <spi_flash.h>
#include <spi.h>
#include <nand.h>
#include <scsi.h>
#include <usb.h>
#include <fs.h>
#include <mmc.h>
#ifdef CONFIG_BLK
#include <blk.h>
#endif
#include <u-boot/sha1.h>
#include <u-boot/sha256.h>
#include <u-boot/sha512.h>
#if defined(CONFIG_ARMADA_8K)
#define MAIN_HDR_MAGIC 0xB105B002
struct mvebu_image_header {
u32 magic; /* 0-3 */
u32 prolog_size; /* 4-7 */
u32 prolog_checksum; /* 8-11 */
u32 boot_image_size; /* 12-15 */
u32 boot_image_checksum; /* 16-19 */
u32 rsrvd0; /* 20-23 */
u32 load_addr; /* 24-27 */
u32 exec_addr; /* 28-31 */
u8 uart_cfg; /* 32 */
u8 baudrate; /* 33 */
u8 ext_count; /* 34 */
u8 aux_flags; /* 35 */
u32 io_arg_0; /* 36-39 */
u32 io_arg_1; /* 40-43 */
u32 io_arg_2; /* 43-47 */
u32 io_arg_3; /* 48-51 */
u32 rsrvd1; /* 52-55 */
u32 rsrvd2; /* 56-59 */
u32 rsrvd3; /* 60-63 */
};
#elif defined(CONFIG_ARMADA_3700) /* A3700 */
#define HASH_SUM_LEN 16
#define IMAGE_VERSION_3_6_0 0x030600
#define IMAGE_VERSION_3_5_0 0x030500
struct tim_boot_flash_sign {
unsigned int id;
const char *name;
};
struct tim_boot_flash_sign tim_boot_flash_signs[] = {
{ 0x454d4d08, "mmc" },
{ 0x454d4d0b, "mmc" },
{ 0x5350490a, "spi" },
{ 0x5350491a, "nand" },
{ 0x55415223, "uart" },
{ 0x53415432, "sata" },
{},
};
struct common_tim_data {
u32 version;
u32 identifier;
u32 trusted;
u32 issue_date;
u32 oem_unique_id;
u32 reserved[5]; /* Reserve 20 bytes */
u32 boot_flash_sign;
u32 num_images;
u32 num_keys;
u32 size_of_reserved;
};
struct mvebu_image_info {
u32 image_id;
u32 next_image_id;
u32 flash_entry_addr;
u32 load_addr;
u32 image_size;
u32 image_size_to_hash;
u32 hash_algorithm_id;
u32 hash[HASH_SUM_LEN]; /* Reserve 512 bits for the hash */
u32 partition_number;
u32 enc_algorithm_id;
u32 encrypt_start_offset;
u32 encrypt_size;
};
#elif defined(CONFIG_ARMADA_32BIT)
/* Structure of the main header, version 1 (Armada 370/XP/375/38x/39x) */
struct a38x_main_hdr_v1 {
u8 blockid; /* 0x0 */
u8 flags; /* 0x1 */
u16 nandpagesize; /* 0x2-0x3 */
u32 blocksize; /* 0x4-0x7 */
u8 version; /* 0x8 */
u8 headersz_msb; /* 0x9 */
u16 headersz_lsb; /* 0xA-0xB */
u32 srcaddr; /* 0xC-0xF */
u32 destaddr; /* 0x10-0x13 */
u32 execaddr; /* 0x14-0x17 */
u8 options; /* 0x18 */
u8 nandblocksize; /* 0x19 */
u8 nandbadblklocation; /* 0x1A */
u8 reserved4; /* 0x1B */
u16 reserved5; /* 0x1C-0x1D */
u8 ext; /* 0x1E */
u8 checksum; /* 0x1F */
};
/*
* Header for the optional headers, version 1 (Armada 370/XP/375/38x/39x)
*/
struct a38x_opt_hdr_v1 {
u8 headertype;
u8 headersz_msb;
u16 headersz_lsb;
u8 data[0];
};
#define A38X_OPT_HDR_V1_SECURE_TYPE 0x1
struct a38x_boot_mode {
unsigned int id;
const char *name;
};
/* The blockid header field values used to indicate boot device of image */
struct a38x_boot_mode a38x_boot_modes[] = {
{ 0x4D, "i2c" },
{ 0x5A, "spi" },
{ 0x69, "uart" },
{ 0x78, "sata" },
{ 0x8B, "nand" },
{ 0x9C, "pex" },
{ 0xAE, "mmc" },
{},
};
#endif
struct bubt_dev {
char name[8];
size_t (*read)(const char *file_name);
int (*write)(size_t image_size);
int (*active)(void);
};
static ulong get_load_addr(void)
{
const char *addr_str;
unsigned long addr;
addr_str = env_get("loadaddr");
if (addr_str)
addr = hextoul(addr_str, NULL);
else
addr = CONFIG_SYS_LOAD_ADDR;
return addr;
}
/********************************************************************
* eMMC services
********************************************************************/
#if CONFIG_IS_ENABLED(DM_MMC) && CONFIG_IS_ENABLED(MMC_WRITE)
static int mmc_burn_image(size_t image_size)
{
struct mmc *mmc;
lbaint_t start_lba;
lbaint_t blk_count;
ulong blk_written;
int err;
const u8 mmc_dev_num = CONFIG_SYS_MMC_ENV_DEV;
#ifdef CONFIG_BLK
struct blk_desc *blk_desc;
#endif
#ifdef CONFIG_SUPPORT_EMMC_BOOT
u8 part;
u8 orig_part;
#endif
mmc = find_mmc_device(mmc_dev_num);
if (!mmc) {
printf("No SD/MMC/eMMC card found\n");
return -ENOMEDIUM;
}
err = mmc_init(mmc);
if (err) {
printf("%s(%d) init failed\n", IS_SD(mmc) ? "SD" : "MMC",
mmc_dev_num);
return err;
}
#ifdef CONFIG_BLK
blk_desc = mmc_get_blk_desc(mmc);
if (!blk_desc) {
printf("Error - failed to obtain block descriptor\n");
return -ENODEV;
}
#endif
#ifdef CONFIG_SUPPORT_EMMC_BOOT
#ifdef CONFIG_BLK
orig_part = blk_desc->hwpart;
#else
orig_part = mmc->block_dev.hwpart;
#endif
part = (mmc->part_config >> 3) & PART_ACCESS_MASK;
if (part == 7)
part = 0;
#ifdef CONFIG_BLK
err = blk_dselect_hwpart(blk_desc, part);
#else
err = mmc_switch_part(mmc, part);
#endif
if (err) {
printf("Error - MMC partition switch failed\n");
return err;
}
#endif
/* SD reserves LBA-0 for MBR and boots from LBA-1,
* MMC/eMMC boots from LBA-0
*/
start_lba = IS_SD(mmc) ? 1 : 0;
#ifdef CONFIG_BLK
blk_count = image_size / mmc->write_bl_len;
if (image_size % mmc->write_bl_len)
blk_count += 1;
blk_written = blk_dwrite(blk_desc, start_lba, blk_count,
(void *)get_load_addr());
#else
blk_count = image_size / mmc->block_dev.blksz;
if (image_size % mmc->block_dev.blksz)
blk_count += 1;
blk_written = mmc->block_dev.block_write(mmc_dev_num,
start_lba, blk_count,
(void *)get_load_addr());
#endif /* CONFIG_BLK */
#ifdef CONFIG_SUPPORT_EMMC_BOOT
#ifdef CONFIG_BLK
err = blk_dselect_hwpart(blk_desc, orig_part);
#else
err = mmc_switch_part(mmc, orig_part);
#endif
if (err)
printf("Error - MMC failed to switch back to original partition\n");
#endif
if (blk_written != blk_count) {
printf("Error - written %#lx blocks\n", blk_written);
return -ENOSPC;
}
printf("Done!\n");
return 0;
}
static size_t mmc_read_file(const char *file_name)
{
loff_t act_read = 0;
int rc;
struct mmc *mmc;
const u8 mmc_dev_num = CONFIG_SYS_MMC_ENV_DEV;
mmc = find_mmc_device(mmc_dev_num);
if (!mmc) {
printf("No SD/MMC/eMMC card found\n");
return 0;
}
if (mmc_init(mmc)) {
printf("%s(%d) init failed\n", IS_SD(mmc) ? "SD" : "MMC",
mmc_dev_num);
return 0;
}
/* Load from data partition (0) */
if (fs_set_blk_dev("mmc", "0", FS_TYPE_ANY)) {
printf("Error: MMC 0 not found\n");
return 0;
}
/* Perfrom file read */
rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
if (rc)
return 0;
return act_read;
}
static int is_mmc_active(void)
{
return 1;
}
#else /* CONFIG_DM_MMC */
static int mmc_burn_image(size_t image_size)
{
return -ENODEV;
}
static size_t mmc_read_file(const char *file_name)
{
return 0;
}
static int is_mmc_active(void)
{
return 0;
}
#endif /* CONFIG_DM_MMC */
/********************************************************************
* SATA services
********************************************************************/
#if defined(CONFIG_SCSI) && defined(CONFIG_BLK)
static int sata_burn_image(size_t image_size)
{
#if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_32BIT)
lbaint_t start_lba;
lbaint_t blk_count;
ulong blk_written;
struct blk_desc *blk_desc;
#ifdef CONFIG_ARMADA_3700
struct disk_partition info;
int part;
#endif
scsi_scan(false);
blk_desc = blk_get_devnum_by_uclass_id(UCLASS_SCSI, 0);
if (!blk_desc)
return -ENODEV;
#ifdef CONFIG_ARMADA_3700
/*
* 64-bit Armada 3700 BootROM loads SATA firmware from
* GPT 'Marvell Armada 3700 Boot partition' or from
* MBR 'M' (0x4d) partition.
*/
switch (blk_desc->part_type) {
case PART_TYPE_DOS:
for (part = 1; part <= 4; part++) {
info.sys_ind = 0;
if (part_get_info(blk_desc, part, &info))
continue;
if (info.sys_ind == 'M')
break;
}
if (part > 4) {
printf("Error - cannot find MBR 'M' (0x4d) partition on SATA disk\n");
return -ENODEV;
}
start_lba = info.start;
break;
case PART_TYPE_EFI:
for (part = 1; part <= 64; part++) {
info.type_guid[0] = 0;
if (part_get_info(blk_desc, part, &info))
continue;
/* Check for GPT type GUID of 'Marvell Armada 3700 Boot partition' */
if (strcmp(info.type_guid, "6828311A-BA55-42A4-BCDE-A89BB5EDECAE") == 0)
break;
}
if (part > 64) {
printf("Error - cannot find GPT 'Marvell Armada 3700 Boot partition' on SATA disk\n");
return -ENODEV;
}
start_lba = info.start;
break;
default:
printf("Error - no partitions on SATA disk\n");
return -ENODEV;
}
#else
/* 32-bit Armada BootROM loads SATA firmware from the sector 1. */
start_lba = 1;
#endif
blk_count = image_size / blk_desc->blksz;
if (image_size % blk_desc->blksz)
blk_count += 1;
blk_written = blk_dwrite(blk_desc, start_lba, blk_count,
(void *)get_load_addr());
if (blk_written != blk_count) {
printf("Error - written %#lx blocks\n", blk_written);
return -ENOSPC;
}
printf("Done!\n");
return 0;
#else
return -ENODEV;
#endif
}
static size_t sata_read_file(const char *file_name)
{
loff_t act_read = 0;
struct udevice *dev;
int rc;
/* try to recognize storage devices immediately */
scsi_scan(false);
/* Try to recognize storage devices immediately */
blk_first_device(UCLASS_SCSI, &dev);
if (!dev) {
printf("Error: SATA device not found\n");
return 0;
}
/* Always load from scsi 0 */
if (fs_set_blk_dev("scsi", "0", FS_TYPE_ANY)) {
printf("Error: SATA 0 not found\n");
return 0;
}
/* Perfrom file read */
rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
if (rc)
return 0;
return act_read;
}
static int is_sata_active(void)
{
return 1;
}
#else /* CONFIG_SCSI */
static int sata_burn_image(size_t image_size)
{
return -ENODEV;
}
static size_t sata_read_file(const char *file_name)
{
return 0;
}
static int is_sata_active(void)
{
return 0;
}
#endif /* CONFIG_SCSI */
/********************************************************************
* SPI services
********************************************************************/
#ifdef CONFIG_SPI_FLASH
static int spi_burn_image(size_t image_size)
{
int ret;
struct spi_flash *flash;
u32 erase_bytes;
/* Probe the SPI bus to get the flash device */
flash = spi_flash_probe(CONFIG_SF_DEFAULT_BUS,
CONFIG_SF_DEFAULT_CS,
CONFIG_SF_DEFAULT_SPEED,
CONFIG_SF_DEFAULT_MODE);
if (!flash) {
printf("Failed to probe SPI Flash\n");
return -ENOMEDIUM;
}
erase_bytes = image_size +
(flash->erase_size - image_size % flash->erase_size);
printf("Erasing %d bytes (%d blocks) at offset 0 ...",
erase_bytes, erase_bytes / flash->erase_size);
ret = spi_flash_erase(flash, 0, erase_bytes);
if (ret)
printf("Error!\n");
else
printf("Done!\n");
printf("Writing %d bytes from 0x%lx to offset 0 ...",
(int)image_size, get_load_addr());
ret = spi_flash_write(flash, 0, image_size, (void *)get_load_addr());
if (ret)
printf("Error!\n");
else
printf("Done!\n");
return ret;
}
static int is_spi_active(void)
{
return 1;
}
#else /* CONFIG_SPI_FLASH */
static int spi_burn_image(size_t image_size)
{
return -ENODEV;
}
static int is_spi_active(void)
{
return 0;
}
#endif /* CONFIG_SPI_FLASH */
/********************************************************************
* NAND services
********************************************************************/
#ifdef CONFIG_CMD_NAND
static int nand_burn_image(size_t image_size)
{
int ret;
uint32_t block_size;
struct mtd_info *mtd;
mtd = get_nand_dev_by_index(nand_curr_device);
if (!mtd) {
puts("\nno devices available\n");
return -ENOMEDIUM;
}
block_size = mtd->erasesize;
/* Align U-Boot size to currently used blocksize */
image_size = ((image_size + (block_size - 1)) & (~(block_size - 1)));
/* Erase the U-Boot image space */
printf("Erasing 0x%x - 0x%x:...", 0, (int)image_size);
ret = nand_erase(mtd, 0, image_size);
if (ret) {
printf("Error!\n");
goto error;
}
printf("Done!\n");
/* Write the image to flash */
printf("Writing %d bytes from 0x%lx to offset 0 ... ",
(int)image_size, get_load_addr());
ret = nand_write(mtd, 0, &image_size, (void *)get_load_addr());
if (ret)
printf("Error!\n");
else
printf("Done!\n");
error:
return ret;
}
static int is_nand_active(void)
{
return 1;
}
#else /* CONFIG_CMD_NAND */
static int nand_burn_image(size_t image_size)
{
return -ENODEV;
}
static int is_nand_active(void)
{
return 0;
}
#endif /* CONFIG_CMD_NAND */
/********************************************************************
* USB services
********************************************************************/
#if defined(CONFIG_USB_STORAGE) && defined(CONFIG_BLK)
static size_t usb_read_file(const char *file_name)
{
loff_t act_read = 0;
struct udevice *dev;
int rc;
usb_stop();
if (usb_init() < 0) {
printf("Error: usb_init failed\n");
return 0;
}
/* Try to recognize storage devices immediately */
blk_first_device(UCLASS_USB, &dev);
if (!dev) {
printf("Error: USB storage device not found\n");
return 0;
}
/* Always load from usb 0 */
if (fs_set_blk_dev("usb", "0", FS_TYPE_ANY)) {
printf("Error: USB 0 not found\n");
return 0;
}
/* Perfrom file read */
rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
if (rc)
return 0;
return act_read;
}
static int is_usb_active(void)
{
return 1;
}
#else /* defined(CONFIG_USB_STORAGE) && defined (CONFIG_BLK) */
static size_t usb_read_file(const char *file_name)
{
return 0;
}
static int is_usb_active(void)
{
return 0;
}
#endif /* defined(CONFIG_USB_STORAGE) && defined (CONFIG_BLK) */
/********************************************************************
* Network services
********************************************************************/
#ifdef CONFIG_CMD_NET
static size_t tftp_read_file(const char *file_name)
{
int ret;
/*
* update global variable image_load_addr before tftp file from network
*/
image_load_addr = get_load_addr();
ret = net_loop(TFTPGET);
return ret > 0 ? ret : 0;
}
static int is_tftp_active(void)
{
return 1;
}
#else
static size_t tftp_read_file(const char *file_name)
{
return 0;
}
static int is_tftp_active(void)
{
return 0;
}
#endif /* CONFIG_CMD_NET */
enum bubt_devices {
BUBT_DEV_NET = 0,
BUBT_DEV_USB,
BUBT_DEV_MMC,
BUBT_DEV_SATA,
BUBT_DEV_SPI,
BUBT_DEV_NAND,
BUBT_MAX_DEV
};
static struct bubt_dev bubt_devs[BUBT_MAX_DEV] = {
{"tftp", tftp_read_file, NULL, is_tftp_active},
{"usb", usb_read_file, NULL, is_usb_active},
{"mmc", mmc_read_file, mmc_burn_image, is_mmc_active},
{"sata", sata_read_file, sata_burn_image, is_sata_active},
{"spi", NULL, spi_burn_image, is_spi_active},
{"nand", NULL, nand_burn_image, is_nand_active},
};
static int bubt_write_file(struct bubt_dev *dst, size_t image_size)
{
if (!dst->write) {
printf("Error: Write not supported on device %s\n", dst->name);
return -ENOTSUPP;
}
return dst->write(image_size);
}
#if defined(CONFIG_ARMADA_8K)
static u32 do_checksum32(u32 *start, int32_t len)
{
u32 sum = 0;
u32 *startp = start;
do {
sum += *startp;
startp++;
len -= 4;
} while (len > 0);
return sum;
}
static int check_image_header(void)
{
struct mvebu_image_header *hdr =
(struct mvebu_image_header *)get_load_addr();
u32 checksum;
u32 checksum_ref;
/*
* For now compare checksum, and magic. Later we can
* verify more stuff on the header like interface type, etc
*/
if (hdr->magic != MAIN_HDR_MAGIC) {
printf("ERROR: Bad MAGIC 0x%08x != 0x%08x\n",
hdr->magic, MAIN_HDR_MAGIC);
return -ENOEXEC;
}
checksum_ref = hdr->prolog_checksum;
checksum = do_checksum32((u32 *)hdr, hdr->prolog_size);
checksum -= hdr->prolog_checksum;
if (checksum != checksum_ref) {
printf("Error: Bad Prolog checksum. 0x%x != 0x%x\n",
checksum, checksum_ref);
return -ENOEXEC;
}
checksum_ref = hdr->boot_image_checksum;
checksum = do_checksum32((u32 *)((u8 *)hdr + hdr->prolog_size), hdr->boot_image_size);
if (checksum != checksum_ref) {
printf("Error: Bad Image checksum. 0x%x != 0x%x\n",
checksum, checksum_ref);
return -ENOEXEC;
}
printf("Image checksum...OK!\n");
return 0;
}
#elif defined(CONFIG_ARMADA_3700) /* Armada 3700 */
static int check_image_header(void)
{
struct common_tim_data *hdr = (struct common_tim_data *)get_load_addr();
int image_num;
u8 hash_160_output[SHA1_SUM_LEN];
u8 hash_256_output[SHA256_SUM_LEN];
u8 hash_512_output[SHA512_SUM_LEN];
sha1_context hash1_text;
sha256_context hash256_text;
sha512_context hash512_text;
u8 *hash_output;
u32 hash_algorithm_id;
u32 image_size_to_hash;
u32 flash_entry_addr;
u32 *hash_value;
u32 internal_hash[HASH_SUM_LEN];
const u8 *buff;
u32 num_of_image = hdr->num_images;
u32 version = hdr->version;
u32 trusted = hdr->trusted;
/* bubt checksum validation only supports nontrusted images */
if (trusted == 1) {
printf("bypass image validation, ");
printf("only untrusted image is supported now\n");
return 0;
}
/* only supports image version 3.5 and 3.6 */
if (version != IMAGE_VERSION_3_5_0 && version != IMAGE_VERSION_3_6_0) {
printf("Error: Unsupported Image version = 0x%08x\n", version);
return -ENOEXEC;
}
/* validate images hash value */
for (image_num = 0; image_num < num_of_image; image_num++) {
struct mvebu_image_info *info =
(struct mvebu_image_info *)(get_load_addr() +
sizeof(struct common_tim_data) +
image_num * sizeof(struct mvebu_image_info));
hash_algorithm_id = info->hash_algorithm_id;
image_size_to_hash = info->image_size_to_hash;
flash_entry_addr = info->flash_entry_addr;
hash_value = info->hash;
buff = (const u8 *)(get_load_addr() + flash_entry_addr);
if (image_num == 0) {
/*
* The first image includes hash values in its content.
* For hash calculation, we need to save the original
* hash values to a local variable that will be
* copied back for comparsion and set all zeros to
* the orignal hash values for calculating new value.
* First image original format :
* x...x (datum1) x...x(orig. hash values) x...x(datum2)
* Replaced first image format :
* x...x (datum1) 0...0(hash values) x...x(datum2)
*/
memcpy(internal_hash, hash_value,
sizeof(internal_hash));
memset(hash_value, 0, sizeof(internal_hash));
}
if (image_size_to_hash == 0) {
printf("Warning: Image_%d hash checksum is disabled, ",
image_num);
printf("skip the image validation.\n");
continue;
}
switch (hash_algorithm_id) {
case SHA1_SUM_LEN:
sha1_starts(&hash1_text);
sha1_update(&hash1_text, buff, image_size_to_hash);
sha1_finish(&hash1_text, hash_160_output);
hash_output = hash_160_output;
break;
case SHA256_SUM_LEN:
sha256_starts(&hash256_text);
sha256_update(&hash256_text, buff, image_size_to_hash);
sha256_finish(&hash256_text, hash_256_output);
hash_output = hash_256_output;
break;
case SHA512_SUM_LEN:
sha512_starts(&hash512_text);
sha512_update(&hash512_text, buff, image_size_to_hash);
sha512_finish(&hash512_text, hash_512_output);
hash_output = hash_512_output;
break;
default:
printf("Error: Unsupported hash_algorithm_id = %d\n",
hash_algorithm_id);
return -ENOEXEC;
}
if (image_num == 0)
memcpy(hash_value, internal_hash,
sizeof(internal_hash));
if (memcmp(hash_value, hash_output, hash_algorithm_id) != 0) {
printf("Error: Image_%d checksum is not correct\n",
image_num);
return -ENOEXEC;
}
}
printf("Image checksum...OK!\n");
return 0;
}
#elif defined(CONFIG_ARMADA_32BIT)
static size_t a38x_header_size(const struct a38x_main_hdr_v1 *h)
{
if (h->version == 1)
return (h->headersz_msb << 16) | le16_to_cpu(h->headersz_lsb);
printf("Error: Invalid A38x image (header version 0x%x unknown)!\n",
h->version);
return 0;
}
static uint8_t image_checksum8(const void *start, size_t len)
{
u8 csum = 0;
const u8 *p = start;
while (len) {
csum += *p;
++p;
--len;
}
return csum;
}
static uint32_t image_checksum32(const void *start, size_t len)
{
u32 csum = 0;
const u32 *p = start;
while (len) {
csum += *p;
++p;
len -= sizeof(u32);
}
return csum;
}
static int check_image_header(void)
{
u8 checksum;
u32 checksum32, exp_checksum32;
u32 offset, size;
const struct a38x_main_hdr_v1 *hdr =
(struct a38x_main_hdr_v1 *)get_load_addr();
const size_t hdr_size = a38x_header_size(hdr);
if (!hdr_size)
return -ENOEXEC;
checksum = image_checksum8(hdr, hdr_size);
checksum -= hdr->checksum;
if (checksum != hdr->checksum) {
printf("Error: Bad A38x image header checksum. 0x%x != 0x%x\n",
checksum, hdr->checksum);
return -ENOEXEC;
}
offset = le32_to_cpu(hdr->srcaddr);
size = le32_to_cpu(hdr->blocksize);
if (hdr->blockid == 0x78) /* SATA id */
offset *= 512;
if (offset % 4 != 0 || size < 4 || size % 4 != 0) {
printf("Error: Bad A38x image blocksize.\n");
return -ENOEXEC;
}
checksum32 = image_checksum32((u8 *)hdr + offset, size - 4);
exp_checksum32 = *(u32 *)((u8 *)hdr + offset + size - 4);
if (checksum32 != exp_checksum32) {
printf("Error: Bad A38x image data checksum. 0x%08x != 0x%08x\n",
checksum32, exp_checksum32);
return -ENOEXEC;
}
printf("Image checksum...OK!\n");
return 0;
}
#if defined(CONFIG_ARMADA_38X)
static int a38x_image_is_secure(const struct a38x_main_hdr_v1 *hdr)
{
const size_t hdr_size = a38x_header_size(hdr);
struct a38x_opt_hdr_v1 *ohdr;
u32 ohdr_size;
if (hdr->version != 1)
return 0;
if (!hdr->ext)
return 0;
ohdr = (struct a38x_opt_hdr_v1 *)(hdr + 1);
do {
if (ohdr->headertype == A38X_OPT_HDR_V1_SECURE_TYPE)
return 1;
ohdr_size = (ohdr->headersz_msb << 16) | le16_to_cpu(ohdr->headersz_lsb);
if (!*((u8 *)ohdr + ohdr_size - 4))
break;
ohdr = (struct a38x_opt_hdr_v1 *)((u8 *)ohdr + ohdr_size);
if ((u8 *)ohdr >= (u8 *)hdr + hdr_size)
break;
} while (1);
return 0;
}
#endif
#else /* Not ARMADA? */
static int check_image_header(void)
{
printf("bubt cmd does not support this SoC device or family!\n");
return -ENOEXEC;
}
#endif
#if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_38X)
static u64 fuse_read_u64(u32 bank)
{
u32 val[2];
int ret;
ret = fuse_read(bank, 0, &val[0]);
if (ret < 0)
return -1;
ret = fuse_read(bank, 1, &val[1]);
if (ret < 0)
return -1;
return ((u64)val[1] << 32) | val[0];
}
#endif
#if defined(CONFIG_ARMADA_3700)
static inline u8 maj3(u8 val)
{
/* return majority vote of 3 bits */
return ((val & 0x7) == 3 || (val & 0x7) > 4) ? 1 : 0;
}
#endif
static int bubt_check_boot_mode(const struct bubt_dev *dst)
{
#if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_32BIT)
int mode;
#if defined(CONFIG_ARMADA_3700) || defined(CONFIG_ARMADA_38X)
int secure_mode;
#endif
#if defined(CONFIG_ARMADA_3700)
const struct tim_boot_flash_sign *boot_modes = tim_boot_flash_signs;
const struct common_tim_data *hdr =
(struct common_tim_data *)get_load_addr();
u32 id = hdr->boot_flash_sign;
int is_secure = hdr->trusted != 0;
u64 otp_secure_bits = fuse_read_u64(1);
int otp_secure_boot = ((maj3(otp_secure_bits >> 0) << 0) |
(maj3(otp_secure_bits >> 4) << 1)) == 2;
unsigned int otp_boot_device = (maj3(otp_secure_bits >> 48) << 0) |
(maj3(otp_secure_bits >> 52) << 1) |
(maj3(otp_secure_bits >> 56) << 2) |
(maj3(otp_secure_bits >> 60) << 3);
#elif defined(CONFIG_ARMADA_32BIT)
const struct a38x_boot_mode *boot_modes = a38x_boot_modes;
const struct a38x_main_hdr_v1 *hdr =
(struct a38x_main_hdr_v1 *)get_load_addr();
u32 id = hdr->blockid;
#if defined(CONFIG_ARMADA_38X)
int is_secure = a38x_image_is_secure(hdr);
u64 otp_secure_bits = fuse_read_u64(EFUSE_LINE_SECURE_BOOT);
int otp_secure_boot = otp_secure_bits & 0x1;
unsigned int otp_boot_device = (otp_secure_bits >> 8) & 0x7;
#endif
#endif
for (mode = 0; boot_modes[mode].name; mode++) {
if (boot_modes[mode].id == id)
break;
}
if (!boot_modes[mode].name) {
printf("Error: unknown boot device in image header: 0x%x\n", id);
return -ENOEXEC;
}
if (strcmp(boot_modes[mode].name, dst->name) != 0) {
printf("Error: image meant to be booted from \"%s\", not \"%s\"!\n",
boot_modes[mode].name, dst->name);
return -ENOEXEC;
}
#if defined(CONFIG_ARMADA_38X) || defined(CONFIG_ARMADA_3700)
if (otp_secure_bits == (u64)-1) {
printf("Error: cannot read OTP secure bits\n");
return -ENOEXEC;
} else {
if (otp_secure_boot && !is_secure) {
printf("Error: secure boot is enabled in OTP but image does not have secure boot header!\n");
return -ENOEXEC;
} else if (!otp_secure_boot && is_secure) {
#if defined(CONFIG_ARMADA_3700)
/*
* Armada 3700 BootROM rejects trusted image when secure boot is not enabled.
* Armada 385 BootROM accepts image with secure boot header also when secure boot is not enabled.
*/
printf("Error: secure boot is disabled in OTP but image has secure boot header!\n");
return -ENOEXEC;
#endif
} else if (otp_boot_device && otp_boot_device != id) {
for (secure_mode = 0; boot_modes[secure_mode].name; secure_mode++) {
if (boot_modes[secure_mode].id == otp_boot_device)
break;
}
printf("Error: boot source is set to \"%s\" in OTP but image is for \"%s\"!\n",
boot_modes[secure_mode].name ?: "unknown", dst->name);
return -ENOEXEC;
}
}
#endif
#endif
return 0;
}
static int bubt_verify(const struct bubt_dev *dst)
{
int err;
/* Check a correct image header exists */
err = check_image_header();
if (err) {
printf("Error: Image header verification failed\n");
return err;
}
err = bubt_check_boot_mode(dst);
if (err) {
printf("Error: Image boot mode verification failed\n");
return err;
}
return 0;
}
static int bubt_read_file(struct bubt_dev *src)
{
size_t image_size;
if (!src->read) {
printf("Error: Read not supported on device \"%s\"\n",
src->name);
return 0;
}
image_size = src->read(net_boot_file_name);
if (image_size <= 0) {
printf("Error: Failed to read file %s from %s\n",
net_boot_file_name, src->name);
return 0;
}
return image_size;
}
static int bubt_is_dev_active(struct bubt_dev *dev)
{
if (!dev->active) {
printf("Device \"%s\" not supported by U-Boot image\n",
dev->name);
return 0;
}
if (!dev->active()) {
printf("Device \"%s\" is inactive\n", dev->name);
return 0;
}
return 1;
}
static struct bubt_dev *find_bubt_dev(char *dev_name)
{
int dev;
for (dev = 0; dev < BUBT_MAX_DEV; dev++) {
if (strcmp(bubt_devs[dev].name, dev_name) == 0)
return &bubt_devs[dev];
}
return 0;
}
#define DEFAULT_BUBT_SRC "tftp"
#ifndef DEFAULT_BUBT_DST
#ifdef CONFIG_MVEBU_SPI_BOOT
#define DEFAULT_BUBT_DST "spi"
#elif defined(CONFIG_MVEBU_NAND_BOOT)
#define DEFAULT_BUBT_DST "nand"
#elif defined(CONFIG_MVEBU_MMC_BOOT)
#define DEFAULT_BUBT_DST "mmc"
#elif defined(CONFIG_MVEBU_SATA_BOOT)
#define DEFAULT_BUBT_DST "sata"
#else
#define DEFAULT_BUBT_DST "error"
#endif
#endif /* DEFAULT_BUBT_DST */
static int do_bubt_cmd(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
struct bubt_dev *src, *dst;
size_t image_size;
char src_dev_name[8];
char dst_dev_name[8];
char *name;
int err;
if (argc < 2)
copy_filename(net_boot_file_name,
CONFIG_MVEBU_UBOOT_DFLT_NAME,
sizeof(net_boot_file_name));
else
copy_filename(net_boot_file_name, argv[1],
sizeof(net_boot_file_name));
if (argc >= 3) {
strncpy(dst_dev_name, argv[2], 8);
} else {
name = DEFAULT_BUBT_DST;
strncpy(dst_dev_name, name, 8);
}
if (argc >= 4)
strncpy(src_dev_name, argv[3], 8);
else
strncpy(src_dev_name, DEFAULT_BUBT_SRC, 8);
/* Figure out the destination device */
dst = find_bubt_dev(dst_dev_name);
if (!dst) {
printf("Error: Unknown destination \"%s\"\n", dst_dev_name);
return 1;
}
if (!bubt_is_dev_active(dst))
return 1;
/* Figure out the source device */
src = find_bubt_dev(src_dev_name);
if (!src) {
printf("Error: Unknown source \"%s\"\n", src_dev_name);
return 1;
}
if (!bubt_is_dev_active(src))
return -ENODEV;
printf("Burning U-Boot image \"%s\" from \"%s\" to \"%s\"\n",
net_boot_file_name, src->name, dst->name);
image_size = bubt_read_file(src);
if (!image_size)
return 1;
err = bubt_verify(dst);
if (err)
return 1;
err = bubt_write_file(dst, image_size);
if (err)
return 1;
return 0;
}
U_BOOT_CMD(
bubt, 4, 0, do_bubt_cmd,
"Burn a u-boot image to flash",
"[file-name] [destination [source]]\n"
"\t-file-name The image file name to burn. Default = " CONFIG_MVEBU_UBOOT_DFLT_NAME "\n"
"\t-destination Flash to burn to [spi, nand, mmc, sata]. Default = " DEFAULT_BUBT_DST "\n"
"\t-source The source to load image from [tftp, usb, mmc, sata]. Default = " DEFAULT_BUBT_SRC "\n"
"Examples:\n"
"\tbubt - Burn flash-image.bin from tftp to active boot device\n"
"\tbubt flash-image-new.bin nand - Burn flash-image-new.bin from tftp to NAND flash\n"
"\tbubt backup-flash-image.bin mmc usb - Burn backup-flash-image.bin from usb to MMC\n"
);