]>
Commit | Line | Data |
---|---|---|
b83c709e | 1 | /* |
29067abf | 2 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. |
b83c709e SB |
3 | * |
4 | * SPDX-License-Identifier: GPL-2.0+ | |
5 | */ | |
6 | ||
7 | #include <common.h> | |
fba6f9ef AA |
8 | #include <config.h> |
9 | #include <fuse.h> | |
b83c709e | 10 | #include <asm/io.h> |
36c1ca4d | 11 | #include <asm/system.h> |
36c1ca4d | 12 | #include <asm/arch/clock.h> |
f2f07e85 | 13 | #include <asm/arch/sys_proto.h> |
552a848e | 14 | #include <asm/mach-imx/hab.h> |
b83c709e SB |
15 | |
16 | /* -------- start of HAB API updates ------------*/ | |
f2f07e85 SB |
17 | |
18 | #define hab_rvt_report_event_p \ | |
19 | ( \ | |
b5437a80 PF |
20 | (is_mx6dqp()) ? \ |
21 | ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT_NEW) : \ | |
27cd0da4 | 22 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ |
f2f07e85 | 23 | ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT_NEW) : \ |
27cd0da4 | 24 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ |
f2f07e85 SB |
25 | ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT_NEW) : \ |
26 | ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT) \ | |
27 | ) | |
28 | ||
29 | #define hab_rvt_report_status_p \ | |
30 | ( \ | |
b5437a80 PF |
31 | (is_mx6dqp()) ? \ |
32 | ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS_NEW) :\ | |
27cd0da4 | 33 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ |
f2f07e85 | 34 | ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS_NEW) :\ |
27cd0da4 | 35 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ |
f2f07e85 SB |
36 | ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS_NEW) :\ |
37 | ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS) \ | |
38 | ) | |
39 | ||
40 | #define hab_rvt_authenticate_image_p \ | |
41 | ( \ | |
b5437a80 PF |
42 | (is_mx6dqp()) ? \ |
43 | ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE_NEW) : \ | |
27cd0da4 | 44 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ |
f2f07e85 | 45 | ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE_NEW) : \ |
27cd0da4 | 46 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ |
f2f07e85 SB |
47 | ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE_NEW) : \ |
48 | ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE) \ | |
49 | ) | |
50 | ||
51 | #define hab_rvt_entry_p \ | |
52 | ( \ | |
b5437a80 PF |
53 | (is_mx6dqp()) ? \ |
54 | ((hab_rvt_entry_t *)HAB_RVT_ENTRY_NEW) : \ | |
27cd0da4 | 55 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ |
f2f07e85 | 56 | ((hab_rvt_entry_t *)HAB_RVT_ENTRY_NEW) : \ |
27cd0da4 | 57 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ |
f2f07e85 SB |
58 | ((hab_rvt_entry_t *)HAB_RVT_ENTRY_NEW) : \ |
59 | ((hab_rvt_entry_t *)HAB_RVT_ENTRY) \ | |
60 | ) | |
61 | ||
62 | #define hab_rvt_exit_p \ | |
63 | ( \ | |
b5437a80 PF |
64 | (is_mx6dqp()) ? \ |
65 | ((hab_rvt_exit_t *)HAB_RVT_EXIT_NEW) : \ | |
27cd0da4 | 66 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ |
f2f07e85 | 67 | ((hab_rvt_exit_t *)HAB_RVT_EXIT_NEW) : \ |
27cd0da4 | 68 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ |
f2f07e85 SB |
69 | ((hab_rvt_exit_t *)HAB_RVT_EXIT_NEW) : \ |
70 | ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ | |
71 | ) | |
b83c709e | 72 | |
c0a55b73 BD |
73 | static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, |
74 | const void *start, | |
75 | size_t bytes) | |
76 | { | |
77 | return HAB_SUCCESS; | |
78 | } | |
79 | ||
80 | #define hab_rvt_check_target_p \ | |
81 | ( \ | |
82 | (is_mx6dqp()) ? \ | |
83 | ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ | |
84 | (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ | |
85 | ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ | |
86 | (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ | |
87 | ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ | |
88 | ((hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET) \ | |
89 | ) | |
90 | ||
36c1ca4d | 91 | #define ALIGN_SIZE 0x1000 |
36c1ca4d NG |
92 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 |
93 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 | |
94 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 | |
ee3899aa | 95 | #define IS_HAB_ENABLED_BIT \ |
27117b20 PF |
96 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ |
97 | (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) | |
36c1ca4d | 98 | |
15b505b0 SE |
99 | static bool is_hab_enabled(void); |
100 | ||
49b6d058 BD |
101 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) |
102 | { | |
103 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, | |
104 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); | |
105 | ||
106 | return 1; | |
107 | } | |
108 | ||
109 | static int verify_ivt_header(struct ivt_header *ivt_hdr) | |
110 | { | |
111 | int result = 0; | |
112 | ||
113 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) | |
114 | result = ivt_header_error("bad magic", ivt_hdr); | |
115 | ||
116 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) | |
117 | result = ivt_header_error("bad length", ivt_hdr); | |
118 | ||
119 | if (ivt_hdr->version != IVT_HEADER_V1 && | |
120 | ivt_hdr->version != IVT_HEADER_V2) | |
121 | result = ivt_header_error("bad version", ivt_hdr); | |
122 | ||
123 | return result; | |
124 | } | |
125 | ||
15b505b0 SE |
126 | #if !defined(CONFIG_SPL_BUILD) |
127 | ||
29067abf UC |
128 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ |
129 | ||
130 | struct record { | |
131 | uint8_t tag; /* Tag */ | |
132 | uint8_t len[2]; /* Length */ | |
133 | uint8_t par; /* Version */ | |
134 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ | |
135 | bool any_rec_flag; | |
136 | }; | |
137 | ||
138 | char *rsn_str[] = {"RSN = HAB_RSN_ANY (0x00)\n", | |
139 | "RSN = HAB_ENG_FAIL (0x30)\n", | |
140 | "RSN = HAB_INV_ADDRESS (0x22)\n", | |
141 | "RSN = HAB_INV_ASSERTION (0x0C)\n", | |
142 | "RSN = HAB_INV_CALL (0x28)\n", | |
143 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", | |
144 | "RSN = HAB_INV_COMMAND (0x06)\n", | |
145 | "RSN = HAB_INV_CSF (0x11)\n", | |
146 | "RSN = HAB_INV_DCD (0x27)\n", | |
147 | "RSN = HAB_INV_INDEX (0x0F)\n", | |
148 | "RSN = HAB_INV_IVT (0x05)\n", | |
149 | "RSN = HAB_INV_KEY (0x1D)\n", | |
150 | "RSN = HAB_INV_RETURN (0x1E)\n", | |
151 | "RSN = HAB_INV_SIGNATURE (0x18)\n", | |
152 | "RSN = HAB_INV_SIZE (0x17)\n", | |
153 | "RSN = HAB_MEM_FAIL (0x2E)\n", | |
154 | "RSN = HAB_OVR_COUNT (0x2B)\n", | |
155 | "RSN = HAB_OVR_STORAGE (0x2D)\n", | |
156 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", | |
157 | "RSN = HAB_UNS_COMMAND (0x03)\n", | |
158 | "RSN = HAB_UNS_ENGINE (0x0A)\n", | |
159 | "RSN = HAB_UNS_ITEM (0x24)\n", | |
160 | "RSN = HAB_UNS_KEY (0x1B)\n", | |
161 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", | |
162 | "RSN = HAB_UNS_STATE (0x09)\n", | |
163 | "RSN = INVALID\n", | |
164 | NULL}; | |
165 | ||
166 | char *sts_str[] = {"STS = HAB_SUCCESS (0xF0)\n", | |
167 | "STS = HAB_FAILURE (0x33)\n", | |
168 | "STS = HAB_WARNING (0x69)\n", | |
169 | "STS = INVALID\n", | |
170 | NULL}; | |
171 | ||
172 | char *eng_str[] = {"ENG = HAB_ENG_ANY (0x00)\n", | |
173 | "ENG = HAB_ENG_SCC (0x03)\n", | |
174 | "ENG = HAB_ENG_RTIC (0x05)\n", | |
175 | "ENG = HAB_ENG_SAHARA (0x06)\n", | |
176 | "ENG = HAB_ENG_CSU (0x0A)\n", | |
177 | "ENG = HAB_ENG_SRTC (0x0C)\n", | |
178 | "ENG = HAB_ENG_DCP (0x1B)\n", | |
179 | "ENG = HAB_ENG_CAAM (0x1D)\n", | |
180 | "ENG = HAB_ENG_SNVS (0x1E)\n", | |
181 | "ENG = HAB_ENG_OCOTP (0x21)\n", | |
182 | "ENG = HAB_ENG_DTCP (0x22)\n", | |
183 | "ENG = HAB_ENG_ROM (0x36)\n", | |
184 | "ENG = HAB_ENG_HDCP (0x24)\n", | |
185 | "ENG = HAB_ENG_RTL (0x77)\n", | |
186 | "ENG = HAB_ENG_SW (0xFF)\n", | |
187 | "ENG = INVALID\n", | |
188 | NULL}; | |
189 | ||
190 | char *ctx_str[] = {"CTX = HAB_CTX_ANY(0x00)\n", | |
191 | "CTX = HAB_CTX_FAB (0xFF)\n", | |
192 | "CTX = HAB_CTX_ENTRY (0xE1)\n", | |
193 | "CTX = HAB_CTX_TARGET (0x33)\n", | |
194 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", | |
195 | "CTX = HAB_CTX_DCD (0xDD)\n", | |
196 | "CTX = HAB_CTX_CSF (0xCF)\n", | |
197 | "CTX = HAB_CTX_COMMAND (0xC0)\n", | |
198 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", | |
199 | "CTX = HAB_CTX_ASSERT (0xA0)\n", | |
200 | "CTX = HAB_CTX_EXIT (0xEE)\n", | |
201 | "CTX = INVALID\n", | |
202 | NULL}; | |
203 | ||
204 | uint8_t hab_statuses[5] = { | |
205 | HAB_STS_ANY, | |
206 | HAB_FAILURE, | |
207 | HAB_WARNING, | |
208 | HAB_SUCCESS, | |
209 | -1 | |
210 | }; | |
211 | ||
212 | uint8_t hab_reasons[26] = { | |
213 | HAB_RSN_ANY, | |
214 | HAB_ENG_FAIL, | |
215 | HAB_INV_ADDRESS, | |
216 | HAB_INV_ASSERTION, | |
217 | HAB_INV_CALL, | |
218 | HAB_INV_CERTIFICATE, | |
219 | HAB_INV_COMMAND, | |
220 | HAB_INV_CSF, | |
221 | HAB_INV_DCD, | |
222 | HAB_INV_INDEX, | |
223 | HAB_INV_IVT, | |
224 | HAB_INV_KEY, | |
225 | HAB_INV_RETURN, | |
226 | HAB_INV_SIGNATURE, | |
227 | HAB_INV_SIZE, | |
228 | HAB_MEM_FAIL, | |
229 | HAB_OVR_COUNT, | |
230 | HAB_OVR_STORAGE, | |
231 | HAB_UNS_ALGORITHM, | |
232 | HAB_UNS_COMMAND, | |
233 | HAB_UNS_ENGINE, | |
234 | HAB_UNS_ITEM, | |
235 | HAB_UNS_KEY, | |
236 | HAB_UNS_PROTOCOL, | |
237 | HAB_UNS_STATE, | |
238 | -1 | |
239 | }; | |
240 | ||
241 | uint8_t hab_contexts[12] = { | |
242 | HAB_CTX_ANY, | |
243 | HAB_CTX_FAB, | |
244 | HAB_CTX_ENTRY, | |
245 | HAB_CTX_TARGET, | |
246 | HAB_CTX_AUTHENTICATE, | |
247 | HAB_CTX_DCD, | |
248 | HAB_CTX_CSF, | |
249 | HAB_CTX_COMMAND, | |
250 | HAB_CTX_AUT_DAT, | |
251 | HAB_CTX_ASSERT, | |
252 | HAB_CTX_EXIT, | |
253 | -1 | |
254 | }; | |
255 | ||
256 | uint8_t hab_engines[16] = { | |
257 | HAB_ENG_ANY, | |
258 | HAB_ENG_SCC, | |
259 | HAB_ENG_RTIC, | |
260 | HAB_ENG_SAHARA, | |
261 | HAB_ENG_CSU, | |
262 | HAB_ENG_SRTC, | |
263 | HAB_ENG_DCP, | |
264 | HAB_ENG_CAAM, | |
265 | HAB_ENG_SNVS, | |
266 | HAB_ENG_OCOTP, | |
267 | HAB_ENG_DTCP, | |
268 | HAB_ENG_ROM, | |
269 | HAB_ENG_HDCP, | |
270 | HAB_ENG_RTL, | |
271 | HAB_ENG_SW, | |
272 | -1 | |
273 | }; | |
274 | ||
29067abf UC |
275 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) |
276 | { | |
277 | uint8_t idx = 0; | |
278 | uint8_t element = list[idx]; | |
279 | while (element != -1) { | |
280 | if (element == tgt) | |
281 | return idx; | |
282 | element = list[++idx]; | |
283 | } | |
284 | return -1; | |
285 | } | |
286 | ||
287 | void process_event_record(uint8_t *event_data, size_t bytes) | |
288 | { | |
289 | struct record *rec = (struct record *)event_data; | |
290 | ||
291 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); | |
292 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); | |
293 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); | |
294 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); | |
295 | } | |
296 | ||
b83c709e SB |
297 | void display_event(uint8_t *event_data, size_t bytes) |
298 | { | |
299 | uint32_t i; | |
300 | ||
301 | if (!(event_data && bytes > 0)) | |
302 | return; | |
303 | ||
304 | for (i = 0; i < bytes; i++) { | |
305 | if (i == 0) | |
306 | printf("\t0x%02x", event_data[i]); | |
307 | else if ((i % 8) == 0) | |
308 | printf("\n\t0x%02x", event_data[i]); | |
309 | else | |
310 | printf(" 0x%02x", event_data[i]); | |
311 | } | |
29067abf UC |
312 | |
313 | process_event_record(event_data, bytes); | |
b83c709e SB |
314 | } |
315 | ||
316 | int get_hab_status(void) | |
317 | { | |
318 | uint32_t index = 0; /* Loop index */ | |
319 | uint8_t event_data[128]; /* Event data buffer */ | |
320 | size_t bytes = sizeof(event_data); /* Event size in bytes */ | |
321 | enum hab_config config = 0; | |
322 | enum hab_state state = 0; | |
f2f07e85 SB |
323 | hab_rvt_report_event_t *hab_rvt_report_event; |
324 | hab_rvt_report_status_t *hab_rvt_report_status; | |
325 | ||
326 | hab_rvt_report_event = hab_rvt_report_event_p; | |
327 | hab_rvt_report_status = hab_rvt_report_status_p; | |
b83c709e SB |
328 | |
329 | if (is_hab_enabled()) | |
330 | puts("\nSecure boot enabled\n"); | |
331 | else | |
332 | puts("\nSecure boot disabled\n"); | |
333 | ||
334 | /* Check HAB status */ | |
335 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { | |
336 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | |
337 | config, state); | |
338 | ||
339 | /* Display HAB Error events */ | |
340 | while (hab_rvt_report_event(HAB_FAILURE, index, event_data, | |
341 | &bytes) == HAB_SUCCESS) { | |
342 | puts("\n"); | |
343 | printf("--------- HAB Event %d -----------------\n", | |
344 | index + 1); | |
345 | puts("event data:\n"); | |
346 | display_event(event_data, bytes); | |
347 | puts("\n"); | |
348 | bytes = sizeof(event_data); | |
349 | index++; | |
350 | } | |
351 | } | |
352 | /* Display message if no HAB events are found */ | |
353 | else { | |
354 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | |
355 | config, state); | |
356 | puts("No HAB Events Found!\n\n"); | |
357 | } | |
358 | return 0; | |
359 | } | |
360 | ||
15b505b0 SE |
361 | int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) |
362 | { | |
363 | if ((argc != 1)) { | |
364 | cmd_usage(cmdtp); | |
365 | return 1; | |
366 | } | |
367 | ||
368 | get_hab_status(); | |
369 | ||
370 | return 0; | |
371 | } | |
372 | ||
373 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, | |
374 | char * const argv[]) | |
375 | { | |
c5800b25 | 376 | ulong addr, length, ivt_offset; |
15b505b0 SE |
377 | int rcode = 0; |
378 | ||
c5800b25 | 379 | if (argc < 4) |
15b505b0 SE |
380 | return CMD_RET_USAGE; |
381 | ||
382 | addr = simple_strtoul(argv[1], NULL, 16); | |
c5800b25 BD |
383 | length = simple_strtoul(argv[2], NULL, 16); |
384 | ivt_offset = simple_strtoul(argv[3], NULL, 16); | |
15b505b0 | 385 | |
c5800b25 | 386 | rcode = authenticate_image(addr, length, ivt_offset); |
9535b397 BD |
387 | if (rcode == 0) |
388 | rcode = CMD_RET_SUCCESS; | |
389 | else | |
390 | rcode = CMD_RET_FAILURE; | |
c5800b25 | 391 | |
15b505b0 SE |
392 | return rcode; |
393 | } | |
394 | ||
395 | U_BOOT_CMD( | |
396 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, | |
397 | "display HAB status", | |
398 | "" | |
399 | ); | |
400 | ||
401 | U_BOOT_CMD( | |
c5800b25 | 402 | hab_auth_img, 4, 0, do_authenticate_image, |
15b505b0 | 403 | "authenticate image via HAB", |
c5800b25 | 404 | "addr length ivt_offset\n" |
15b505b0 | 405 | "addr - image hex address\n" |
c5800b25 | 406 | "length - image hex length\n" |
15b505b0 SE |
407 | "ivt_offset - hex offset of IVT in the image" |
408 | ); | |
409 | ||
410 | ||
411 | #endif /* !defined(CONFIG_SPL_BUILD) */ | |
412 | ||
413 | static bool is_hab_enabled(void) | |
414 | { | |
415 | struct imx_sec_config_fuse_t *fuse = | |
416 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; | |
417 | uint32_t reg; | |
418 | int ret; | |
419 | ||
420 | ret = fuse_read(fuse->bank, fuse->word, ®); | |
421 | if (ret) { | |
422 | puts("\nSecure boot fuse read error\n"); | |
423 | return ret; | |
424 | } | |
425 | ||
426 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; | |
427 | } | |
428 | ||
c5800b25 BD |
429 | int authenticate_image(uint32_t ddr_start, uint32_t image_size, |
430 | uint32_t ivt_offset) | |
36c1ca4d NG |
431 | { |
432 | uint32_t load_addr = 0; | |
433 | size_t bytes; | |
c5800b25 | 434 | uint32_t ivt_addr = 0; |
9535b397 | 435 | int result = 1; |
36c1ca4d NG |
436 | ulong start; |
437 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; | |
438 | hab_rvt_entry_t *hab_rvt_entry; | |
439 | hab_rvt_exit_t *hab_rvt_exit; | |
b7c3cae7 | 440 | hab_rvt_check_target_t *hab_rvt_check_target; |
49b6d058 BD |
441 | struct ivt *ivt; |
442 | struct ivt_header *ivt_hdr; | |
b7c3cae7 | 443 | enum hab_status status; |
36c1ca4d NG |
444 | |
445 | hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; | |
446 | hab_rvt_entry = hab_rvt_entry_p; | |
447 | hab_rvt_exit = hab_rvt_exit_p; | |
b7c3cae7 | 448 | hab_rvt_check_target = hab_rvt_check_target_p; |
36c1ca4d | 449 | |
d2c61800 BD |
450 | if (!is_hab_enabled()) { |
451 | puts("hab fuse not enabled\n"); | |
452 | return result; | |
453 | } | |
36c1ca4d | 454 | |
d2c61800 BD |
455 | printf("\nAuthenticate image from DDR location 0x%x...\n", |
456 | ddr_start); | |
36c1ca4d | 457 | |
d2c61800 | 458 | hab_caam_clock_enable(1); |
36c1ca4d | 459 | |
c5800b25 BD |
460 | /* Calculate IVT address header */ |
461 | ivt_addr = ddr_start + ivt_offset; | |
49b6d058 BD |
462 | ivt = (struct ivt *)ivt_addr; |
463 | ivt_hdr = &ivt->hdr; | |
464 | ||
465 | /* Verify IVT header bugging out on error */ | |
466 | if (verify_ivt_header(ivt_hdr)) | |
467 | goto hab_caam_clock_disable; | |
468 | ||
e59eb9e0 BD |
469 | /* Verify IVT body */ |
470 | if (ivt->self != ivt_addr) { | |
471 | printf("ivt->self 0x%08x pointer is 0x%08x\n", | |
472 | ivt->self, ivt_addr); | |
473 | goto hab_caam_clock_disable; | |
474 | } | |
475 | ||
53c8a510 | 476 | start = ddr_start; |
c5800b25 | 477 | bytes = image_size; |
04099e9c BD |
478 | |
479 | if (hab_rvt_entry() != HAB_SUCCESS) { | |
480 | puts("hab entry function fail\n"); | |
481 | goto hab_caam_clock_disable; | |
482 | } | |
483 | ||
b7c3cae7 BD |
484 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); |
485 | if (status != HAB_SUCCESS) { | |
486 | printf("HAB check target 0x%08x-0x%08x fail\n", | |
487 | ddr_start, ddr_start + bytes); | |
488 | goto hab_caam_clock_disable; | |
489 | } | |
36c1ca4d | 490 | #ifdef DEBUG |
c5800b25 | 491 | printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); |
824ef302 BD |
492 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, |
493 | ivt->dcd, ivt->csf); | |
53c8a510 | 494 | puts("Dumping IVT\n"); |
c5800b25 | 495 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); |
53c8a510 BD |
496 | |
497 | puts("Dumping CSF Header\n"); | |
fd15fe5f | 498 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); |
36c1ca4d | 499 | |
15b505b0 | 500 | #if !defined(CONFIG_SPL_BUILD) |
53c8a510 | 501 | get_hab_status(); |
15b505b0 | 502 | #endif |
36c1ca4d | 503 | |
53c8a510 BD |
504 | puts("\nCalling authenticate_image in ROM\n"); |
505 | printf("\tivt_offset = 0x%x\n", ivt_offset); | |
506 | printf("\tstart = 0x%08lx\n", start); | |
507 | printf("\tbytes = 0x%x\n", bytes); | |
36c1ca4d | 508 | #endif |
53c8a510 BD |
509 | /* |
510 | * If the MMU is enabled, we have to notify the ROM | |
511 | * code, or it won't flush the caches when needed. | |
512 | * This is done, by setting the "pu_irom_mmu_enabled" | |
513 | * word to 1. You can find its address by looking in | |
514 | * the ROM map. This is critical for | |
515 | * authenticate_image(). If MMU is enabled, without | |
516 | * setting this bit, authentication will fail and may | |
517 | * crash. | |
518 | */ | |
519 | /* Check MMU enabled */ | |
520 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { | |
521 | if (is_mx6dq()) { | |
522 | /* | |
523 | * This won't work on Rev 1.0.0 of | |
524 | * i.MX6Q/D, since their ROM doesn't | |
525 | * do cache flushes. don't think any | |
526 | * exist, so we ignore them. | |
527 | */ | |
528 | if (!is_mx6dqp()) | |
529 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); | |
530 | } else if (is_mx6sdl()) { | |
531 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); | |
532 | } else if (is_mx6sl()) { | |
533 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); | |
d2c61800 | 534 | } |
53c8a510 | 535 | } |
36c1ca4d | 536 | |
53c8a510 BD |
537 | load_addr = (uint32_t)hab_rvt_authenticate_image( |
538 | HAB_CID_UBOOT, | |
539 | ivt_offset, (void **)&start, | |
540 | (size_t *)&bytes, NULL); | |
541 | if (hab_rvt_exit() != HAB_SUCCESS) { | |
542 | puts("hab exit function fail\n"); | |
543 | load_addr = 0; | |
d2c61800 | 544 | } |
36c1ca4d | 545 | |
53c8a510 | 546 | hab_caam_clock_disable: |
d2c61800 | 547 | hab_caam_clock_enable(0); |
36c1ca4d | 548 | |
15b505b0 | 549 | #if !defined(CONFIG_SPL_BUILD) |
d2c61800 | 550 | get_hab_status(); |
15b505b0 | 551 | #endif |
d2c61800 | 552 | if (load_addr != 0) |
9535b397 | 553 | result = 0; |
36c1ca4d NG |
554 | |
555 | return result; | |
556 | } |