]>
Commit | Line | Data |
---|---|---|
b83c709e | 1 | /* |
29067abf | 2 | * Copyright (C) 2010-2015 Freescale Semiconductor, Inc. |
b83c709e SB |
3 | * |
4 | * SPDX-License-Identifier: GPL-2.0+ | |
5 | */ | |
6 | ||
7 | #include <common.h> | |
fba6f9ef AA |
8 | #include <config.h> |
9 | #include <fuse.h> | |
b83c709e | 10 | #include <asm/io.h> |
36c1ca4d | 11 | #include <asm/system.h> |
36c1ca4d | 12 | #include <asm/arch/clock.h> |
f2f07e85 | 13 | #include <asm/arch/sys_proto.h> |
552a848e | 14 | #include <asm/mach-imx/hab.h> |
b83c709e | 15 | |
36c1ca4d | 16 | #define ALIGN_SIZE 0x1000 |
36c1ca4d NG |
17 | #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 |
18 | #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 | |
19 | #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 | |
ee3899aa | 20 | #define IS_HAB_ENABLED_BIT \ |
27117b20 PF |
21 | (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ |
22 | (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) | |
36c1ca4d | 23 | |
49b6d058 BD |
24 | static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) |
25 | { | |
26 | printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, | |
27 | ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); | |
28 | ||
29 | return 1; | |
30 | } | |
31 | ||
32 | static int verify_ivt_header(struct ivt_header *ivt_hdr) | |
33 | { | |
34 | int result = 0; | |
35 | ||
36 | if (ivt_hdr->magic != IVT_HEADER_MAGIC) | |
37 | result = ivt_header_error("bad magic", ivt_hdr); | |
38 | ||
39 | if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) | |
40 | result = ivt_header_error("bad length", ivt_hdr); | |
41 | ||
42 | if (ivt_hdr->version != IVT_HEADER_V1 && | |
43 | ivt_hdr->version != IVT_HEADER_V2) | |
44 | result = ivt_header_error("bad version", ivt_hdr); | |
45 | ||
46 | return result; | |
47 | } | |
48 | ||
15b505b0 SE |
49 | #if !defined(CONFIG_SPL_BUILD) |
50 | ||
29067abf UC |
51 | #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ |
52 | ||
53 | struct record { | |
54 | uint8_t tag; /* Tag */ | |
55 | uint8_t len[2]; /* Length */ | |
56 | uint8_t par; /* Version */ | |
57 | uint8_t contents[MAX_RECORD_BYTES];/* Record Data */ | |
58 | bool any_rec_flag; | |
59 | }; | |
60 | ||
58bebfb7 BD |
61 | static char *rsn_str[] = { |
62 | "RSN = HAB_RSN_ANY (0x00)\n", | |
63 | "RSN = HAB_ENG_FAIL (0x30)\n", | |
64 | "RSN = HAB_INV_ADDRESS (0x22)\n", | |
65 | "RSN = HAB_INV_ASSERTION (0x0C)\n", | |
66 | "RSN = HAB_INV_CALL (0x28)\n", | |
67 | "RSN = HAB_INV_CERTIFICATE (0x21)\n", | |
68 | "RSN = HAB_INV_COMMAND (0x06)\n", | |
69 | "RSN = HAB_INV_CSF (0x11)\n", | |
70 | "RSN = HAB_INV_DCD (0x27)\n", | |
71 | "RSN = HAB_INV_INDEX (0x0F)\n", | |
72 | "RSN = HAB_INV_IVT (0x05)\n", | |
73 | "RSN = HAB_INV_KEY (0x1D)\n", | |
74 | "RSN = HAB_INV_RETURN (0x1E)\n", | |
75 | "RSN = HAB_INV_SIGNATURE (0x18)\n", | |
76 | "RSN = HAB_INV_SIZE (0x17)\n", | |
77 | "RSN = HAB_MEM_FAIL (0x2E)\n", | |
78 | "RSN = HAB_OVR_COUNT (0x2B)\n", | |
79 | "RSN = HAB_OVR_STORAGE (0x2D)\n", | |
80 | "RSN = HAB_UNS_ALGORITHM (0x12)\n", | |
81 | "RSN = HAB_UNS_COMMAND (0x03)\n", | |
82 | "RSN = HAB_UNS_ENGINE (0x0A)\n", | |
83 | "RSN = HAB_UNS_ITEM (0x24)\n", | |
84 | "RSN = HAB_UNS_KEY (0x1B)\n", | |
85 | "RSN = HAB_UNS_PROTOCOL (0x14)\n", | |
86 | "RSN = HAB_UNS_STATE (0x09)\n", | |
87 | "RSN = INVALID\n", | |
88 | NULL | |
89 | }; | |
90 | ||
91 | static char *sts_str[] = { | |
92 | "STS = HAB_SUCCESS (0xF0)\n", | |
93 | "STS = HAB_FAILURE (0x33)\n", | |
94 | "STS = HAB_WARNING (0x69)\n", | |
95 | "STS = INVALID\n", | |
96 | NULL | |
97 | }; | |
98 | ||
99 | static char *eng_str[] = { | |
100 | "ENG = HAB_ENG_ANY (0x00)\n", | |
101 | "ENG = HAB_ENG_SCC (0x03)\n", | |
102 | "ENG = HAB_ENG_RTIC (0x05)\n", | |
103 | "ENG = HAB_ENG_SAHARA (0x06)\n", | |
104 | "ENG = HAB_ENG_CSU (0x0A)\n", | |
105 | "ENG = HAB_ENG_SRTC (0x0C)\n", | |
106 | "ENG = HAB_ENG_DCP (0x1B)\n", | |
107 | "ENG = HAB_ENG_CAAM (0x1D)\n", | |
108 | "ENG = HAB_ENG_SNVS (0x1E)\n", | |
109 | "ENG = HAB_ENG_OCOTP (0x21)\n", | |
110 | "ENG = HAB_ENG_DTCP (0x22)\n", | |
111 | "ENG = HAB_ENG_ROM (0x36)\n", | |
112 | "ENG = HAB_ENG_HDCP (0x24)\n", | |
113 | "ENG = HAB_ENG_RTL (0x77)\n", | |
114 | "ENG = HAB_ENG_SW (0xFF)\n", | |
115 | "ENG = INVALID\n", | |
116 | NULL | |
117 | }; | |
118 | ||
119 | static char *ctx_str[] = { | |
120 | "CTX = HAB_CTX_ANY(0x00)\n", | |
121 | "CTX = HAB_CTX_FAB (0xFF)\n", | |
122 | "CTX = HAB_CTX_ENTRY (0xE1)\n", | |
123 | "CTX = HAB_CTX_TARGET (0x33)\n", | |
124 | "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", | |
125 | "CTX = HAB_CTX_DCD (0xDD)\n", | |
126 | "CTX = HAB_CTX_CSF (0xCF)\n", | |
127 | "CTX = HAB_CTX_COMMAND (0xC0)\n", | |
128 | "CTX = HAB_CTX_AUT_DAT (0xDB)\n", | |
129 | "CTX = HAB_CTX_ASSERT (0xA0)\n", | |
130 | "CTX = HAB_CTX_EXIT (0xEE)\n", | |
131 | "CTX = INVALID\n", | |
132 | NULL | |
133 | }; | |
134 | ||
135 | static uint8_t hab_statuses[5] = { | |
29067abf UC |
136 | HAB_STS_ANY, |
137 | HAB_FAILURE, | |
138 | HAB_WARNING, | |
139 | HAB_SUCCESS, | |
140 | -1 | |
141 | }; | |
142 | ||
58bebfb7 | 143 | static uint8_t hab_reasons[26] = { |
29067abf UC |
144 | HAB_RSN_ANY, |
145 | HAB_ENG_FAIL, | |
146 | HAB_INV_ADDRESS, | |
147 | HAB_INV_ASSERTION, | |
148 | HAB_INV_CALL, | |
149 | HAB_INV_CERTIFICATE, | |
150 | HAB_INV_COMMAND, | |
151 | HAB_INV_CSF, | |
152 | HAB_INV_DCD, | |
153 | HAB_INV_INDEX, | |
154 | HAB_INV_IVT, | |
155 | HAB_INV_KEY, | |
156 | HAB_INV_RETURN, | |
157 | HAB_INV_SIGNATURE, | |
158 | HAB_INV_SIZE, | |
159 | HAB_MEM_FAIL, | |
160 | HAB_OVR_COUNT, | |
161 | HAB_OVR_STORAGE, | |
162 | HAB_UNS_ALGORITHM, | |
163 | HAB_UNS_COMMAND, | |
164 | HAB_UNS_ENGINE, | |
165 | HAB_UNS_ITEM, | |
166 | HAB_UNS_KEY, | |
167 | HAB_UNS_PROTOCOL, | |
168 | HAB_UNS_STATE, | |
169 | -1 | |
170 | }; | |
171 | ||
58bebfb7 | 172 | static uint8_t hab_contexts[12] = { |
29067abf UC |
173 | HAB_CTX_ANY, |
174 | HAB_CTX_FAB, | |
175 | HAB_CTX_ENTRY, | |
176 | HAB_CTX_TARGET, | |
177 | HAB_CTX_AUTHENTICATE, | |
178 | HAB_CTX_DCD, | |
179 | HAB_CTX_CSF, | |
180 | HAB_CTX_COMMAND, | |
181 | HAB_CTX_AUT_DAT, | |
182 | HAB_CTX_ASSERT, | |
183 | HAB_CTX_EXIT, | |
184 | -1 | |
185 | }; | |
186 | ||
58bebfb7 | 187 | static uint8_t hab_engines[16] = { |
29067abf UC |
188 | HAB_ENG_ANY, |
189 | HAB_ENG_SCC, | |
190 | HAB_ENG_RTIC, | |
191 | HAB_ENG_SAHARA, | |
192 | HAB_ENG_CSU, | |
193 | HAB_ENG_SRTC, | |
194 | HAB_ENG_DCP, | |
195 | HAB_ENG_CAAM, | |
196 | HAB_ENG_SNVS, | |
197 | HAB_ENG_OCOTP, | |
198 | HAB_ENG_DTCP, | |
199 | HAB_ENG_ROM, | |
200 | HAB_ENG_HDCP, | |
201 | HAB_ENG_RTL, | |
202 | HAB_ENG_SW, | |
203 | -1 | |
204 | }; | |
205 | ||
29067abf UC |
206 | static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) |
207 | { | |
208 | uint8_t idx = 0; | |
209 | uint8_t element = list[idx]; | |
210 | while (element != -1) { | |
211 | if (element == tgt) | |
212 | return idx; | |
213 | element = list[++idx]; | |
214 | } | |
215 | return -1; | |
216 | } | |
217 | ||
58bebfb7 | 218 | static void process_event_record(uint8_t *event_data, size_t bytes) |
29067abf UC |
219 | { |
220 | struct record *rec = (struct record *)event_data; | |
221 | ||
222 | printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]); | |
223 | printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]); | |
224 | printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]); | |
225 | printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); | |
226 | } | |
227 | ||
58bebfb7 | 228 | static void display_event(uint8_t *event_data, size_t bytes) |
b83c709e SB |
229 | { |
230 | uint32_t i; | |
231 | ||
232 | if (!(event_data && bytes > 0)) | |
233 | return; | |
234 | ||
235 | for (i = 0; i < bytes; i++) { | |
236 | if (i == 0) | |
237 | printf("\t0x%02x", event_data[i]); | |
238 | else if ((i % 8) == 0) | |
239 | printf("\n\t0x%02x", event_data[i]); | |
240 | else | |
241 | printf(" 0x%02x", event_data[i]); | |
242 | } | |
29067abf UC |
243 | |
244 | process_event_record(event_data, bytes); | |
b83c709e SB |
245 | } |
246 | ||
58bebfb7 | 247 | static int get_hab_status(void) |
b83c709e SB |
248 | { |
249 | uint32_t index = 0; /* Loop index */ | |
250 | uint8_t event_data[128]; /* Event data buffer */ | |
251 | size_t bytes = sizeof(event_data); /* Event size in bytes */ | |
252 | enum hab_config config = 0; | |
253 | enum hab_state state = 0; | |
f2f07e85 SB |
254 | hab_rvt_report_event_t *hab_rvt_report_event; |
255 | hab_rvt_report_status_t *hab_rvt_report_status; | |
256 | ||
7b889baf BL |
257 | hab_rvt_report_event = (hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT; |
258 | hab_rvt_report_status = | |
259 | (hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS; | |
b83c709e | 260 | |
e5b30e4a | 261 | if (imx_hab_is_enabled()) |
b83c709e SB |
262 | puts("\nSecure boot enabled\n"); |
263 | else | |
264 | puts("\nSecure boot disabled\n"); | |
265 | ||
266 | /* Check HAB status */ | |
267 | if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { | |
268 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | |
269 | config, state); | |
270 | ||
271 | /* Display HAB Error events */ | |
272 | while (hab_rvt_report_event(HAB_FAILURE, index, event_data, | |
273 | &bytes) == HAB_SUCCESS) { | |
274 | puts("\n"); | |
275 | printf("--------- HAB Event %d -----------------\n", | |
276 | index + 1); | |
277 | puts("event data:\n"); | |
278 | display_event(event_data, bytes); | |
279 | puts("\n"); | |
280 | bytes = sizeof(event_data); | |
281 | index++; | |
282 | } | |
283 | } | |
284 | /* Display message if no HAB events are found */ | |
285 | else { | |
286 | printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", | |
287 | config, state); | |
288 | puts("No HAB Events Found!\n\n"); | |
289 | } | |
290 | return 0; | |
291 | } | |
292 | ||
58bebfb7 BD |
293 | static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, |
294 | char * const argv[]) | |
15b505b0 SE |
295 | { |
296 | if ((argc != 1)) { | |
297 | cmd_usage(cmdtp); | |
298 | return 1; | |
299 | } | |
300 | ||
301 | get_hab_status(); | |
302 | ||
303 | return 0; | |
304 | } | |
305 | ||
306 | static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, | |
58bebfb7 | 307 | char * const argv[]) |
15b505b0 | 308 | { |
c5800b25 | 309 | ulong addr, length, ivt_offset; |
15b505b0 SE |
310 | int rcode = 0; |
311 | ||
c5800b25 | 312 | if (argc < 4) |
15b505b0 SE |
313 | return CMD_RET_USAGE; |
314 | ||
315 | addr = simple_strtoul(argv[1], NULL, 16); | |
c5800b25 BD |
316 | length = simple_strtoul(argv[2], NULL, 16); |
317 | ivt_offset = simple_strtoul(argv[3], NULL, 16); | |
15b505b0 | 318 | |
57f65486 | 319 | rcode = imx_hab_authenticate_image(addr, length, ivt_offset); |
9535b397 BD |
320 | if (rcode == 0) |
321 | rcode = CMD_RET_SUCCESS; | |
322 | else | |
323 | rcode = CMD_RET_FAILURE; | |
c5800b25 | 324 | |
15b505b0 SE |
325 | return rcode; |
326 | } | |
327 | ||
9587b0d6 BD |
328 | static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, |
329 | char * const argv[]) | |
330 | { | |
331 | hab_rvt_failsafe_t *hab_rvt_failsafe; | |
332 | ||
333 | if (argc != 1) { | |
334 | cmd_usage(cmdtp); | |
335 | return 1; | |
336 | } | |
337 | ||
7b889baf | 338 | hab_rvt_failsafe = (hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE; |
9587b0d6 BD |
339 | hab_rvt_failsafe(); |
340 | ||
341 | return 0; | |
342 | } | |
343 | ||
15b505b0 SE |
344 | U_BOOT_CMD( |
345 | hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, | |
346 | "display HAB status", | |
347 | "" | |
348 | ); | |
349 | ||
350 | U_BOOT_CMD( | |
c5800b25 | 351 | hab_auth_img, 4, 0, do_authenticate_image, |
15b505b0 | 352 | "authenticate image via HAB", |
c5800b25 | 353 | "addr length ivt_offset\n" |
15b505b0 | 354 | "addr - image hex address\n" |
c5800b25 | 355 | "length - image hex length\n" |
15b505b0 SE |
356 | "ivt_offset - hex offset of IVT in the image" |
357 | ); | |
358 | ||
9587b0d6 BD |
359 | U_BOOT_CMD( |
360 | hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, | |
361 | "run BootROM failsafe routine", | |
362 | "" | |
363 | ); | |
15b505b0 SE |
364 | |
365 | #endif /* !defined(CONFIG_SPL_BUILD) */ | |
366 | ||
ed286bc8 UG |
367 | /* Get CSF Header length */ |
368 | static int get_hab_hdr_len(struct hab_hdr *hdr) | |
369 | { | |
370 | return (size_t)((hdr->len[0] << 8) + (hdr->len[1])); | |
371 | } | |
372 | ||
373 | /* Check whether addr lies between start and | |
374 | * end and is within the length of the image | |
375 | */ | |
376 | static int chk_bounds(u8 *addr, size_t bytes, u8 *start, u8 *end) | |
377 | { | |
378 | size_t csf_size = (size_t)((end + 1) - addr); | |
379 | ||
380 | return (addr && (addr >= start) && (addr <= end) && | |
381 | (csf_size >= bytes)); | |
382 | } | |
383 | ||
384 | /* Get Length of each command in CSF */ | |
385 | static int get_csf_cmd_hdr_len(u8 *csf_hdr) | |
386 | { | |
387 | if (*csf_hdr == HAB_CMD_HDR) | |
388 | return sizeof(struct hab_hdr); | |
389 | ||
390 | return get_hab_hdr_len((struct hab_hdr *)csf_hdr); | |
391 | } | |
392 | ||
393 | /* Check if CSF is valid */ | |
394 | static bool csf_is_valid(struct ivt *ivt, ulong start_addr, size_t bytes) | |
395 | { | |
396 | u8 *start = (u8 *)start_addr; | |
397 | u8 *csf_hdr; | |
398 | u8 *end; | |
399 | ||
400 | size_t csf_hdr_len; | |
401 | size_t cmd_hdr_len; | |
402 | size_t offset = 0; | |
403 | ||
404 | if (bytes != 0) | |
405 | end = start + bytes - 1; | |
406 | else | |
407 | end = start; | |
408 | ||
409 | /* Verify if CSF pointer content is zero */ | |
410 | if (!ivt->csf) { | |
411 | puts("Error: CSF pointer is NULL\n"); | |
412 | return false; | |
413 | } | |
414 | ||
415 | csf_hdr = (u8 *)ivt->csf; | |
416 | ||
417 | /* Verify if CSF Header exist */ | |
418 | if (*csf_hdr != HAB_CMD_HDR) { | |
419 | puts("Error: CSF header command not found\n"); | |
420 | return false; | |
421 | } | |
422 | ||
423 | csf_hdr_len = get_hab_hdr_len((struct hab_hdr *)csf_hdr); | |
424 | ||
425 | /* Check if the CSF lies within the image bounds */ | |
426 | if (!chk_bounds(csf_hdr, csf_hdr_len, start, end)) { | |
427 | puts("Error: CSF lies outside the image bounds\n"); | |
428 | return false; | |
429 | } | |
430 | ||
431 | do { | |
20fa1dd3 UG |
432 | struct hab_hdr *cmd; |
433 | ||
434 | cmd = (struct hab_hdr *)&csf_hdr[offset]; | |
435 | ||
436 | switch (cmd->tag) { | |
437 | case (HAB_CMD_WRT_DAT): | |
438 | puts("Error: Deprecated write command found\n"); | |
439 | return false; | |
440 | case (HAB_CMD_CHK_DAT): | |
441 | puts("Error: Deprecated check command found\n"); | |
442 | return false; | |
443 | case (HAB_CMD_SET): | |
444 | if (cmd->par == HAB_PAR_MID) { | |
445 | puts("Error: Deprecated Set MID command found\n"); | |
446 | return false; | |
447 | } | |
448 | default: | |
449 | break; | |
450 | } | |
451 | ||
ed286bc8 UG |
452 | cmd_hdr_len = get_csf_cmd_hdr_len(&csf_hdr[offset]); |
453 | if (!cmd_hdr_len) { | |
454 | puts("Error: Invalid command length\n"); | |
455 | return false; | |
456 | } | |
457 | offset += cmd_hdr_len; | |
458 | ||
459 | } while (offset < csf_hdr_len); | |
460 | ||
461 | return true; | |
462 | } | |
463 | ||
07eefaf1 | 464 | bool imx_hab_is_enabled(void) |
15b505b0 SE |
465 | { |
466 | struct imx_sec_config_fuse_t *fuse = | |
467 | (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; | |
468 | uint32_t reg; | |
469 | int ret; | |
470 | ||
471 | ret = fuse_read(fuse->bank, fuse->word, ®); | |
472 | if (ret) { | |
473 | puts("\nSecure boot fuse read error\n"); | |
474 | return ret; | |
475 | } | |
476 | ||
477 | return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; | |
478 | } | |
479 | ||
57f65486 BD |
480 | int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, |
481 | uint32_t ivt_offset) | |
36c1ca4d NG |
482 | { |
483 | uint32_t load_addr = 0; | |
484 | size_t bytes; | |
c5800b25 | 485 | uint32_t ivt_addr = 0; |
9535b397 | 486 | int result = 1; |
36c1ca4d NG |
487 | ulong start; |
488 | hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; | |
489 | hab_rvt_entry_t *hab_rvt_entry; | |
490 | hab_rvt_exit_t *hab_rvt_exit; | |
b7c3cae7 | 491 | hab_rvt_check_target_t *hab_rvt_check_target; |
49b6d058 BD |
492 | struct ivt *ivt; |
493 | struct ivt_header *ivt_hdr; | |
b7c3cae7 | 494 | enum hab_status status; |
36c1ca4d | 495 | |
7b889baf BL |
496 | hab_rvt_authenticate_image = |
497 | (hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE; | |
498 | hab_rvt_entry = (hab_rvt_entry_t *)HAB_RVT_ENTRY; | |
499 | hab_rvt_exit = (hab_rvt_exit_t *)HAB_RVT_EXIT; | |
500 | hab_rvt_check_target = (hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET; | |
36c1ca4d | 501 | |
e5b30e4a | 502 | if (!imx_hab_is_enabled()) { |
d2c61800 | 503 | puts("hab fuse not enabled\n"); |
4467ae6c | 504 | return 0; |
d2c61800 | 505 | } |
36c1ca4d | 506 | |
d2c61800 BD |
507 | printf("\nAuthenticate image from DDR location 0x%x...\n", |
508 | ddr_start); | |
36c1ca4d | 509 | |
d2c61800 | 510 | hab_caam_clock_enable(1); |
36c1ca4d | 511 | |
c5800b25 BD |
512 | /* Calculate IVT address header */ |
513 | ivt_addr = ddr_start + ivt_offset; | |
49b6d058 BD |
514 | ivt = (struct ivt *)ivt_addr; |
515 | ivt_hdr = &ivt->hdr; | |
516 | ||
517 | /* Verify IVT header bugging out on error */ | |
518 | if (verify_ivt_header(ivt_hdr)) | |
669f2d18 | 519 | goto hab_authentication_exit; |
49b6d058 | 520 | |
e59eb9e0 BD |
521 | /* Verify IVT body */ |
522 | if (ivt->self != ivt_addr) { | |
523 | printf("ivt->self 0x%08x pointer is 0x%08x\n", | |
524 | ivt->self, ivt_addr); | |
669f2d18 | 525 | goto hab_authentication_exit; |
e59eb9e0 BD |
526 | } |
527 | ||
8c4037a0 UG |
528 | /* Verify if IVT DCD pointer is NULL */ |
529 | if (ivt->dcd) { | |
530 | puts("Error: DCD pointer must be NULL\n"); | |
531 | goto hab_authentication_exit; | |
532 | } | |
533 | ||
53c8a510 | 534 | start = ddr_start; |
c5800b25 | 535 | bytes = image_size; |
04099e9c | 536 | |
ed286bc8 UG |
537 | /* Verify CSF */ |
538 | if (!csf_is_valid(ivt, start, bytes)) | |
539 | goto hab_authentication_exit; | |
540 | ||
04099e9c BD |
541 | if (hab_rvt_entry() != HAB_SUCCESS) { |
542 | puts("hab entry function fail\n"); | |
2c6c68d2 | 543 | goto hab_exit_failure_print_status; |
04099e9c BD |
544 | } |
545 | ||
b7c3cae7 BD |
546 | status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); |
547 | if (status != HAB_SUCCESS) { | |
548 | printf("HAB check target 0x%08x-0x%08x fail\n", | |
549 | ddr_start, ddr_start + bytes); | |
2c6c68d2 | 550 | goto hab_exit_failure_print_status; |
b7c3cae7 | 551 | } |
36c1ca4d | 552 | #ifdef DEBUG |
c5800b25 | 553 | printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); |
824ef302 BD |
554 | printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, |
555 | ivt->dcd, ivt->csf); | |
53c8a510 | 556 | puts("Dumping IVT\n"); |
c5800b25 | 557 | print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); |
53c8a510 BD |
558 | |
559 | puts("Dumping CSF Header\n"); | |
fd15fe5f | 560 | print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); |
36c1ca4d | 561 | |
15b505b0 | 562 | #if !defined(CONFIG_SPL_BUILD) |
53c8a510 | 563 | get_hab_status(); |
15b505b0 | 564 | #endif |
36c1ca4d | 565 | |
53c8a510 BD |
566 | puts("\nCalling authenticate_image in ROM\n"); |
567 | printf("\tivt_offset = 0x%x\n", ivt_offset); | |
568 | printf("\tstart = 0x%08lx\n", start); | |
569 | printf("\tbytes = 0x%x\n", bytes); | |
36c1ca4d | 570 | #endif |
53c8a510 BD |
571 | /* |
572 | * If the MMU is enabled, we have to notify the ROM | |
573 | * code, or it won't flush the caches when needed. | |
574 | * This is done, by setting the "pu_irom_mmu_enabled" | |
575 | * word to 1. You can find its address by looking in | |
576 | * the ROM map. This is critical for | |
577 | * authenticate_image(). If MMU is enabled, without | |
578 | * setting this bit, authentication will fail and may | |
579 | * crash. | |
580 | */ | |
581 | /* Check MMU enabled */ | |
582 | if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { | |
583 | if (is_mx6dq()) { | |
584 | /* | |
585 | * This won't work on Rev 1.0.0 of | |
586 | * i.MX6Q/D, since their ROM doesn't | |
587 | * do cache flushes. don't think any | |
588 | * exist, so we ignore them. | |
589 | */ | |
590 | if (!is_mx6dqp()) | |
591 | writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); | |
592 | } else if (is_mx6sdl()) { | |
593 | writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); | |
594 | } else if (is_mx6sl()) { | |
595 | writel(1, MX6SL_PU_IROM_MMU_EN_VAR); | |
d2c61800 | 596 | } |
53c8a510 | 597 | } |
36c1ca4d | 598 | |
53c8a510 BD |
599 | load_addr = (uint32_t)hab_rvt_authenticate_image( |
600 | HAB_CID_UBOOT, | |
601 | ivt_offset, (void **)&start, | |
602 | (size_t *)&bytes, NULL); | |
603 | if (hab_rvt_exit() != HAB_SUCCESS) { | |
604 | puts("hab exit function fail\n"); | |
605 | load_addr = 0; | |
d2c61800 | 606 | } |
36c1ca4d | 607 | |
2c6c68d2 | 608 | hab_exit_failure_print_status: |
15b505b0 | 609 | #if !defined(CONFIG_SPL_BUILD) |
d2c61800 | 610 | get_hab_status(); |
15b505b0 | 611 | #endif |
2c6c68d2 | 612 | |
669f2d18 | 613 | hab_authentication_exit: |
2c6c68d2 | 614 | |
d2c61800 | 615 | if (load_addr != 0) |
9535b397 | 616 | result = 0; |
36c1ca4d NG |
617 | |
618 | return result; | |
619 | } |