[thirdparty/u-boot.git] / arch / arm / mach-imx / imx9 / ahab.c

// SPDX-License-Identifier: GPL-2.0+
/*
 * Copyright 2022 NXP
 */

#include <common.h>
#include <command.h>
#include <errno.h>
#include <asm/io.h>
#include <asm/mach-imx/s400_api.h>
#include <asm/mach-imx/sys_proto.h>
#include <asm/arch-imx/cpu.h>
#include <asm/arch/sys_proto.h>
#include <asm/mach-imx/image.h>
#include <console.h>
#include <cpu_func.h>
#include <asm/mach-imx/ahab.h>
#include <asm/global_data.h>

DECLARE_GLOBAL_DATA_PTR;

#define IMG_CONTAINER_BASE             (0x80000000UL)
#define IMG_CONTAINER_END_BASE         (IMG_CONTAINER_BASE + 0xFFFFUL)

#define AHAB_NO_AUTHENTICATION_IND 0xee
#define AHAB_BAD_KEY_HASH_IND 0xfa
#define AHAB_INVALID_KEY_IND 0xf9
#define AHAB_BAD_SIGNATURE_IND 0xf0
#define AHAB_BAD_HASH_IND 0xf1

static void display_ahab_auth_ind(u32 event)
{
	u8 resp_ind = (event >> 8) & 0xff;

	switch (resp_ind) {
	case AHAB_NO_AUTHENTICATION_IND:
		printf("AHAB_NO_AUTHENTICATION_IND (0x%02X)\n\n", resp_ind);
		break;
	case AHAB_BAD_KEY_HASH_IND:
		printf("AHAB_BAD_KEY_HASH_IND (0x%02X)\n\n", resp_ind);
		break;
	case AHAB_INVALID_KEY_IND:
		printf("AHAB_INVALID_KEY_IND (0x%02X)\n\n", resp_ind);
		break;
	case AHAB_BAD_SIGNATURE_IND:
		printf("AHAB_BAD_SIGNATURE_IND (0x%02X)\n\n", resp_ind);
		break;
	case AHAB_BAD_HASH_IND:
		printf("AHAB_BAD_HASH_IND (0x%02X)\n\n", resp_ind);
		break;
	default:
		printf("Unknown Indicator (0x%02X)\n\n", resp_ind);
		break;
	}
}

int ahab_auth_cntr_hdr(struct container_hdr *container, u16 length)
{
	int err;
	u32 resp;

	memcpy((void *)IMG_CONTAINER_BASE, (const void *)container,
	       ALIGN(length, CONFIG_SYS_CACHELINE_SIZE));

	flush_dcache_range(IMG_CONTAINER_BASE,
			   IMG_CONTAINER_BASE + ALIGN(length, CONFIG_SYS_CACHELINE_SIZE) - 1);

	err = ahab_auth_oem_ctnr(IMG_CONTAINER_BASE, &resp);
	if (err) {
		printf("Authenticate container hdr failed, return %d, resp 0x%x\n",
		       err, resp);
		display_ahab_auth_ind(resp);
	}

	return err;
}

int ahab_auth_release(void)
{
	int err;
	u32 resp;

	err = ahab_release_container(&resp);
	if (err) {
		printf("Error: release container failed, resp 0x%x!\n", resp);
		display_ahab_auth_ind(resp);
	}

	return err;
}

int ahab_verify_cntr_image(struct boot_img_t *img, int image_index)
{
	int err;
	u32 resp;

	err = ahab_verify_image(image_index, &resp);
	if (err) {
		printf("Authenticate img %d failed, return %d, resp 0x%x\n",
		       image_index, err, resp);
		display_ahab_auth_ind(resp);

		return -EIO;
	}

	return 0;
}

static inline bool check_in_dram(ulong addr)
{
	int i;
	struct bd_info *bd = gd->bd;

	for (i = 0; i < CONFIG_NR_DRAM_BANKS; ++i) {
		if (bd->bi_dram[i].size) {
			if (addr >= bd->bi_dram[i].start &&
			    addr < (bd->bi_dram[i].start + bd->bi_dram[i].size))
				return true;
		}
	}

	return false;
}

int authenticate_os_container(ulong addr)
{
	struct container_hdr *phdr;
	int i, ret = 0;
	int err;
	u16 length;
	struct boot_img_t *img;
	unsigned long s, e;

	if (addr % 4) {
		puts("Error: Image's address is not 4 byte aligned\n");
		return -EINVAL;
	}

	if (!check_in_dram(addr)) {
		puts("Error: Image's address is invalid\n");
		return -EINVAL;
	}

	phdr = (struct container_hdr *)addr;
	if (phdr->tag != 0x87 || phdr->version != 0x0) {
		printf("Error: Wrong container header\n");
		return -EFAULT;
	}

	if (!phdr->num_images) {
		printf("Error: Wrong container, no image found\n");
		return -EFAULT;
	}

	length = phdr->length_lsb + (phdr->length_msb << 8);

	debug("container length %u\n", length);

	err = ahab_auth_cntr_hdr(phdr, length);
	if (err) {
		ret = -EIO;
		goto exit;
	}

	debug("Verify images\n");

	/* Copy images to dest address */
	for (i = 0; i < phdr->num_images; i++) {
		img = (struct boot_img_t *)(addr +
					    sizeof(struct container_hdr) +
					    i * sizeof(struct boot_img_t));

		debug("img %d, dst 0x%x, src 0x%lx, size 0x%x\n",
		      i, (uint32_t)img->dst, img->offset + addr, img->size);

		memcpy((void *)img->dst, (const void *)(img->offset + addr),
		       img->size);

		s = img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1);
		e = ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE) - 1;

		flush_dcache_range(s, e);

		ret = ahab_verify_cntr_image(img, i);
		if (ret)
			goto exit;
	}

exit:
	debug("ahab_auth_release, 0x%x\n", ret);
	ahab_auth_release();

	return ret;
}

static int do_authenticate(struct cmd_tbl *cmdtp, int flag, int argc,
			   char *const argv[])
{
	ulong addr;

	if (argc < 2)
		return CMD_RET_USAGE;

	addr = simple_strtoul(argv[1], NULL, 16);

	printf("Authenticate OS container at 0x%lx\n", addr);

	if (authenticate_os_container(addr))
		return CMD_RET_FAILURE;

	return CMD_RET_SUCCESS;
}

static void display_life_cycle(u32 lc)
{
	printf("Lifecycle: 0x%08X, ", lc);
	switch (lc) {
	case 0x1:
		printf("BLANK\n\n");
		break;
	case 0x2:
		printf("FAB\n\n");
		break;
	case 0x4:
		printf("NXP Provisioned\n\n");
		break;
	case 0x8:
		printf("OEM Open\n\n");
		break;
	case 0x10:
		printf("OEM Secure World Closed\n\n");
		break;
	case 0x20:
		printf("OEM closed\n\n");
		break;
	case 0x40:
		printf("Field Return OEM\n\n");
		break;
	case 0x80:
		printf("Field Return NXP\n\n");
		break;
	case 0x100:
		printf("OEM Locked\n\n");
		break;
	case 0x200:
		printf("BRICKED\n\n");
		break;
	default:
		printf("Unknown\n\n");
		break;
	}
}

static int confirm_close(void)
{
	puts("Warning: Please ensure your sample is in NXP closed state, "
	     "OEM SRK hash has been fused, \n"
	     "         and you are able to boot a signed image successfully "
	     "without any SECO events reported.\n"
	     "         If not, your sample will be unrecoverable.\n"
	     "\nReally perform this operation? <y/N>\n");

	if (confirm_yesno())
		return 1;

	puts("Ahab close aborted\n");
	return 0;
}

static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc,
			 char *const argv[])
{
	int err;
	u32 resp;

	if (!confirm_close())
		return -EACCES;

	err = ahab_forward_lifecycle(8, &resp);
	if (err != 0) {
		printf("Error in forward lifecycle to OEM closed\n");
		return -EIO;
	}

	printf("Change to OEM closed successfully\n");

	return 0;
}

int ahab_dump(void)
{
	u32 buffer[32];
	int ret, i = 0;

	do {
		ret = ahab_dump_buffer(buffer, 32);
		if (ret < 0) {
			printf("Error in dump AHAB log\n");
			return -EIO;
		}

		if (ret == 1)
			break;
		for (i = 0; i < ret; i++)
			printf("0x%x\n", buffer[i]);
	} while (ret >= 21);

	return 0;
}

static int do_ahab_dump(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	return ahab_dump();
}

static int do_ahab_status(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	u32 lc;

	lc = readl(FSB_BASE_ADDR + 0x41c);
	lc &= 0x3ff;

	display_life_cycle(lc);
	return 0;
}

U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
	   "autenticate OS container via AHAB",
	   "addr\n"
	   "addr - OS container hex address\n"
);

U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close,
	   "Change AHAB lifecycle to OEM closed",
	   ""
);

U_BOOT_CMD(ahab_dump, CONFIG_SYS_MAXARGS, 1, do_ahab_dump,
	   "Dump AHAB log for debug",
	   ""
);

U_BOOT_CMD(ahab_status, CONFIG_SYS_MAXARGS, 1, do_ahab_status,
	   "display AHAB lifecycle only",
	   ""
);
Commit	Line	Data
fd94c236 YL	1	// SPDX-License-Identifier: GPL-2.0+
	2	/*
	3	* Copyright 2022 NXP
	4	*/
	5
	6	#include <common.h>
	7	#include <command.h>
	8	#include <errno.h>
	9	#include <asm/io.h>
	10	#include <asm/mach-imx/s400_api.h>
	11	#include <asm/mach-imx/sys_proto.h>
	12	#include <asm/arch-imx/cpu.h>
	13	#include <asm/arch/sys_proto.h>
	14	#include <asm/mach-imx/image.h>
	15	#include <console.h>
	16	#include <cpu_func.h>
	17	#include <asm/mach-imx/ahab.h>
	18	#include <asm/global_data.h>
	19
	20	DECLARE_GLOBAL_DATA_PTR;
	21
	22	#define IMG_CONTAINER_BASE (0x80000000UL)
	23	#define IMG_CONTAINER_END_BASE (IMG_CONTAINER_BASE + 0xFFFFUL)
	24
	25	#define AHAB_NO_AUTHENTICATION_IND 0xee
	26	#define AHAB_BAD_KEY_HASH_IND 0xfa
	27	#define AHAB_INVALID_KEY_IND 0xf9
	28	#define AHAB_BAD_SIGNATURE_IND 0xf0
	29	#define AHAB_BAD_HASH_IND 0xf1
	30
	31	static void display_ahab_auth_ind(u32 event)
	32	{
	33	u8 resp_ind = (event >> 8) & 0xff;
	34
	35	switch (resp_ind) {
	36	case AHAB_NO_AUTHENTICATION_IND:
	37	printf("AHAB_NO_AUTHENTICATION_IND (0x%02X)\n\n", resp_ind);
	38	break;
	39	case AHAB_BAD_KEY_HASH_IND:
	40	printf("AHAB_BAD_KEY_HASH_IND (0x%02X)\n\n", resp_ind);
	41	break;
	42	case AHAB_INVALID_KEY_IND:
	43	printf("AHAB_INVALID_KEY_IND (0x%02X)\n\n", resp_ind);
	44	break;
	45	case AHAB_BAD_SIGNATURE_IND:
	46	printf("AHAB_BAD_SIGNATURE_IND (0x%02X)\n\n", resp_ind);
	47	break;
	48	case AHAB_BAD_HASH_IND:
	49	printf("AHAB_BAD_HASH_IND (0x%02X)\n\n", resp_ind);
	50	break;
	51	default:
	52	printf("Unknown Indicator (0x%02X)\n\n", resp_ind);
	53	break;
	54	}
	55	}
	56
	57	int ahab_auth_cntr_hdr(struct container_hdr *container, u16 length)
	58	{
	59	int err;
	60	u32 resp;
	61
	62	memcpy((void )IMG_CONTAINER_BASE, (const void )container,
	63	ALIGN(length, CONFIG_SYS_CACHELINE_SIZE));
	64
65	flush_dcache_range(IMG_CONTAINER_BASE,
66	IMG_CONTAINER_BASE + ALIGN(length, CONFIG_SYS_CACHELINE_SIZE) - 1);
67
68	err = ahab_auth_oem_ctnr(IMG_CONTAINER_BASE, &resp);
69	if (err) {
70	printf("Authenticate container hdr failed, return %d, resp 0x%x\n",
71	err, resp);
72	display_ahab_auth_ind(resp);
73	}
74
75	return err;
76	}
77
78	int ahab_auth_release(void)
79	{
80	int err;
81	u32 resp;
82
83	err = ahab_release_container(&resp);
84	if (err) {
85	printf("Error: release container failed, resp 0x%x!\n", resp);
86	display_ahab_auth_ind(resp);
87	}
88
89	return err;
90	}
91
92	int ahab_verify_cntr_image(struct boot_img_t *img, int image_index)
93	{
94	int err;
95	u32 resp;
96
97	err = ahab_verify_image(image_index, &resp);
98	if (err) {
99	printf("Authenticate img %d failed, return %d, resp 0x%x\n",
100	image_index, err, resp);
101	display_ahab_auth_ind(resp);
102
103	return -EIO;
104	}
105
106	return 0;
107	}
108
109	static inline bool check_in_dram(ulong addr)
110	{
111	int i;
112	struct bd_info *bd = gd->bd;
113
114	for (i = 0; i < CONFIG_NR_DRAM_BANKS; ++i) {
115	if (bd->bi_dram[i].size) {
116	if (addr >= bd->bi_dram[i].start &&
117	addr < (bd->bi_dram[i].start + bd->bi_dram[i].size))
118	return true;
119	}
120	}
121
122	return false;
123	}
124
125	int authenticate_os_container(ulong addr)
126	{
127	struct container_hdr *phdr;
128	int i, ret = 0;
129	int err;
130	u16 length;
131	struct boot_img_t *img;
132	unsigned long s, e;
133
134	if (addr % 4) {
135	puts("Error: Image's address is not 4 byte aligned\n");
136	return -EINVAL;
137	}
138
139	if (!check_in_dram(addr)) {
140	puts("Error: Image's address is invalid\n");
141	return -EINVAL;
142	}
143
144	phdr = (struct container_hdr *)addr;
145	if (phdr->tag != 0x87 \|\| phdr->version != 0x0) {
146	printf("Error: Wrong container header\n");
147	return -EFAULT;
148	}
149
150	if (!phdr->num_images) {
151	printf("Error: Wrong container, no image found\n");
152	return -EFAULT;
153	}
154
155	length = phdr->length_lsb + (phdr->length_msb << 8);
156
157	debug("container length %u\n", length);
158
159	err = ahab_auth_cntr_hdr(phdr, length);
160	if (err) {
161	ret = -EIO;
162	goto exit;
163	}
164
165	debug("Verify images\n");
166
167	/* Copy images to dest address */
168	for (i = 0; i < phdr->num_images; i++) {
169	img = (struct boot_img_t *)(addr +
170	sizeof(struct container_hdr) +
171	i * sizeof(struct boot_img_t));
172
173	debug("img %d, dst 0x%x, src 0x%lx, size 0x%x\n",
174	i, (uint32_t)img->dst, img->offset + addr, img->size);
175
176	memcpy((void )img->dst, (const void )(img->offset + addr),
177	img->size);
178
179	s = img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1);
180	e = ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE) - 1;
181
182	flush_dcache_range(s, e);
183
184	ret = ahab_verify_cntr_image(img, i);
185	if (ret)
186	goto exit;
187	}
188
189	exit:
190	debug("ahab_auth_release, 0x%x\n", ret);
191	ahab_auth_release();
192
193	return ret;
194	}
195
196	static int do_authenticate(struct cmd_tbl *cmdtp, int flag, int argc,
197	char *const argv[])
198	{
199	ulong addr;
200
201	if (argc < 2)
202	return CMD_RET_USAGE;
203
204	addr = simple_strtoul(argv[1], NULL, 16);
205
206	printf("Authenticate OS container at 0x%lx\n", addr);
207
208	if (authenticate_os_container(addr))
209	return CMD_RET_FAILURE;
210
211	return CMD_RET_SUCCESS;
212	}
213
214	static void display_life_cycle(u32 lc)
215	{
216	printf("Lifecycle: 0x%08X, ", lc);
217	switch (lc) {
218	case 0x1:
219	printf("BLANK\n\n");
220	break;
221	case 0x2:
222	printf("FAB\n\n");
223	break;
224	case 0x4:
225	printf("NXP Provisioned\n\n");
226	break;
227	case 0x8:
228	printf("OEM Open\n\n");
229	break;
230	case 0x10:
231	printf("OEM Secure World Closed\n\n");
232	break;
233	case 0x20:
234	printf("OEM closed\n\n");
235	break;
236	case 0x40:
237	printf("Field Return OEM\n\n");
238	break;
239	case 0x80:
240	printf("Field Return NXP\n\n");
241	break;
242	case 0x100:
243	printf("OEM Locked\n\n");
244	break;
245	case 0x200:
246	printf("BRICKED\n\n");
247	break;
248	default:
249	printf("Unknown\n\n");
250	break;
251	}
252	}
253
254	static int confirm_close(void)
255	{
256	puts("Warning: Please ensure your sample is in NXP closed state, "
257	"OEM SRK hash has been fused, \n"
258	" and you are able to boot a signed image successfully "
259	"without any SECO events reported.\n"
260	" If not, your sample will be unrecoverable.\n"
261	"\nReally perform this operation? <y/N>\n");
262
263	if (confirm_yesno())
264	return 1;
265
266	puts("Ahab close aborted\n");
267	return 0;
268	}
269
270	static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc,
271	char *const argv[])
272	{
273	int err;
274	u32 resp;
275
276	if (!confirm_close())
277	return -EACCES;
278
279	err = ahab_forward_lifecycle(8, &resp);
280	if (err != 0) {
281	printf("Error in forward lifecycle to OEM closed\n");
282	return -EIO;
283	}
284
285	printf("Change to OEM closed successfully\n");
286
287	return 0;
288	}
289
290	int ahab_dump(void)
291	{
292	u32 buffer[32];
293	int ret, i = 0;
294
295	do {
296	ret = ahab_dump_buffer(buffer, 32);
297	if (ret < 0) {
298	printf("Error in dump AHAB log\n");
299	return -EIO;
300	}
301
302	if (ret == 1)
303	break;
304	for (i = 0; i < ret; i++)
305	printf("0x%x\n", buffer[i]);
306	} while (ret >= 21);
307
308	return 0;
309	}
310
311	static int do_ahab_dump(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
312	{
313	return ahab_dump();
314	}
315
316	static int do_ahab_status(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
317	{
318	u32 lc;
319
320	lc = readl(FSB_BASE_ADDR + 0x41c);
321	lc &= 0x3ff;
322
323	display_life_cycle(lc);
324	return 0;
325	}
326
327	U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
328	"autenticate OS container via AHAB",
329	"addr\n"
330	"addr - OS container hex address\n"
331	);
332
333	U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close,
334	"Change AHAB lifecycle to OEM closed",
335	""
336	);
337
338	U_BOOT_CMD(ahab_dump, CONFIG_SYS_MAXARGS, 1, do_ahab_dump,
339	"Dump AHAB log for debug",
340	""
341	);
342
343	U_BOOT_CMD(ahab_status, CONFIG_SYS_MAXARGS, 1, do_ahab_status,
344	"display AHAB lifecycle only",
345	""
346	);