]>
Commit | Line | Data |
---|---|---|
fd94c236 YL |
1 | // SPDX-License-Identifier: GPL-2.0+ |
2 | /* | |
3 | * Copyright 2022 NXP | |
4 | */ | |
5 | ||
6 | #include <common.h> | |
7 | #include <command.h> | |
8 | #include <errno.h> | |
9 | #include <asm/io.h> | |
10 | #include <asm/mach-imx/s400_api.h> | |
11 | #include <asm/mach-imx/sys_proto.h> | |
12 | #include <asm/arch-imx/cpu.h> | |
13 | #include <asm/arch/sys_proto.h> | |
14 | #include <asm/mach-imx/image.h> | |
15 | #include <console.h> | |
16 | #include <cpu_func.h> | |
17 | #include <asm/mach-imx/ahab.h> | |
18 | #include <asm/global_data.h> | |
19 | ||
20 | DECLARE_GLOBAL_DATA_PTR; | |
21 | ||
22 | #define IMG_CONTAINER_BASE (0x80000000UL) | |
23 | #define IMG_CONTAINER_END_BASE (IMG_CONTAINER_BASE + 0xFFFFUL) | |
24 | ||
25 | #define AHAB_NO_AUTHENTICATION_IND 0xee | |
26 | #define AHAB_BAD_KEY_HASH_IND 0xfa | |
27 | #define AHAB_INVALID_KEY_IND 0xf9 | |
28 | #define AHAB_BAD_SIGNATURE_IND 0xf0 | |
29 | #define AHAB_BAD_HASH_IND 0xf1 | |
30 | ||
31 | static void display_ahab_auth_ind(u32 event) | |
32 | { | |
33 | u8 resp_ind = (event >> 8) & 0xff; | |
34 | ||
35 | switch (resp_ind) { | |
36 | case AHAB_NO_AUTHENTICATION_IND: | |
37 | printf("AHAB_NO_AUTHENTICATION_IND (0x%02X)\n\n", resp_ind); | |
38 | break; | |
39 | case AHAB_BAD_KEY_HASH_IND: | |
40 | printf("AHAB_BAD_KEY_HASH_IND (0x%02X)\n\n", resp_ind); | |
41 | break; | |
42 | case AHAB_INVALID_KEY_IND: | |
43 | printf("AHAB_INVALID_KEY_IND (0x%02X)\n\n", resp_ind); | |
44 | break; | |
45 | case AHAB_BAD_SIGNATURE_IND: | |
46 | printf("AHAB_BAD_SIGNATURE_IND (0x%02X)\n\n", resp_ind); | |
47 | break; | |
48 | case AHAB_BAD_HASH_IND: | |
49 | printf("AHAB_BAD_HASH_IND (0x%02X)\n\n", resp_ind); | |
50 | break; | |
51 | default: | |
52 | printf("Unknown Indicator (0x%02X)\n\n", resp_ind); | |
53 | break; | |
54 | } | |
55 | } | |
56 | ||
57 | int ahab_auth_cntr_hdr(struct container_hdr *container, u16 length) | |
58 | { | |
59 | int err; | |
60 | u32 resp; | |
61 | ||
62 | memcpy((void *)IMG_CONTAINER_BASE, (const void *)container, | |
63 | ALIGN(length, CONFIG_SYS_CACHELINE_SIZE)); | |
64 | ||
65 | flush_dcache_range(IMG_CONTAINER_BASE, | |
66 | IMG_CONTAINER_BASE + ALIGN(length, CONFIG_SYS_CACHELINE_SIZE) - 1); | |
67 | ||
68 | err = ahab_auth_oem_ctnr(IMG_CONTAINER_BASE, &resp); | |
69 | if (err) { | |
70 | printf("Authenticate container hdr failed, return %d, resp 0x%x\n", | |
71 | err, resp); | |
72 | display_ahab_auth_ind(resp); | |
73 | } | |
74 | ||
75 | return err; | |
76 | } | |
77 | ||
78 | int ahab_auth_release(void) | |
79 | { | |
80 | int err; | |
81 | u32 resp; | |
82 | ||
83 | err = ahab_release_container(&resp); | |
84 | if (err) { | |
85 | printf("Error: release container failed, resp 0x%x!\n", resp); | |
86 | display_ahab_auth_ind(resp); | |
87 | } | |
88 | ||
89 | return err; | |
90 | } | |
91 | ||
92 | int ahab_verify_cntr_image(struct boot_img_t *img, int image_index) | |
93 | { | |
94 | int err; | |
95 | u32 resp; | |
96 | ||
97 | err = ahab_verify_image(image_index, &resp); | |
98 | if (err) { | |
99 | printf("Authenticate img %d failed, return %d, resp 0x%x\n", | |
100 | image_index, err, resp); | |
101 | display_ahab_auth_ind(resp); | |
102 | ||
103 | return -EIO; | |
104 | } | |
105 | ||
106 | return 0; | |
107 | } | |
108 | ||
109 | static inline bool check_in_dram(ulong addr) | |
110 | { | |
111 | int i; | |
112 | struct bd_info *bd = gd->bd; | |
113 | ||
114 | for (i = 0; i < CONFIG_NR_DRAM_BANKS; ++i) { | |
115 | if (bd->bi_dram[i].size) { | |
116 | if (addr >= bd->bi_dram[i].start && | |
117 | addr < (bd->bi_dram[i].start + bd->bi_dram[i].size)) | |
118 | return true; | |
119 | } | |
120 | } | |
121 | ||
122 | return false; | |
123 | } | |
124 | ||
125 | int authenticate_os_container(ulong addr) | |
126 | { | |
127 | struct container_hdr *phdr; | |
128 | int i, ret = 0; | |
129 | int err; | |
130 | u16 length; | |
131 | struct boot_img_t *img; | |
132 | unsigned long s, e; | |
133 | ||
134 | if (addr % 4) { | |
135 | puts("Error: Image's address is not 4 byte aligned\n"); | |
136 | return -EINVAL; | |
137 | } | |
138 | ||
139 | if (!check_in_dram(addr)) { | |
140 | puts("Error: Image's address is invalid\n"); | |
141 | return -EINVAL; | |
142 | } | |
143 | ||
144 | phdr = (struct container_hdr *)addr; | |
145 | if (phdr->tag != 0x87 || phdr->version != 0x0) { | |
146 | printf("Error: Wrong container header\n"); | |
147 | return -EFAULT; | |
148 | } | |
149 | ||
150 | if (!phdr->num_images) { | |
151 | printf("Error: Wrong container, no image found\n"); | |
152 | return -EFAULT; | |
153 | } | |
154 | ||
155 | length = phdr->length_lsb + (phdr->length_msb << 8); | |
156 | ||
157 | debug("container length %u\n", length); | |
158 | ||
159 | err = ahab_auth_cntr_hdr(phdr, length); | |
160 | if (err) { | |
161 | ret = -EIO; | |
162 | goto exit; | |
163 | } | |
164 | ||
165 | debug("Verify images\n"); | |
166 | ||
167 | /* Copy images to dest address */ | |
168 | for (i = 0; i < phdr->num_images; i++) { | |
169 | img = (struct boot_img_t *)(addr + | |
170 | sizeof(struct container_hdr) + | |
171 | i * sizeof(struct boot_img_t)); | |
172 | ||
173 | debug("img %d, dst 0x%x, src 0x%lx, size 0x%x\n", | |
174 | i, (uint32_t)img->dst, img->offset + addr, img->size); | |
175 | ||
176 | memcpy((void *)img->dst, (const void *)(img->offset + addr), | |
177 | img->size); | |
178 | ||
179 | s = img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1); | |
180 | e = ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE) - 1; | |
181 | ||
182 | flush_dcache_range(s, e); | |
183 | ||
184 | ret = ahab_verify_cntr_image(img, i); | |
185 | if (ret) | |
186 | goto exit; | |
187 | } | |
188 | ||
189 | exit: | |
190 | debug("ahab_auth_release, 0x%x\n", ret); | |
191 | ahab_auth_release(); | |
192 | ||
193 | return ret; | |
194 | } | |
195 | ||
196 | static int do_authenticate(struct cmd_tbl *cmdtp, int flag, int argc, | |
197 | char *const argv[]) | |
198 | { | |
199 | ulong addr; | |
200 | ||
201 | if (argc < 2) | |
202 | return CMD_RET_USAGE; | |
203 | ||
204 | addr = simple_strtoul(argv[1], NULL, 16); | |
205 | ||
206 | printf("Authenticate OS container at 0x%lx\n", addr); | |
207 | ||
208 | if (authenticate_os_container(addr)) | |
209 | return CMD_RET_FAILURE; | |
210 | ||
211 | return CMD_RET_SUCCESS; | |
212 | } | |
213 | ||
214 | static void display_life_cycle(u32 lc) | |
215 | { | |
216 | printf("Lifecycle: 0x%08X, ", lc); | |
217 | switch (lc) { | |
218 | case 0x1: | |
219 | printf("BLANK\n\n"); | |
220 | break; | |
221 | case 0x2: | |
222 | printf("FAB\n\n"); | |
223 | break; | |
224 | case 0x4: | |
225 | printf("NXP Provisioned\n\n"); | |
226 | break; | |
227 | case 0x8: | |
228 | printf("OEM Open\n\n"); | |
229 | break; | |
230 | case 0x10: | |
231 | printf("OEM Secure World Closed\n\n"); | |
232 | break; | |
233 | case 0x20: | |
234 | printf("OEM closed\n\n"); | |
235 | break; | |
236 | case 0x40: | |
237 | printf("Field Return OEM\n\n"); | |
238 | break; | |
239 | case 0x80: | |
240 | printf("Field Return NXP\n\n"); | |
241 | break; | |
242 | case 0x100: | |
243 | printf("OEM Locked\n\n"); | |
244 | break; | |
245 | case 0x200: | |
246 | printf("BRICKED\n\n"); | |
247 | break; | |
248 | default: | |
249 | printf("Unknown\n\n"); | |
250 | break; | |
251 | } | |
252 | } | |
253 | ||
254 | static int confirm_close(void) | |
255 | { | |
256 | puts("Warning: Please ensure your sample is in NXP closed state, " | |
257 | "OEM SRK hash has been fused, \n" | |
258 | " and you are able to boot a signed image successfully " | |
259 | "without any SECO events reported.\n" | |
260 | " If not, your sample will be unrecoverable.\n" | |
261 | "\nReally perform this operation? <y/N>\n"); | |
262 | ||
263 | if (confirm_yesno()) | |
264 | return 1; | |
265 | ||
266 | puts("Ahab close aborted\n"); | |
267 | return 0; | |
268 | } | |
269 | ||
270 | static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc, | |
271 | char *const argv[]) | |
272 | { | |
273 | int err; | |
274 | u32 resp; | |
275 | ||
276 | if (!confirm_close()) | |
277 | return -EACCES; | |
278 | ||
279 | err = ahab_forward_lifecycle(8, &resp); | |
280 | if (err != 0) { | |
281 | printf("Error in forward lifecycle to OEM closed\n"); | |
282 | return -EIO; | |
283 | } | |
284 | ||
285 | printf("Change to OEM closed successfully\n"); | |
286 | ||
287 | return 0; | |
288 | } | |
289 | ||
290 | int ahab_dump(void) | |
291 | { | |
292 | u32 buffer[32]; | |
293 | int ret, i = 0; | |
294 | ||
295 | do { | |
296 | ret = ahab_dump_buffer(buffer, 32); | |
297 | if (ret < 0) { | |
298 | printf("Error in dump AHAB log\n"); | |
299 | return -EIO; | |
300 | } | |
301 | ||
302 | if (ret == 1) | |
303 | break; | |
304 | for (i = 0; i < ret; i++) | |
305 | printf("0x%x\n", buffer[i]); | |
306 | } while (ret >= 21); | |
307 | ||
308 | return 0; | |
309 | } | |
310 | ||
311 | static int do_ahab_dump(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) | |
312 | { | |
313 | return ahab_dump(); | |
314 | } | |
315 | ||
316 | static int do_ahab_status(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) | |
317 | { | |
318 | u32 lc; | |
319 | ||
320 | lc = readl(FSB_BASE_ADDR + 0x41c); | |
321 | lc &= 0x3ff; | |
322 | ||
323 | display_life_cycle(lc); | |
324 | return 0; | |
325 | } | |
326 | ||
327 | U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate, | |
328 | "autenticate OS container via AHAB", | |
329 | "addr\n" | |
330 | "addr - OS container hex address\n" | |
331 | ); | |
332 | ||
333 | U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close, | |
334 | "Change AHAB lifecycle to OEM closed", | |
335 | "" | |
336 | ); | |
337 | ||
338 | U_BOOT_CMD(ahab_dump, CONFIG_SYS_MAXARGS, 1, do_ahab_dump, | |
339 | "Dump AHAB log for debug", | |
340 | "" | |
341 | ); | |
342 | ||
343 | U_BOOT_CMD(ahab_status, CONFIG_SYS_MAXARGS, 1, do_ahab_status, | |
344 | "display AHAB lifecycle only", | |
345 | "" | |
346 | ); |