2 * Freescale i.MX23/i.MX28 SB image generator
4 * Copyright (C) 2012-2013 Marek Vasut <marex@denx.de>
6 * SPDX-License-Identifier: GPL-2.0+
18 #include <openssl/evp.h>
20 #include "imagetool.h"
22 #include "pbl_crc32.h"
28 * |-Write to address command block
31 * |-ORR address with mask command block
33 * |-Write to address command block
37 #define SB_HAB_DCD_WRITE 0xccUL
38 #define SB_HAB_DCD_CHECK 0xcfUL
39 #define SB_HAB_DCD_NOOP 0xc0UL
40 #define SB_HAB_DCD_MASK_BIT (1 << 3)
41 #define SB_HAB_DCD_SET_BIT (1 << 4)
43 /* Addr.n = Value.n */
44 #define SB_DCD_WRITE \
45 (SB_HAB_DCD_WRITE << 24)
46 /* Addr.n &= ~Value.n */
48 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT)
49 /* Addr.n |= Value.n */
51 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
52 /* (Addr.n & Value.n) == 0 */
53 #define SB_DCD_CHK_EQZ \
54 (SB_HAB_DCD_CHECK << 24)
55 /* (Addr.n & Value.n) == Value.n */
56 #define SB_DCD_CHK_EQ \
57 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT)
58 /* (Addr.n & Value.n) != Value.n */
59 #define SB_DCD_CHK_NEQ \
60 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_MASK_BIT)
61 /* (Addr.n & Value.n) != 0 */
62 #define SB_DCD_CHK_NEZ \
63 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
66 (SB_HAB_DCD_NOOP << 24)
69 struct sb_dcd_ctx
*dcd
;
75 /* Size of the whole DCD block. */
78 /* Pointer to previous DCD command block. */
79 uint32_t *prev_dcd_head
;
101 struct sb_cmd_ctx
*cmd
;
106 struct sb_command payload
;
107 struct sb_command c_payload
;
110 struct sb_section_ctx
{
116 struct sb_section_ctx
*sect
;
118 struct sb_cmd_ctx
*cmd_head
;
119 struct sb_cmd_ctx
*cmd_tail
;
121 struct sb_sections_header payload
;
124 struct sb_image_ctx
{
125 unsigned int in_section
:1;
126 unsigned int in_dcd
:1;
127 /* Image configuration */
128 unsigned int verbose_boot
:1;
129 unsigned int silent_dump
:1;
130 char *input_filename
;
131 char *output_filename
;
133 uint8_t image_key
[16];
135 /* Number of section in the image */
136 unsigned int sect_count
;
137 /* Bootable section */
138 unsigned int sect_boot
;
139 unsigned int sect_boot_found
:1;
141 struct sb_section_ctx
*sect_head
;
142 struct sb_section_ctx
*sect_tail
;
144 struct sb_dcd_ctx
*dcd_head
;
145 struct sb_dcd_ctx
*dcd_tail
;
147 EVP_CIPHER_CTX cipher_ctx
;
150 struct sb_key_dictionary_key sb_dict_key
;
152 struct sb_boot_image_header payload
;
156 * Instruction semantics:
160 * LOAD IVT address IVT_entry_point
161 * FILL address pattern length
162 * JUMP [HAB] address [r0_arg]
163 * CALL [HAB] address [r0_arg]
165 * For i.MX23, mode = USB/I2C/SPI1_FLASH/SPI2_FLASH/NAND_BCH
166 * JTAG/SPI3_EEPROM/SD_SSP0/SD_SSP1
167 * For i.MX28, mode = USB/I2C/SPI2_FLASH/SPI3_FLASH/NAND_BCH
168 * JTAG/SPI2_EEPROM/SD_SSP0/SD_SSP1
174 static int sb_aes_init(struct sb_image_ctx
*ictx
, uint8_t *iv
, int enc
)
176 EVP_CIPHER_CTX
*ctx
= &ictx
->cipher_ctx
;
179 /* If there is no init vector, init vector is all zeroes. */
181 iv
= ictx
->image_key
;
183 EVP_CIPHER_CTX_init(ctx
);
184 ret
= EVP_CipherInit(ctx
, EVP_aes_128_cbc(), ictx
->image_key
, iv
, enc
);
186 EVP_CIPHER_CTX_set_padding(ctx
, 0);
190 static int sb_aes_crypt(struct sb_image_ctx
*ictx
, uint8_t *in_data
,
191 uint8_t *out_data
, int in_len
)
193 EVP_CIPHER_CTX
*ctx
= &ictx
->cipher_ctx
;
197 outbuf
= malloc(in_len
);
200 memset(outbuf
, 0, sizeof(in_len
));
202 ret
= EVP_CipherUpdate(ctx
, outbuf
, &outlen
, in_data
, in_len
);
209 memcpy(out_data
, outbuf
, outlen
);
216 static int sb_aes_deinit(EVP_CIPHER_CTX
*ctx
)
218 return EVP_CIPHER_CTX_cleanup(ctx
);
221 static int sb_aes_reinit(struct sb_image_ctx
*ictx
, int enc
)
224 EVP_CIPHER_CTX
*ctx
= &ictx
->cipher_ctx
;
225 struct sb_boot_image_header
*sb_header
= &ictx
->payload
;
226 uint8_t *iv
= sb_header
->iv
;
228 ret
= sb_aes_deinit(ctx
);
231 return sb_aes_init(ictx
, iv
, enc
);
237 static void soprintf(struct sb_image_ctx
*ictx
, const char *fmt
, ...)
241 if (ictx
->silent_dump
)
245 vfprintf(stdout
, fmt
, ap
);
252 static time_t sb_get_timestamp(void)
254 struct tm time_2000
= {
255 .tm_yday
= 1, /* Jan. 1st */
256 .tm_year
= 100, /* 2000 */
258 time_t seconds_to_2000
= mktime(&time_2000
);
259 time_t seconds_to_now
= time(NULL
);
261 return seconds_to_now
- seconds_to_2000
;
264 static int sb_get_time(time_t time
, struct tm
*tm
)
266 struct tm time_2000
= {
267 .tm_yday
= 1, /* Jan. 1st */
268 .tm_year
= 0, /* 1900 */
270 const time_t seconds_to_2000
= mktime(&time_2000
);
271 const time_t seconds_to_now
= seconds_to_2000
+ time
;
273 ret
= gmtime_r(&seconds_to_now
, tm
);
274 return ret
? 0 : -EINVAL
;
277 static void sb_encrypt_sb_header(struct sb_image_ctx
*ictx
)
279 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
280 struct sb_boot_image_header
*sb_header
= &ictx
->payload
;
281 uint8_t *sb_header_ptr
= (uint8_t *)sb_header
;
283 /* Encrypt the header, compute the digest. */
284 sb_aes_crypt(ictx
, sb_header_ptr
, NULL
, sizeof(*sb_header
));
285 EVP_DigestUpdate(md_ctx
, sb_header_ptr
, sizeof(*sb_header
));
288 static void sb_encrypt_sb_sections_header(struct sb_image_ctx
*ictx
)
290 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
291 struct sb_section_ctx
*sctx
= ictx
->sect_head
;
292 struct sb_sections_header
*shdr
;
293 uint8_t *sb_sections_header_ptr
;
294 const int size
= sizeof(*shdr
);
297 shdr
= &sctx
->payload
;
298 sb_sections_header_ptr
= (uint8_t *)shdr
;
300 sb_aes_crypt(ictx
, sb_sections_header_ptr
,
301 ictx
->sb_dict_key
.cbc_mac
, size
);
302 EVP_DigestUpdate(md_ctx
, sb_sections_header_ptr
, size
);
308 static void sb_encrypt_key_dictionary_key(struct sb_image_ctx
*ictx
)
310 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
312 sb_aes_crypt(ictx
, ictx
->image_key
, ictx
->sb_dict_key
.key
,
313 sizeof(ictx
->sb_dict_key
.key
));
314 EVP_DigestUpdate(md_ctx
, &ictx
->sb_dict_key
, sizeof(ictx
->sb_dict_key
));
317 static void sb_decrypt_key_dictionary_key(struct sb_image_ctx
*ictx
)
319 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
321 EVP_DigestUpdate(md_ctx
, &ictx
->sb_dict_key
, sizeof(ictx
->sb_dict_key
));
322 sb_aes_crypt(ictx
, ictx
->sb_dict_key
.key
, ictx
->image_key
,
323 sizeof(ictx
->sb_dict_key
.key
));
326 static void sb_encrypt_tag(struct sb_image_ctx
*ictx
,
327 struct sb_cmd_ctx
*cctx
)
329 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
330 struct sb_command
*cmd
= &cctx
->payload
;
332 sb_aes_crypt(ictx
, (uint8_t *)cmd
,
333 (uint8_t *)&cctx
->c_payload
, sizeof(*cmd
));
334 EVP_DigestUpdate(md_ctx
, &cctx
->c_payload
, sizeof(*cmd
));
337 static int sb_encrypt_image(struct sb_image_ctx
*ictx
)
339 /* Start image-wide crypto. */
340 EVP_MD_CTX_init(&ictx
->md_ctx
);
341 EVP_DigestInit(&ictx
->md_ctx
, EVP_sha1());
346 sb_aes_init(ictx
, NULL
, 1);
347 sb_encrypt_sb_header(ictx
);
350 * SB sections header.
352 sb_encrypt_sb_sections_header(ictx
);
357 sb_aes_reinit(ictx
, 1);
358 sb_encrypt_key_dictionary_key(ictx
);
363 struct sb_cmd_ctx
*cctx
;
364 struct sb_command
*ccmd
;
365 struct sb_section_ctx
*sctx
= ictx
->sect_head
;
368 cctx
= sctx
->cmd_head
;
370 sb_aes_reinit(ictx
, 1);
373 ccmd
= &cctx
->payload
;
375 sb_encrypt_tag(ictx
, cctx
);
377 if (ccmd
->header
.tag
== ROM_TAG_CMD
) {
378 sb_aes_reinit(ictx
, 1);
379 } else if (ccmd
->header
.tag
== ROM_LOAD_CMD
) {
380 sb_aes_crypt(ictx
, cctx
->data
, cctx
->data
,
382 EVP_DigestUpdate(&ictx
->md_ctx
, cctx
->data
,
393 * Dump the SHA1 of the whole image.
395 sb_aes_reinit(ictx
, 1);
397 EVP_DigestFinal(&ictx
->md_ctx
, ictx
->digest
, NULL
);
398 sb_aes_crypt(ictx
, ictx
->digest
, ictx
->digest
, sizeof(ictx
->digest
));
400 /* Stop the encryption session. */
401 sb_aes_deinit(&ictx
->cipher_ctx
);
406 static int sb_load_file(struct sb_cmd_ctx
*cctx
, char *filename
)
408 long real_size
, roundup_size
;
415 fprintf(stderr
, "ERR: Missing filename!\n");
419 fp
= fopen(filename
, "r");
423 ret
= fseek(fp
, 0, SEEK_END
);
427 real_size
= ftell(fp
);
431 ret
= fseek(fp
, 0, SEEK_SET
);
435 roundup_size
= roundup(real_size
, SB_BLOCK_SIZE
);
436 data
= calloc(1, roundup_size
);
440 size
= fread(data
, 1, real_size
, fp
);
441 if (size
!= (unsigned long)real_size
)
445 cctx
->length
= roundup_size
;
455 fprintf(stderr
, "ERR: Failed to load file \"%s\"\n", filename
);
459 static uint8_t sb_command_checksum(struct sb_command
*inst
)
461 uint8_t *inst_ptr
= (uint8_t *)inst
;
465 for (i
= 0; i
< sizeof(struct sb_command
); i
++)
471 static int sb_token_to_long(char *tok
, uint32_t *rid
)
476 if (tok
[0] != '0' || tok
[1] != 'x') {
477 fprintf(stderr
, "ERR: Invalid hexadecimal number!\n");
484 id
= strtoul(tok
, &endptr
, 16);
485 if ((errno
== ERANGE
&& id
== ULONG_MAX
) || (errno
!= 0 && id
== 0)) {
486 fprintf(stderr
, "ERR: Value can't be decoded!\n");
490 /* Check for 32-bit overflow. */
491 if (id
> 0xffffffff) {
492 fprintf(stderr
, "ERR: Value too big!\n");
497 fprintf(stderr
, "ERR: Deformed value!\n");
505 static int sb_grow_dcd(struct sb_dcd_ctx
*dctx
, unsigned int inc_size
)
512 dctx
->size
+= inc_size
;
513 tmp
= realloc(dctx
->payload
, dctx
->size
);
519 /* Assemble and update the HAB DCD header. */
520 dctx
->payload
[0] = htonl((SB_HAB_DCD_TAG
<< 24) |
527 static int sb_build_dcd(struct sb_image_ctx
*ictx
, struct sb_cmd_list
*cmd
)
529 struct sb_dcd_ctx
*dctx
;
535 dctx
= calloc(1, sizeof(*dctx
));
539 ret
= sb_grow_dcd(dctx
, 4);
543 /* Read DCD block number. */
544 tok
= strtok(cmd
->cmd
, " ");
546 fprintf(stderr
, "#%i ERR: DCD block without number!\n",
552 /* Parse the DCD block number. */
553 ret
= sb_token_to_long(tok
, &id
);
555 fprintf(stderr
, "#%i ERR: Malformed DCD block number!\n",
563 * The DCD block is now constructed. Append it to the list.
564 * WARNING: The DCD size is still not computed and will be
565 * updated while parsing it's commands.
567 if (!ictx
->dcd_head
) {
568 ictx
->dcd_head
= dctx
;
569 ictx
->dcd_tail
= dctx
;
571 ictx
->dcd_tail
->dcd
= dctx
;
572 ictx
->dcd_tail
= dctx
;
583 static int sb_build_dcd_block(struct sb_image_ctx
*ictx
,
584 struct sb_cmd_list
*cmd
,
588 uint32_t address
, value
, length
;
591 struct sb_dcd_ctx
*dctx
= ictx
->dcd_tail
;
594 if (dctx
->prev_dcd_head
&& (type
!= SB_DCD_NOOP
) &&
595 ((dctx
->prev_dcd_head
[0] & 0xff0000ff) == type
)) {
596 /* Same instruction as before, just append it. */
597 ret
= sb_grow_dcd(dctx
, 8);
600 } else if (type
== SB_DCD_NOOP
) {
601 ret
= sb_grow_dcd(dctx
, 4);
605 /* Update DCD command block pointer. */
606 dctx
->prev_dcd_head
= dctx
->payload
+
607 dctx
->size
/ sizeof(*dctx
->payload
) - 1;
609 /* NOOP has only 4 bytes and no payload. */
613 * Either a different instruction block started now
614 * or this is the first instruction block.
616 ret
= sb_grow_dcd(dctx
, 12);
620 /* Update DCD command block pointer. */
621 dctx
->prev_dcd_head
= dctx
->payload
+
622 dctx
->size
/ sizeof(*dctx
->payload
) - 3;
625 dcd
= dctx
->payload
+ dctx
->size
/ sizeof(*dctx
->payload
) - 2;
628 * Prepare the command.
630 tok
= strtok(cmd
->cmd
, " ");
632 fprintf(stderr
, "#%i ERR: Missing DCD address!\n",
638 /* Read DCD destination address. */
639 ret
= sb_token_to_long(tok
, &address
);
641 fprintf(stderr
, "#%i ERR: Incorrect DCD address!\n",
646 tok
= strtok(NULL
, " ");
648 fprintf(stderr
, "#%i ERR: Missing DCD value!\n",
654 /* Read DCD operation value. */
655 ret
= sb_token_to_long(tok
, &value
);
657 fprintf(stderr
, "#%i ERR: Incorrect DCD value!\n",
662 /* Fill in the new DCD entry. */
663 dcd
[0] = htonl(address
);
664 dcd
[1] = htonl(value
);
667 /* Update the DCD command block. */
668 length
= dctx
->size
-
669 ((dctx
->prev_dcd_head
- dctx
->payload
) *
670 sizeof(*dctx
->payload
));
671 dctx
->prev_dcd_head
[0] = htonl(type
| (length
<< 8));
677 static int sb_build_section(struct sb_image_ctx
*ictx
, struct sb_cmd_list
*cmd
)
679 struct sb_section_ctx
*sctx
;
680 struct sb_sections_header
*shdr
;
682 uint32_t bootable
= 0;
686 sctx
= calloc(1, sizeof(*sctx
));
690 /* Read section number. */
691 tok
= strtok(cmd
->cmd
, " ");
693 fprintf(stderr
, "#%i ERR: Section without number!\n",
699 /* Parse the section number. */
700 ret
= sb_token_to_long(tok
, &id
);
702 fprintf(stderr
, "#%i ERR: Malformed section number!\n",
707 /* Read section's BOOTABLE flag. */
708 tok
= strtok(NULL
, " ");
709 if (tok
&& (strlen(tok
) == 8) && !strncmp(tok
, "BOOTABLE", 8))
710 bootable
= SB_SECTION_FLAG_BOOTABLE
;
712 sctx
->boot
= bootable
;
714 shdr
= &sctx
->payload
;
715 shdr
->section_number
= id
;
716 shdr
->section_flags
= bootable
;
719 * The section is now constructed. Append it to the list.
720 * WARNING: The section size is still not computed and will
721 * be updated while parsing it's commands.
725 /* Mark that this section is bootable one. */
727 if (ictx
->sect_boot_found
) {
729 "#%i WARN: Multiple bootable section!\n",
732 ictx
->sect_boot
= id
;
733 ictx
->sect_boot_found
= 1;
737 if (!ictx
->sect_head
) {
738 ictx
->sect_head
= sctx
;
739 ictx
->sect_tail
= sctx
;
741 ictx
->sect_tail
->sect
= sctx
;
742 ictx
->sect_tail
= sctx
;
752 static int sb_build_command_nop(struct sb_image_ctx
*ictx
)
754 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
755 struct sb_cmd_ctx
*cctx
;
756 struct sb_command
*ccmd
;
758 cctx
= calloc(1, sizeof(*cctx
));
762 ccmd
= &cctx
->payload
;
765 * Construct the command.
767 ccmd
->header
.checksum
= 0x5a;
768 ccmd
->header
.tag
= ROM_NOP_CMD
;
770 cctx
->size
= sizeof(*ccmd
);
773 * Append the command to the last section.
775 if (!sctx
->cmd_head
) {
776 sctx
->cmd_head
= cctx
;
777 sctx
->cmd_tail
= cctx
;
779 sctx
->cmd_tail
->cmd
= cctx
;
780 sctx
->cmd_tail
= cctx
;
786 static int sb_build_command_tag(struct sb_image_ctx
*ictx
,
787 struct sb_cmd_list
*cmd
)
789 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
790 struct sb_cmd_ctx
*cctx
;
791 struct sb_command
*ccmd
;
794 cctx
= calloc(1, sizeof(*cctx
));
798 ccmd
= &cctx
->payload
;
801 * Prepare the command.
803 /* Check for the LAST keyword. */
804 tok
= strtok(cmd
->cmd
, " ");
805 if (tok
&& !strcmp(tok
, "LAST"))
806 ccmd
->header
.flags
= ROM_TAG_CMD_FLAG_ROM_LAST_TAG
;
809 * Construct the command.
811 ccmd
->header
.checksum
= 0x5a;
812 ccmd
->header
.tag
= ROM_TAG_CMD
;
814 cctx
->size
= sizeof(*ccmd
);
817 * Append the command to the last section.
819 if (!sctx
->cmd_head
) {
820 sctx
->cmd_head
= cctx
;
821 sctx
->cmd_tail
= cctx
;
823 sctx
->cmd_tail
->cmd
= cctx
;
824 sctx
->cmd_tail
= cctx
;
830 static int sb_build_command_load(struct sb_image_ctx
*ictx
,
831 struct sb_cmd_list
*cmd
)
833 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
834 struct sb_cmd_ctx
*cctx
;
835 struct sb_command
*ccmd
;
837 int ret
, is_ivt
= 0, is_dcd
= 0;
838 uint32_t dest
, dcd
= 0;
840 cctx
= calloc(1, sizeof(*cctx
));
844 ccmd
= &cctx
->payload
;
847 * Prepare the command.
849 tok
= strtok(cmd
->cmd
, " ");
851 fprintf(stderr
, "#%i ERR: Missing LOAD address or 'IVT'!\n",
857 /* Check for "IVT" flag. */
858 if (!strcmp(tok
, "IVT"))
860 if (!strcmp(tok
, "DCD"))
862 if (is_ivt
|| is_dcd
) {
863 tok
= strtok(NULL
, " ");
865 fprintf(stderr
, "#%i ERR: Missing LOAD address!\n",
872 /* Read load destination address. */
873 ret
= sb_token_to_long(tok
, &dest
);
875 fprintf(stderr
, "#%i ERR: Incorrect LOAD address!\n",
880 /* Read filename or IVT entrypoint or DCD block ID. */
881 tok
= strtok(NULL
, " ");
884 "#%i ERR: Missing LOAD filename or IVT ep or DCD block ID!\n",
892 struct sb_ivt_header
*ivt
;
894 ret
= sb_token_to_long(tok
, &ivtep
);
898 "#%i ERR: Incorrect IVT entry point!\n",
903 ivt
= calloc(1, sizeof(*ivt
));
909 ivt
->header
= sb_hab_ivt_header();
913 cctx
->data
= (uint8_t *)ivt
;
914 cctx
->length
= sizeof(*ivt
);
916 struct sb_dcd_ctx
*dctx
= ictx
->dcd_head
;
920 ret
= sb_token_to_long(tok
, &dcdid
);
924 "#%i ERR: Incorrect DCD block ID!\n",
930 if (dctx
->id
== dcdid
)
936 fprintf(stderr
, "#%i ERR: DCD block %08x not found!\n",
941 asize
= roundup(dctx
->size
, SB_BLOCK_SIZE
);
942 payload
= calloc(1, asize
);
948 memcpy(payload
, dctx
->payload
, dctx
->size
);
950 cctx
->data
= payload
;
951 cctx
->length
= asize
;
953 /* Set the Load DCD flag. */
954 dcd
= ROM_LOAD_CMD_FLAG_DCD_LOAD
;
956 /* Regular LOAD of a file. */
957 ret
= sb_load_file(cctx
, tok
);
959 fprintf(stderr
, "#%i ERR: Cannot load '%s'!\n",
965 if (cctx
->length
& (SB_BLOCK_SIZE
- 1)) {
966 fprintf(stderr
, "#%i ERR: Unaligned payload!\n",
971 * Construct the command.
973 ccmd
->header
.checksum
= 0x5a;
974 ccmd
->header
.tag
= ROM_LOAD_CMD
;
975 ccmd
->header
.flags
= dcd
;
977 ccmd
->load
.address
= dest
;
978 ccmd
->load
.count
= cctx
->length
;
979 ccmd
->load
.crc32
= pbl_crc32(0,
980 (const char *)cctx
->data
,
983 cctx
->size
= sizeof(*ccmd
) + cctx
->length
;
986 * Append the command to the last section.
988 if (!sctx
->cmd_head
) {
989 sctx
->cmd_head
= cctx
;
990 sctx
->cmd_tail
= cctx
;
992 sctx
->cmd_tail
->cmd
= cctx
;
993 sctx
->cmd_tail
= cctx
;
1003 static int sb_build_command_fill(struct sb_image_ctx
*ictx
,
1004 struct sb_cmd_list
*cmd
)
1006 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
1007 struct sb_cmd_ctx
*cctx
;
1008 struct sb_command
*ccmd
;
1010 uint32_t address
, pattern
, length
;
1013 cctx
= calloc(1, sizeof(*cctx
));
1017 ccmd
= &cctx
->payload
;
1020 * Prepare the command.
1022 tok
= strtok(cmd
->cmd
, " ");
1024 fprintf(stderr
, "#%i ERR: Missing FILL address!\n",
1030 /* Read fill destination address. */
1031 ret
= sb_token_to_long(tok
, &address
);
1033 fprintf(stderr
, "#%i ERR: Incorrect FILL address!\n",
1038 tok
= strtok(NULL
, " ");
1040 fprintf(stderr
, "#%i ERR: Missing FILL pattern!\n",
1046 /* Read fill pattern address. */
1047 ret
= sb_token_to_long(tok
, &pattern
);
1049 fprintf(stderr
, "#%i ERR: Incorrect FILL pattern!\n",
1054 tok
= strtok(NULL
, " ");
1056 fprintf(stderr
, "#%i ERR: Missing FILL length!\n",
1062 /* Read fill pattern address. */
1063 ret
= sb_token_to_long(tok
, &length
);
1065 fprintf(stderr
, "#%i ERR: Incorrect FILL length!\n",
1071 * Construct the command.
1073 ccmd
->header
.checksum
= 0x5a;
1074 ccmd
->header
.tag
= ROM_FILL_CMD
;
1076 ccmd
->fill
.address
= address
;
1077 ccmd
->fill
.count
= length
;
1078 ccmd
->fill
.pattern
= pattern
;
1080 cctx
->size
= sizeof(*ccmd
);
1083 * Append the command to the last section.
1085 if (!sctx
->cmd_head
) {
1086 sctx
->cmd_head
= cctx
;
1087 sctx
->cmd_tail
= cctx
;
1089 sctx
->cmd_tail
->cmd
= cctx
;
1090 sctx
->cmd_tail
= cctx
;
1100 static int sb_build_command_jump_call(struct sb_image_ctx
*ictx
,
1101 struct sb_cmd_list
*cmd
,
1102 unsigned int is_call
)
1104 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
1105 struct sb_cmd_ctx
*cctx
;
1106 struct sb_command
*ccmd
;
1108 uint32_t dest
, arg
= 0x0;
1111 const char *cmdname
= is_call
? "CALL" : "JUMP";
1113 cctx
= calloc(1, sizeof(*cctx
));
1117 ccmd
= &cctx
->payload
;
1120 * Prepare the command.
1122 tok
= strtok(cmd
->cmd
, " ");
1125 "#%i ERR: Missing %s address or 'HAB'!\n",
1126 cmd
->lineno
, cmdname
);
1131 /* Check for "HAB" flag. */
1132 if (!strcmp(tok
, "HAB")) {
1133 hab
= is_call
? ROM_CALL_CMD_FLAG_HAB
: ROM_JUMP_CMD_FLAG_HAB
;
1134 tok
= strtok(NULL
, " ");
1136 fprintf(stderr
, "#%i ERR: Missing %s address!\n",
1137 cmd
->lineno
, cmdname
);
1142 /* Read load destination address. */
1143 ret
= sb_token_to_long(tok
, &dest
);
1145 fprintf(stderr
, "#%i ERR: Incorrect %s address!\n",
1146 cmd
->lineno
, cmdname
);
1150 tok
= strtok(NULL
, " ");
1152 ret
= sb_token_to_long(tok
, &arg
);
1155 "#%i ERR: Incorrect %s argument!\n",
1156 cmd
->lineno
, cmdname
);
1162 * Construct the command.
1164 ccmd
->header
.checksum
= 0x5a;
1165 ccmd
->header
.tag
= is_call
? ROM_CALL_CMD
: ROM_JUMP_CMD
;
1166 ccmd
->header
.flags
= hab
;
1168 ccmd
->call
.address
= dest
;
1169 ccmd
->call
.argument
= arg
;
1171 cctx
->size
= sizeof(*ccmd
);
1174 * Append the command to the last section.
1176 if (!sctx
->cmd_head
) {
1177 sctx
->cmd_head
= cctx
;
1178 sctx
->cmd_tail
= cctx
;
1180 sctx
->cmd_tail
->cmd
= cctx
;
1181 sctx
->cmd_tail
= cctx
;
1191 static int sb_build_command_jump(struct sb_image_ctx
*ictx
,
1192 struct sb_cmd_list
*cmd
)
1194 return sb_build_command_jump_call(ictx
, cmd
, 0);
1197 static int sb_build_command_call(struct sb_image_ctx
*ictx
,
1198 struct sb_cmd_list
*cmd
)
1200 return sb_build_command_jump_call(ictx
, cmd
, 1);
1203 static int sb_build_command_mode(struct sb_image_ctx
*ictx
,
1204 struct sb_cmd_list
*cmd
)
1206 struct sb_section_ctx
*sctx
= ictx
->sect_tail
;
1207 struct sb_cmd_ctx
*cctx
;
1208 struct sb_command
*ccmd
;
1212 uint32_t mode
= 0xffffffff;
1214 cctx
= calloc(1, sizeof(*cctx
));
1218 ccmd
= &cctx
->payload
;
1221 * Prepare the command.
1223 tok
= strtok(cmd
->cmd
, " ");
1225 fprintf(stderr
, "#%i ERR: Missing MODE boot mode argument!\n",
1231 for (i
= 0; i
< ARRAY_SIZE(modetable
); i
++) {
1232 if (!strcmp(tok
, modetable
[i
].name
)) {
1233 mode
= modetable
[i
].mode
;
1237 if (!modetable
[i
].altname
)
1240 if (!strcmp(tok
, modetable
[i
].altname
)) {
1241 mode
= modetable
[i
].mode
;
1246 if (mode
== 0xffffffff) {
1247 fprintf(stderr
, "#%i ERR: Invalid MODE boot mode argument!\n",
1254 * Construct the command.
1256 ccmd
->header
.checksum
= 0x5a;
1257 ccmd
->header
.tag
= ROM_MODE_CMD
;
1259 ccmd
->mode
.mode
= mode
;
1261 cctx
->size
= sizeof(*ccmd
);
1264 * Append the command to the last section.
1266 if (!sctx
->cmd_head
) {
1267 sctx
->cmd_head
= cctx
;
1268 sctx
->cmd_tail
= cctx
;
1270 sctx
->cmd_tail
->cmd
= cctx
;
1271 sctx
->cmd_tail
= cctx
;
1281 static int sb_prefill_image_header(struct sb_image_ctx
*ictx
)
1283 struct sb_boot_image_header
*hdr
= &ictx
->payload
;
1285 /* Fill signatures */
1286 memcpy(hdr
->signature1
, "STMP", 4);
1287 memcpy(hdr
->signature2
, "sgtl", 4);
1289 /* SB Image version 1.1 */
1290 hdr
->major_version
= SB_VERSION_MAJOR
;
1291 hdr
->minor_version
= SB_VERSION_MINOR
;
1293 /* Boot image major version */
1294 hdr
->product_version
.major
= htons(0x999);
1295 hdr
->product_version
.minor
= htons(0x999);
1296 hdr
->product_version
.revision
= htons(0x999);
1297 /* Boot image major version */
1298 hdr
->component_version
.major
= htons(0x999);
1299 hdr
->component_version
.minor
= htons(0x999);
1300 hdr
->component_version
.revision
= htons(0x999);
1302 /* Drive tag must be 0x0 for i.MX23 */
1305 hdr
->header_blocks
=
1306 sizeof(struct sb_boot_image_header
) / SB_BLOCK_SIZE
;
1307 hdr
->section_header_size
=
1308 sizeof(struct sb_sections_header
) / SB_BLOCK_SIZE
;
1309 hdr
->timestamp_us
= sb_get_timestamp() * 1000000;
1311 /* FIXME -- add proper config option */
1312 hdr
->flags
= ictx
->verbose_boot
? SB_IMAGE_FLAG_VERBOSE
: 0,
1314 /* FIXME -- We support only default key */
1320 static int sb_postfill_image_header(struct sb_image_ctx
*ictx
)
1322 struct sb_boot_image_header
*hdr
= &ictx
->payload
;
1323 struct sb_section_ctx
*sctx
= ictx
->sect_head
;
1324 uint32_t kd_size
, sections_blocks
;
1327 /* The main SB header size in blocks. */
1328 hdr
->image_blocks
= hdr
->header_blocks
;
1330 /* Size of the key dictionary, which has single zero entry. */
1331 kd_size
= hdr
->key_count
* sizeof(struct sb_key_dictionary_key
);
1332 hdr
->image_blocks
+= kd_size
/ SB_BLOCK_SIZE
;
1334 /* Now count the payloads. */
1335 hdr
->section_count
= ictx
->sect_count
;
1337 hdr
->image_blocks
+= sctx
->size
/ SB_BLOCK_SIZE
;
1341 if (!ictx
->sect_boot_found
) {
1342 fprintf(stderr
, "ERR: No bootable section selected!\n");
1345 hdr
->first_boot_section_id
= ictx
->sect_boot
;
1347 /* The n * SB section size in blocks. */
1348 sections_blocks
= hdr
->section_count
* hdr
->section_header_size
;
1349 hdr
->image_blocks
+= sections_blocks
;
1351 /* Key dictionary offset. */
1352 hdr
->key_dictionary_block
= hdr
->header_blocks
+ sections_blocks
;
1354 /* Digest of the whole image. */
1355 hdr
->image_blocks
+= 2;
1357 /* Pointer past the dictionary. */
1358 hdr
->first_boot_tag_block
=
1359 hdr
->key_dictionary_block
+ kd_size
/ SB_BLOCK_SIZE
;
1361 /* Compute header digest. */
1362 EVP_MD_CTX_init(&md_ctx
);
1364 EVP_DigestInit(&md_ctx
, EVP_sha1());
1365 EVP_DigestUpdate(&md_ctx
, hdr
->signature1
,
1366 sizeof(struct sb_boot_image_header
) -
1367 sizeof(hdr
->digest
));
1368 EVP_DigestFinal(&md_ctx
, hdr
->digest
, NULL
);
1373 static int sb_fixup_sections_and_tags(struct sb_image_ctx
*ictx
)
1375 /* Fixup the placement of sections. */
1376 struct sb_boot_image_header
*ihdr
= &ictx
->payload
;
1377 struct sb_section_ctx
*sctx
= ictx
->sect_head
;
1378 struct sb_sections_header
*shdr
;
1379 struct sb_cmd_ctx
*cctx
;
1380 struct sb_command
*ccmd
;
1381 uint32_t offset
= ihdr
->first_boot_tag_block
;
1384 shdr
= &sctx
->payload
;
1386 /* Fill in the section TAG offset. */
1387 shdr
->section_offset
= offset
+ 1;
1388 offset
+= shdr
->section_size
;
1390 /* Section length is measured from the TAG block. */
1391 shdr
->section_size
--;
1393 /* Fixup the TAG command. */
1394 cctx
= sctx
->cmd_head
;
1396 ccmd
= &cctx
->payload
;
1397 if (ccmd
->header
.tag
== ROM_TAG_CMD
) {
1398 ccmd
->tag
.section_number
= shdr
->section_number
;
1399 ccmd
->tag
.section_length
= shdr
->section_size
;
1400 ccmd
->tag
.section_flags
= shdr
->section_flags
;
1403 /* Update the command checksum. */
1404 ccmd
->header
.checksum
= sb_command_checksum(ccmd
);
1415 static int sb_parse_line(struct sb_image_ctx
*ictx
, struct sb_cmd_list
*cmd
)
1418 char *line
= cmd
->cmd
;
1422 /* Analyze the identifier on this line first. */
1423 tok
= strtok_r(line
, " ", &rptr
);
1424 if (!tok
|| (strlen(tok
) == 0)) {
1425 fprintf(stderr
, "#%i ERR: Invalid line!\n", cmd
->lineno
);
1432 if (!strcmp(tok
, "DCD")) {
1433 ictx
->in_section
= 0;
1435 sb_build_dcd(ictx
, cmd
);
1440 if (!strcmp(tok
, "SECTION")) {
1441 ictx
->in_section
= 1;
1443 sb_build_section(ictx
, cmd
);
1447 if (!ictx
->in_section
&& !ictx
->in_dcd
) {
1448 fprintf(stderr
, "#%i ERR: Data outside of a section!\n",
1453 if (ictx
->in_section
) {
1454 /* Section commands */
1455 if (!strcmp(tok
, "NOP")) {
1456 ret
= sb_build_command_nop(ictx
);
1457 } else if (!strcmp(tok
, "TAG")) {
1458 ret
= sb_build_command_tag(ictx
, cmd
);
1459 } else if (!strcmp(tok
, "LOAD")) {
1460 ret
= sb_build_command_load(ictx
, cmd
);
1461 } else if (!strcmp(tok
, "FILL")) {
1462 ret
= sb_build_command_fill(ictx
, cmd
);
1463 } else if (!strcmp(tok
, "JUMP")) {
1464 ret
= sb_build_command_jump(ictx
, cmd
);
1465 } else if (!strcmp(tok
, "CALL")) {
1466 ret
= sb_build_command_call(ictx
, cmd
);
1467 } else if (!strcmp(tok
, "MODE")) {
1468 ret
= sb_build_command_mode(ictx
, cmd
);
1471 "#%i ERR: Unsupported instruction '%s'!\n",
1475 } else if (ictx
->in_dcd
) {
1477 uint32_t ilen
= '1';
1479 tok
= strtok_r(tok
, ".", &lptr
);
1480 if (!tok
|| (strlen(tok
) == 0) || (lptr
&& strlen(lptr
) != 1)) {
1481 fprintf(stderr
, "#%i ERR: Invalid line!\n",
1487 (lptr
[0] != '1' && lptr
[0] != '2' && lptr
[0] != '4')) {
1488 fprintf(stderr
, "#%i ERR: Invalid instruction width!\n",
1494 ilen
= lptr
[0] - '1';
1497 if (!strcmp(tok
, "WRITE")) {
1498 ret
= sb_build_dcd_block(ictx
, cmd
,
1499 SB_DCD_WRITE
| ilen
);
1500 } else if (!strcmp(tok
, "ANDC")) {
1501 ret
= sb_build_dcd_block(ictx
, cmd
,
1502 SB_DCD_ANDC
| ilen
);
1503 } else if (!strcmp(tok
, "ORR")) {
1504 ret
= sb_build_dcd_block(ictx
, cmd
,
1506 } else if (!strcmp(tok
, "EQZ")) {
1507 ret
= sb_build_dcd_block(ictx
, cmd
,
1508 SB_DCD_CHK_EQZ
| ilen
);
1509 } else if (!strcmp(tok
, "EQ")) {
1510 ret
= sb_build_dcd_block(ictx
, cmd
,
1511 SB_DCD_CHK_EQ
| ilen
);
1512 } else if (!strcmp(tok
, "NEQ")) {
1513 ret
= sb_build_dcd_block(ictx
, cmd
,
1514 SB_DCD_CHK_NEQ
| ilen
);
1515 } else if (!strcmp(tok
, "NEZ")) {
1516 ret
= sb_build_dcd_block(ictx
, cmd
,
1517 SB_DCD_CHK_NEZ
| ilen
);
1518 } else if (!strcmp(tok
, "NOOP")) {
1519 ret
= sb_build_dcd_block(ictx
, cmd
, SB_DCD_NOOP
);
1522 "#%i ERR: Unsupported instruction '%s'!\n",
1527 fprintf(stderr
, "#%i ERR: Unsupported instruction '%s'!\n",
1533 * Here we have at least one section with one command, otherwise we
1534 * would have failed already higher above.
1536 * FIXME -- should the updating happen here ?
1538 if (ictx
->in_section
&& !ret
) {
1539 ictx
->sect_tail
->size
+= ictx
->sect_tail
->cmd_tail
->size
;
1540 ictx
->sect_tail
->payload
.section_size
=
1541 ictx
->sect_tail
->size
/ SB_BLOCK_SIZE
;
1547 static int sb_load_cmdfile(struct sb_image_ctx
*ictx
)
1549 struct sb_cmd_list cmd
;
1556 fp
= fopen(ictx
->cfg_filename
, "r");
1560 while ((rlen
= getline(&line
, &len
, fp
)) > 0) {
1561 memset(&cmd
, 0, sizeof(cmd
));
1563 /* Strip the trailing newline. */
1564 line
[rlen
- 1] = '\0';
1568 cmd
.lineno
= lineno
++;
1570 sb_parse_line(ictx
, &cmd
);
1581 fprintf(stderr
, "ERR: Failed to load file \"%s\"\n",
1582 ictx
->cfg_filename
);
1586 static int sb_build_tree_from_cfg(struct sb_image_ctx
*ictx
)
1590 ret
= sb_load_cmdfile(ictx
);
1594 ret
= sb_prefill_image_header(ictx
);
1598 ret
= sb_postfill_image_header(ictx
);
1602 ret
= sb_fixup_sections_and_tags(ictx
);
1609 static int sb_verify_image_header(struct sb_image_ctx
*ictx
,
1610 FILE *fp
, long fsize
)
1612 /* Verify static fields in the image header. */
1613 struct sb_boot_image_header
*hdr
= &ictx
->payload
;
1614 const char *stat
[2] = { "[PASS]", "[FAIL]" };
1617 unsigned char digest
[20];
1621 /* Start image-wide crypto. */
1622 EVP_MD_CTX_init(&ictx
->md_ctx
);
1623 EVP_DigestInit(&ictx
->md_ctx
, EVP_sha1());
1625 soprintf(ictx
, "---------- Verifying SB Image Header ----------\n");
1627 size
= fread(&ictx
->payload
, 1, sizeof(ictx
->payload
), fp
);
1628 if (size
!= sizeof(ictx
->payload
)) {
1629 fprintf(stderr
, "ERR: SB image header too short!\n");
1633 /* Compute header digest. */
1634 EVP_MD_CTX_init(&md_ctx
);
1635 EVP_DigestInit(&md_ctx
, EVP_sha1());
1636 EVP_DigestUpdate(&md_ctx
, hdr
->signature1
,
1637 sizeof(struct sb_boot_image_header
) -
1638 sizeof(hdr
->digest
));
1639 EVP_DigestFinal(&md_ctx
, digest
, NULL
);
1641 sb_aes_init(ictx
, NULL
, 1);
1642 sb_encrypt_sb_header(ictx
);
1644 if (memcmp(digest
, hdr
->digest
, 20))
1646 soprintf(ictx
, "%s Image header checksum: %s\n", stat
[!!ret
],
1647 ret
? "BAD" : "OK");
1651 if (memcmp(hdr
->signature1
, "STMP", 4) ||
1652 memcmp(hdr
->signature2
, "sgtl", 4))
1654 soprintf(ictx
, "%s Signatures: '%.4s' '%.4s'\n",
1655 stat
[!!ret
], hdr
->signature1
, hdr
->signature2
);
1659 if ((hdr
->major_version
!= SB_VERSION_MAJOR
) ||
1660 ((hdr
->minor_version
!= 1) && (hdr
->minor_version
!= 2)))
1662 soprintf(ictx
, "%s Image version: v%i.%i\n", stat
[!!ret
],
1663 hdr
->major_version
, hdr
->minor_version
);
1667 ret
= sb_get_time(hdr
->timestamp_us
/ 1000000, &tm
);
1669 "%s Creation time: %02i:%02i:%02i %02i/%02i/%04i\n",
1670 stat
[!!ret
], tm
.tm_hour
, tm
.tm_min
, tm
.tm_sec
,
1671 tm
.tm_mday
, tm
.tm_mon
, tm
.tm_year
+ 2000);
1675 soprintf(ictx
, "%s Product version: %x.%x.%x\n", stat
[0],
1676 ntohs(hdr
->product_version
.major
),
1677 ntohs(hdr
->product_version
.minor
),
1678 ntohs(hdr
->product_version
.revision
));
1679 soprintf(ictx
, "%s Component version: %x.%x.%x\n", stat
[0],
1680 ntohs(hdr
->component_version
.major
),
1681 ntohs(hdr
->component_version
.minor
),
1682 ntohs(hdr
->component_version
.revision
));
1684 if (hdr
->flags
& ~SB_IMAGE_FLAG_VERBOSE
)
1686 soprintf(ictx
, "%s Image flags: %s\n", stat
[!!ret
],
1687 hdr
->flags
& SB_IMAGE_FLAG_VERBOSE
? "Verbose_boot" : "");
1691 if (hdr
->drive_tag
!= 0)
1693 soprintf(ictx
, "%s Drive tag: %i\n", stat
[!!ret
],
1698 sz
= sizeof(struct sb_boot_image_header
) / SB_BLOCK_SIZE
;
1699 if (hdr
->header_blocks
!= sz
)
1701 soprintf(ictx
, "%s Image header size (blocks): %i\n", stat
[!!ret
],
1702 hdr
->header_blocks
);
1706 sz
= sizeof(struct sb_sections_header
) / SB_BLOCK_SIZE
;
1707 if (hdr
->section_header_size
!= sz
)
1709 soprintf(ictx
, "%s Section header size (blocks): %i\n", stat
[!!ret
],
1710 hdr
->section_header_size
);
1714 soprintf(ictx
, "%s Sections count: %i\n", stat
[!!ret
],
1715 hdr
->section_count
);
1716 soprintf(ictx
, "%s First bootable section %i\n", stat
[!!ret
],
1717 hdr
->first_boot_section_id
);
1719 if (hdr
->image_blocks
!= fsize
/ SB_BLOCK_SIZE
)
1721 soprintf(ictx
, "%s Image size (blocks): %i\n", stat
[!!ret
],
1726 sz
= hdr
->header_blocks
+ hdr
->section_header_size
* hdr
->section_count
;
1727 if (hdr
->key_dictionary_block
!= sz
)
1729 soprintf(ictx
, "%s Key dict offset (blocks): %i\n", stat
[!!ret
],
1730 hdr
->key_dictionary_block
);
1734 if (hdr
->key_count
!= 1)
1736 soprintf(ictx
, "%s Number of encryption keys: %i\n", stat
[!!ret
],
1741 sz
= hdr
->header_blocks
+ hdr
->section_header_size
* hdr
->section_count
;
1742 sz
+= hdr
->key_count
*
1743 sizeof(struct sb_key_dictionary_key
) / SB_BLOCK_SIZE
;
1744 if (hdr
->first_boot_tag_block
!= (unsigned)sz
)
1746 soprintf(ictx
, "%s First TAG block (blocks): %i\n", stat
[!!ret
],
1747 hdr
->first_boot_tag_block
);
1754 static void sb_decrypt_tag(struct sb_image_ctx
*ictx
,
1755 struct sb_cmd_ctx
*cctx
)
1757 EVP_MD_CTX
*md_ctx
= &ictx
->md_ctx
;
1758 struct sb_command
*cmd
= &cctx
->payload
;
1760 sb_aes_crypt(ictx
, (uint8_t *)&cctx
->c_payload
,
1761 (uint8_t *)&cctx
->payload
, sizeof(*cmd
));
1762 EVP_DigestUpdate(md_ctx
, &cctx
->c_payload
, sizeof(*cmd
));
1765 static int sb_verify_command(struct sb_image_ctx
*ictx
,
1766 struct sb_cmd_ctx
*cctx
, FILE *fp
,
1767 unsigned long *tsize
)
1769 struct sb_command
*ccmd
= &cctx
->payload
;
1770 unsigned long size
, asize
;
1771 char *csum
, *flag
= "";
1774 uint8_t csn
, csc
= ccmd
->header
.checksum
;
1775 ccmd
->header
.checksum
= 0x5a;
1776 csn
= sb_command_checksum(ccmd
);
1777 ccmd
->header
.checksum
= csc
;
1783 csum
= ret
? "checksum BAD" : "checksum OK";
1785 switch (ccmd
->header
.tag
) {
1787 soprintf(ictx
, " NOOP # %s\n", csum
);
1790 if (ccmd
->header
.flags
& ROM_TAG_CMD_FLAG_ROM_LAST_TAG
)
1792 soprintf(ictx
, " TAG %s # %s\n", flag
, csum
);
1793 sb_aes_reinit(ictx
, 0);
1796 soprintf(ictx
, " LOAD addr=0x%08x length=0x%08x # %s\n",
1797 ccmd
->load
.address
, ccmd
->load
.count
, csum
);
1799 cctx
->length
= ccmd
->load
.count
;
1800 asize
= roundup(cctx
->length
, SB_BLOCK_SIZE
);
1801 cctx
->data
= malloc(asize
);
1805 size
= fread(cctx
->data
, 1, asize
, fp
);
1806 if (size
!= asize
) {
1808 "ERR: SB LOAD command payload too short!\n");
1814 EVP_DigestUpdate(&ictx
->md_ctx
, cctx
->data
, asize
);
1815 sb_aes_crypt(ictx
, cctx
->data
, cctx
->data
, asize
);
1817 if (ccmd
->load
.crc32
!= pbl_crc32(0,
1818 (const char *)cctx
->data
,
1821 "ERR: SB LOAD command payload CRC32 invalid!\n");
1827 " FILL addr=0x%08x length=0x%08x pattern=0x%08x # %s\n",
1828 ccmd
->fill
.address
, ccmd
->fill
.count
,
1829 ccmd
->fill
.pattern
, csum
);
1832 if (ccmd
->header
.flags
& ROM_JUMP_CMD_FLAG_HAB
)
1835 " JUMP%s addr=0x%08x r0_arg=0x%08x # %s\n",
1836 flag
, ccmd
->fill
.address
, ccmd
->jump
.argument
, csum
);
1839 if (ccmd
->header
.flags
& ROM_CALL_CMD_FLAG_HAB
)
1842 " CALL%s addr=0x%08x r0_arg=0x%08x # %s\n",
1843 flag
, ccmd
->fill
.address
, ccmd
->jump
.argument
, csum
);
1846 for (i
= 0; i
< ARRAY_SIZE(modetable
); i
++) {
1847 if (ccmd
->mode
.mode
== modetable
[i
].mode
) {
1848 soprintf(ictx
, " MODE %s # %s\n",
1849 modetable
[i
].name
, csum
);
1853 fprintf(stderr
, " MODE !INVALID! # %s\n", csum
);
1860 static int sb_verify_commands(struct sb_image_ctx
*ictx
,
1861 struct sb_section_ctx
*sctx
, FILE *fp
)
1863 unsigned long size
, tsize
= 0;
1864 struct sb_cmd_ctx
*cctx
;
1867 sb_aes_reinit(ictx
, 0);
1869 while (tsize
< sctx
->size
) {
1870 cctx
= calloc(1, sizeof(*cctx
));
1873 if (!sctx
->cmd_head
) {
1874 sctx
->cmd_head
= cctx
;
1875 sctx
->cmd_tail
= cctx
;
1877 sctx
->cmd_tail
->cmd
= cctx
;
1878 sctx
->cmd_tail
= cctx
;
1881 size
= fread(&cctx
->c_payload
, 1, sizeof(cctx
->c_payload
), fp
);
1882 if (size
!= sizeof(cctx
->c_payload
)) {
1883 fprintf(stderr
, "ERR: SB command header too short!\n");
1889 sb_decrypt_tag(ictx
, cctx
);
1891 ret
= sb_verify_command(ictx
, cctx
, fp
, &tsize
);
1899 static int sb_verify_sections_cmds(struct sb_image_ctx
*ictx
, FILE *fp
)
1901 struct sb_boot_image_header
*hdr
= &ictx
->payload
;
1902 struct sb_sections_header
*shdr
;
1905 struct sb_section_ctx
*sctx
;
1907 char *bootable
= "";
1909 soprintf(ictx
, "----- Verifying SB Sections and Commands -----\n");
1911 for (i
= 0; i
< hdr
->section_count
; i
++) {
1912 sctx
= calloc(1, sizeof(*sctx
));
1915 if (!ictx
->sect_head
) {
1916 ictx
->sect_head
= sctx
;
1917 ictx
->sect_tail
= sctx
;
1919 ictx
->sect_tail
->sect
= sctx
;
1920 ictx
->sect_tail
= sctx
;
1923 size
= fread(&sctx
->payload
, 1, sizeof(sctx
->payload
), fp
);
1924 if (size
!= sizeof(sctx
->payload
)) {
1925 fprintf(stderr
, "ERR: SB section header too short!\n");
1930 size
= fread(&ictx
->sb_dict_key
, 1, sizeof(ictx
->sb_dict_key
), fp
);
1931 if (size
!= sizeof(ictx
->sb_dict_key
)) {
1932 fprintf(stderr
, "ERR: SB key dictionary too short!\n");
1936 sb_encrypt_sb_sections_header(ictx
);
1937 sb_aes_reinit(ictx
, 0);
1938 sb_decrypt_key_dictionary_key(ictx
);
1940 sb_aes_reinit(ictx
, 0);
1942 sctx
= ictx
->sect_head
;
1944 shdr
= &sctx
->payload
;
1946 if (shdr
->section_flags
& SB_SECTION_FLAG_BOOTABLE
) {
1948 bootable
= " BOOTABLE";
1951 sctx
->size
= (shdr
->section_size
* SB_BLOCK_SIZE
) +
1952 sizeof(struct sb_command
);
1953 soprintf(ictx
, "SECTION 0x%x%s # size = %i bytes\n",
1954 shdr
->section_number
, bootable
, sctx
->size
);
1956 if (shdr
->section_flags
& ~SB_SECTION_FLAG_BOOTABLE
)
1957 fprintf(stderr
, " WARN: Unknown section flag(s) %08x\n",
1958 shdr
->section_flags
);
1960 if ((shdr
->section_flags
& SB_SECTION_FLAG_BOOTABLE
) &&
1961 (hdr
->first_boot_section_id
!= shdr
->section_number
)) {
1963 " WARN: Bootable section does ID not match image header ID!\n");
1966 ret
= sb_verify_commands(ictx
, sctx
, fp
);
1975 * check if the first TAG command is at sctx->section_offset
1980 static int sb_verify_image_end(struct sb_image_ctx
*ictx
,
1981 FILE *fp
, off_t filesz
)
1988 soprintf(ictx
, "------------- Verifying image end -------------\n");
1990 size
= fread(digest
, 1, sizeof(digest
), fp
);
1991 if (size
!= sizeof(digest
)) {
1992 fprintf(stderr
, "ERR: SB key dictionary too short!\n");
1997 if (pos
!= filesz
) {
1998 fprintf(stderr
, "ERR: Trailing data past the image!\n");
2002 /* Check the image digest. */
2003 EVP_DigestFinal(&ictx
->md_ctx
, ictx
->digest
, NULL
);
2005 /* Decrypt the image digest from the input image. */
2006 sb_aes_reinit(ictx
, 0);
2007 sb_aes_crypt(ictx
, digest
, digest
, sizeof(digest
));
2009 /* Check all of 20 bytes of the SHA1 hash. */
2010 ret
= memcmp(digest
, ictx
->digest
, 20) ? -EINVAL
: 0;
2013 soprintf(ictx
, "[FAIL] Full-image checksum: BAD\n");
2015 soprintf(ictx
, "[PASS] Full-image checksum: OK\n");
2021 static int sb_build_tree_from_img(struct sb_image_ctx
*ictx
)
2027 if (!ictx
->input_filename
) {
2028 fprintf(stderr
, "ERR: Missing filename!\n");
2032 fp
= fopen(ictx
->input_filename
, "r");
2036 ret
= fseek(fp
, 0, SEEK_END
);
2040 filesize
= ftell(fp
);
2044 ret
= fseek(fp
, 0, SEEK_SET
);
2048 if (filesize
< (signed)sizeof(ictx
->payload
)) {
2049 fprintf(stderr
, "ERR: File too short!\n");
2053 if (filesize
& (SB_BLOCK_SIZE
- 1)) {
2054 fprintf(stderr
, "ERR: The file is not aligned!\n");
2058 /* Load and verify image header */
2059 ret
= sb_verify_image_header(ictx
, fp
, filesize
);
2063 /* Load and verify sections and commands */
2064 ret
= sb_verify_sections_cmds(ictx
, fp
);
2068 ret
= sb_verify_image_end(ictx
, fp
, filesize
);
2075 soprintf(ictx
, "-------------------- Result -------------------\n");
2076 soprintf(ictx
, "Verification %s\n", ret
? "FAILED" : "PASSED");
2078 /* Stop the encryption session. */
2079 sb_aes_deinit(&ictx
->cipher_ctx
);
2087 fprintf(stderr
, "ERR: Failed to load file \"%s\"\n",
2088 ictx
->input_filename
);
2092 static void sb_free_image(struct sb_image_ctx
*ictx
)
2094 struct sb_section_ctx
*sctx
= ictx
->sect_head
, *s_head
;
2095 struct sb_dcd_ctx
*dctx
= ictx
->dcd_head
, *d_head
;
2096 struct sb_cmd_ctx
*cctx
, *c_head
;
2100 c_head
= sctx
->cmd_head
;
2104 c_head
= c_head
->cmd
;
2117 free(d_head
->payload
);
2123 * MXSSB-MKIMAGE glue code.
2125 static int mxsimage_check_image_types(uint8_t type
)
2127 if (type
== IH_TYPE_MXSIMAGE
)
2128 return EXIT_SUCCESS
;
2130 return EXIT_FAILURE
;
2133 static void mxsimage_set_header(void *ptr
, struct stat
*sbuf
, int ifd
,
2134 struct image_tool_params
*params
)
2138 int mxsimage_check_params(struct image_tool_params
*params
)
2142 if (!strlen(params
->imagename
)) {
2144 "Error: %s - Configuration file not specified, it is needed for mxsimage generation\n",
2151 * XIP is not allowed and verify that incompatible
2152 * parameters are not sent at the same time
2153 * For example, if list is required a data image must not be provided
2155 return (params
->dflag
&& (params
->fflag
|| params
->lflag
)) ||
2156 (params
->fflag
&& (params
->dflag
|| params
->lflag
)) ||
2157 (params
->lflag
&& (params
->dflag
|| params
->fflag
)) ||
2158 (params
->xflag
) || !(strlen(params
->imagename
));
2161 static int mxsimage_verify_print_header(char *file
, int silent
)
2164 struct sb_image_ctx ctx
;
2166 memset(&ctx
, 0, sizeof(ctx
));
2168 ctx
.input_filename
= file
;
2169 ctx
.silent_dump
= silent
;
2171 ret
= sb_build_tree_from_img(&ctx
);
2172 sb_free_image(&ctx
);
2178 static int mxsimage_verify_header(unsigned char *ptr
, int image_size
,
2179 struct image_tool_params
*params
)
2181 struct sb_boot_image_header
*hdr
;
2186 hdr
= (struct sb_boot_image_header
*)ptr
;
2189 * Check if the header contains the MXS image signatures,
2190 * if so, do a full-image verification.
2192 if (memcmp(hdr
->signature1
, "STMP", 4) ||
2193 memcmp(hdr
->signature2
, "sgtl", 4))
2196 imagefile
= params
->imagefile
;
2198 return mxsimage_verify_print_header(params
->imagefile
, 1);
2201 static void mxsimage_print_header(const void *hdr
)
2204 mxsimage_verify_print_header(imagefile
, 0);
2207 static int sb_build_image(struct sb_image_ctx
*ictx
,
2208 struct image_type_params
*tparams
)
2210 struct sb_boot_image_header
*sb_header
= &ictx
->payload
;
2211 struct sb_section_ctx
*sctx
;
2212 struct sb_cmd_ctx
*cctx
;
2213 struct sb_command
*ccmd
;
2214 struct sb_key_dictionary_key
*sb_dict_key
= &ictx
->sb_dict_key
;
2216 uint8_t *image
, *iptr
;
2218 /* Calculate image size. */
2219 uint32_t size
= sizeof(*sb_header
) +
2220 ictx
->sect_count
* sizeof(struct sb_sections_header
) +
2221 sizeof(*sb_dict_key
) + sizeof(ictx
->digest
);
2223 sctx
= ictx
->sect_head
;
2229 image
= malloc(size
);
2234 memcpy(iptr
, sb_header
, sizeof(*sb_header
));
2235 iptr
+= sizeof(*sb_header
);
2237 sctx
= ictx
->sect_head
;
2239 memcpy(iptr
, &sctx
->payload
, sizeof(struct sb_sections_header
));
2240 iptr
+= sizeof(struct sb_sections_header
);
2244 memcpy(iptr
, sb_dict_key
, sizeof(*sb_dict_key
));
2245 iptr
+= sizeof(*sb_dict_key
);
2247 sctx
= ictx
->sect_head
;
2249 cctx
= sctx
->cmd_head
;
2251 ccmd
= &cctx
->payload
;
2253 memcpy(iptr
, &cctx
->c_payload
, sizeof(cctx
->payload
));
2254 iptr
+= sizeof(cctx
->payload
);
2256 if (ccmd
->header
.tag
== ROM_LOAD_CMD
) {
2257 memcpy(iptr
, cctx
->data
, cctx
->length
);
2258 iptr
+= cctx
->length
;
2267 memcpy(iptr
, ictx
->digest
, sizeof(ictx
->digest
));
2268 iptr
+= sizeof(ictx
->digest
);
2270 /* Configure the mkimage */
2271 tparams
->hdr
= image
;
2272 tparams
->header_size
= size
;
2277 static int mxsimage_generate(struct image_tool_params
*params
,
2278 struct image_type_params
*tparams
)
2281 struct sb_image_ctx ctx
;
2283 /* Do not copy the U-Boot image! */
2284 params
->skipcpy
= 1;
2286 memset(&ctx
, 0, sizeof(ctx
));
2288 ctx
.cfg_filename
= params
->imagename
;
2289 ctx
.output_filename
= params
->imagefile
;
2290 ctx
.verbose_boot
= 1;
2292 ret
= sb_build_tree_from_cfg(&ctx
);
2296 ret
= sb_encrypt_image(&ctx
);
2298 ret
= sb_build_image(&ctx
, tparams
);
2301 sb_free_image(&ctx
);
2307 * mxsimage parameters
2309 static struct image_type_params mxsimage_params
= {
2310 .name
= "Freescale MXS Boot Image support",
2313 .check_image_type
= mxsimage_check_image_types
,
2314 .verify_header
= mxsimage_verify_header
,
2315 .print_header
= mxsimage_print_header
,
2316 .set_header
= mxsimage_set_header
,
2317 .check_params
= mxsimage_check_params
,
2318 .vrec_header
= mxsimage_generate
,
2321 void init_mxs_image_type(void)
2323 register_image_type(&mxsimage_params
);
2327 void init_mxs_image_type(void)