X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=include%2Fimage.h;h=fcfe730204a63e54f9063ad270050e84a0d1d540;hb=784667d7f9452780966dd0b400ef516f14f14c26;hp=2a5b5605756e7bfb556cd7d9862936b6ea33d02d;hpb=ebe621d5fb2f5c15aff50e0610372f2751fd152f;p=people%2Fms%2Fu-boot.git diff --git a/include/image.h b/include/image.h index 2a5b560575..fcfe730204 100644 --- a/include/image.h +++ b/include/image.h @@ -29,6 +29,9 @@ struct lmb; #define IMAGE_ENABLE_FIT 1 #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ +#define CONFIG_FIT_ENABLE_SHA256_SUPPORT +#define CONFIG_SHA1 +#define CONFIG_SHA256 #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" @@ -62,25 +65,13 @@ struct lmb; # ifdef CONFIG_SPL_SHA1_SUPPORT # define IMAGE_ENABLE_SHA1 1 # endif -# ifdef CONFIG_SPL_SHA256_SUPPORT -# define IMAGE_ENABLE_SHA256 1 -# endif # else # define CONFIG_CRC32 /* FIT images need CRC32 support */ -# define CONFIG_MD5 /* and MD5 */ -# define CONFIG_SHA1 /* and SHA1 */ -# define CONFIG_SHA256 /* and SHA256 */ # define IMAGE_ENABLE_CRC32 1 # define IMAGE_ENABLE_MD5 1 # define IMAGE_ENABLE_SHA1 1 -# define IMAGE_ENABLE_SHA256 1 # endif -#ifdef CONFIG_FIT_DISABLE_SHA256 -#undef CONFIG_SHA256 -#undef IMAGE_ENABLE_SHA256 -#endif - #ifndef IMAGE_ENABLE_CRC32 #define IMAGE_ENABLE_CRC32 0 #endif @@ -93,18 +84,15 @@ struct lmb; #define IMAGE_ENABLE_SHA1 0 #endif -#ifndef IMAGE_ENABLE_SHA256 +#if defined(CONFIG_FIT_ENABLE_SHA256_SUPPORT) || \ + defined(CONFIG_SPL_SHA256_SUPPORT) +#define IMAGE_ENABLE_SHA256 1 +#else #define IMAGE_ENABLE_SHA256 0 #endif #endif /* IMAGE_ENABLE_FIT */ -#ifdef CONFIG_SYS_BOOT_RAMDISK_HIGH -# define IMAGE_ENABLE_RAMDISK_HIGH 1 -#else -# define IMAGE_ENABLE_RAMDISK_HIGH 0 -#endif - #ifdef CONFIG_SYS_BOOT_GET_CMDLINE # define IMAGE_BOOT_GET_CMDLINE 1 #else @@ -134,6 +122,9 @@ enum ih_category { /* * Operating System Codes + * + * The following are exposed to uImage header. + * Do not change values for backward compatibility. */ enum { IH_OS_INVALID = 0, /* Invalid OS */ @@ -167,6 +158,9 @@ enum { /* * CPU Architecture Codes (supported by Linux) + * + * The following are exposed to uImage header. + * Do not change values for backward compatibility. */ enum { IH_ARCH_INVALID = 0, /* Invalid CPU */ @@ -182,6 +176,7 @@ enum { IH_ARCH_SPARC, /* Sparc */ IH_ARCH_SPARC64, /* Sparc 64 Bit */ IH_ARCH_M68K, /* M68K */ + IH_ARCH_NIOS, /* Nios-32 */ IH_ARCH_MICROBLAZE, /* MicroBlaze */ IH_ARCH_NIOS2, /* Nios-II */ IH_ARCH_BLACKFIN, /* Blackfin */ @@ -193,6 +188,7 @@ enum { IH_ARCH_ARM64, /* ARM64 */ IH_ARCH_ARC, /* Synopsys DesignWare ARC */ IH_ARCH_X86_64, /* AMD x86_64, Intel and Via */ + IH_ARCH_XTENSA, /* Xtensa */ IH_ARCH_COUNT, }; @@ -234,6 +230,9 @@ enum { * U-Boot's command interpreter; this feature is especially * useful when you configure U-Boot to use a real shell (hush) * as command interpreter (=> Shell Scripts). + * + * The following are exposed to uImage header. + * Do not change values for backward compatibility. */ enum { @@ -267,12 +266,18 @@ enum { IH_TYPE_ZYNQIMAGE, /* Xilinx Zynq Boot Image */ IH_TYPE_ZYNQMPIMAGE, /* Xilinx ZynqMP Boot Image */ IH_TYPE_FPGA, /* FPGA Image */ + IH_TYPE_VYBRIDIMAGE, /* VYBRID .vyb Image */ + IH_TYPE_TEE, /* Trusted Execution Environment OS Image */ + IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */ IH_TYPE_COUNT, /* Number of image types */ }; /* * Compression Types + * + * The following are exposed to uImage header. + * Do not change values for backward compatibility. */ enum { IH_COMP_NONE = 0, /* No Compression Used */ @@ -780,7 +785,8 @@ static inline int image_check_type(const image_header_t *hdr, uint8_t type) } static inline int image_check_arch(const image_header_t *hdr, uint8_t arch) { - return (image_get_arch(hdr) == arch); + return (image_get_arch(hdr) == arch) || + (image_get_arch(hdr) == IH_ARCH_ARM && arch == IH_ARCH_ARM64); } static inline int image_check_os(const image_header_t *hdr, uint8_t os) { @@ -855,6 +861,8 @@ int bootz_setup(ulong image, ulong *start, ulong *end); /* image node */ #define FIT_DATA_PROP "data" +#define FIT_DATA_OFFSET_PROP "data-offset" +#define FIT_DATA_SIZE_PROP "data-size" #define FIT_TIMESTAMP_PROP "timestamp" #define FIT_DESC_PROP "description" #define FIT_ARCH_PROP "arch" @@ -933,6 +941,8 @@ int fit_image_get_load(const void *fit, int noffset, ulong *load); int fit_image_get_entry(const void *fit, int noffset, ulong *entry); int fit_image_get_data(const void *fit, int noffset, const void **data, size_t *size); +int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset); +int fit_image_get_data_size(const void *fit, int noffset, int *data_size); int fit_image_hash_get_algo(const void *fit, int noffset, char **algo); int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, @@ -948,6 +958,7 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp); * @fit: Pointer to the FIT format image header * @comment: Comment to add to signature nodes * @require_keys: Mark all keys as 'required' + * @engine_id: Engine to use for signing * * Adds hash values for all component images in the FIT blob. * Hashes are calculated for all component images which have hash subnodes @@ -960,7 +971,8 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp); * libfdt error code, on failure */ int fit_add_verification_data(const char *keydir, void *keydest, void *fit, - const char *comment, int require_keys); + const char *comment, int require_keys, + const char *engine_id); int fit_image_verify(const void *fit, int noffset); int fit_config_verify(const void *fit, int conf_noffset); @@ -1034,10 +1046,13 @@ struct image_sign_info { const char *keyname; /* Name of key to use */ void *fit; /* Pointer to FIT blob */ int node_offset; /* Offset of signature node */ - struct image_sig_algo *algo; /* Algorithm information */ + const char *name; /* Algorithm name */ + struct checksum_algo *checksum; /* Checksum algorithm information */ + struct crypto_algo *crypto; /* Crypto algorithm information */ const void *fdt_blob; /* FDT containing public keys */ int required_keynode; /* Node offset of key to use: -1=any */ const char *require_keys; /* Value for 'required' property */ + const char *engine_id; /* Engine to use for signing */ }; #endif /* Allow struct image_region to always be defined for rsa.h */ @@ -1055,18 +1070,19 @@ struct image_region { struct checksum_algo { const char *name; const int checksum_len; - const int pad_len; + const int der_len; + const uint8_t *der_prefix; #if IMAGE_ENABLE_SIGN const EVP_MD *(*calculate_sign)(void); #endif int (*calculate)(const char *name, const struct image_region region[], int region_count, uint8_t *checksum); - const uint8_t *rsa_padding; }; -struct image_sig_algo { +struct crypto_algo { const char *name; /* Name of algorithm */ + const int key_len; /** * sign() - calculate and return signature for given input data @@ -1115,18 +1131,23 @@ struct image_sig_algo { int (*verify)(struct image_sign_info *info, const struct image_region region[], int region_count, uint8_t *sig, uint sig_len); - - /* pointer to checksum algorithm */ - struct checksum_algo *checksum; }; /** - * image_get_sig_algo() - Look up a signature algortihm + * image_get_checksum_algo() - Look up a checksum algorithm + * + * @param full_name Name of algorithm in the form "checksum,crypto" + * @return pointer to algorithm information, or NULL if not found + */ +struct checksum_algo *image_get_checksum_algo(const char *full_name); + +/** + * image_get_crypto_algo() - Look up a cryptosystem algorithm * - * @param name Name of algorithm + * @param full_name Name of algorithm in the form "checksum,crypto" * @return pointer to algorithm information, or NULL if not found */ -struct image_sig_algo *image_get_sig_algo(const char *name); +struct crypto_algo *image_get_crypto_algo(const char *full_name); /** * fit_image_verify_required_sigs() - Verify signatures marked as 'required' @@ -1231,7 +1252,8 @@ void android_print_contents(const struct andr_img_hdr *hdr); */ int board_fit_config_name_match(const char *name); -#ifdef CONFIG_SPL_FIT_IMAGE_POST_PROCESS +#if defined(CONFIG_SPL_FIT_IMAGE_POST_PROCESS) || \ + defined(CONFIG_FIT_IMAGE_POST_PROCESS) /** * board_fit_image_post_process() - Do any post-process on FIT binary data * @@ -1248,4 +1270,34 @@ int board_fit_config_name_match(const char *name); void board_fit_image_post_process(void **p_image, size_t *p_size); #endif /* CONFIG_SPL_FIT_IMAGE_POST_PROCESS */ +/** + * Mapping of image types to function handlers to be invoked on the associated + * loaded images + * + * @type: Type of image, I.E. IH_TYPE_* + * @handler: Function to call on loaded image + */ +struct fit_loadable_tbl { + int type; + /** + * handler() - Process a loaded image + * + * @data: Pointer to start of loaded image data + * @size: Size of loaded image data + */ + void (*handler)(ulong data, size_t size); +}; + +/* + * Define a FIT loadable image type handler + * + * _type is a valid uimage_type ID as defined in the "Image Type" enum above + * _handler is the handler function to call after this image type is loaded + */ +#define U_BOOT_FIT_LOADABLE_HANDLER(_type, _handler) \ + ll_entry_declare(struct fit_loadable_tbl, _function, fit_loadable) = { \ + .type = _type, \ + .handler = _handler, \ + } + #endif /* __IMAGE_H__ */