]> git.ipfire.org Git - people/ms/u-boot.git/blob - tools/mkimage.c
projects / people / ms / u-boot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mkimage: Add support for signing with pkcs11
[people/ms/u-boot.git] / tools / mkimage.c
1 /*
2 * (C) Copyright 2008 Semihalf
3 *
4 * (C) Copyright 2000-2009
5 * DENX Software Engineering
6 * Wolfgang Denk, wd@denx.de
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 */
10
11 #include "mkimage.h"
12 #include "imximage.h"
13 #include <image.h>
14 #include <version.h>
15
16 static void copy_file(int, const char *, int);
17
18 /* parameters initialized by core will be used by the image type code */
19 static struct image_tool_params params = {
20 .os = IH_OS_LINUX,
21 .arch = IH_ARCH_PPC,
22 .type = IH_TYPE_KERNEL,
23 .comp = IH_COMP_GZIP,
24 .dtc = MKIMAGE_DEFAULT_DTC_OPTIONS,
25 .imagename = "",
26 .imagename2 = "",
27 };
28
29 static enum ih_category cur_category;
30
31 static int h_compare_category_name(const void *vtype1, const void *vtype2)
32 {
33 const int *type1 = vtype1;
34 const int *type2 = vtype2;
35 const char *name1 = genimg_get_cat_short_name(cur_category, *type1);
36 const char *name2 = genimg_get_cat_short_name(cur_category, *type2);
37
38 return strcmp(name1, name2);
39 }
40
41 static int show_valid_options(enum ih_category category)
42 {
43 int *order;
44 int count;
45 int item;
46 int i;
47
48 count = genimg_get_cat_count(category);
49 order = calloc(count, sizeof(*order));
50 if (!order)
51 return -ENOMEM;
52
53 /* Sort the names in order of short name for easier reading */
54 for (item = 0; item < count; item++)
55 order[item] = item;
56 cur_category = category;
57 qsort(order, count, sizeof(int), h_compare_category_name);
58
59 fprintf(stderr, "\nInvalid %s, supported are:\n",
60 genimg_get_cat_desc(category));
61 for (i = 0; i < count; i++) {
62 item = order[i];
63 fprintf(stderr, "\t%-15s %s\n",
64 genimg_get_cat_short_name(category, item),
65 genimg_get_cat_name(category, item));
66 }
67 fprintf(stderr, "\n");
68 free(order);
69
70 return 0;
71 }
72
73 static void usage(const char *msg)
74 {
75 fprintf(stderr, "Error: %s\n", msg);
76 fprintf(stderr, "Usage: %s -l image\n"
77 " -l ==> list image header information\n",
78 params.cmdname);
79 fprintf(stderr,
80 " %s [-x] -A arch -O os -T type -C comp -a addr -e ep -n name -d data_file[:data_file...] image\n"
81 " -A ==> set architecture to 'arch'\n"
82 " -O ==> set operating system to 'os'\n"
83 " -T ==> set image type to 'type'\n"
84 " -C ==> set compression type 'comp'\n"
85 " -a ==> set load address to 'addr' (hex)\n"
86 " -e ==> set entry point to 'ep' (hex)\n"
87 " -n ==> set image name to 'name'\n"
88 " -d ==> use image data from 'datafile'\n"
89 " -x ==> set XIP (execute in place)\n",
90 params.cmdname);
91 fprintf(stderr,
92 " %s [-D dtc_options] [-f fit-image.its|-f auto|-F] [-b <dtb> [-b <dtb>]] [-i <ramdisk.cpio.gz>] fit-image\n"
93 " <dtb> file is used with -f auto, it may occur multiple times.\n",
94 params.cmdname);
95 fprintf(stderr,
96 " -D => set all options for device tree compiler\n"
97 " -f => input filename for FIT source\n"
98 " -i => input filename for ramdisk file\n");
99 #ifdef CONFIG_FIT_SIGNATURE
100 fprintf(stderr,
101 "Signing / verified boot options: [-E] [-k keydir] [-K dtb] [ -c <comment>] [-p addr] [-r] [-N engine]\n"
102 " -E => place data outside of the FIT structure\n"
103 " -k => set directory containing private keys\n"
104 " -K => write public keys to this .dtb file\n"
105 " -c => add comment in signature node\n"
106 " -F => re-sign existing FIT image\n"
107 " -p => place external data at a static position\n"
108 " -r => mark keys used as 'required' in dtb\n"
109 " -N => engine to use for signing (pkcs11)\n");
110 #else
111 fprintf(stderr,
112 "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");
113 #endif
114 fprintf(stderr, " %s -V ==> print version information and exit\n",
115 params.cmdname);
116 fprintf(stderr, "Use -T to see a list of available image types\n");
117
118 exit(EXIT_FAILURE);
119 }
120
121 static int add_content(int type, const char *fname)
122 {
123 struct content_info *cont;
124
125 cont = calloc(1, sizeof(*cont));
126 if (!cont)
127 return -1;
128 cont->type = type;
129 cont->fname = fname;
130 if (params.content_tail)
131 params.content_tail->next = cont;
132 else
133 params.content_head = cont;
134 params.content_tail = cont;
135
136 return 0;
137 }
138
139 static void process_args(int argc, char **argv)
140 {
141 char *ptr;
142 int type = IH_TYPE_INVALID;
143 char *datafile = NULL;
144 int opt;
145
146 while ((opt = getopt(argc, argv,
147 "a:A:b:c:C:d:D:e:Ef:Fk:i:K:ln:N:p:O:rR:qsT:vVx")) != -1) {
148 switch (opt) {
149 case 'a':
150 params.addr = strtoull(optarg, &ptr, 16);
151 if (*ptr) {
152 fprintf(stderr, "%s: invalid load address %s\n",
153 params.cmdname, optarg);
154 exit(EXIT_FAILURE);
155 }
156 break;
157 case 'A':
158 params.arch = genimg_get_arch_id(optarg);
159 if (params.arch < 0) {
160 show_valid_options(IH_ARCH);
161 usage("Invalid architecture");
162 }
163 break;
164 case 'b':
165 if (add_content(IH_TYPE_FLATDT, optarg)) {
166 fprintf(stderr,
167 "%s: Out of memory adding content '%s'",
168 params.cmdname, optarg);
169 exit(EXIT_FAILURE);
170 }
171 break;
172 case 'c':
173 params.comment = optarg;
174 break;
175 case 'C':
176 params.comp = genimg_get_comp_id(optarg);
177 if (params.comp < 0) {
178 show_valid_options(IH_COMP);
179 usage("Invalid compression type");
180 }
181 break;
182 case 'd':
183 params.datafile = optarg;
184 params.dflag = 1;
185 break;
186 case 'D':
187 params.dtc = optarg;
188 break;
189 case 'e':
190 params.ep = strtoull(optarg, &ptr, 16);
191 if (*ptr) {
192 fprintf(stderr, "%s: invalid entry point %s\n",
193 params.cmdname, optarg);
194 exit(EXIT_FAILURE);
195 }
196 params.eflag = 1;
197 break;
198 case 'E':
199 params.external_data = true;
200 break;
201 case 'f':
202 datafile = optarg;
203 params.auto_its = !strcmp(datafile, "auto");
204 /* no break */
205 case 'F':
206 /*
207 * The flattened image tree (FIT) format
208 * requires a flattened device tree image type
209 */
210 params.type = IH_TYPE_FLATDT;
211 params.fflag = 1;
212 break;
213 case 'i':
214 params.fit_ramdisk = optarg;
215 break;
216 case 'k':
217 params.keydir = optarg;
218 break;
219 case 'K':
220 params.keydest = optarg;
221 break;
222 case 'l':
223 params.lflag = 1;
224 break;
225 case 'n':
226 params.imagename = optarg;
227 break;
228 case 'N':
229 params.engine_id = optarg;
230 break;
231 case 'O':
232 params.os = genimg_get_os_id(optarg);
233 if (params.os < 0) {
234 show_valid_options(IH_OS);
235 usage("Invalid operating system");
236 }
237 break;
238 case 'p':
239 params.external_offset = strtoull(optarg, &ptr, 16);
240 if (*ptr) {
241 fprintf(stderr, "%s: invalid offset size %s\n",
242 params.cmdname, optarg);
243 exit(EXIT_FAILURE);
244 }
245 break;
246 case 'q':
247 params.quiet = 1;
248 break;
249 case 'r':
250 params.require_keys = 1;
251 break;
252 case 'R':
253 /*
254 * This entry is for the second configuration
255 * file, if only one is not enough.
256 */
257 params.imagename2 = optarg;
258 break;
259 case 's':
260 params.skipcpy = 1;
261 break;
262 case 'T':
263 type = genimg_get_type_id(optarg);
264 if (type < 0) {
265 show_valid_options(IH_TYPE);
266 usage("Invalid image type");
267 }
268 break;
269 case 'v':
270 params.vflag++;
271 break;
272 case 'V':
273 printf("mkimage version %s\n", PLAIN_VERSION);
274 exit(EXIT_SUCCESS);
275 case 'x':
276 params.xflag++;
277 break;
278 default:
279 usage("Invalid option");
280 }
281 }
282
283 /* The last parameter is expected to be the imagefile */
284 if (optind < argc)
285 params.imagefile = argv[optind];
286
287 /*
288 * For auto-generated FIT images we need to know the image type to put
289 * in the FIT, which is separate from the file's image type (which
290 * will always be IH_TYPE_FLATDT in this case).
291 */
292 if (params.type == IH_TYPE_FLATDT) {
293 params.fit_image_type = type ? type : IH_TYPE_KERNEL;
294 /* For auto_its, datafile is always 'auto' */
295 if (!params.auto_its)
296 params.datafile = datafile;
297 else if (!params.datafile)
298 usage("Missing data file for auto-FIT (use -d)");
299 } else if (type != IH_TYPE_INVALID) {
300 params.type = type;
301 }
302
303 if (!params.imagefile)
304 usage("Missing output filename");
305 }
306
307 int main(int argc, char **argv)
308 {
309 int ifd = -1;
310 struct stat sbuf;
311 char *ptr;
312 int retval = 0;
313 struct image_type_params *tparams = NULL;
314 int pad_len = 0;
315 int dfd;
316
317 params.cmdname = *argv;
318 params.addr = 0;
319 params.ep = 0;
320
321 process_args(argc, argv);
322
323 /* set tparams as per input type_id */
324 tparams = imagetool_get_type(params.type);
325 if (tparams == NULL) {
326 fprintf (stderr, "%s: unsupported type %s\n",
327 params.cmdname, genimg_get_type_name(params.type));
328 exit (EXIT_FAILURE);
329 }
330
331 /*
332 * check the passed arguments parameters meets the requirements
333 * as per image type to be generated/listed
334 */
335 if (tparams->check_params)
336 if (tparams->check_params (&params))
337 usage("Bad parameters for image type");
338
339 if (!params.eflag) {
340 params.ep = params.addr;
341 /* If XIP, entry point must be after the U-Boot header */
342 if (params.xflag)
343 params.ep += tparams->header_size;
344 }
345
346 if (params.fflag){
347 if (tparams->fflag_handle)
348 /*
349 * in some cases, some additional processing needs
350 * to be done if fflag is defined
351 *
352 * For ex. fit_handle_file for Fit file support
353 */
354 retval = tparams->fflag_handle(&params);
355
356 if (retval != EXIT_SUCCESS)
357 exit (retval);
358 }
359
360 if (params.lflag || params.fflag) {
361 ifd = open (params.imagefile, O_RDONLY|O_BINARY);
362 } else {
363 ifd = open (params.imagefile,
364 O_RDWR|O_CREAT|O_TRUNC|O_BINARY, 0666);
365 }
366
367 if (ifd < 0) {
368 fprintf (stderr, "%s: Can't open %s: %s\n",
369 params.cmdname, params.imagefile,
370 strerror(errno));
371 exit (EXIT_FAILURE);
372 }
373
374 if (params.lflag || params.fflag) {
375 /*
376 * list header information of existing image
377 */
378 if (fstat(ifd, &sbuf) < 0) {
379 fprintf (stderr, "%s: Can't stat %s: %s\n",
380 params.cmdname, params.imagefile,
381 strerror(errno));
382 exit (EXIT_FAILURE);
383 }
384
385 if ((unsigned)sbuf.st_size < tparams->header_size) {
386 fprintf (stderr,
387 "%s: Bad size: \"%s\" is not valid image\n",
388 params.cmdname, params.imagefile);
389 exit (EXIT_FAILURE);
390 }
391
392 ptr = mmap(0, sbuf.st_size, PROT_READ, MAP_SHARED, ifd, 0);
393 if (ptr == MAP_FAILED) {
394 fprintf (stderr, "%s: Can't read %s: %s\n",
395 params.cmdname, params.imagefile,
396 strerror(errno));
397 exit (EXIT_FAILURE);
398 }
399
400 /*
401 * scan through mkimage registry for all supported image types
402 * and verify the input image file header for match
403 * Print the image information for matched image type
404 * Returns the error code if not matched
405 */
406 retval = imagetool_verify_print_header(ptr, &sbuf,
407 tparams, &params);
408
409 (void) munmap((void *)ptr, sbuf.st_size);
410 (void) close (ifd);
411
412 exit (retval);
413 }
414
415 if ((params.type != IH_TYPE_MULTI) && (params.type != IH_TYPE_SCRIPT)) {
416 dfd = open(params.datafile, O_RDONLY | O_BINARY);
417 if (dfd < 0) {
418 fprintf(stderr, "%s: Can't open %s: %s\n",
419 params.cmdname, params.datafile,
420 strerror(errno));
421 exit(EXIT_FAILURE);
422 }
423
424 if (fstat(dfd, &sbuf) < 0) {
425 fprintf(stderr, "%s: Can't stat %s: %s\n",
426 params.cmdname, params.datafile,
427 strerror(errno));
428 exit(EXIT_FAILURE);
429 }
430
431 params.file_size = sbuf.st_size + tparams->header_size;
432 close(dfd);
433 }
434
435 /*
436 * In case there an header with a variable
437 * length will be added, the corresponding
438 * function is called. This is responsible to
439 * allocate memory for the header itself.
440 */
441 if (tparams->vrec_header)
442 pad_len = tparams->vrec_header(&params, tparams);
443 else
444 memset(tparams->hdr, 0, tparams->header_size);
445
446 if (write(ifd, tparams->hdr, tparams->header_size)
447 != tparams->header_size) {
448 fprintf (stderr, "%s: Write error on %s: %s\n",
449 params.cmdname, params.imagefile, strerror(errno));
450 exit (EXIT_FAILURE);
451 }
452
453 if (!params.skipcpy) {
454 if (params.type == IH_TYPE_MULTI ||
455 params.type == IH_TYPE_SCRIPT) {
456 char *file = params.datafile;
457 uint32_t size;
458
459 for (;;) {
460 char *sep = NULL;
461
462 if (file) {
463 if ((sep = strchr(file, ':')) != NULL) {
464 *sep = '\0';
465 }
466
467 if (stat (file, &sbuf) < 0) {
468 fprintf (stderr, "%s: Can't stat %s: %s\n",
469 params.cmdname, file, strerror(errno));
470 exit (EXIT_FAILURE);
471 }
472 size = cpu_to_uimage (sbuf.st_size);
473 } else {
474 size = 0;
475 }
476
477 if (write(ifd, (char *)&size, sizeof(size)) != sizeof(size)) {
478 fprintf (stderr, "%s: Write error on %s: %s\n",
479 params.cmdname, params.imagefile,
480 strerror(errno));
481 exit (EXIT_FAILURE);
482 }
483
484 if (!file) {
485 break;
486 }
487
488 if (sep) {
489 *sep = ':';
490 file = sep + 1;
491 } else {
492 file = NULL;
493 }
494 }
495
496 file = params.datafile;
497
498 for (;;) {
499 char *sep = strchr(file, ':');
500 if (sep) {
501 *sep = '\0';
502 copy_file (ifd, file, 1);
503 *sep++ = ':';
504 file = sep;
505 } else {
506 copy_file (ifd, file, 0);
507 break;
508 }
509 }
510 } else if (params.type == IH_TYPE_PBLIMAGE) {
511 /* PBL has special Image format, implements its' own */
512 pbl_load_uboot(ifd, &params);
513 } else {
514 copy_file(ifd, params.datafile, pad_len);
515 }
516 if (params.type == IH_TYPE_FIRMWARE_IVT) {
517 /* Add alignment and IVT */
518 uint32_t aligned_filesize = (params.file_size + 0x1000
519 - 1) & ~(0x1000 - 1);
520 flash_header_v2_t ivt_header = { { 0xd1, 0x2000, 0x40 },
521 params.addr, 0, 0, 0, params.addr
522 + aligned_filesize
523 - tparams->header_size,
524 params.addr + aligned_filesize
525 - tparams->header_size
526 + 0x20, 0 };
527 int i = params.file_size;
528 for (; i < aligned_filesize; i++) {
529 if (write(ifd, &i, 1) != 1) {
530 fprintf(stderr,
531 "%s: Write error on %s: %s\n",
532 params.cmdname,
533 params.imagefile,
534 strerror(errno));
535 exit(EXIT_FAILURE);
536 }
537 }
538 if (write(ifd, &ivt_header, sizeof(flash_header_v2_t))
539 != sizeof(flash_header_v2_t)) {
540 fprintf(stderr, "%s: Write error on %s: %s\n",
541 params.cmdname,
542 params.imagefile,
543 strerror(errno));
544 exit(EXIT_FAILURE);
545 }
546 }
547 }
548
549 /* We're a bit of paranoid */
550 #if defined(_POSIX_SYNCHRONIZED_IO) && \
551 !defined(__sun__) && \
552 !defined(__FreeBSD__) && \
553 !defined(__OpenBSD__) && \
554 !defined(__APPLE__)
555 (void) fdatasync (ifd);
556 #else
557 (void) fsync (ifd);
558 #endif
559
560 if (fstat(ifd, &sbuf) < 0) {
561 fprintf (stderr, "%s: Can't stat %s: %s\n",
562 params.cmdname, params.imagefile, strerror(errno));
563 exit (EXIT_FAILURE);
564 }
565 params.file_size = sbuf.st_size;
566
567 ptr = mmap(0, sbuf.st_size, PROT_READ|PROT_WRITE, MAP_SHARED, ifd, 0);
568 if (ptr == MAP_FAILED) {
569 fprintf (stderr, "%s: Can't map %s: %s\n",
570 params.cmdname, params.imagefile, strerror(errno));
571 exit (EXIT_FAILURE);
572 }
573
574 /* Setup the image header as per input image type*/
575 if (tparams->set_header)
576 tparams->set_header (ptr, &sbuf, ifd, &params);
577 else {
578 fprintf (stderr, "%s: Can't set header for %s: %s\n",
579 params.cmdname, tparams->name, strerror(errno));
580 exit (EXIT_FAILURE);
581 }
582
583 /* Print the image information by processing image header */
584 if (tparams->print_header)
585 tparams->print_header (ptr);
586 else {
587 fprintf (stderr, "%s: Can't print header for %s: %s\n",
588 params.cmdname, tparams->name, strerror(errno));
589 exit (EXIT_FAILURE);
590 }
591
592 (void) munmap((void *)ptr, sbuf.st_size);
593
594 /* We're a bit of paranoid */
595 #if defined(_POSIX_SYNCHRONIZED_IO) && \
596 !defined(__sun__) && \
597 !defined(__FreeBSD__) && \
598 !defined(__OpenBSD__) && \
599 !defined(__APPLE__)
600 (void) fdatasync (ifd);
601 #else
602 (void) fsync (ifd);
603 #endif
604
605 if (close(ifd)) {
606 fprintf (stderr, "%s: Write error on %s: %s\n",
607 params.cmdname, params.imagefile, strerror(errno));
608 exit (EXIT_FAILURE);
609 }
610
611 exit (EXIT_SUCCESS);
612 }
613
614 static void
615 copy_file (int ifd, const char *datafile, int pad)
616 {
617 int dfd;
618 struct stat sbuf;
619 unsigned char *ptr;
620 int tail;
621 int zero = 0;
622 uint8_t zeros[4096];
623 int offset = 0;
624 int size;
625 struct image_type_params *tparams = imagetool_get_type(params.type);
626
627 memset(zeros, 0, sizeof(zeros));
628
629 if (params.vflag) {
630 fprintf (stderr, "Adding Image %s\n", datafile);
631 }
632
633 if ((dfd = open(datafile, O_RDONLY|O_BINARY)) < 0) {
634 fprintf (stderr, "%s: Can't open %s: %s\n",
635 params.cmdname, datafile, strerror(errno));
636 exit (EXIT_FAILURE);
637 }
638
639 if (fstat(dfd, &sbuf) < 0) {
640 fprintf (stderr, "%s: Can't stat %s: %s\n",
641 params.cmdname, datafile, strerror(errno));
642 exit (EXIT_FAILURE);
643 }
644
645 ptr = mmap(0, sbuf.st_size, PROT_READ, MAP_SHARED, dfd, 0);
646 if (ptr == MAP_FAILED) {
647 fprintf (stderr, "%s: Can't read %s: %s\n",
648 params.cmdname, datafile, strerror(errno));
649 exit (EXIT_FAILURE);
650 }
651
652 if (params.xflag) {
653 unsigned char *p = NULL;
654 /*
655 * XIP: do not append the image_header_t at the
656 * beginning of the file, but consume the space
657 * reserved for it.
658 */
659
660 if ((unsigned)sbuf.st_size < tparams->header_size) {
661 fprintf (stderr,
662 "%s: Bad size: \"%s\" is too small for XIP\n",
663 params.cmdname, datafile);
664 exit (EXIT_FAILURE);
665 }
666
667 for (p = ptr; p < ptr + tparams->header_size; p++) {
668 if ( *p != 0xff ) {
669 fprintf (stderr,
670 "%s: Bad file: \"%s\" has invalid buffer for XIP\n",
671 params.cmdname, datafile);
672 exit (EXIT_FAILURE);
673 }
674 }
675
676 offset = tparams->header_size;
677 }
678
679 size = sbuf.st_size - offset;
680 if (write(ifd, ptr + offset, size) != size) {
681 fprintf (stderr, "%s: Write error on %s: %s\n",
682 params.cmdname, params.imagefile, strerror(errno));
683 exit (EXIT_FAILURE);
684 }
685
686 tail = size % 4;
687 if ((pad == 1) && (tail != 0)) {
688
689 if (write(ifd, (char *)&zero, 4-tail) != 4-tail) {
690 fprintf (stderr, "%s: Write error on %s: %s\n",
691 params.cmdname, params.imagefile,
692 strerror(errno));
693 exit (EXIT_FAILURE);
694 }
695 } else if (pad > 1) {
696 while (pad > 0) {
697 int todo = sizeof(zeros);
698
699 if (todo > pad)
700 todo = pad;
701 if (write(ifd, (char *)&zeros, todo) != todo) {
702 fprintf(stderr, "%s: Write error on %s: %s\n",
703 params.cmdname, params.imagefile,
704 strerror(errno));
705 exit(EXIT_FAILURE);
706 }
707 pad -= todo;
708 }
709 }
710
711 (void) munmap((void *)ptr, sbuf.st_size);
712 (void) close (dfd);
713 }
"Das U-Boot" Source Tree