diff options
author | Aneesh Bansal <aneesh.bansal@freescale.com> | 2015-12-08 14:14:15 +0530 |
---|---|---|
committer | York Sun <york.sun@nxp.com> | 2016-01-25 08:24:16 -0800 |
commit | b055a0fd867b11e40944b3414026d37ea00e0840 (patch) | |
tree | cb0f6e9a68c69aad67f0175387267d158e5f69db | |
parent | 6629261ddd9d78c3cd8193b05c00a2a9bdc74796 (diff) | |
download | u-boot-imx-b055a0fd867b11e40944b3414026d37ea00e0840.zip u-boot-imx-b055a0fd867b11e40944b3414026d37ea00e0840.tar.gz u-boot-imx-b055a0fd867b11e40944b3414026d37ea00e0840.tar.bz2 |
SECURE BOOT: support for validation of dynamic image
Some images to be validated are relocated to a dynamic
address at run time. So, these addresses cannot be known
befor hand while signing the images and creating the header
offline.
So, support is required to pass the image address to the
validate function as an argument.
If an address is provided to the function, the address
field in Header is not read and is treated as a reserved
field.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
-rw-r--r-- | board/freescale/common/cmd_esbc_validate.c | 10 | ||||
-rw-r--r-- | board/freescale/common/fsl_validate.c | 33 | ||||
-rw-r--r-- | include/fsl_validate.h | 7 |
3 files changed, 32 insertions, 18 deletions
diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c index ae6a9af..ca7c737 100644 --- a/board/freescale/common/cmd_esbc_validate.c +++ b/board/freescale/common/cmd_esbc_validate.c @@ -22,7 +22,7 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { char *hash_str = NULL; - ulong haddr; + uintptr_t haddr; int ret; if (argc < 2) @@ -32,9 +32,13 @@ static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, hash_str = argv[2]; /* First argument - header address -32/64bit */ - haddr = simple_strtoul(argv[1], NULL, 16); + haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); - ret = fsl_secboot_validate(haddr, hash_str); + /* With esbc_validate command, Image address must be + * part of header. So, the function is called + * by passing this argument as 0. + */ + ret = fsl_secboot_validate(haddr, hash_str, 0); if (ret) return 1; diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c index 08a2f79..de40081 100644 --- a/board/freescale/common/fsl_validate.c +++ b/board/freescale/common/fsl_validate.c @@ -536,13 +536,8 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img) return ret; /* Update hash for actual Image */ -#ifdef CONFIG_ESBC_ADDR_64BIT ret = algo->hash_update(algo, ctx, - (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1); -#else - ret = algo->hash_update(algo, ctx, - (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1); -#endif + (u8 *)img->img_addr, img->img_size, 1); if (ret) return ret; @@ -632,16 +627,25 @@ static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) return ERROR_ESBC_CLIENT_HEADER_BARKER; -#ifdef CONFIG_ESBC_ADDR_64BIT - sprintf(buf, "%llx", hdr->pimg64); -#else - sprintf(buf, "%x", hdr->pimg); -#endif + /* If Image Address is not passed as argument to function, + * then Address and Size must be read from the Header. + */ + if (img->img_addr == 0) { + #ifdef CONFIG_ESBC_ADDR_64BIT + img->img_addr = hdr->pimg64; + #else + img->img_addr = hdr->pimg; + #endif + } + + sprintf(buf, "%lx", img->img_addr); setenv("img_addr", buf); if (!hdr->img_size) return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; + img->img_size = hdr->img_size; + /* Key checking*/ #ifdef CONFIG_KEY_REVOCATION if (check_srk(img)) { @@ -774,7 +778,8 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img) return 0; } -int fsl_secboot_validate(ulong haddr, char *arg_hash_str) +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, + uintptr_t img_addr) { struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); ulong hash[SHA256_BYTES/sizeof(ulong)]; @@ -824,9 +829,11 @@ int fsl_secboot_validate(ulong haddr, char *arg_hash_str) memset(img, 0, sizeof(struct fsl_secboot_img_priv)); + /* Update the information in Private Struct */ hdr = &img->hdr; img->ehdrloc = haddr; - esbc = (u8 *)(uintptr_t)img->ehdrloc; + img->img_addr = img_addr; + esbc = (u8 *)img->ehdrloc; memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); diff --git a/include/fsl_validate.h b/include/fsl_validate.h index bda802f..ad14867 100644 --- a/include/fsl_validate.h +++ b/include/fsl_validate.h @@ -193,10 +193,13 @@ struct fsl_secboot_img_priv { */ struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ - ulong ehdrloc; /* ESBC client location */ + uintptr_t ehdrloc; /* ESBC Header location */ + uintptr_t img_addr; /* ESBC Image Location */ + uint32_t img_size; /* ESBC Image Size */ }; -int fsl_secboot_validate(ulong haddr, char *arg_hash_str); +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, + uintptr_t img_loc); int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, |