From bc71f926e35be8af1a9491ea0332871881c7eda5 Mon Sep 17 00:00:00 2001 From: Aneesh Bansal Date: Tue, 8 Dec 2015 14:14:12 +0530 Subject: SECURE BOOT: change prototype of fsl_secboot_validate function The prototype and defination of function fsl_secboot_validate has been changed to support calling this function from another function within u-boot. Only two aruments needed: 1) header address - Mandatory 2) SHA256 string - optional Signed-off-by: Saksham Jain Signed-off-by: Aneesh Bansal Acked-by: Ruchika Gupta Reviewed-by: York Sun --- board/freescale/common/cmd_esbc_validate.c | 17 ++++++++++++++++- board/freescale/common/fsl_validate.c | 18 +++++++----------- include/fsl_validate.h | 5 ++--- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c index 8bbe85b..ae6a9af 100644 --- a/board/freescale/common/cmd_esbc_validate.c +++ b/board/freescale/common/cmd_esbc_validate.c @@ -21,10 +21,25 @@ loop: static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { + char *hash_str = NULL; + ulong haddr; + int ret; + if (argc < 2) return cmd_usage(cmdtp); + else if (argc > 2) + /* Second arg - Optional - Hash Str*/ + hash_str = argv[2]; + + /* First argument - header address -32/64bit */ + haddr = simple_strtoul(argv[1], NULL, 16); - return fsl_secboot_validate(cmdtp, flag, argc, argv); + ret = fsl_secboot_validate(haddr, hash_str); + if (ret) + return 1; + + printf("esbc_validate command successful\n"); + return 0; } /***************************************************/ diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c index b510c71..282ce53 100644 --- a/board/freescale/common/fsl_validate.c +++ b/board/freescale/common/fsl_validate.c @@ -699,13 +699,11 @@ static inline int str2longbe(const char *p, ulong *num) return *p != '\0' && *endptr == '\0'; } -int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]) +int fsl_secboot_validate(ulong haddr, char *arg_hash_str) { struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); ulong hash[SHA256_BYTES/sizeof(ulong)]; char hash_str[NUM_HEX_CHARS + 1]; - ulong addr = simple_strtoul(argv[1], NULL, 16); struct fsl_secboot_img_priv *img; struct fsl_secboot_img_hdr *hdr; void *esbc; @@ -717,8 +715,8 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, struct udevice *mod_exp_dev; #endif - if (argc == 3) { - char *cp = argv[2]; + if (arg_hash_str != NULL) { + const char *cp = arg_hash_str; int i = 0; if (*cp == '0' && *(cp + 1) == 'x') @@ -731,7 +729,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, */ if (strlen(cp) != SHA256_NIBBLES) { printf("%s is not a 256 bits hex string as expected\n", - argv[2]); + arg_hash_str); return -1; } @@ -741,7 +739,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, hash_str[NUM_HEX_CHARS] = '\0'; if (!str2longbe(hash_str, &hash[i])) { printf("%s is not a 256 bits hex string ", - argv[2]); + arg_hash_str); return -1; } } @@ -757,7 +755,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, memset(img, 0, sizeof(struct fsl_secboot_img_priv)); hdr = &img->hdr; - img->ehdrloc = addr; + img->ehdrloc = haddr; esbc = (u8 *)(uintptr_t)img->ehdrloc; memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); @@ -843,8 +841,6 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, goto exit; } - printf("esbc_validate command successful\n"); - exit: - return 0; + return ret; } diff --git a/include/fsl_validate.h b/include/fsl_validate.h index a62dc74..bda802f 100644 --- a/include/fsl_validate.h +++ b/include/fsl_validate.h @@ -193,11 +193,10 @@ struct fsl_secboot_img_priv { */ struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ - u32 ehdrloc; /* ESBC client location */ + ulong ehdrloc; /* ESBC client location */ }; -int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]); +int fsl_secboot_validate(ulong haddr, char *arg_hash_str); int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, -- cgit v1.1