/* * Freescale i.MX23/i.MX28 SB image generator * * Copyright (C) 2012-2013 Marek Vasut <marex@denx.de> * * SPDX-License-Identifier: GPL-2.0+ */ #ifdef CONFIG_MXS #include <errno.h> #include <fcntl.h> #include <stdio.h> #include <string.h> #include <unistd.h> #include <limits.h> #include <openssl/evp.h> #include "mkimage.h" #include "mxsimage.h" #include <image.h> /* * DCD block * |-Write to address command block * | 0xf00 == 0xf33d * | 0xba2 == 0xb33f * |-ORR address with mask command block * | 0xf00 |= 0x1337 * |-Write to address command block * | 0xba2 == 0xd00d * : */ #define SB_HAB_DCD_WRITE 0xccUL #define SB_HAB_DCD_CHECK 0xcfUL #define SB_HAB_DCD_NOOP 0xc0UL #define SB_HAB_DCD_MASK_BIT (1 << 3) #define SB_HAB_DCD_SET_BIT (1 << 4) /* Addr.n = Value.n */ #define SB_DCD_WRITE \ (SB_HAB_DCD_WRITE << 24) /* Addr.n &= ~Value.n */ #define SB_DCD_ANDC \ ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT) /* Addr.n |= Value.n */ #define SB_DCD_ORR \ ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT) /* (Addr.n & Value.n) == 0 */ #define SB_DCD_CHK_EQZ \ (SB_HAB_DCD_CHECK << 24) /* (Addr.n & Value.n) == Value.n */ #define SB_DCD_CHK_EQ \ ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT) /* (Addr.n & Value.n) != Value.n */ #define SB_DCD_CHK_NEQ \ ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_MASK_BIT) /* (Addr.n & Value.n) != 0 */ #define SB_DCD_CHK_NEZ \ ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT) /* NOP */ #define SB_DCD_NOOP \ (SB_HAB_DCD_NOOP << 24) struct sb_dcd_ctx { struct sb_dcd_ctx *dcd; uint32_t id; /* The DCD block. */ uint32_t *payload; /* Size of the whole DCD block. */ uint32_t size; /* Pointer to previous DCD command block. */ uint32_t *prev_dcd_head; }; /* * IMAGE * |-SECTION * | |-CMD * | |-CMD * | `-CMD * |-SECTION * | |-CMD * : : */ struct sb_cmd_list { char *cmd; size_t len; unsigned int lineno; }; struct sb_cmd_ctx { uint32_t size; struct sb_cmd_ctx *cmd; uint8_t *data; uint32_t length; struct sb_command payload; struct sb_command c_payload; }; struct sb_section_ctx { uint32_t size; /* Section flags */ unsigned int boot:1; struct sb_section_ctx *sect; struct sb_cmd_ctx *cmd_head; struct sb_cmd_ctx *cmd_tail; struct sb_sections_header payload; }; struct sb_image_ctx { unsigned int in_section:1; unsigned int in_dcd:1; /* Image configuration */ unsigned int verbose_boot:1; unsigned int silent_dump:1; char *input_filename; char *output_filename; char *cfg_filename; uint8_t image_key[16]; /* Number of section in the image */ unsigned int sect_count; /* Bootable section */ unsigned int sect_boot; unsigned int sect_boot_found:1; struct sb_section_ctx *sect_head; struct sb_section_ctx *sect_tail; struct sb_dcd_ctx *dcd_head; struct sb_dcd_ctx *dcd_tail; EVP_CIPHER_CTX cipher_ctx; EVP_MD_CTX md_ctx; uint8_t digest[32]; struct sb_key_dictionary_key sb_dict_key; struct sb_boot_image_header payload; }; /* * Instruction semantics: * NOOP * TAG [LAST] * LOAD address file * LOAD IVT address IVT_entry_point * FILL address pattern length * JUMP [HAB] address [r0_arg] * CALL [HAB] address [r0_arg] * MODE mode * For i.MX23, mode = USB/I2C/SPI1_FLASH/SPI2_FLASH/NAND_BCH * JTAG/SPI3_EEPROM/SD_SSP0/SD_SSP1 * For i.MX28, mode = USB/I2C/SPI2_FLASH/SPI3_FLASH/NAND_BCH * JTAG/SPI2_EEPROM/SD_SSP0/SD_SSP1 */ /* * AES libcrypto */ static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc) { EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; int ret; /* If there is no init vector, init vector is all zeroes. */ if (!iv) iv = ictx->image_key; EVP_CIPHER_CTX_init(ctx); ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc); if (ret == 1) EVP_CIPHER_CTX_set_padding(ctx, 0); return ret; } static int sb_aes_crypt(struct sb_image_ctx *ictx, uint8_t *in_data, uint8_t *out_data, int in_len) { EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; int ret, outlen; uint8_t *outbuf; outbuf = malloc(in_len); if (!outbuf) return -ENOMEM; memset(outbuf, 0, sizeof(in_len)); ret = EVP_CipherUpdate(ctx, outbuf, &outlen, in_data, in_len); if (!ret) { ret = -EINVAL; goto err; } if (out_data) memcpy(out_data, outbuf, outlen); err: free(outbuf); return ret; } static int sb_aes_deinit(EVP_CIPHER_CTX *ctx) { return EVP_CIPHER_CTX_cleanup(ctx); } static int sb_aes_reinit(struct sb_image_ctx *ictx, int enc) { int ret; EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; struct sb_boot_image_header *sb_header = &ictx->payload; uint8_t *iv = sb_header->iv; ret = sb_aes_deinit(ctx); if (!ret) return ret; return sb_aes_init(ictx, iv, enc); } /* * CRC32 */ static uint32_t crc32(uint8_t *data, uint32_t len) { const uint32_t poly = 0x04c11db7; uint32_t crc32 = 0xffffffff; unsigned int byte, bit; for (byte = 0; byte < len; byte++) { crc32 ^= data[byte] << 24; for (bit = 8; bit > 0; bit--) { if (crc32 & (1UL << 31)) crc32 = (crc32 << 1) ^ poly; else crc32 = (crc32 << 1); } } return crc32; } /* * Debug */ static void soprintf(struct sb_image_ctx *ictx, const char *fmt, ...) { va_list ap; if (ictx->silent_dump) return; va_start(ap, fmt); vfprintf(stdout, fmt, ap); va_end(ap); } /* * Code */ static time_t sb_get_timestamp(void) { struct tm time_2000 = { .tm_yday = 1, /* Jan. 1st */ .tm_year = 100, /* 2000 */ }; time_t seconds_to_2000 = mktime(&time_2000); time_t seconds_to_now = time(NULL); return seconds_to_now - seconds_to_2000; } static int sb_get_time(time_t time, struct tm *tm) { struct tm time_2000 = { .tm_yday = 1, /* Jan. 1st */ .tm_year = 0, /* 1900 */ }; const time_t seconds_to_2000 = mktime(&time_2000); const time_t seconds_to_now = seconds_to_2000 + time; struct tm *ret; ret = gmtime_r(&seconds_to_now, tm); return ret ? 0 : -EINVAL; } static void sb_encrypt_sb_header(struct sb_image_ctx *ictx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; struct sb_boot_image_header *sb_header = &ictx->payload; uint8_t *sb_header_ptr = (uint8_t *)sb_header; /* Encrypt the header, compute the digest. */ sb_aes_crypt(ictx, sb_header_ptr, NULL, sizeof(*sb_header)); EVP_DigestUpdate(md_ctx, sb_header_ptr, sizeof(*sb_header)); } static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; struct sb_section_ctx *sctx = ictx->sect_head; struct sb_sections_header *shdr; uint8_t *sb_sections_header_ptr; const int size = sizeof(*shdr); while (sctx) { shdr = &sctx->payload; sb_sections_header_ptr = (uint8_t *)shdr; sb_aes_crypt(ictx, sb_sections_header_ptr, ictx->sb_dict_key.cbc_mac, size); EVP_DigestUpdate(md_ctx, sb_sections_header_ptr, size); sctx = sctx->sect; }; } static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; sb_aes_crypt(ictx, ictx->image_key, ictx->sb_dict_key.key, sizeof(ictx->sb_dict_key.key)); EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key)); } static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key)); sb_aes_crypt(ictx, ictx->sb_dict_key.key, ictx->image_key, sizeof(ictx->sb_dict_key.key)); } static void sb_encrypt_tag(struct sb_image_ctx *ictx, struct sb_cmd_ctx *cctx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; struct sb_command *cmd = &cctx->payload; sb_aes_crypt(ictx, (uint8_t *)cmd, (uint8_t *)&cctx->c_payload, sizeof(*cmd)); EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd)); } static int sb_encrypt_image(struct sb_image_ctx *ictx) { /* Start image-wide crypto. */ EVP_MD_CTX_init(&ictx->md_ctx); EVP_DigestInit(&ictx->md_ctx, EVP_sha1()); /* * SB image header. */ sb_aes_init(ictx, NULL, 1); sb_encrypt_sb_header(ictx); /* * SB sections header. */ sb_encrypt_sb_sections_header(ictx); /* * Key dictionary. */ sb_aes_reinit(ictx, 1); sb_encrypt_key_dictionary_key(ictx); /* * Section tags. */ struct sb_cmd_ctx *cctx; struct sb_command *ccmd; struct sb_section_ctx *sctx = ictx->sect_head; while (sctx) { cctx = sctx->cmd_head; sb_aes_reinit(ictx, 1); while (cctx) { ccmd = &cctx->payload; sb_encrypt_tag(ictx, cctx); if (ccmd->header.tag == ROM_TAG_CMD) { sb_aes_reinit(ictx, 1); } else if (ccmd->header.tag == ROM_LOAD_CMD) { sb_aes_crypt(ictx, cctx->data, cctx->data, cctx->length); EVP_DigestUpdate(&ictx->md_ctx, cctx->data, cctx->length); } cctx = cctx->cmd; } sctx = sctx->sect; }; /* * Dump the SHA1 of the whole image. */ sb_aes_reinit(ictx, 1); EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL); sb_aes_crypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest)); /* Stop the encryption session. */ sb_aes_deinit(&ictx->cipher_ctx); return 0; } static int sb_load_file(struct sb_cmd_ctx *cctx, char *filename) { long real_size, roundup_size; uint8_t *data; long ret; unsigned long size; FILE *fp; if (!filename) { fprintf(stderr, "ERR: Missing filename!\n"); return -EINVAL; } fp = fopen(filename, "r"); if (!fp) goto err_open; ret = fseek(fp, 0, SEEK_END); if (ret < 0) goto err_file; real_size = ftell(fp); if (real_size < 0) goto err_file; ret = fseek(fp, 0, SEEK_SET); if (ret < 0) goto err_file; roundup_size = roundup(real_size, SB_BLOCK_SIZE); data = calloc(1, roundup_size); if (!data) goto err_file; size = fread(data, 1, real_size, fp); if (size != (unsigned long)real_size) goto err_alloc; cctx->data = data; cctx->length = roundup_size; fclose(fp); return 0; err_alloc: free(data); err_file: fclose(fp); err_open: fprintf(stderr, "ERR: Failed to load file \"%s\"\n", filename); return -EINVAL; } static uint8_t sb_command_checksum(struct sb_command *inst) { uint8_t *inst_ptr = (uint8_t *)inst; uint8_t csum = 0; unsigned int i; for (i = 0; i < sizeof(struct sb_command); i++) csum += inst_ptr[i]; return csum; } static int sb_token_to_long(char *tok, uint32_t *rid) { char *endptr; unsigned long id; if (tok[0] != '0' || tok[1] != 'x') { fprintf(stderr, "ERR: Invalid hexadecimal number!\n"); return -EINVAL; } tok += 2; id = strtoul(tok, &endptr, 16); if ((errno == ERANGE && id == ULONG_MAX) || (errno != 0 && id == 0)) { fprintf(stderr, "ERR: Value can't be decoded!\n"); return -EINVAL; } /* Check for 32-bit overflow. */ if (id > 0xffffffff) { fprintf(stderr, "ERR: Value too big!\n"); return -EINVAL; } if (endptr == tok) { fprintf(stderr, "ERR: Deformed value!\n"); return -EINVAL; } *rid = (uint32_t)id; return 0; } static int sb_grow_dcd(struct sb_dcd_ctx *dctx, unsigned int inc_size) { uint32_t *tmp; if (!inc_size) return 0; dctx->size += inc_size; tmp = realloc(dctx->payload, dctx->size); if (!tmp) return -ENOMEM; dctx->payload = tmp; /* Assemble and update the HAB DCD header. */ dctx->payload[0] = htonl((SB_HAB_DCD_TAG << 24) | (dctx->size << 8) | SB_HAB_VERSION); return 0; } static int sb_build_dcd(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_dcd_ctx *dctx; char *tok; uint32_t id; int ret; dctx = calloc(1, sizeof(*dctx)); if (!dctx) return -ENOMEM; ret = sb_grow_dcd(dctx, 4); if (ret) goto err_dcd; /* Read DCD block number. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: DCD block without number!\n", cmd->lineno); ret = -EINVAL; goto err_dcd; } /* Parse the DCD block number. */ ret = sb_token_to_long(tok, &id); if (ret) { fprintf(stderr, "#%i ERR: Malformed DCD block number!\n", cmd->lineno); goto err_dcd; } dctx->id = id; /* * The DCD block is now constructed. Append it to the list. * WARNING: The DCD size is still not computed and will be * updated while parsing it's commands. */ if (!ictx->dcd_head) { ictx->dcd_head = dctx; ictx->dcd_tail = dctx; } else { ictx->dcd_tail->dcd = dctx; ictx->dcd_tail = dctx; } return 0; err_dcd: free(dctx->payload); free(dctx); return ret; } static int sb_build_dcd_block(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd, uint32_t type) { char *tok; uint32_t address, value, length; int ret; struct sb_dcd_ctx *dctx = ictx->dcd_tail; uint32_t *dcd; if (dctx->prev_dcd_head && (type != SB_DCD_NOOP) && ((dctx->prev_dcd_head[0] & 0xff0000ff) == type)) { /* Same instruction as before, just append it. */ ret = sb_grow_dcd(dctx, 8); if (ret) return ret; } else if (type == SB_DCD_NOOP) { ret = sb_grow_dcd(dctx, 4); if (ret) return ret; /* Update DCD command block pointer. */ dctx->prev_dcd_head = dctx->payload + dctx->size / sizeof(*dctx->payload) - 1; /* NOOP has only 4 bytes and no payload. */ goto noop; } else { /* * Either a different instruction block started now * or this is the first instruction block. */ ret = sb_grow_dcd(dctx, 12); if (ret) return ret; /* Update DCD command block pointer. */ dctx->prev_dcd_head = dctx->payload + dctx->size / sizeof(*dctx->payload) - 3; } dcd = dctx->payload + dctx->size / sizeof(*dctx->payload) - 2; /* * Prepare the command. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing DCD address!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Read DCD destination address. */ ret = sb_token_to_long(tok, &address); if (ret) { fprintf(stderr, "#%i ERR: Incorrect DCD address!\n", cmd->lineno); goto err; } tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing DCD value!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Read DCD operation value. */ ret = sb_token_to_long(tok, &value); if (ret) { fprintf(stderr, "#%i ERR: Incorrect DCD value!\n", cmd->lineno); goto err; } /* Fill in the new DCD entry. */ dcd[0] = htonl(address); dcd[1] = htonl(value); noop: /* Update the DCD command block. */ length = dctx->size - ((dctx->prev_dcd_head - dctx->payload) * sizeof(*dctx->payload)); dctx->prev_dcd_head[0] = htonl(type | (length << 8)); err: return ret; } static int sb_build_section(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_section_ctx *sctx; struct sb_sections_header *shdr; char *tok; uint32_t bootable = 0; uint32_t id; int ret; sctx = calloc(1, sizeof(*sctx)); if (!sctx) return -ENOMEM; /* Read section number. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Section without number!\n", cmd->lineno); ret = -EINVAL; goto err_sect; } /* Parse the section number. */ ret = sb_token_to_long(tok, &id); if (ret) { fprintf(stderr, "#%i ERR: Malformed section number!\n", cmd->lineno); goto err_sect; } /* Read section's BOOTABLE flag. */ tok = strtok(NULL, " "); if (tok && (strlen(tok) == 8) && !strncmp(tok, "BOOTABLE", 8)) bootable = SB_SECTION_FLAG_BOOTABLE; sctx->boot = bootable; shdr = &sctx->payload; shdr->section_number = id; shdr->section_flags = bootable; /* * The section is now constructed. Append it to the list. * WARNING: The section size is still not computed and will * be updated while parsing it's commands. */ ictx->sect_count++; /* Mark that this section is bootable one. */ if (bootable) { if (ictx->sect_boot_found) { fprintf(stderr, "#%i WARN: Multiple bootable section!\n", cmd->lineno); } else { ictx->sect_boot = id; ictx->sect_boot_found = 1; } } if (!ictx->sect_head) { ictx->sect_head = sctx; ictx->sect_tail = sctx; } else { ictx->sect_tail->sect = sctx; ictx->sect_tail = sctx; } return 0; err_sect: free(sctx); return ret; } static int sb_build_command_nop(struct sb_image_ctx *ictx) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = ROM_NOP_CMD; cctx->size = sizeof(*ccmd); /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; } static int sb_build_command_tag(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; char *tok; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Prepare the command. */ /* Check for the LAST keyword. */ tok = strtok(cmd->cmd, " "); if (tok && !strcmp(tok, "LAST")) ccmd->header.flags = ROM_TAG_CMD_FLAG_ROM_LAST_TAG; /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = ROM_TAG_CMD; cctx->size = sizeof(*ccmd); /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; } static int sb_build_command_load(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; char *tok; int ret, is_ivt = 0, is_dcd = 0; uint32_t dest, dcd = 0; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Prepare the command. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing LOAD address or 'IVT'!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Check for "IVT" flag. */ if (!strcmp(tok, "IVT")) is_ivt = 1; if (!strcmp(tok, "DCD")) is_dcd = 1; if (is_ivt || is_dcd) { tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing LOAD address!\n", cmd->lineno); ret = -EINVAL; goto err; } } /* Read load destination address. */ ret = sb_token_to_long(tok, &dest); if (ret) { fprintf(stderr, "#%i ERR: Incorrect LOAD address!\n", cmd->lineno); goto err; } /* Read filename or IVT entrypoint or DCD block ID. */ tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing LOAD filename or IVT ep or DCD block ID!\n", cmd->lineno); ret = -EINVAL; goto err; } if (is_ivt) { /* Handle IVT. */ struct sb_ivt_header *ivt; uint32_t ivtep; ret = sb_token_to_long(tok, &ivtep); if (ret) { fprintf(stderr, "#%i ERR: Incorrect IVT entry point!\n", cmd->lineno); goto err; } ivt = calloc(1, sizeof(*ivt)); if (!ivt) { ret = -ENOMEM; goto err; } ivt->header = sb_hab_ivt_header(); ivt->entry = ivtep; ivt->self = dest; cctx->data = (uint8_t *)ivt; cctx->length = sizeof(*ivt); } else if (is_dcd) { struct sb_dcd_ctx *dctx = ictx->dcd_head; uint32_t dcdid; uint8_t *payload; uint32_t asize; ret = sb_token_to_long(tok, &dcdid); if (ret) { fprintf(stderr, "#%i ERR: Incorrect DCD block ID!\n", cmd->lineno); goto err; } while (dctx) { if (dctx->id == dcdid) break; dctx = dctx->dcd; } if (!dctx) { fprintf(stderr, "#%i ERR: DCD block %08x not found!\n", cmd->lineno, dcdid); goto err; } asize = roundup(dctx->size, SB_BLOCK_SIZE); payload = calloc(1, asize); if (!payload) { ret = -ENOMEM; goto err; } memcpy(payload, dctx->payload, dctx->size); cctx->data = payload; cctx->length = asize; /* Set the Load DCD flag. */ dcd = ROM_LOAD_CMD_FLAG_DCD_LOAD; } else { /* Regular LOAD of a file. */ ret = sb_load_file(cctx, tok); if (ret) { fprintf(stderr, "#%i ERR: Cannot load '%s'!\n", cmd->lineno, tok); goto err; } } if (cctx->length & (SB_BLOCK_SIZE - 1)) { fprintf(stderr, "#%i ERR: Unaligned payload!\n", cmd->lineno); } /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = ROM_LOAD_CMD; ccmd->header.flags = dcd; ccmd->load.address = dest; ccmd->load.count = cctx->length; ccmd->load.crc32 = crc32(cctx->data, cctx->length); cctx->size = sizeof(*ccmd) + cctx->length; /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; err: free(cctx); return ret; } static int sb_build_command_fill(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; char *tok; uint32_t address, pattern, length; int ret; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Prepare the command. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing FILL address!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Read fill destination address. */ ret = sb_token_to_long(tok, &address); if (ret) { fprintf(stderr, "#%i ERR: Incorrect FILL address!\n", cmd->lineno); goto err; } tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing FILL pattern!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Read fill pattern address. */ ret = sb_token_to_long(tok, &pattern); if (ret) { fprintf(stderr, "#%i ERR: Incorrect FILL pattern!\n", cmd->lineno); goto err; } tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing FILL length!\n", cmd->lineno); ret = -EINVAL; goto err; } /* Read fill pattern address. */ ret = sb_token_to_long(tok, &length); if (ret) { fprintf(stderr, "#%i ERR: Incorrect FILL length!\n", cmd->lineno); goto err; } /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = ROM_FILL_CMD; ccmd->fill.address = address; ccmd->fill.count = length; ccmd->fill.pattern = pattern; cctx->size = sizeof(*ccmd); /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; err: free(cctx); return ret; } static int sb_build_command_jump_call(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd, unsigned int is_call) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; char *tok; uint32_t dest, arg = 0x0; uint32_t hab = 0; int ret; const char *cmdname = is_call ? "CALL" : "JUMP"; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Prepare the command. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing %s address or 'HAB'!\n", cmd->lineno, cmdname); ret = -EINVAL; goto err; } /* Check for "HAB" flag. */ if (!strcmp(tok, "HAB")) { hab = is_call ? ROM_CALL_CMD_FLAG_HAB : ROM_JUMP_CMD_FLAG_HAB; tok = strtok(NULL, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing %s address!\n", cmd->lineno, cmdname); ret = -EINVAL; goto err; } } /* Read load destination address. */ ret = sb_token_to_long(tok, &dest); if (ret) { fprintf(stderr, "#%i ERR: Incorrect %s address!\n", cmd->lineno, cmdname); goto err; } tok = strtok(NULL, " "); if (tok) { ret = sb_token_to_long(tok, &arg); if (ret) { fprintf(stderr, "#%i ERR: Incorrect %s argument!\n", cmd->lineno, cmdname); goto err; } } /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = is_call ? ROM_CALL_CMD : ROM_JUMP_CMD; ccmd->header.flags = hab; ccmd->call.address = dest; ccmd->call.argument = arg; cctx->size = sizeof(*ccmd); /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; err: free(cctx); return ret; } static int sb_build_command_jump(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { return sb_build_command_jump_call(ictx, cmd, 0); } static int sb_build_command_call(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { return sb_build_command_jump_call(ictx, cmd, 1); } static int sb_build_command_mode(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { struct sb_section_ctx *sctx = ictx->sect_tail; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; char *tok; int ret; unsigned int i; uint32_t mode = 0xffffffff; cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; ccmd = &cctx->payload; /* * Prepare the command. */ tok = strtok(cmd->cmd, " "); if (!tok) { fprintf(stderr, "#%i ERR: Missing MODE boot mode argument!\n", cmd->lineno); ret = -EINVAL; goto err; } for (i = 0; i < ARRAY_SIZE(modetable); i++) { if (!strcmp(tok, modetable[i].name)) { mode = modetable[i].mode; break; } if (!modetable[i].altname) continue; if (!strcmp(tok, modetable[i].altname)) { mode = modetable[i].mode; break; } } if (mode == 0xffffffff) { fprintf(stderr, "#%i ERR: Invalid MODE boot mode argument!\n", cmd->lineno); ret = -EINVAL; goto err; } /* * Construct the command. */ ccmd->header.checksum = 0x5a; ccmd->header.tag = ROM_MODE_CMD; ccmd->mode.mode = mode; cctx->size = sizeof(*ccmd); /* * Append the command to the last section. */ if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } return 0; err: free(cctx); return ret; } static int sb_prefill_image_header(struct sb_image_ctx *ictx) { struct sb_boot_image_header *hdr = &ictx->payload; /* Fill signatures */ memcpy(hdr->signature1, "STMP", 4); memcpy(hdr->signature2, "sgtl", 4); /* SB Image version 1.1 */ hdr->major_version = SB_VERSION_MAJOR; hdr->minor_version = SB_VERSION_MINOR; /* Boot image major version */ hdr->product_version.major = htons(0x999); hdr->product_version.minor = htons(0x999); hdr->product_version.revision = htons(0x999); /* Boot image major version */ hdr->component_version.major = htons(0x999); hdr->component_version.minor = htons(0x999); hdr->component_version.revision = htons(0x999); /* Drive tag must be 0x0 for i.MX23 */ hdr->drive_tag = 0; hdr->header_blocks = sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE; hdr->section_header_size = sizeof(struct sb_sections_header) / SB_BLOCK_SIZE; hdr->timestamp_us = sb_get_timestamp() * 1000000; /* FIXME -- add proper config option */ hdr->flags = ictx->verbose_boot ? SB_IMAGE_FLAG_VERBOSE : 0, /* FIXME -- We support only default key */ hdr->key_count = 1; return 0; } static int sb_postfill_image_header(struct sb_image_ctx *ictx) { struct sb_boot_image_header *hdr = &ictx->payload; struct sb_section_ctx *sctx = ictx->sect_head; uint32_t kd_size, sections_blocks; EVP_MD_CTX md_ctx; /* The main SB header size in blocks. */ hdr->image_blocks = hdr->header_blocks; /* Size of the key dictionary, which has single zero entry. */ kd_size = hdr->key_count * sizeof(struct sb_key_dictionary_key); hdr->image_blocks += kd_size / SB_BLOCK_SIZE; /* Now count the payloads. */ hdr->section_count = ictx->sect_count; while (sctx) { hdr->image_blocks += sctx->size / SB_BLOCK_SIZE; sctx = sctx->sect; } if (!ictx->sect_boot_found) { fprintf(stderr, "ERR: No bootable section selected!\n"); return -EINVAL; } hdr->first_boot_section_id = ictx->sect_boot; /* The n * SB section size in blocks. */ sections_blocks = hdr->section_count * hdr->section_header_size; hdr->image_blocks += sections_blocks; /* Key dictionary offset. */ hdr->key_dictionary_block = hdr->header_blocks + sections_blocks; /* Digest of the whole image. */ hdr->image_blocks += 2; /* Pointer past the dictionary. */ hdr->first_boot_tag_block = hdr->key_dictionary_block + kd_size / SB_BLOCK_SIZE; /* Compute header digest. */ EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha1()); EVP_DigestUpdate(&md_ctx, hdr->signature1, sizeof(struct sb_boot_image_header) - sizeof(hdr->digest)); EVP_DigestFinal(&md_ctx, hdr->digest, NULL); return 0; } static int sb_fixup_sections_and_tags(struct sb_image_ctx *ictx) { /* Fixup the placement of sections. */ struct sb_boot_image_header *ihdr = &ictx->payload; struct sb_section_ctx *sctx = ictx->sect_head; struct sb_sections_header *shdr; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; uint32_t offset = ihdr->first_boot_tag_block; while (sctx) { shdr = &sctx->payload; /* Fill in the section TAG offset. */ shdr->section_offset = offset + 1; offset += shdr->section_size; /* Section length is measured from the TAG block. */ shdr->section_size--; /* Fixup the TAG command. */ cctx = sctx->cmd_head; while (cctx) { ccmd = &cctx->payload; if (ccmd->header.tag == ROM_TAG_CMD) { ccmd->tag.section_number = shdr->section_number; ccmd->tag.section_length = shdr->section_size; ccmd->tag.section_flags = shdr->section_flags; } /* Update the command checksum. */ ccmd->header.checksum = sb_command_checksum(ccmd); cctx = cctx->cmd; } sctx = sctx->sect; } return 0; } static int sb_parse_line(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd) { char *tok; char *line = cmd->cmd; char *rptr; int ret; /* Analyze the identifier on this line first. */ tok = strtok_r(line, " ", &rptr); if (!tok || (strlen(tok) == 0)) { fprintf(stderr, "#%i ERR: Invalid line!\n", cmd->lineno); return -EINVAL; } cmd->cmd = rptr; /* DCD */ if (!strcmp(tok, "DCD")) { ictx->in_section = 0; ictx->in_dcd = 1; sb_build_dcd(ictx, cmd); return 0; } /* Section */ if (!strcmp(tok, "SECTION")) { ictx->in_section = 1; ictx->in_dcd = 0; sb_build_section(ictx, cmd); return 0; } if (!ictx->in_section && !ictx->in_dcd) { fprintf(stderr, "#%i ERR: Data outside of a section!\n", cmd->lineno); return -EINVAL; } if (ictx->in_section) { /* Section commands */ if (!strcmp(tok, "NOP")) { ret = sb_build_command_nop(ictx); } else if (!strcmp(tok, "TAG")) { ret = sb_build_command_tag(ictx, cmd); } else if (!strcmp(tok, "LOAD")) { ret = sb_build_command_load(ictx, cmd); } else if (!strcmp(tok, "FILL")) { ret = sb_build_command_fill(ictx, cmd); } else if (!strcmp(tok, "JUMP")) { ret = sb_build_command_jump(ictx, cmd); } else if (!strcmp(tok, "CALL")) { ret = sb_build_command_call(ictx, cmd); } else if (!strcmp(tok, "MODE")) { ret = sb_build_command_mode(ictx, cmd); } else { fprintf(stderr, "#%i ERR: Unsupported instruction '%s'!\n", cmd->lineno, tok); return -ENOTSUP; } } else if (ictx->in_dcd) { char *lptr; uint32_t ilen = '1'; tok = strtok_r(tok, ".", &lptr); if (!tok || (strlen(tok) == 0) || (lptr && strlen(lptr) != 1)) { fprintf(stderr, "#%i ERR: Invalid line!\n", cmd->lineno); return -EINVAL; } if (lptr && (lptr[0] != '1' && lptr[0] != '2' && lptr[0] != '4')) { fprintf(stderr, "#%i ERR: Invalid instruction width!\n", cmd->lineno); return -EINVAL; } if (lptr) ilen = lptr[0] - '1'; /* DCD commands */ if (!strcmp(tok, "WRITE")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_WRITE | ilen); } else if (!strcmp(tok, "ANDC")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_ANDC | ilen); } else if (!strcmp(tok, "ORR")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_ORR | ilen); } else if (!strcmp(tok, "EQZ")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_CHK_EQZ | ilen); } else if (!strcmp(tok, "EQ")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_CHK_EQ | ilen); } else if (!strcmp(tok, "NEQ")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_CHK_NEQ | ilen); } else if (!strcmp(tok, "NEZ")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_CHK_NEZ | ilen); } else if (!strcmp(tok, "NOOP")) { ret = sb_build_dcd_block(ictx, cmd, SB_DCD_NOOP); } else { fprintf(stderr, "#%i ERR: Unsupported instruction '%s'!\n", cmd->lineno, tok); return -ENOTSUP; } } else { fprintf(stderr, "#%i ERR: Unsupported instruction '%s'!\n", cmd->lineno, tok); return -ENOTSUP; } /* * Here we have at least one section with one command, otherwise we * would have failed already higher above. * * FIXME -- should the updating happen here ? */ if (ictx->in_section && !ret) { ictx->sect_tail->size += ictx->sect_tail->cmd_tail->size; ictx->sect_tail->payload.section_size = ictx->sect_tail->size / SB_BLOCK_SIZE; } return ret; } static int sb_load_cmdfile(struct sb_image_ctx *ictx) { struct sb_cmd_list cmd; int lineno = 1; FILE *fp; char *line = NULL; ssize_t rlen; size_t len; fp = fopen(ictx->cfg_filename, "r"); if (!fp) goto err_file; while ((rlen = getline(&line, &len, fp)) > 0) { memset(&cmd, 0, sizeof(cmd)); /* Strip the trailing newline. */ line[rlen - 1] = '\0'; cmd.cmd = line; cmd.len = rlen; cmd.lineno = lineno++; sb_parse_line(ictx, &cmd); } free(line); fclose(fp); return 0; err_file: fclose(fp); fprintf(stderr, "ERR: Failed to load file \"%s\"\n", ictx->cfg_filename); return -EINVAL; } static int sb_build_tree_from_cfg(struct sb_image_ctx *ictx) { int ret; ret = sb_load_cmdfile(ictx); if (ret) return ret; ret = sb_prefill_image_header(ictx); if (ret) return ret; ret = sb_postfill_image_header(ictx); if (ret) return ret; ret = sb_fixup_sections_and_tags(ictx); if (ret) return ret; return 0; } static int sb_verify_image_header(struct sb_image_ctx *ictx, FILE *fp, long fsize) { /* Verify static fields in the image header. */ struct sb_boot_image_header *hdr = &ictx->payload; const char *stat[2] = { "[PASS]", "[FAIL]" }; struct tm tm; int sz, ret = 0; unsigned char digest[20]; EVP_MD_CTX md_ctx; unsigned long size; /* Start image-wide crypto. */ EVP_MD_CTX_init(&ictx->md_ctx); EVP_DigestInit(&ictx->md_ctx, EVP_sha1()); soprintf(ictx, "---------- Verifying SB Image Header ----------\n"); size = fread(&ictx->payload, 1, sizeof(ictx->payload), fp); if (size != sizeof(ictx->payload)) { fprintf(stderr, "ERR: SB image header too short!\n"); return -EINVAL; } /* Compute header digest. */ EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha1()); EVP_DigestUpdate(&md_ctx, hdr->signature1, sizeof(struct sb_boot_image_header) - sizeof(hdr->digest)); EVP_DigestFinal(&md_ctx, digest, NULL); sb_aes_init(ictx, NULL, 1); sb_encrypt_sb_header(ictx); if (memcmp(digest, hdr->digest, 20)) ret = -EINVAL; soprintf(ictx, "%s Image header checksum: %s\n", stat[!!ret], ret ? "BAD" : "OK"); if (ret) return ret; if (memcmp(hdr->signature1, "STMP", 4) || memcmp(hdr->signature2, "sgtl", 4)) ret = -EINVAL; soprintf(ictx, "%s Signatures: '%.4s' '%.4s'\n", stat[!!ret], hdr->signature1, hdr->signature2); if (ret) return ret; if ((hdr->major_version != SB_VERSION_MAJOR) || ((hdr->minor_version != 1) && (hdr->minor_version != 2))) ret = -EINVAL; soprintf(ictx, "%s Image version: v%i.%i\n", stat[!!ret], hdr->major_version, hdr->minor_version); if (ret) return ret; ret = sb_get_time(hdr->timestamp_us / 1000000, &tm); soprintf(ictx, "%s Creation time: %02i:%02i:%02i %02i/%02i/%04i\n", stat[!!ret], tm.tm_hour, tm.tm_min, tm.tm_sec, tm.tm_mday, tm.tm_mon, tm.tm_year + 2000); if (ret) return ret; soprintf(ictx, "%s Product version: %x.%x.%x\n", stat[0], ntohs(hdr->product_version.major), ntohs(hdr->product_version.minor), ntohs(hdr->product_version.revision)); soprintf(ictx, "%s Component version: %x.%x.%x\n", stat[0], ntohs(hdr->component_version.major), ntohs(hdr->component_version.minor), ntohs(hdr->component_version.revision)); if (hdr->flags & ~SB_IMAGE_FLAG_VERBOSE) ret = -EINVAL; soprintf(ictx, "%s Image flags: %s\n", stat[!!ret], hdr->flags & SB_IMAGE_FLAG_VERBOSE ? "Verbose_boot" : ""); if (ret) return ret; if (hdr->drive_tag != 0) ret = -EINVAL; soprintf(ictx, "%s Drive tag: %i\n", stat[!!ret], hdr->drive_tag); if (ret) return ret; sz = sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE; if (hdr->header_blocks != sz) ret = -EINVAL; soprintf(ictx, "%s Image header size (blocks): %i\n", stat[!!ret], hdr->header_blocks); if (ret) return ret; sz = sizeof(struct sb_sections_header) / SB_BLOCK_SIZE; if (hdr->section_header_size != sz) ret = -EINVAL; soprintf(ictx, "%s Section header size (blocks): %i\n", stat[!!ret], hdr->section_header_size); if (ret) return ret; soprintf(ictx, "%s Sections count: %i\n", stat[!!ret], hdr->section_count); soprintf(ictx, "%s First bootable section %i\n", stat[!!ret], hdr->first_boot_section_id); if (hdr->image_blocks != fsize / SB_BLOCK_SIZE) ret = -EINVAL; soprintf(ictx, "%s Image size (blocks): %i\n", stat[!!ret], hdr->image_blocks); if (ret) return ret; sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count; if (hdr->key_dictionary_block != sz) ret = -EINVAL; soprintf(ictx, "%s Key dict offset (blocks): %i\n", stat[!!ret], hdr->key_dictionary_block); if (ret) return ret; if (hdr->key_count != 1) ret = -EINVAL; soprintf(ictx, "%s Number of encryption keys: %i\n", stat[!!ret], hdr->key_count); if (ret) return ret; sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count; sz += hdr->key_count * sizeof(struct sb_key_dictionary_key) / SB_BLOCK_SIZE; if (hdr->first_boot_tag_block != (unsigned)sz) ret = -EINVAL; soprintf(ictx, "%s First TAG block (blocks): %i\n", stat[!!ret], hdr->first_boot_tag_block); if (ret) return ret; return 0; } static void sb_decrypt_tag(struct sb_image_ctx *ictx, struct sb_cmd_ctx *cctx) { EVP_MD_CTX *md_ctx = &ictx->md_ctx; struct sb_command *cmd = &cctx->payload; sb_aes_crypt(ictx, (uint8_t *)&cctx->c_payload, (uint8_t *)&cctx->payload, sizeof(*cmd)); EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd)); } static int sb_verify_command(struct sb_image_ctx *ictx, struct sb_cmd_ctx *cctx, FILE *fp, unsigned long *tsize) { struct sb_command *ccmd = &cctx->payload; unsigned long size, asize; char *csum, *flag = ""; int ret; unsigned int i; uint8_t csn, csc = ccmd->header.checksum; ccmd->header.checksum = 0x5a; csn = sb_command_checksum(ccmd); ccmd->header.checksum = csc; if (csc == csn) ret = 0; else ret = -EINVAL; csum = ret ? "checksum BAD" : "checksum OK"; switch (ccmd->header.tag) { case ROM_NOP_CMD: soprintf(ictx, " NOOP # %s\n", csum); return ret; case ROM_TAG_CMD: if (ccmd->header.flags & ROM_TAG_CMD_FLAG_ROM_LAST_TAG) flag = "LAST"; soprintf(ictx, " TAG %s # %s\n", flag, csum); sb_aes_reinit(ictx, 0); return ret; case ROM_LOAD_CMD: soprintf(ictx, " LOAD addr=0x%08x length=0x%08x # %s\n", ccmd->load.address, ccmd->load.count, csum); cctx->length = ccmd->load.count; asize = roundup(cctx->length, SB_BLOCK_SIZE); cctx->data = malloc(asize); if (!cctx->data) return -ENOMEM; size = fread(cctx->data, 1, asize, fp); if (size != asize) { fprintf(stderr, "ERR: SB LOAD command payload too short!\n"); return -EINVAL; } *tsize += size; EVP_DigestUpdate(&ictx->md_ctx, cctx->data, asize); sb_aes_crypt(ictx, cctx->data, cctx->data, asize); if (ccmd->load.crc32 != crc32(cctx->data, asize)) { fprintf(stderr, "ERR: SB LOAD command payload CRC32 invalid!\n"); return -EINVAL; } return 0; case ROM_FILL_CMD: soprintf(ictx, " FILL addr=0x%08x length=0x%08x pattern=0x%08x # %s\n", ccmd->fill.address, ccmd->fill.count, ccmd->fill.pattern, csum); return 0; case ROM_JUMP_CMD: if (ccmd->header.flags & ROM_JUMP_CMD_FLAG_HAB) flag = " HAB"; soprintf(ictx, " JUMP%s addr=0x%08x r0_arg=0x%08x # %s\n", flag, ccmd->fill.address, ccmd->jump.argument, csum); return 0; case ROM_CALL_CMD: if (ccmd->header.flags & ROM_CALL_CMD_FLAG_HAB) flag = " HAB"; soprintf(ictx, " CALL%s addr=0x%08x r0_arg=0x%08x # %s\n", flag, ccmd->fill.address, ccmd->jump.argument, csum); return 0; case ROM_MODE_CMD: for (i = 0; i < ARRAY_SIZE(modetable); i++) { if (ccmd->mode.mode == modetable[i].mode) { soprintf(ictx, " MODE %s # %s\n", modetable[i].name, csum); break; } } fprintf(stderr, " MODE !INVALID! # %s\n", csum); return 0; } return ret; } static int sb_verify_commands(struct sb_image_ctx *ictx, struct sb_section_ctx *sctx, FILE *fp) { unsigned long size, tsize = 0; struct sb_cmd_ctx *cctx; int ret; sb_aes_reinit(ictx, 0); while (tsize < sctx->size) { cctx = calloc(1, sizeof(*cctx)); if (!cctx) return -ENOMEM; if (!sctx->cmd_head) { sctx->cmd_head = cctx; sctx->cmd_tail = cctx; } else { sctx->cmd_tail->cmd = cctx; sctx->cmd_tail = cctx; } size = fread(&cctx->c_payload, 1, sizeof(cctx->c_payload), fp); if (size != sizeof(cctx->c_payload)) { fprintf(stderr, "ERR: SB command header too short!\n"); return -EINVAL; } tsize += size; sb_decrypt_tag(ictx, cctx); ret = sb_verify_command(ictx, cctx, fp, &tsize); if (ret) return -EINVAL; } return 0; } static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp) { struct sb_boot_image_header *hdr = &ictx->payload; struct sb_sections_header *shdr; unsigned int i; int ret; struct sb_section_ctx *sctx; unsigned long size; char *bootable = ""; soprintf(ictx, "----- Verifying SB Sections and Commands -----\n"); for (i = 0; i < hdr->section_count; i++) { sctx = calloc(1, sizeof(*sctx)); if (!sctx) return -ENOMEM; if (!ictx->sect_head) { ictx->sect_head = sctx; ictx->sect_tail = sctx; } else { ictx->sect_tail->sect = sctx; ictx->sect_tail = sctx; } size = fread(&sctx->payload, 1, sizeof(sctx->payload), fp); if (size != sizeof(sctx->payload)) { fprintf(stderr, "ERR: SB section header too short!\n"); return -EINVAL; } } size = fread(&ictx->sb_dict_key, 1, sizeof(ictx->sb_dict_key), fp); if (size != sizeof(ictx->sb_dict_key)) { fprintf(stderr, "ERR: SB key dictionary too short!\n"); return -EINVAL; } sb_encrypt_sb_sections_header(ictx); sb_aes_reinit(ictx, 0); sb_decrypt_key_dictionary_key(ictx); sb_aes_reinit(ictx, 0); sctx = ictx->sect_head; while (sctx) { shdr = &sctx->payload; if (shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) { sctx->boot = 1; bootable = " BOOTABLE"; } sctx->size = (shdr->section_size * SB_BLOCK_SIZE) + sizeof(struct sb_command); soprintf(ictx, "SECTION 0x%x%s # size = %i bytes\n", shdr->section_number, bootable, sctx->size); if (shdr->section_flags & ~SB_SECTION_FLAG_BOOTABLE) fprintf(stderr, " WARN: Unknown section flag(s) %08x\n", shdr->section_flags); if ((shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) && (hdr->first_boot_section_id != shdr->section_number)) { fprintf(stderr, " WARN: Bootable section does ID not match image header ID!\n"); } ret = sb_verify_commands(ictx, sctx, fp); if (ret) return ret; sctx = sctx->sect; } /* * FIXME IDEA: * check if the first TAG command is at sctx->section_offset */ return 0; } static int sb_verify_image_end(struct sb_image_ctx *ictx, FILE *fp, off_t filesz) { uint8_t digest[32]; unsigned long size; off_t pos; int ret; soprintf(ictx, "------------- Verifying image end -------------\n"); size = fread(digest, 1, sizeof(digest), fp); if (size != sizeof(digest)) { fprintf(stderr, "ERR: SB key dictionary too short!\n"); return -EINVAL; } pos = ftell(fp); if (pos != filesz) { fprintf(stderr, "ERR: Trailing data past the image!\n"); return -EINVAL; } /* Check the image digest. */ EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL); /* Decrypt the image digest from the input image. */ sb_aes_reinit(ictx, 0); sb_aes_crypt(ictx, digest, digest, sizeof(digest)); /* Check all of 20 bytes of the SHA1 hash. */ ret = memcmp(digest, ictx->digest, 20) ? -EINVAL : 0; if (ret) soprintf(ictx, "[FAIL] Full-image checksum: BAD\n"); else soprintf(ictx, "[PASS] Full-image checksum: OK\n"); return ret; } static int sb_build_tree_from_img(struct sb_image_ctx *ictx) { long filesize; int ret; FILE *fp; if (!ictx->input_filename) { fprintf(stderr, "ERR: Missing filename!\n"); return -EINVAL; } fp = fopen(ictx->input_filename, "r"); if (!fp) goto err_open; ret = fseek(fp, 0, SEEK_END); if (ret < 0) goto err_file; filesize = ftell(fp); if (filesize < 0) goto err_file; ret = fseek(fp, 0, SEEK_SET); if (ret < 0) goto err_file; if (filesize < (signed)sizeof(ictx->payload)) { fprintf(stderr, "ERR: File too short!\n"); goto err_file; } if (filesize & (SB_BLOCK_SIZE - 1)) { fprintf(stderr, "ERR: The file is not aligned!\n"); goto err_file; } /* Load and verify image header */ ret = sb_verify_image_header(ictx, fp, filesize); if (ret) goto err_verify; /* Load and verify sections and commands */ ret = sb_verify_sections_cmds(ictx, fp); if (ret) goto err_verify; ret = sb_verify_image_end(ictx, fp, filesize); if (ret) goto err_verify; ret = 0; err_verify: soprintf(ictx, "-------------------- Result -------------------\n"); soprintf(ictx, "Verification %s\n", ret ? "FAILED" : "PASSED"); /* Stop the encryption session. */ sb_aes_deinit(&ictx->cipher_ctx); fclose(fp); return ret; err_file: fclose(fp); err_open: fprintf(stderr, "ERR: Failed to load file \"%s\"\n", ictx->input_filename); return -EINVAL; } static void sb_free_image(struct sb_image_ctx *ictx) { struct sb_section_ctx *sctx = ictx->sect_head, *s_head; struct sb_dcd_ctx *dctx = ictx->dcd_head, *d_head; struct sb_cmd_ctx *cctx, *c_head; while (sctx) { s_head = sctx; c_head = sctx->cmd_head; while (c_head) { cctx = c_head; c_head = c_head->cmd; if (cctx->data) free(cctx->data); free(cctx); } sctx = sctx->sect; free(s_head); } while (dctx) { d_head = dctx; dctx = dctx->dcd; free(d_head->payload); free(d_head); } } /* * MXSSB-MKIMAGE glue code. */ static int mxsimage_check_image_types(uint8_t type) { if (type == IH_TYPE_MXSIMAGE) return EXIT_SUCCESS; else return EXIT_FAILURE; } static void mxsimage_set_header(void *ptr, struct stat *sbuf, int ifd, struct mkimage_params *params) { } int mxsimage_check_params(struct mkimage_params *params) { if (!params) return -1; if (!strlen(params->imagename)) { fprintf(stderr, "Error: %s - Configuration file not specified, it is needed for mxsimage generation\n", params->cmdname); return -1; } /* * Check parameters: * XIP is not allowed and verify that incompatible * parameters are not sent at the same time * For example, if list is required a data image must not be provided */ return (params->dflag && (params->fflag || params->lflag)) || (params->fflag && (params->dflag || params->lflag)) || (params->lflag && (params->dflag || params->fflag)) || (params->xflag) || !(strlen(params->imagename)); } static int mxsimage_verify_print_header(char *file, int silent) { int ret; struct sb_image_ctx ctx; memset(&ctx, 0, sizeof(ctx)); ctx.input_filename = file; ctx.silent_dump = silent; ret = sb_build_tree_from_img(&ctx); sb_free_image(&ctx); return ret; } char *imagefile; static int mxsimage_verify_header(unsigned char *ptr, int image_size, struct mkimage_params *params) { struct sb_boot_image_header *hdr; if (!ptr) return -EINVAL; hdr = (struct sb_boot_image_header *)ptr; /* * Check if the header contains the MXS image signatures, * if so, do a full-image verification. */ if (memcmp(hdr->signature1, "STMP", 4) || memcmp(hdr->signature2, "sgtl", 4)) return -EINVAL; imagefile = params->imagefile; return mxsimage_verify_print_header(params->imagefile, 1); } static void mxsimage_print_header(const void *hdr) { if (imagefile) mxsimage_verify_print_header(imagefile, 0); } static int sb_build_image(struct sb_image_ctx *ictx, struct image_type_params *tparams) { struct sb_boot_image_header *sb_header = &ictx->payload; struct sb_section_ctx *sctx; struct sb_cmd_ctx *cctx; struct sb_command *ccmd; struct sb_key_dictionary_key *sb_dict_key = &ictx->sb_dict_key; uint8_t *image, *iptr; /* Calculate image size. */ uint32_t size = sizeof(*sb_header) + ictx->sect_count * sizeof(struct sb_sections_header) + sizeof(*sb_dict_key) + sizeof(ictx->digest); sctx = ictx->sect_head; while (sctx) { size += sctx->size; sctx = sctx->sect; }; image = malloc(size); if (!image) return -ENOMEM; iptr = image; memcpy(iptr, sb_header, sizeof(*sb_header)); iptr += sizeof(*sb_header); sctx = ictx->sect_head; while (sctx) { memcpy(iptr, &sctx->payload, sizeof(struct sb_sections_header)); iptr += sizeof(struct sb_sections_header); sctx = sctx->sect; }; memcpy(iptr, sb_dict_key, sizeof(*sb_dict_key)); iptr += sizeof(*sb_dict_key); sctx = ictx->sect_head; while (sctx) { cctx = sctx->cmd_head; while (cctx) { ccmd = &cctx->payload; memcpy(iptr, &cctx->c_payload, sizeof(cctx->payload)); iptr += sizeof(cctx->payload); if (ccmd->header.tag == ROM_LOAD_CMD) { memcpy(iptr, cctx->data, cctx->length); iptr += cctx->length; } cctx = cctx->cmd; } sctx = sctx->sect; }; memcpy(iptr, ictx->digest, sizeof(ictx->digest)); iptr += sizeof(ictx->digest); /* Configure the mkimage */ tparams->hdr = image; tparams->header_size = size; return 0; } static int mxsimage_generate(struct mkimage_params *params, struct image_type_params *tparams) { int ret; struct sb_image_ctx ctx; /* Do not copy the U-Boot image! */ params->skipcpy = 1; memset(&ctx, 0, sizeof(ctx)); ctx.cfg_filename = params->imagename; ctx.output_filename = params->imagefile; ctx.verbose_boot = 1; ret = sb_build_tree_from_cfg(&ctx); if (ret) goto fail; ret = sb_encrypt_image(&ctx); if (!ret) ret = sb_build_image(&ctx, tparams); fail: sb_free_image(&ctx); return ret; } /* * mxsimage parameters */ static struct image_type_params mxsimage_params = { .name = "Freescale MXS Boot Image support", .header_size = 0, .hdr = NULL, .check_image_type = mxsimage_check_image_types, .verify_header = mxsimage_verify_header, .print_header = mxsimage_print_header, .set_header = mxsimage_set_header, .check_params = mxsimage_check_params, .vrec_header = mxsimage_generate, }; void init_mxs_image_type(void) { mkimage_register(&mxsimage_params); } #else void init_mxs_image_type(void) { } #endif