1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright 2015 Freescale Semiconductor, Inc.
4 */
5
6 #include <common.h>
7 #include <dm.h>
8 #include <flash.h>
9 #include <fsl_validate.h>
10 #include <fsl_secboot_err.h>
11 #include <fsl_sfp.h>
12 #include <fsl_sec.h>
13 #include <command.h>
14 #include <log.h>
15 #include <malloc.h>
16 #include <u-boot/rsa-mod-exp.h>
17 #include <hash.h>
18 #include <fsl_secboot_err.h>
19 #ifdef CONFIG_ARCH_LS1021A
20 #include <asm/arch/immap_ls102xa.h>
21 #endif
22
23 #define SHA256_BITS 256
24 #define SHA256_BYTES (256/8)
25 #define SHA256_NIBBLES (256/4)
26 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
27
28 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
29 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
30 ((key_len) == 2 * KEY_SIZE_BYTES))
31 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
32 /* Global data structure */
33 static struct fsl_secboot_glb glb;
34 #endif
35
36 /* This array contains DER value for SHA-256 */
37 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
38 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
39 0x04, 0x20
40 };
41
42 static u8 hash_val[SHA256_BYTES];
43
44 #ifdef CONFIG_ESBC_HDR_LS
45 /* New Barker Code for LS ESBC Header */
46 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 };
47 #else
48 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
49 #endif
50
51 void branch_to_self(void) __attribute__ ((noreturn));
52
53 /*
54 * This function will put core in infinite loop.
55 * This will be called when the ESBC can not proceed further due
56 * to some unknown errors.
57 */
branch_to_self(void)58 void branch_to_self(void)
59 {
60 printf("Core is in infinite loop due to errors.\n");
61 self:
62 goto self;
63 }
64
65 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
check_ie(struct fsl_secboot_img_priv * img)66 static u32 check_ie(struct fsl_secboot_img_priv *img)
67 {
68 if (img->hdr.ie_flag & IE_FLAG_MASK)
69 return 1;
70
71 return 0;
72 }
73
74 /* This function returns the CSF Header Address of uboot
75 * For MPC85xx based platforms, the LAW mapping for NOR
76 * flash changes in uboot code. Hence the offset needs
77 * to be calculated and added to the new NOR flash base
78 * address
79 */
80 #if defined(CONFIG_MPC85xx)
get_csf_base_addr(u32 * csf_addr,u32 * flash_base_addr)81 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
82 {
83 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
84 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
85 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
86 u32 flash_addr, addr;
87 int found = 0;
88 int i = 0;
89
90 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
91 flash_addr = flash_info[i].start[0];
92 addr = flash_info[i].start[0] + csf_flash_offset;
93 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
94 debug("Barker found on addr %x\n", addr);
95 found = 1;
96 break;
97 }
98 }
99
100 if (!found)
101 return -1;
102
103 *csf_addr = addr;
104 *flash_base_addr = flash_addr;
105
106 return 0;
107 }
108 #else
109 /* For platforms like LS1020, correct flash address is present in
110 * the header. So the function reqturns flash base address as 0
111 */
get_csf_base_addr(u32 * csf_addr,u32 * flash_base_addr)112 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
113 {
114 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
115 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
116
117 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
118 barker_code, ESBC_BARKER_LEN))
119 return -1;
120
121 *csf_addr = csf_hdr_addr;
122 *flash_base_addr = 0;
123 return 0;
124 }
125 #endif
126
127 #if defined(CONFIG_ESBC_HDR_LS)
get_ie_info_addr(uintptr_t * ie_addr)128 static int get_ie_info_addr(uintptr_t *ie_addr)
129 {
130 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
131 /* For LS-CH3, the address of IE Table is
132 * stated in Scratch13 and scratch14 of DCFG.
133 * Bootrom validates this table while validating uboot.
134 * DCFG is LE*/
135 *ie_addr = in_le32(&gur->scratchrw[SCRATCH_IE_HIGH_ADR - 1]);
136 *ie_addr = *ie_addr << 32;
137 *ie_addr |= in_le32(&gur->scratchrw[SCRATCH_IE_LOW_ADR - 1]);
138 return 0;
139 }
140 #else /* CONFIG_ESBC_HDR_LS */
get_ie_info_addr(uintptr_t * ie_addr)141 static int get_ie_info_addr(uintptr_t *ie_addr)
142 {
143 struct fsl_secboot_img_hdr *hdr;
144 struct fsl_secboot_sg_table *sg_tbl;
145 u32 flash_base_addr, csf_addr;
146
147 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
148 return -1;
149
150 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
151
152 /* For SoC's with Trust Architecture v1 with corenet bus
153 * the sg table field in CSF header has absolute address
154 * for sg table in memory. In other Trust Architecture,
155 * this field specifies the offset of sg table from the
156 * base address of CSF Header
157 */
158 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
159 sg_tbl = (struct fsl_secboot_sg_table *)
160 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
161 flash_base_addr);
162 #else
163 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
164 (u32)hdr->psgtable);
165 #endif
166
167 /* IE Key Table is the first entry in the SG Table */
168 #if defined(CONFIG_MPC85xx)
169 *ie_addr = (uintptr_t)((sg_tbl->src_addr &
170 ~(CONFIG_SYS_PBI_FLASH_BASE)) +
171 flash_base_addr);
172 #else
173 *ie_addr = (uintptr_t)sg_tbl->src_addr;
174 #endif
175
176 debug("IE Table address is %lx\n", *ie_addr);
177 return 0;
178 }
179 #endif /* CONFIG_ESBC_HDR_LS */
180 #endif
181
182 #ifdef CONFIG_KEY_REVOCATION
183 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
check_srk(struct fsl_secboot_img_priv * img)184 static u32 check_srk(struct fsl_secboot_img_priv *img)
185 {
186 #ifdef CONFIG_ESBC_HDR_LS
187 /* In LS, No SRK Flag as SRK is always present if IE not present*/
188 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
189 return !check_ie(img);
190 #endif
191 return 1;
192 #else
193 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
194 return 1;
195
196 return 0;
197 #endif
198 }
199
200 /* This function returns ospr's key_revoc values.*/
get_key_revoc(void)201 static u32 get_key_revoc(void)
202 {
203 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
204 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
205 OSPR_KEY_REVOC_SHIFT;
206 }
207
208 /* This function checks if selected key is revoked or not.*/
is_key_revoked(u32 keynum,u32 rev_flag)209 static u32 is_key_revoked(u32 keynum, u32 rev_flag)
210 {
211 if (keynum == UNREVOCABLE_KEY)
212 return 0;
213
214 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
215 return 1;
216
217 return 0;
218 }
219
220 /* It read validates srk_table key lengths.*/
read_validate_srk_tbl(struct fsl_secboot_img_priv * img)221 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
222 {
223 int i = 0;
224 u32 ret, key_num, key_revoc_flag, size;
225 struct fsl_secboot_img_hdr *hdr = &img->hdr;
226 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
227
228 if ((hdr->len_kr.num_srk == 0) ||
229 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
230 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
231
232 key_num = hdr->len_kr.srk_sel;
233 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
234 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
235
236 /* Get revoc key from sfp */
237 key_revoc_flag = get_key_revoc();
238 ret = is_key_revoked(key_num, key_revoc_flag);
239 if (ret)
240 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
241
242 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
243
244 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
245
246 for (i = 0; i < hdr->len_kr.num_srk; i++) {
247 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
248 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
249 }
250
251 img->key_len = img->srk_tbl[key_num - 1].key_len;
252
253 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
254 img->key_len);
255
256 return 0;
257 }
258 #endif
259
260 #ifndef CONFIG_ESBC_HDR_LS
read_validate_single_key(struct fsl_secboot_img_priv * img)261 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
262 {
263 struct fsl_secboot_img_hdr *hdr = &img->hdr;
264 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
265
266 /* check key length */
267 if (!CHECK_KEY_LEN(hdr->key_len))
268 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
269
270 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
271
272 img->key_len = hdr->key_len;
273
274 return 0;
275 }
276 #endif /* CONFIG_ESBC_HDR_LS */
277
278 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
279
install_ie_tbl(uintptr_t ie_tbl_addr,struct fsl_secboot_img_priv * img)280 static void install_ie_tbl(uintptr_t ie_tbl_addr,
281 struct fsl_secboot_img_priv *img)
282 {
283 /* Copy IE tbl to Global Data */
284 memcpy(&glb.ie_tbl, (u8 *)ie_tbl_addr, sizeof(struct ie_key_info));
285 img->ie_addr = (uintptr_t)&glb.ie_tbl;
286 glb.ie_addr = img->ie_addr;
287 }
288
read_validate_ie_tbl(struct fsl_secboot_img_priv * img)289 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
290 {
291 struct fsl_secboot_img_hdr *hdr = &img->hdr;
292 u32 ie_key_len, ie_revoc_flag, ie_num;
293 struct ie_key_info *ie_info;
294
295 if (!img->ie_addr) {
296 if (get_ie_info_addr(&img->ie_addr))
297 return ERROR_IE_TABLE_NOT_FOUND;
298 else
299 install_ie_tbl(img->ie_addr, img);
300 }
301
302 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
303 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
304 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
305
306 ie_num = hdr->ie_key_sel;
307 if (ie_num == 0 || ie_num > ie_info->num_keys)
308 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
309
310 ie_revoc_flag = ie_info->key_revok;
311 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
312 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
313
314 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
315
316 if (!CHECK_KEY_LEN(ie_key_len))
317 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
318
319 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
320 ie_key_len);
321
322 img->key_len = ie_key_len;
323 return 0;
324 }
325 #endif
326
327
328 /* This function return length of public key.*/
get_key_len(struct fsl_secboot_img_priv * img)329 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
330 {
331 return img->key_len;
332 }
333
334 /*
335 * Handles the ESBC uboot client header verification failure.
336 * This function handles all the errors which might occur in the
337 * parsing and checking of ESBC uboot client header. It will also
338 * set the error bits in the SEC_MON.
339 */
fsl_secboot_header_verification_failure(void)340 static void fsl_secboot_header_verification_failure(void)
341 {
342 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
343
344 /* 29th bit of OSPR is ITS */
345 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
346
347 if (its == 1)
348 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
349 else
350 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
351
352 printf("Generating reset request\n");
353 do_reset(NULL, 0, 0, NULL);
354 /* If reset doesn't coocur, halt execution */
355 do_esbc_halt(NULL, 0, 0, NULL);
356 }
357
358 /*
359 * Handles the ESBC uboot client image verification failure.
360 * This function handles all the errors which might occur in the
361 * public key hash comparison and signature verification of
362 * ESBC uboot client image. It will also
363 * set the error bits in the SEC_MON.
364 */
fsl_secboot_image_verification_failure(void)365 static void fsl_secboot_image_verification_failure(void)
366 {
367 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
368
369 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
370
371 if (its == 1) {
372 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
373
374 printf("Generating reset request\n");
375 do_reset(NULL, 0, 0, NULL);
376 /* If reset doesn't coocur, halt execution */
377 do_esbc_halt(NULL, 0, 0, NULL);
378
379 } else {
380 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
381 }
382 }
383
fsl_secboot_bootscript_parse_failure(void)384 static void fsl_secboot_bootscript_parse_failure(void)
385 {
386 fsl_secboot_header_verification_failure();
387 }
388
389 /*
390 * Handles the errors in esbc boot.
391 * This function handles all the errors which might occur in the
392 * esbc boot phase. It will call the appropriate api to log the
393 * errors and set the error bits in the SEC_MON.
394 */
fsl_secboot_handle_error(int error)395 void fsl_secboot_handle_error(int error)
396 {
397 #ifndef CONFIG_SPL_BUILD
398 const struct fsl_secboot_errcode *e;
399
400 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
401 e++) {
402 if (e->errcode == error)
403 printf("ERROR :: %x :: %s\n", error, e->name);
404 }
405 #else
406 printf("ERROR :: %x\n", error);
407 #endif
408
409 /* If Boot Mode is secure, transition the SNVS state and issue
410 * reset based on type of failure and ITS setting.
411 * If Boot mode is non-secure, return from this function.
412 */
413 if (fsl_check_boot_mode_secure() == 0)
414 return;
415
416 switch (error) {
417 case ERROR_ESBC_CLIENT_HEADER_BARKER:
418 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
419 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
420 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
421 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
422 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
423 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
424 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
425 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
426 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
427 case ERROR_KEY_TABLE_NOT_FOUND:
428 #ifdef CONFIG_KEY_REVOCATION
429 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
430 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
431 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
432 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
433 #endif
434 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
435 /*@fallthrough@*/
436 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
437 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
438 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
439 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
440 case ERROR_IE_TABLE_NOT_FOUND:
441 #endif
442 fsl_secboot_header_verification_failure();
443 break;
444 case ERROR_ESBC_SEC_RESET:
445 case ERROR_ESBC_SEC_DEQ:
446 case ERROR_ESBC_SEC_ENQ:
447 case ERROR_ESBC_SEC_DEQ_TO:
448 case ERROR_ESBC_SEC_JOBQ_STATUS:
449 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
450 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
451 fsl_secboot_image_verification_failure();
452 break;
453 case ERROR_ESBC_MISSING_BOOTM:
454 fsl_secboot_bootscript_parse_failure();
455 break;
456 case ERROR_ESBC_WRONG_CMD:
457 default:
458 branch_to_self();
459 break;
460 }
461 }
462
fsl_secblk_handle_error(int error)463 static void fsl_secblk_handle_error(int error)
464 {
465 switch (error) {
466 case ERROR_ESBC_SEC_ENQ:
467 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
468 break;
469 case ERROR_ESBC_SEC_DEQ:
470 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
471 break;
472 case ERROR_ESBC_SEC_DEQ_TO:
473 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
474 break;
475 default:
476 printf("Job Queue Output status %x\n", error);
477 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
478 break;
479 }
480 }
481
482 /*
483 * Calculate hash of key obtained via offset present in ESBC uboot
484 * client hdr. This function calculates the hash of key which is obtained
485 * through offset present in ESBC uboot client header.
486 */
calc_img_key_hash(struct fsl_secboot_img_priv * img)487 static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
488 {
489 struct hash_algo *algo;
490 void *ctx;
491 int i, srk = 0;
492 int ret = 0;
493 const char *algo_name = "sha256";
494
495 /* Calculate hash of the esbc key */
496 ret = hash_progressive_lookup_algo(algo_name, &algo);
497 if (ret)
498 return ret;
499
500 ret = algo->hash_init(algo, &ctx);
501 if (ret)
502 return ret;
503
504 /* Update hash for ESBC key */
505 #ifdef CONFIG_KEY_REVOCATION
506 if (check_srk(img)) {
507 ret = algo->hash_update(algo, ctx,
508 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
509 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
510 srk = 1;
511 }
512 #endif
513 if (!srk)
514 ret = algo->hash_update(algo, ctx,
515 img->img_key, img->key_len, 1);
516 if (ret)
517 return ret;
518
519 /* Copy hash at destination buffer */
520 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
521 if (ret)
522 return ret;
523
524 for (i = 0; i < SHA256_BYTES; i++)
525 img->img_key_hash[i] = hash_val[i];
526
527 return 0;
528 }
529
530 /*
531 * Calculate hash of ESBC hdr and ESBC. This function calculates the
532 * single hash of ESBC header and ESBC image. If SG flag is on, all
533 * SG entries are also hashed alongwith the complete SG table.
534 */
calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv * img)535 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
536 {
537 struct hash_algo *algo;
538 void *ctx;
539 int ret = 0;
540 int key_hash = 0;
541 const char *algo_name = "sha256";
542
543 /* Calculate the hash of the ESBC */
544 ret = hash_progressive_lookup_algo(algo_name, &algo);
545 if (ret)
546 return ret;
547
548 ret = algo->hash_init(algo, &ctx);
549 /* Copy hash at destination buffer */
550 if (ret)
551 return ret;
552
553 /* Update hash for CSF Header */
554 ret = algo->hash_update(algo, ctx,
555 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
556 if (ret)
557 return ret;
558
559 /* Update the hash with that of srk table if srk flag is 1
560 * If IE Table is selected, key is not added in the hash
561 * If neither srk table nor IE key table available, add key
562 * from header in the hash calculation
563 */
564 #ifdef CONFIG_KEY_REVOCATION
565 if (check_srk(img)) {
566 ret = algo->hash_update(algo, ctx,
567 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
568 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
569 key_hash = 1;
570 }
571 #endif
572 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
573 if (!key_hash && check_ie(img))
574 key_hash = 1;
575 #endif
576 #ifndef CONFIG_ESBC_HDR_LS
577 /* No single key support in LS ESBC header */
578 if (!key_hash) {
579 ret = algo->hash_update(algo, ctx,
580 img->img_key, img->hdr.key_len, 0);
581 key_hash = 1;
582 }
583 #endif
584 if (ret)
585 return ret;
586 if (!key_hash)
587 return ERROR_KEY_TABLE_NOT_FOUND;
588
589 /* Update hash for actual Image */
590 ret = algo->hash_update(algo, ctx,
591 (u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
592 if (ret)
593 return ret;
594
595 /* Copy hash at destination buffer */
596 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
597 if (ret)
598 return ret;
599
600 return 0;
601 }
602
603 /*
604 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
605 * pointers for padding, DER value and hash. And finally, constructs EM'
606 * which includes hash of complete CSF header and ESBC image. If SG flag
607 * is on, hash of SG table and entries is also included.
608 */
construct_img_encoded_hash_second(struct fsl_secboot_img_priv * img)609 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
610 {
611 /*
612 * RSA PKCSv1.5 encoding format for encoded message is below
613 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
614 * PS is Padding String
615 * DER is DER value for SHA-256
616 * Hash is SHA-256 hash
617 * *********************************************************
618 * representative points to first byte of EM initially and is
619 * filled with 0x0
620 * representative is incremented by 1 and second byte is filled
621 * with 0x1
622 * padding points to third byte of EM
623 * digest points to full length of EM - 32 bytes
624 * hash_id (DER value) points to 19 bytes before pDigest
625 * separator is one byte which separates padding and DER
626 */
627
628 size_t len;
629 u8 *representative;
630 u8 *padding, *digest;
631 u8 *hash_id, *separator;
632 int i;
633
634 len = (get_key_len(img) / 2) - 1;
635 representative = img->img_encoded_hash_second;
636 representative[0] = 0;
637 representative[1] = 1; /* block type 1 */
638
639 padding = &representative[2];
640 digest = &representative[1] + len - 32;
641 hash_id = digest - sizeof(hash_identifier);
642 separator = hash_id - 1;
643
644 /* fill padding area pointed by padding with 0xff */
645 memset(padding, 0xff, separator - padding);
646
647 /* fill byte pointed by separator */
648 *separator = 0;
649
650 /* fill SHA-256 DER value pointed by HashId */
651 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
652
653 /* fill hash pointed by Digest */
654 for (i = 0; i < SHA256_BYTES; i++)
655 digest[i] = hash_val[i];
656 }
657
658 /*
659 * Reads and validates the ESBC client header.
660 * This function reads key and signature from the ESBC client header.
661 * If Scatter/Gather flag is on, lengths and offsets of images
662 * present as SG entries are also read. This function also checks
663 * whether the header is valid or not.
664 */
read_validate_esbc_client_header(struct fsl_secboot_img_priv * img)665 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
666 {
667 struct fsl_secboot_img_hdr *hdr = &img->hdr;
668 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
669 u8 *k, *s;
670 u32 ret = 0;
671
672 int key_found = 0;
673
674 /* check barker code */
675 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
676 return ERROR_ESBC_CLIENT_HEADER_BARKER;
677
678 /* If Image Address is not passed as argument to function,
679 * then Address and Size must be read from the Header.
680 */
681 if (*(img->img_addr_ptr) == 0) {
682 #ifdef CONFIG_ESBC_ADDR_64BIT
683 *(img->img_addr_ptr) = hdr->pimg64;
684 #else
685 *(img->img_addr_ptr) = hdr->pimg;
686 #endif
687 }
688
689 if (!hdr->img_size)
690 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
691
692 img->img_size = hdr->img_size;
693
694 /* Key checking*/
695 #ifdef CONFIG_KEY_REVOCATION
696 if (check_srk(img)) {
697 ret = read_validate_srk_tbl(img);
698 if (ret != 0)
699 return ret;
700 key_found = 1;
701 }
702 #endif
703
704 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
705 if (!key_found && check_ie(img)) {
706 ret = read_validate_ie_tbl(img);
707 if (ret != 0)
708 return ret;
709 key_found = 1;
710 }
711 #endif
712 #ifndef CONFIG_ESBC_HDR_LS
713 /* Single Key Feature not available in LS ESBC Header */
714 if (key_found == 0) {
715 ret = read_validate_single_key(img);
716 if (ret != 0)
717 return ret;
718 key_found = 1;
719 }
720 #endif
721 if (!key_found)
722 return ERROR_KEY_TABLE_NOT_FOUND;
723
724 /* check signaure */
725 if (get_key_len(img) == 2 * hdr->sign_len) {
726 /* check signature length */
727 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
728 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
729 (hdr->sign_len == KEY_SIZE_BYTES)))
730 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
731 } else {
732 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
733 }
734
735 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
736 /* No SG support in LS-CH3 */
737 #ifndef CONFIG_ESBC_HDR_LS
738 /* No SG support */
739 if (hdr->sg_flag)
740 return ERROR_ESBC_CLIENT_HEADER_SG;
741 #endif
742
743 /* modulus most significant bit should be set */
744 k = (u8 *)&img->img_key;
745
746 if ((k[0] & 0x80) == 0)
747 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
748
749 /* modulus value should be odd */
750 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
751 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
752
753 /* Check signature value < modulus value */
754 s = (u8 *)&img->img_sign;
755
756 if (!(memcmp(s, k, hdr->sign_len) < 0))
757 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
758
759 return ESBC_VALID_HDR;
760 }
761
str2longbe(const char * p,ulong * num)762 static inline int str2longbe(const char *p, ulong *num)
763 {
764 char *endptr;
765 ulong tmp;
766
767 if (!p) {
768 return 0;
769 } else {
770 tmp = simple_strtoul(p, &endptr, 16);
771 if (sizeof(ulong) == 4)
772 *num = cpu_to_be32(tmp);
773 else
774 *num = cpu_to_be64(tmp);
775 }
776
777 return *p != '\0' && *endptr == '\0';
778 }
779 /* Function to calculate the ESBC Image Hash
780 * and hash from Digital signature.
781 * The Two hash's are compared to yield the
782 * result of signature validation.
783 */
calculate_cmp_img_sig(struct fsl_secboot_img_priv * img)784 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
785 {
786 int ret;
787 uint32_t key_len;
788 struct key_prop prop;
789 #if !defined(USE_HOSTCC)
790 struct udevice *mod_exp_dev;
791 #endif
792 ret = calc_esbchdr_esbc_hash(img);
793 if (ret)
794 return ret;
795
796 /* Construct encoded hash EM' wrt PKCSv1.5 */
797 construct_img_encoded_hash_second(img);
798
799 /* Fill prop structure for public key */
800 memset(&prop, 0, sizeof(struct key_prop));
801 key_len = get_key_len(img) / 2;
802 prop.modulus = img->img_key;
803 prop.public_exponent = img->img_key + key_len;
804 prop.num_bits = key_len * 8;
805 prop.exp_len = key_len;
806
807 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
808 if (ret) {
809 printf("RSA: Can't find Modular Exp implementation\n");
810 return -EINVAL;
811 }
812
813 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
814 &prop, img->img_encoded_hash);
815 if (ret)
816 return ret;
817
818 /*
819 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
820 * memcmp returns zero on success
821 * memcmp returns non-zero on failure
822 */
823 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
824 img->hdr.sign_len);
825
826 if (ret)
827 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
828
829 return 0;
830 }
831 /* Function to initialize img priv and global data structure
832 */
secboot_init(struct fsl_secboot_img_priv ** img_ptr)833 static int secboot_init(struct fsl_secboot_img_priv **img_ptr)
834 {
835 *img_ptr = malloc(sizeof(struct fsl_secboot_img_priv));
836
837 struct fsl_secboot_img_priv *img = *img_ptr;
838
839 if (!img)
840 return -ENOMEM;
841 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
842
843 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
844 if (glb.ie_addr)
845 img->ie_addr = glb.ie_addr;
846 #endif
847 return 0;
848 }
849
850
851 /* haddr - Address of the header of image to be validated.
852 * arg_hash_str - Option hash string. If provided, this
853 * overrides the key hash in the SFP fuses.
854 * img_addr_ptr - Optional pointer to address of image to be validated.
855 * If non zero addr, this overrides the addr of image in header,
856 * otherwise updated to image addr in header.
857 * Acts as both input and output of function.
858 * This pointer shouldn't be NULL.
859 */
fsl_secboot_validate(uintptr_t haddr,char * arg_hash_str,uintptr_t * img_addr_ptr)860 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
861 uintptr_t *img_addr_ptr)
862 {
863 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
864 ulong hash[SHA256_BYTES/sizeof(ulong)];
865 char hash_str[NUM_HEX_CHARS + 1];
866 struct fsl_secboot_img_priv *img;
867 struct fsl_secboot_img_hdr *hdr;
868 void *esbc;
869 int ret, i, hash_cmd = 0;
870 u32 srk_hash[8];
871
872 if (arg_hash_str != NULL) {
873 const char *cp = arg_hash_str;
874 int i = 0;
875
876 if (*cp == '0' && *(cp + 1) == 'x')
877 cp += 2;
878
879 /* The input string expected is in hex, where
880 * each 4 bits would be represented by a hex
881 * sha256 hash is 256 bits long, which would mean
882 * num of characters = 256 / 4
883 */
884 if (strlen(cp) != SHA256_NIBBLES) {
885 printf("%s is not a 256 bits hex string as expected\n",
886 arg_hash_str);
887 return -1;
888 }
889
890 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
891 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
892 NUM_HEX_CHARS);
893 hash_str[NUM_HEX_CHARS] = '\0';
894 if (!str2longbe(hash_str, &hash[i])) {
895 printf("%s is not a 256 bits hex string ",
896 arg_hash_str);
897 return -1;
898 }
899 }
900
901 hash_cmd = 1;
902 }
903
904 ret = secboot_init(&img);
905 if (ret)
906 goto exit;
907
908 /* Update the information in Private Struct */
909 hdr = &img->hdr;
910 img->ehdrloc = haddr;
911 img->img_addr_ptr = img_addr_ptr;
912 esbc = (u8 *)img->ehdrloc;
913
914 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
915
916 /* read and validate esbc header */
917 ret = read_validate_esbc_client_header(img);
918
919 if (ret != ESBC_VALID_HDR) {
920 fsl_secboot_handle_error(ret);
921 goto exit;
922 }
923
924 /* SRKH present in SFP */
925 for (i = 0; i < NUM_SRKH_REGS; i++)
926 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
927
928 /*
929 * Calculate hash of key obtained via offset present in
930 * ESBC uboot client hdr
931 */
932 ret = calc_img_key_hash(img);
933 if (ret) {
934 fsl_secblk_handle_error(ret);
935 goto exit;
936 }
937
938 /* Compare hash obtained above with SRK hash present in SFP */
939 if (hash_cmd)
940 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
941 else
942 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
943
944 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
945 if (!hash_cmd && check_ie(img))
946 ret = 0;
947 #endif
948
949 if (ret != 0) {
950 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
951 goto exit;
952 }
953
954 ret = calculate_cmp_img_sig(img);
955 if (ret) {
956 fsl_secboot_handle_error(ret);
957 goto exit;
958 }
959
960 exit:
961 /* Free Img as it was malloc'ed*/
962 free(img);
963 return ret;
964 }
965