Prepare v2020.04-rc3

[oweals/u-boot.git] / common / image-fit.c

diff --git a/common/image-fit.c b/common/image-fit.c
index 231612ff5f01a85c8b2efdf4c9d47dace10eccc1..f3bb00c98a55d966c3e68869bd180db8a6fefcc9 100644 (file)
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -947,6 +947,31 @@ int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
        return 0;
 }
 
+/**
+ * Get 'data-size-unciphered' property from a given image node.
+ *
+ * @fit: pointer to the FIT image header
+ * @noffset: component image node offset
+ * @data_size: holds the data-size property
+ *
+ * returns:
+ *     0, on success
+ *     -ENOENT if the property could not be found
+ */
+int fit_image_get_data_size_unciphered(const void *fit, int noffset,
+                                      size_t *data_size)
+{
+       const fdt32_t *val;
+
+       val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
+       if (!val)
+               return -ENOENT;
+
+       *data_size = (size_t)fdt32_to_cpu(*val);
+
+       return 0;
+}
+
 /**
  * fit_image_get_data_and_size - get data and its size including
  *                              both embedded and external data
@@ -1080,6 +1105,33 @@ static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore)
        return 0;
 }
 
+/**
+ * fit_image_cipher_get_algo - get cipher algorithm name
+ * @fit: pointer to the FIT format image header
+ * @noffset: cipher node offset
+ * @algo: double pointer to char, will hold pointer to the algorithm name
+ *
+ * fit_image_cipher_get_algo() finds cipher algorithm property in a given
+ * cipher node. If the property is found its data start address is returned
+ * to the caller.
+ *
+ * returns:
+ *     0, on success
+ *     -1, on failure
+ */
+int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo)
+{
+       int len;
+
+       *algo = (char *)fdt_getprop(fit, noffset, FIT_ALGO_PROP, &len);
+       if (!*algo) {
+               fit_get_debug(fit, noffset, FIT_ALGO_PROP, len);
+               return -1;
+       }
+
+       return 0;
+}
+
 ulong fit_get_end(const void *fit)
 {
        return map_to_sysmem((void *)(fit + fdt_totalsize(fit)));
@@ -1354,6 +1406,32 @@ int fit_all_image_verify(const void *fit)
        return 1;
 }
 
+#ifdef CONFIG_FIT_CIPHER
+static int fit_image_uncipher(const void *fit, int image_noffset,
+                             void **data, size_t *size)
+{
+       int cipher_noffset, ret;
+       void *dst;
+       size_t size_dst;
+
+       cipher_noffset = fdt_subnode_offset(fit, image_noffset,
+                                           FIT_CIPHER_NODENAME);
+       if (cipher_noffset < 0)
+               return 0;
+
+       ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
+                                    *data, *size, &dst, &size_dst);
+       if (ret)
+               goto out;
+
+       *data = dst;
+       *size = size_dst;
+
+ out:
+       return ret;
+}
+#endif /* CONFIG_FIT_CIPHER */
+
 /**
  * fit_image_check_os - check whether image node is of a given os type
  * @fit: pointer to the FIT format image header
@@ -1954,6 +2032,18 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
                return -ENOENT;
        }
 
+#ifdef CONFIG_FIT_CIPHER
+       /* Decrypt data before uncompress/move */
+       if (IMAGE_ENABLE_DECRYPT) {
+               puts("   Decrypting Data ... ");
+               if (fit_image_uncipher(fit, noffset, &buf, &size)) {
+                       puts("Error\n");
+                       return -EACCES;
+               }
+               puts("OK\n");
+       }
+#endif
+
 #if !defined(USE_HOSTCC) && defined(CONFIG_FIT_IMAGE_POST_PROCESS)
        /* perform any post-processing on the image data */
        board_fit_image_post_process(&buf, &size);