#include "compiler.h"
#include <asm/byteorder.h>
+#include <stdbool.h>
/* Define this to avoid #ifdefs later on */
struct lmb;
#define IMAGE_ENABLE_FIT 1
#define IMAGE_ENABLE_OF_LIBFDT 1
#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
+#define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1
#define CONFIG_FIT_ENABLE_SHA256_SUPPORT
#define CONFIG_SHA1
#define CONFIG_SHA256
# define IMAGE_ENABLE_SHA1 1
# endif
# else
-# define CONFIG_CRC32 /* FIT images need CRC32 support */
# define IMAGE_ENABLE_CRC32 1
# define IMAGE_ENABLE_MD5 1
# define IMAGE_ENABLE_SHA1 1
* Operating System Codes
*
* The following are exposed to uImage header.
- * Do not change values for backward compatibility.
+ * New IDs *MUST* be appended at the end of the list and *NEVER*
+ * inserted for backward compatibility.
*/
enum {
IH_OS_INVALID = 0, /* Invalid OS */
* CPU Architecture Codes (supported by Linux)
*
* The following are exposed to uImage header.
- * Do not change values for backward compatibility.
+ * New IDs *MUST* be appended at the end of the list and *NEVER*
+ * inserted for backward compatibility.
*/
enum {
IH_ARCH_INVALID = 0, /* Invalid CPU */
* as command interpreter (=> Shell Scripts).
*
* The following are exposed to uImage header.
- * Do not change values for backward compatibility.
+ * New IDs *MUST* be appended at the end of the list and *NEVER*
+ * inserted for backward compatibility.
*/
enum {
IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */
IH_TYPE_STM32IMAGE, /* STMicroelectronics STM32 Image */
IH_TYPE_SOCFPGAIMAGE_V1, /* Altera SOCFPGA A10 Preloader */
+ IH_TYPE_MTKIMAGE, /* MediaTek BootROM loadable Image */
+ IH_TYPE_IMX8MIMAGE, /* Freescale IMX8MBoot Image */
+ IH_TYPE_IMX8IMAGE, /* Freescale IMX8Boot Image */
IH_TYPE_COUNT, /* Number of image types */
};
* Compression Types
*
* The following are exposed to uImage header.
- * Do not change values for backward compatibility.
+ * New IDs *MUST* be appended at the end of the list and *NEVER*
+ * inserted for backward compatibility.
*/
enum {
IH_COMP_NONE = 0, /* No Compression Used */
IH_COMP_COUNT,
};
+#define LZ4F_MAGIC 0x184D2204 /* LZ4 Magic Number */
#define IH_MAGIC 0x27051956 /* Image Magic Number */
#define IH_NMLEN 32 /* Image Name Length */
* @image: Address of image
* @start: Returns start address of image
* @size : Returns size image
+ * @force_reloc: Ignore image->ep field, always place image to RAM start
* @return 0 if OK, 1 if the image was not recognised
*/
-int booti_setup(ulong image, ulong *relocated_addr, ulong *size);
+int booti_setup(ulong image, ulong *relocated_addr, ulong *size,
+ bool force_reloc);
/*******************************************************************/
/* New uImage format specific code (prefixed with fit_) */
* @comment: Comment to add to signature nodes
* @require_keys: Mark all keys as 'required'
* @engine_id: Engine to use for signing
+ * @cmdname: Command name used when reporting errors
*
* Adds hash values for all component images in the FIT blob.
* Hashes are calculated for all component images which have hash subnodes
*/
int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
const char *comment, int require_keys,
- const char *engine_id);
+ const char *engine_id, const char *cmdname);
int fit_image_verify_with_data(const void *fit, int image_noffset,
const void *data, size_t size);
int fit_conf_find_compat(const void *fit, const void *fdt);
int fit_conf_get_node(const void *fit, const char *conf_uname);
+int fit_conf_get_prop_node_count(const void *fit, int noffset,
+ const char *prop_name);
+int fit_conf_get_prop_node_index(const void *fit, int noffset,
+ const char *prop_name, int index);
/**
* fit_conf_get_prop_node() - Get node refered to by a configuration
* At present we only support signing on the host, and verification on the
* device
*/
-#if defined(CONFIG_FIT_SIGNATURE)
-# ifdef USE_HOSTCC
+#if defined(USE_HOSTCC)
+# if defined(CONFIG_FIT_SIGNATURE)
# define IMAGE_ENABLE_SIGN 1
# define IMAGE_ENABLE_VERIFY 1
-# include <openssl/evp.h>
-#else
+# include <openssl/evp.h>
+# else
# define IMAGE_ENABLE_SIGN 0
-# define IMAGE_ENABLE_VERIFY 1
+# define IMAGE_ENABLE_VERIFY 0
# endif
#else
# define IMAGE_ENABLE_SIGN 0
-# define IMAGE_ENABLE_VERIFY 0
+# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
#endif
#ifdef USE_HOSTCC
int node_offset; /* Offset of signature node */
const char *name; /* Algorithm name */
struct checksum_algo *checksum; /* Checksum algorithm information */
+ struct padding_algo *padding; /* Padding algorithm information */
struct crypto_algo *crypto; /* Crypto algorithm information */
const void *fdt_blob; /* FDT containing public keys */
int required_keynode; /* Node offset of key to use: -1=any */
uint8_t *sig, uint sig_len);
};
+struct padding_algo {
+ const char *name;
+ int (*verify)(struct image_sign_info *info,
+ uint8_t *pad, int pad_len,
+ const uint8_t *hash, int hash_len);
+};
+
/**
* image_get_checksum_algo() - Look up a checksum algorithm
*
*/
struct crypto_algo *image_get_crypto_algo(const char *full_name);
+/**
+ * image_get_padding_algo() - Look up a padding algorithm
+ *
+ * @param name Name of padding algorithm
+ * @return pointer to algorithm information, or NULL if not found
+ */
+struct padding_algo *image_get_padding_algo(const char *name);
+
/**
* fit_image_verify_required_sigs() - Verify signatures marked as 'required'
*
ulong *second_data, ulong *second_len);
ulong android_image_get_end(const struct andr_img_hdr *hdr);
ulong android_image_get_kload(const struct andr_img_hdr *hdr);
+ulong android_image_get_kcomp(const struct andr_img_hdr *hdr);
void android_print_contents(const struct andr_img_hdr *hdr);
#endif /* CONFIG_ANDROID_BOOT_IMAGE */