X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=include%2Ffsl_validate.h;h=452c6df83f25587b9d4eea82d42165d9adaaebc6;hb=1120dda8cc9031de70a4f9c9987b204b49c0d2dd;hp=c4605349a67170e939441784882536e33b9799f1;hpb=1c6f6a6ef9f3edf38360a204bc62de83a8039df3;p=oweals%2Fu-boot.git diff --git a/include/fsl_validate.h b/include/fsl_validate.h index c4605349a6..452c6df83f 100644 --- a/include/fsl_validate.h +++ b/include/fsl_validate.h @@ -21,14 +21,6 @@ extern struct jobring jr; -#ifdef CONFIG_KEY_REVOCATION -/* Srk table and key revocation check */ -#define SRK_FLAG 0x01 -#define UNREVOCABLE_KEY 4 -#define ALIGN_REVOC_KEY 3 -#define MAX_KEY_ENTRIES 4 -#endif - /* Barker code size in bytes */ #define ESBC_BARKER_LEN 4 /* barker code length in ESBC uboot client */ /* header */ @@ -39,6 +31,52 @@ extern struct jobring jr; /* Maximum number of SG entries allowed */ #define MAX_SG_ENTRIES 8 +/* Different Header Struct for LS-CH3 */ +#ifdef CONFIG_ESBC_HDR_LS +struct fsl_secboot_img_hdr { + u8 barker[ESBC_BARKER_LEN]; /* barker code */ + u32 srk_tbl_off; + struct { + u8 num_srk; + u8 srk_sel; + u8 reserve; + } len_kr; + u8 ie_flag; + + u32 uid_flag; + + u32 psign; /* signature offset */ + u32 sign_len; /* length of the signature in bytes */ + + u64 pimg64; /* 64 bit pointer to ESBC Image */ + u32 img_size; /* ESBC client image size in bytes */ + u32 ie_key_sel; + + u32 fsl_uid_0; + u32 fsl_uid_1; + u32 oem_uid_0; + u32 oem_uid_1; + u32 oem_uid_2; + u32 oem_uid_3; + u32 oem_uid_4; + u32 reserved1[3]; +}; + +#ifdef CONFIG_KEY_REVOCATION +/* Srk table and key revocation check */ +#define UNREVOCABLE_KEY 8 +#define ALIGN_REVOC_KEY 7 +#define MAX_KEY_ENTRIES 8 +#endif + +#if defined(CONFIG_FSL_ISBC_KEY_EXT) +#define IE_FLAG_MASK 0x1 +#define SCRATCH_IE_LOW_ADR 13 +#define SCRATCH_IE_HIGH_ADR 14 +#endif + +#else /* CONFIG_ESBC_HDR_LS */ + /* * ESBC uboot client header structure. * The struct contain the following fields @@ -82,14 +120,16 @@ struct fsl_secboot_img_hdr { u32 psign; /* signature offset */ u32 sign_len; /* length of the signature in bytes */ union { - struct fsl_secboot_sg_table *psgtable; /* ptr to SG table */ - u8 *pimg; /* ptr to ESBC client image */ + u32 psgtable; /* ptr to SG table */ +#ifndef CONFIG_ESBC_ADDR_64BIT + u32 pimg; /* ptr to ESBC client image */ +#endif }; union { u32 sg_entries; /* no of entries in SG table */ u32 img_size; /* ESBC client image size in bytes */ }; - ulong img_start; /* ESBC client entry point */ + u32 img_start; /* ESBC client entry point */ u32 sg_flag; /* Scatter gather flag */ u32 uid_flag; u32 fsl_uid_0; @@ -97,11 +137,31 @@ struct fsl_secboot_img_hdr { u32 reserved1[2]; u32 fsl_uid_1; u32 oem_uid_1; - u32 reserved2[2]; + union { + u32 reserved2[2]; +#ifdef CONFIG_ESBC_ADDR_64BIT + u64 pimg64; /* 64 bit pointer to ESBC Image */ +#endif + }; u32 ie_flag; u32 ie_key_sel; }; +#ifdef CONFIG_KEY_REVOCATION +/* Srk table and key revocation check */ +#define SRK_FLAG 0x01 +#define UNREVOCABLE_KEY 4 +#define ALIGN_REVOC_KEY 3 +#define MAX_KEY_ENTRIES 4 +#endif + +#if defined(CONFIG_FSL_ISBC_KEY_EXT) +#define IE_FLAG_MASK 0xFFFFFFFF +#endif + +#endif /* CONFIG_ESBC_HDR_LS */ + + #if defined(CONFIG_FSL_ISBC_KEY_EXT) struct ie_key_table { u32 key_len; @@ -133,7 +193,7 @@ struct srk_table { */ struct fsl_secboot_sg_table { u32 len; /* length of the segment in bytes */ - ulong src_addr; /* ptr to the data segment */ + u32 src_addr; /* ptr to the data segment */ }; #else /* @@ -146,11 +206,22 @@ struct fsl_secboot_sg_table { struct fsl_secboot_sg_table { u32 len; u32 trgt_id; - ulong src_addr; - ulong dst_addr; + u32 src_addr; + u32 dst_addr; }; #endif +/* ESBC global structure. + * Data to be used across verification of different images. + * Stores follwoing Data: + * IE Table + */ +struct fsl_secboot_glb { +#if defined(CONFIG_FSL_ISBC_KEY_EXT) + uintptr_t ie_addr; + struct ie_key_info ie_tbl; +#endif +}; /* * ESBC private structure. * Private structure used by ESBC to store following fields @@ -162,7 +233,7 @@ struct fsl_secboot_sg_table { */ struct fsl_secboot_img_priv { uint32_t hdr_location; - ulong ie_addr; + uintptr_t ie_addr; u32 key_len; struct fsl_secboot_img_hdr hdr; @@ -186,14 +257,28 @@ struct fsl_secboot_img_priv { */ struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ - u32 ehdrloc; /* ESBC client location */ + uintptr_t ehdrloc; /* ESBC Header location */ + uintptr_t *img_addr_ptr; /* ESBC Image Location */ + uint32_t img_size; /* ESBC Image Size */ }; -int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]); +int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]); + +int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, + uintptr_t *img_addr_ptr); int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); +int fsl_check_boot_mode_secure(void); +int fsl_setenv_chain_of_trust(void); + +/* + * This function is used to validate the main U-boot binary from + * SPL just before passing control to it using QorIQ Trust + * Architecture header (appended to U-boot image). + */ +void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr); #endif