X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=include%2Fimage.h;h=d788c260e30aeebd345bd65fb7144d1cf5c8cdb8;hb=ec7fde3ebfeb1dc428206bf1afca87dbd86cc29b;hp=8e285f9b9ff963877bc954871473d6cdd70a3fd8;hpb=9cd9b34dc7f247fd0fce08ab688bf8197f1bfdbc;p=oweals%2Fu-boot.git diff --git a/include/image.h b/include/image.h index 8e285f9b9f..d788c260e3 100644 --- a/include/image.h +++ b/include/image.h @@ -4,24 +4,7 @@ * (C) Copyright 2000-2005 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. * - * See file CREDITS for list of people who contributed to this - * project. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of - * the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, - * MA 02111-1307 USA - * + * SPDX-License-Identifier: GPL-2.0+ ******************************************************************** * NOTE: This header file defines an interface to U-Boot. Including * this (unmodified) header file in another file is considered normal @@ -36,26 +19,108 @@ #include "compiler.h" #include +/* Define this to avoid #ifdefs later on */ +struct lmb; + #ifdef USE_HOSTCC +#include /* new uImage format support enabled on host */ -#define CONFIG_FIT 1 -#define CONFIG_OF_LIBFDT 1 +#define IMAGE_ENABLE_FIT 1 +#define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ +#define IMAGE_ENABLE_IGNORE 0 +#define IMAGE_INDENT_STRING "" + #else #include #include #include +/* Take notice of the 'ignore' property for hashes */ +#define IMAGE_ENABLE_IGNORE 1 +#define IMAGE_INDENT_STRING " " + +#define IMAGE_ENABLE_FIT CONFIG_IS_ENABLED(FIT) +#define IMAGE_ENABLE_OF_LIBFDT CONFIG_IS_ENABLED(OF_LIBFDT) + #endif /* USE_HOSTCC */ -#if defined(CONFIG_FIT) +#if IMAGE_ENABLE_FIT +#include #include #include -#define CONFIG_MD5 /* FIT images need MD5 support */ -#define CONFIG_SHA1 /* and SHA1 */ +# ifdef CONFIG_SPL_BUILD +# ifdef CONFIG_SPL_CRC32_SUPPORT +# define IMAGE_ENABLE_CRC32 1 +# endif +# ifdef CONFIG_SPL_MD5_SUPPORT +# define IMAGE_ENABLE_MD5 1 +# endif +# ifdef CONFIG_SPL_SHA1_SUPPORT +# define IMAGE_ENABLE_SHA1 1 +# endif +# ifdef CONFIG_SPL_SHA256_SUPPORT +# define IMAGE_ENABLE_SHA256 1 +# endif +# else +# define CONFIG_CRC32 /* FIT images need CRC32 support */ +# define CONFIG_MD5 /* and MD5 */ +# define CONFIG_SHA1 /* and SHA1 */ +# define CONFIG_SHA256 /* and SHA256 */ +# define IMAGE_ENABLE_CRC32 1 +# define IMAGE_ENABLE_MD5 1 +# define IMAGE_ENABLE_SHA1 1 +# define IMAGE_ENABLE_SHA256 1 +# endif + +#ifdef CONFIG_FIT_DISABLE_SHA256 +#undef CONFIG_SHA256 +#undef IMAGE_ENABLE_SHA256 +#endif + +#ifndef IMAGE_ENABLE_CRC32 +#define IMAGE_ENABLE_CRC32 0 +#endif + +#ifndef IMAGE_ENABLE_MD5 +#define IMAGE_ENABLE_MD5 0 +#endif + +#ifndef IMAGE_ENABLE_SHA1 +#define IMAGE_ENABLE_SHA1 0 +#endif + +#ifndef IMAGE_ENABLE_SHA256 +#define IMAGE_ENABLE_SHA256 0 +#endif + +#endif /* IMAGE_ENABLE_FIT */ + +#ifdef CONFIG_SYS_BOOT_RAMDISK_HIGH +# define IMAGE_ENABLE_RAMDISK_HIGH 1 +#else +# define IMAGE_ENABLE_RAMDISK_HIGH 0 +#endif + +#ifdef CONFIG_SYS_BOOT_GET_CMDLINE +# define IMAGE_BOOT_GET_CMDLINE 1 +#else +# define IMAGE_BOOT_GET_CMDLINE 0 +#endif + +#ifdef CONFIG_OF_BOARD_SETUP +# define IMAGE_OF_BOARD_SETUP 1 +#else +# define IMAGE_OF_BOARD_SETUP 0 +#endif + +#ifdef CONFIG_OF_SYSTEM_SETUP +# define IMAGE_OF_SYSTEM_SETUP 1 +#else +# define IMAGE_OF_SYSTEM_SETUP 0 #endif /* @@ -84,6 +149,8 @@ #define IH_OS_UNITY 20 /* Unity OS */ #define IH_OS_INTEGRITY 21 /* INTEGRITY */ #define IH_OS_OSE 22 /* OSE */ +#define IH_OS_PLAN9 23 /* Plan 9 */ +#define IH_OS_OPENRTOS 24 /* OpenRTOS */ /* * CPU Architecture Codes (supported by Linux) @@ -109,6 +176,9 @@ #define IH_ARCH_SANDBOX 19 /* Sandbox architecture (test only) */ #define IH_ARCH_NDS32 20 /* ANDES Technology - NDS32 */ #define IH_ARCH_OPENRISC 21 /* OpenRISC 1000 */ +#define IH_ARCH_ARM64 22 /* ARM64 */ +#define IH_ARCH_ARC 23 /* Synopsys DesignWare ARC */ +#define IH_ARCH_X86_64 24 /* AMD x86_64, Intel and Via */ /* * Image Types @@ -165,6 +235,21 @@ #define IH_TYPE_AISIMAGE 13 /* TI Davinci AIS Image */ #define IH_TYPE_KERNEL_NOLOAD 14 /* OS Kernel Image, can run from any load address */ #define IH_TYPE_PBLIMAGE 15 /* Freescale PBL Boot Image */ +#define IH_TYPE_MXSIMAGE 16 /* Freescale MXSBoot Image */ +#define IH_TYPE_GPIMAGE 17 /* TI Keystone GPHeader Image */ +#define IH_TYPE_ATMELIMAGE 18 /* ATMEL ROM bootable Image */ +#define IH_TYPE_SOCFPGAIMAGE 19 /* Altera SOCFPGA Preloader */ +#define IH_TYPE_X86_SETUP 20 /* x86 setup.bin Image */ +#define IH_TYPE_LPC32XXIMAGE 21 /* x86 setup.bin Image */ +#define IH_TYPE_LOADABLE 22 /* A list of typeless images */ +#define IH_TYPE_RKIMAGE 23 /* Rockchip Boot Image */ +#define IH_TYPE_RKSD 24 /* Rockchip SD card */ +#define IH_TYPE_RKSPI 25 /* Rockchip SPI image */ +#define IH_TYPE_ZYNQIMAGE 26 /* Xilinx Zynq Boot Image */ +#define IH_TYPE_ZYNQMPIMAGE 27 /* Xilinx ZynqMP Boot Image */ +#define IH_TYPE_FPGA 28 /* FPGA Image */ + +#define IH_TYPE_COUNT 29 /* Number of image types */ /* * Compression Types @@ -174,6 +259,7 @@ #define IH_COMP_BZIP2 2 /* bzip2 Compression Used */ #define IH_COMP_LZMA 3 /* lzma Compression Used */ #define IH_COMP_LZO 4 /* lzo Compression Used */ +#define IH_COMP_LZ4 5 /* lz4 Compression Used */ #define IH_MAGIC 0x27051956 /* Image Magic Number */ #define IH_NMLEN 32 /* Image Name Length */ @@ -205,6 +291,7 @@ typedef struct image_info { ulong image_start, image_len; /* start of image within blob, len of image */ ulong load; /* load addr for the image */ uint8_t comp, type, os; /* compression, type of image, os type */ + uint8_t arch; /* CPU architecture */ } image_info_t; /* @@ -221,7 +308,7 @@ typedef struct bootm_headers { image_header_t legacy_hdr_os_copy; /* header copy */ ulong legacy_hdr_valid; -#if defined(CONFIG_FIT) +#if IMAGE_ENABLE_FIT const char *fit_uname_cfg; /* configuration node unit name */ void *fit_hdr_os; /* os FIT image header */ @@ -235,6 +322,10 @@ typedef struct bootm_headers { void *fit_hdr_fdt; /* FDT blob FIT image header */ const char *fit_uname_fdt; /* FDT blob subimage node unit name */ int fit_noffset_fdt;/* FDT blob subimage node offset */ + + void *fit_hdr_setup; /* x86 setup FIT image header */ + const char *fit_uname_setup; /* x86 setup subimage node name */ + int fit_noffset_setup;/* x86 setup subimage node offset */ #endif #ifndef USE_HOSTCC @@ -243,9 +334,7 @@ typedef struct bootm_headers { ulong rd_start, rd_end;/* ramdisk start/end */ -#ifdef CONFIG_OF_LIBFDT char *ft_addr; /* flat dev tree address */ -#endif ulong ft_len; /* length of flat device tree */ ulong initrd_start; @@ -258,13 +347,16 @@ typedef struct bootm_headers { int verify; /* getenv("verify")[0] != 'n' */ #define BOOTM_STATE_START (0x00000001) -#define BOOTM_STATE_LOADOS (0x00000002) -#define BOOTM_STATE_RAMDISK (0x00000004) -#define BOOTM_STATE_FDT (0x00000008) -#define BOOTM_STATE_OS_CMDLINE (0x00000010) -#define BOOTM_STATE_OS_BD_T (0x00000020) -#define BOOTM_STATE_OS_PREP (0x00000040) -#define BOOTM_STATE_OS_GO (0x00000080) +#define BOOTM_STATE_FINDOS (0x00000002) +#define BOOTM_STATE_FINDOTHER (0x00000004) +#define BOOTM_STATE_LOADOS (0x00000008) +#define BOOTM_STATE_RAMDISK (0x00000010) +#define BOOTM_STATE_FDT (0x00000020) +#define BOOTM_STATE_OS_CMDLINE (0x00000040) +#define BOOTM_STATE_OS_BD_T (0x00000080) +#define BOOTM_STATE_OS_PREP (0x00000100) +#define BOOTM_STATE_OS_FAKE_GO (0x00000200) /* 'Almost' run the OS */ +#define BOOTM_STATE_OS_GO (0x00000400) int state; #ifdef CONFIG_LMB @@ -323,43 +415,195 @@ int get_table_entry_id(const table_entry_t *table, char *get_table_entry_name(const table_entry_t *table, char *msg, int id); const char *genimg_get_os_name(uint8_t os); + +/** + * genimg_get_os_short_name() - get the short name for an OS + * + * @param os OS (IH_OS_...) + * @return OS short name, or "unknown" if unknown + */ +const char *genimg_get_os_short_name(uint8_t comp); + const char *genimg_get_arch_name(uint8_t arch); + +/** + * genimg_get_arch_short_name() - get the short name for an architecture + * + * @param arch Architecture type (IH_ARCH_...) + * @return architecture short name, or "unknown" if unknown + */ +const char *genimg_get_arch_short_name(uint8_t arch); + const char *genimg_get_type_name(uint8_t type); + +/** + * genimg_get_type_short_name() - get the short name for an image type + * + * @param type Image type (IH_TYPE_...) + * @return image short name, or "unknown" if unknown + */ +const char *genimg_get_type_short_name(uint8_t type); + const char *genimg_get_comp_name(uint8_t comp); + +/** + * genimg_get_comp_short_name() - get the short name for a compression method + * + * @param comp compression method (IH_COMP_...) + * @return compression method short name, or "unknown" if unknown + */ +const char *genimg_get_comp_short_name(uint8_t comp); + int genimg_get_os_id(const char *name); int genimg_get_arch_id(const char *name); int genimg_get_type_id(const char *name); int genimg_get_comp_id(const char *name); void genimg_print_size(uint32_t size); +#if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || \ + defined(USE_HOSTCC) +#define IMAGE_ENABLE_TIMESTAMP 1 +#else +#define IMAGE_ENABLE_TIMESTAMP 0 +#endif +void genimg_print_time(time_t timestamp); + +/* What to do with a image load address ('load = <> 'in the FIT) */ +enum fit_load_op { + FIT_LOAD_IGNORED, /* Ignore load address */ + FIT_LOAD_OPTIONAL, /* Can be provided, but optional */ + FIT_LOAD_OPTIONAL_NON_ZERO, /* Optional, a value of 0 is ignored */ + FIT_LOAD_REQUIRED, /* Must be provided */ +}; + +int boot_get_setup(bootm_headers_t *images, uint8_t arch, ulong *setup_start, + ulong *setup_len); + #ifndef USE_HOSTCC /* Image format types, returned by _get_format() routine */ #define IMAGE_FORMAT_INVALID 0x00 +#if defined(CONFIG_IMAGE_FORMAT_LEGACY) #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */ +#endif #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */ +#define IMAGE_FORMAT_ANDROID 0x03 /* Android boot image */ -int genimg_get_format(void *img_addr); +ulong genimg_get_kernel_addr_fit(char * const img_addr, + const char **fit_uname_config, + const char **fit_uname_kernel); +ulong genimg_get_kernel_addr(char * const img_addr); +int genimg_get_format(const void *img_addr); int genimg_has_config(bootm_headers_t *images); ulong genimg_get_image(ulong img_addr); +int boot_get_fpga(int argc, char * const argv[], bootm_headers_t *images, + uint8_t arch, const ulong *ld_start, ulong * const ld_len); int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images, uint8_t arch, ulong *rd_start, ulong *rd_end); +/** + * boot_get_loadable - routine to load a list of binaries to memory + * @argc: Ignored Argument + * @argv: Ignored Argument + * @images: pointer to the bootm images structure + * @arch: expected architecture for the image + * @ld_start: Ignored Argument + * @ld_len: Ignored Argument + * + * boot_get_loadable() will take the given FIT configuration, and look + * for a field named "loadables". Loadables, is a list of elements in + * the FIT given as strings. exe: + * loadables = "linux_kernel@1", "fdt@2"; + * this function will attempt to parse each string, and load the + * corresponding element from the FIT into memory. Once placed, + * no aditional actions are taken. + * + * @return: + * 0, if only valid images or no images are found + * error code, if an error occurs during fit_image_load + */ +int boot_get_loadable(int argc, char * const argv[], bootm_headers_t *images, + uint8_t arch, const ulong *ld_start, ulong * const ld_len); +#endif /* !USE_HOSTCC */ + +int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch, + ulong *setup_start, ulong *setup_len); + +/** + * fit_image_load() - load an image from a FIT + * + * This deals with all aspects of loading an image from a FIT, including + * selecting the right image based on configuration, verifying it, printing + * out progress messages, checking the type/arch/os and optionally copying it + * to the right load address. + * + * The property to look up is defined by image_type. + * + * @param images Boot images structure + * @param addr Address of FIT in memory + * @param fit_unamep On entry this is the requested image name + * (e.g. "kernel@1") or NULL to use the default. On exit + * points to the selected image name + * @param fit_uname_configp On entry this is the requested configuration + * name (e.g. "conf@1") or NULL to use the default. On + * exit points to the selected configuration name. + * @param arch Expected architecture (IH_ARCH_...) + * @param image_type Required image type (IH_TYPE_...). If this is + * IH_TYPE_KERNEL then we allow IH_TYPE_KERNEL_NOLOAD + * also. + * @param bootstage_id ID of starting bootstage to use for progress updates. + * This will be added to the BOOTSTAGE_SUB values when + * calling bootstage_mark() + * @param load_op Decribes what to do with the load address + * @param datap Returns address of loaded image + * @param lenp Returns length of loaded image + * @return node offset of image, or -ve error code on error + */ +int fit_image_load(bootm_headers_t *images, ulong addr, + const char **fit_unamep, const char **fit_uname_configp, + int arch, int image_type, int bootstage_id, + enum fit_load_op load_op, ulong *datap, ulong *lenp); + +#ifndef USE_HOSTCC +/** + * fit_get_node_from_config() - Look up an image a FIT by type + * + * This looks in the selected conf@ node (images->fit_uname_cfg) for a + * particular image type (e.g. "kernel") and then finds the image that is + * referred to. + * + * For example, for something like: + * + * images { + * kernel@1 { + * ... + * }; + * }; + * configurations { + * conf@1 { + * kernel = "kernel@1"; + * }; + * }; + * + * the function will return the node offset of the kernel@1 node, assuming + * that conf@1 is the chosen configuration. + * + * @param images Boot images structure + * @param prop_name Property name to look up (FIT_..._PROP) + * @param addr Address of FIT in memory + */ +int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name, + ulong addr); -#ifdef CONFIG_OF_LIBFDT -int boot_get_fdt(int flag, int argc, char * const argv[], - bootm_headers_t *images, char **of_flat_tree, ulong *of_size); +int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch, + bootm_headers_t *images, + char **of_flat_tree, ulong *of_size); void boot_fdt_add_mem_rsv_regions(struct lmb *lmb, void *fdt_blob); int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size); -#endif -#ifdef CONFIG_SYS_BOOT_RAMDISK_HIGH int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len, ulong *initrd_start, ulong *initrd_end); -#endif /* CONFIG_SYS_BOOT_RAMDISK_HIGH */ -#ifdef CONFIG_SYS_BOOT_GET_CMDLINE int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end); -#endif /* CONFIG_SYS_BOOT_GET_CMDLINE */ #ifdef CONFIG_SYS_BOOT_GET_KBD int boot_get_kbd(struct lmb *lmb, bd_t **kbd); #endif /* CONFIG_SYS_BOOT_GET_KBD */ @@ -465,8 +709,8 @@ int image_check_dcrc(const image_header_t *hdr); ulong getenv_bootm_low(void); phys_size_t getenv_bootm_size(void); phys_size_t getenv_bootm_mapsize(void); -void memmove_wd(void *to, void *from, size_t len, ulong chunksz); #endif +void memmove_wd(void *to, void *from, size_t len, ulong chunksz); static inline int image_check_magic(const image_header_t *hdr) { @@ -501,19 +745,55 @@ static inline int image_check_target_arch(const image_header_t *hdr) } #endif /* USE_HOSTCC */ +/** + * Set up properties in the FDT + * + * This sets up properties in the FDT that is to be passed to linux. + * + * @images: Images information + * @blob: FDT to update + * @of_size: Size of the FDT + * @lmb: Points to logical memory block structure + * @return 0 if ok, <0 on failure + */ +int image_setup_libfdt(bootm_headers_t *images, void *blob, + int of_size, struct lmb *lmb); + +/** + * Set up the FDT to use for booting a kernel + * + * This performs ramdisk setup, sets up the FDT if required, and adds + * paramters to the FDT if libfdt is available. + * + * @param images Images information + * @return 0 if ok, <0 on failure + */ +int image_setup_linux(bootm_headers_t *images); + +/** + * bootz_setup() - Extract stat and size of a Linux xImage + * + * @image: Address of image + * @start: Returns start address of image + * @end : Returns end address of image + * @return 0 if OK, 1 if the image was not recognised + */ +int bootz_setup(ulong image, ulong *start, ulong *end); + + /*******************************************************************/ /* New uImage format specific code (prefixed with fit_) */ /*******************************************************************/ -#if defined(CONFIG_FIT) #define FIT_IMAGES_PATH "/images" #define FIT_CONFS_PATH "/configurations" -/* hash node */ +/* hash/signature node */ #define FIT_HASH_NODENAME "hash" #define FIT_ALGO_PROP "algo" #define FIT_VALUE_PROP "value" #define FIT_IGNORE_PROP "uboot-ignore" +#define FIT_SIG_NODENAME "signature" /* image node */ #define FIT_DATA_PROP "data" @@ -530,19 +810,23 @@ static inline int image_check_target_arch(const image_header_t *hdr) #define FIT_KERNEL_PROP "kernel" #define FIT_RAMDISK_PROP "ramdisk" #define FIT_FDT_PROP "fdt" +#define FIT_LOADABLE_PROP "loadables" #define FIT_DEFAULT_PROP "default" +#define FIT_SETUP_PROP "setup" +#define FIT_FPGA_PROP "fpga" -#define FIT_MAX_HASH_LEN 20 /* max(crc32_len(4), sha1_len(20)) */ +#define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE +#if IMAGE_ENABLE_FIT /* cmdline argument format parsing */ int fit_parse_conf(const char *spec, ulong addr_curr, ulong *addr, const char **conf_name); int fit_parse_subimage(const char *spec, ulong addr_curr, ulong *addr, const char **image_name); +int fit_get_subimage_count(const void *fit, int images_noffset); void fit_print_contents(const void *fit); void fit_image_print(const void *fit, int noffset, const char *p); -void fit_image_print_hash(const void *fit, int noffset, const char *p); /** * fit_get_end - get FIT image size @@ -563,10 +847,7 @@ static inline ulong fit_get_size(const void *fit) * returns: * end address of the FIT image (blob) in memory */ -static inline ulong fit_get_end(const void *fit) -{ - return (ulong)fit + fdt_totalsize(fit); -} +ulong fit_get_end(const void *fit); /** * fit_get_name - get FIT node name @@ -598,18 +879,34 @@ int fit_image_get_data(const void *fit, int noffset, int fit_image_hash_get_algo(const void *fit, int noffset, char **algo); int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, int *value_len); -#ifndef USE_HOSTCC -int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore); -#endif int fit_set_timestamp(void *fit, int noffset, time_t timestamp); -int fit_set_hashes(void *fit); -int fit_image_set_hashes(void *fit, int image_noffset); -int fit_image_hash_set_value(void *fit, int noffset, uint8_t *value, - int value_len); -int fit_image_check_hashes(const void *fit, int noffset); -int fit_all_image_check_hashes(const void *fit); +/** + * fit_add_verification_data() - add verification data to FIT image nodes + * + * @keydir: Directory containing keys + * @kwydest: FDT blob to write public key information to + * @fit: Pointer to the FIT format image header + * @comment: Comment to add to signature nodes + * @require_keys: Mark all keys as 'required' + * + * Adds hash values for all component images in the FIT blob. + * Hashes are calculated for all component images which have hash subnodes + * with algorithm property set to one of the supported hash algorithms. + * + * Also add signatures if signature nodes are present. + * + * returns + * 0, on success + * libfdt error code, on failure + */ +int fit_add_verification_data(const char *keydir, void *keydest, void *fit, + const char *comment, int require_keys); + +int fit_image_verify(const void *fit, int noffset); +int fit_config_verify(const void *fit, int conf_noffset); +int fit_all_image_verify(const void *fit); int fit_image_check_os(const void *fit, int noffset, uint8_t os); int fit_image_check_arch(const void *fit, int noffset, uint8_t arch); int fit_image_check_type(const void *fit, int noffset, uint8_t type); @@ -618,18 +915,222 @@ int fit_check_format(const void *fit); int fit_conf_find_compat(const void *fit, const void *fdt); int fit_conf_get_node(const void *fit, const char *conf_uname); -int fit_conf_get_kernel_node(const void *fit, int noffset); -int fit_conf_get_ramdisk_node(const void *fit, int noffset); -int fit_conf_get_fdt_node(const void *fit, int noffset); + +/** + * fit_conf_get_prop_node() - Get node refered to by a configuration + * @fit: FIT to check + * @noffset: Offset of conf@xxx node to check + * @prop_name: Property to read from the conf node + * + * The conf@ nodes contain references to other nodes, using properties + * like 'kernel = "kernel@1"'. Given such a property name (e.g. "kernel"), + * return the offset of the node referred to (e.g. offset of node + * "/images/kernel@1". + */ +int fit_conf_get_prop_node(const void *fit, int noffset, + const char *prop_name); void fit_conf_print(const void *fit, int noffset, const char *p); -#ifndef USE_HOSTCC +int fit_check_ramdisk(const void *fit, int os_noffset, + uint8_t arch, int verify); + +int calculate_hash(const void *data, int data_len, const char *algo, + uint8_t *value, int *value_len); + +/* + * At present we only support signing on the host, and verification on the + * device + */ +#if defined(CONFIG_FIT_SIGNATURE) +# ifdef USE_HOSTCC +# define IMAGE_ENABLE_SIGN 1 +# define IMAGE_ENABLE_VERIFY 1 +# include +#else +# define IMAGE_ENABLE_SIGN 0 +# define IMAGE_ENABLE_VERIFY 1 +# endif +#else +# define IMAGE_ENABLE_SIGN 0 +# define IMAGE_ENABLE_VERIFY 0 +#endif + +#ifdef USE_HOSTCC +void *image_get_host_blob(void); +void image_set_host_blob(void *host_blob); +# define gd_fdt_blob() image_get_host_blob() +#else +# define gd_fdt_blob() (gd->fdt_blob) +#endif + +#ifdef CONFIG_FIT_BEST_MATCH +#define IMAGE_ENABLE_BEST_MATCH 1 +#else +#define IMAGE_ENABLE_BEST_MATCH 0 +#endif + +/* Information passed to the signing routines */ +struct image_sign_info { + const char *keydir; /* Directory conaining keys */ + const char *keyname; /* Name of key to use */ + void *fit; /* Pointer to FIT blob */ + int node_offset; /* Offset of signature node */ + struct image_sig_algo *algo; /* Algorithm information */ + const void *fdt_blob; /* FDT containing public keys */ + int required_keynode; /* Node offset of key to use: -1=any */ + const char *require_keys; /* Value for 'required' property */ +}; +#endif /* Allow struct image_region to always be defined for rsa.h */ + +/* A part of an image, used for hashing */ +struct image_region { + const void *data; + int size; +}; + +#if IMAGE_ENABLE_FIT + +#if IMAGE_ENABLE_VERIFY +# include +#endif +struct checksum_algo { + const char *name; + const int checksum_len; + const int pad_len; +#if IMAGE_ENABLE_SIGN + const EVP_MD *(*calculate_sign)(void); +#endif + int (*calculate)(const char *name, + const struct image_region region[], + int region_count, uint8_t *checksum); + const uint8_t *rsa_padding; +}; + +struct image_sig_algo { + const char *name; /* Name of algorithm */ + + /** + * sign() - calculate and return signature for given input data + * + * @info: Specifies key and FIT information + * @data: Pointer to the input data + * @data_len: Data length + * @sigp: Set to an allocated buffer holding the signature + * @sig_len: Set to length of the calculated hash + * + * This computes input data signature according to selected algorithm. + * Resulting signature value is placed in an allocated buffer, the + * pointer is returned as *sigp. The length of the calculated + * signature is returned via the sig_len pointer argument. The caller + * should free *sigp. + * + * @return: 0, on success, -ve on error + */ + int (*sign)(struct image_sign_info *info, + const struct image_region region[], + int region_count, uint8_t **sigp, uint *sig_len); + + /** + * add_verify_data() - Add verification information to FDT + * + * Add public key information to the FDT node, suitable for + * verification at run-time. The information added depends on the + * algorithm being used. + * + * @info: Specifies key and FIT information + * @keydest: Destination FDT blob for public key data + * @return: 0, on success, -ve on error + */ + int (*add_verify_data)(struct image_sign_info *info, void *keydest); + + /** + * verify() - Verify a signature against some data + * + * @info: Specifies key and FIT information + * @data: Pointer to the input data + * @data_len: Data length + * @sig: Signature + * @sig_len: Number of bytes in signature + * @return 0 if verified, -ve on error + */ + int (*verify)(struct image_sign_info *info, + const struct image_region region[], int region_count, + uint8_t *sig, uint sig_len); + + /* pointer to checksum algorithm */ + struct checksum_algo *checksum; +}; + +/** + * image_get_sig_algo() - Look up a signature algortihm + * + * @param name Name of algorithm + * @return pointer to algorithm information, or NULL if not found + */ +struct image_sig_algo *image_get_sig_algo(const char *name); + +/** + * fit_image_verify_required_sigs() - Verify signatures marked as 'required' + * + * @fit: FIT to check + * @image_noffset: Offset of image node to check + * @data: Image data to check + * @size: Size of image data + * @sig_blob: FDT containing public keys + * @no_sigsp: Returns 1 if no signatures were required, and + * therefore nothing was checked. The caller may wish + * to fall back to other mechanisms, or refuse to + * boot. + * @return 0 if all verified ok, <0 on error + */ +int fit_image_verify_required_sigs(const void *fit, int image_noffset, + const char *data, size_t size, const void *sig_blob, + int *no_sigsp); + +/** + * fit_image_check_sig() - Check a single image signature node + * + * @fit: FIT to check + * @noffset: Offset of signature node to check + * @data: Image data to check + * @size: Size of image data + * @required_keynode: Offset in the control FDT of the required key node, + * if any. If this is given, then the image wil not + * pass verification unless that key is used. If this is + * -1 then any signature will do. + * @err_msgp: In the event of an error, this will be pointed to a + * help error string to display to the user. + * @return 0 if all verified ok, <0 on error + */ +int fit_image_check_sig(const void *fit, int noffset, const void *data, + size_t size, int required_keynode, char **err_msgp); + +/** + * fit_region_make_list() - Make a list of regions to hash + * + * Given a list of FIT regions (offset, size) provided by libfdt, create + * a list of regions (void *, size) for use by the signature creationg + * and verification code. + * + * @fit: FIT image to process + * @fdt_regions: Regions as returned by libfdt + * @count: Number of regions returned by libfdt + * @region: Place to put list of regions (NULL to allocate it) + * @return pointer to list of regions, or NULL if out of memory + */ +struct image_region *fit_region_make_list(const void *fit, + struct fdt_region *fdt_regions, int count, + struct image_region *region); + static inline int fit_image_check_target_arch(const void *fdt, int node) { +#ifndef USE_HOSTCC return fit_image_check_arch(fdt, node, IH_ARCH_DEFAULT); +#else + return 0; +#endif } -#endif /* USE_HOSTCC */ #ifdef CONFIG_FIT_VERBOSE #define fit_unsupported(msg) printf("! %s:%d " \ @@ -646,4 +1147,30 @@ static inline int fit_image_check_target_arch(const void *fdt, int node) #endif /* CONFIG_FIT_VERBOSE */ #endif /* CONFIG_FIT */ +#if defined(CONFIG_ANDROID_BOOT_IMAGE) +struct andr_img_hdr; +int android_image_check_header(const struct andr_img_hdr *hdr); +int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify, + ulong *os_data, ulong *os_len); +int android_image_get_ramdisk(const struct andr_img_hdr *hdr, + ulong *rd_data, ulong *rd_len); +ulong android_image_get_end(const struct andr_img_hdr *hdr); +ulong android_image_get_kload(const struct andr_img_hdr *hdr); +void android_print_contents(const struct andr_img_hdr *hdr); + +#endif /* CONFIG_ANDROID_BOOT_IMAGE */ + +/** + * board_fit_config_name_match() - Check for a matching board name + * + * This is used when SPL loads a FIT containing multiple device tree files + * and wants to work out which one to use. The description of each one is + * passed to this function. The description comes from the 'description' field + * in each (FDT) image node. + * + * @name: Device tree description + * @return 0 if this device tree should be used, non-zero to try the next + */ +int board_fit_config_name_match(const char *name); + #endif /* __IMAGE_H__ */