1 // SPDX-License-Identifier: GPL-2.0+
4 * Reinhard Pfau, Guntermann & Drunck GmbH, reinhard.pfau@gdsys.cc
7 /* TODO: some more #ifdef's to avoid unneeded code for stage 1 / stage 2 */
14 #include <bootstage.h>
25 #include <linux/delay.h>
26 #include <u-boot/crc.h>
27 #include <u-boot/sha1.h>
28 #include <asm/byteorder.h>
29 #include <asm/unaligned.h>
32 #undef CCDM_FIRST_STAGE
33 #undef CCDM_SECOND_STAGE
34 #undef CCDM_AUTO_FIRST_STAGE
40 #ifdef CONFIG_TRAILBLAZER
41 #define CCDM_FIRST_STAGE
42 #undef CCDM_SECOND_STAGE
44 #undef CCDM_FIRST_STAGE
45 #define CCDM_SECOND_STAGE
48 #if defined(CCDM_DEVELOP) && defined(CCDM_SECOND_STAGE) && \
49 !defined(CCCM_FIRST_STAGE)
50 #define CCDM_AUTO_FIRST_STAGE
53 /* CCDM specific contants */
56 NV_COMMON_DATA_INDEX = 0x40000001,
57 /* magics for key blob chains */
58 MAGIC_KEY_PROGRAM = 0x68726500,
59 MAGIC_HMAC = 0x68616300,
60 MAGIC_END_OF_CHAIN = 0x00000000,
62 NV_COMMON_DATA_MIN_SIZE = 3 * sizeof(uint64_t) + 2 * sizeof(uint16_t),
67 ESDHC_BOOT_IMAGE_SIG_OFS = 0x40,
68 ESDHC_BOOT_IMAGE_SIZE_OFS = 0x48,
69 ESDHC_BOOT_IMAGE_ADDR_OFS = 0x50,
70 ESDHC_BOOT_IMAGE_TARGET_OFS = 0x58,
71 ESDHC_BOOT_IMAGE_ENTRY_OFS = 0x60,
99 /* register constants */
101 FIX_HREG_DEVICE_ID_HASH = 0,
102 FIX_HREG_SELF_HASH = 1,
103 FIX_HREG_STAGE2_HASH = 2,
111 /* opcodes w/o data */
115 /* opcodes w/o data, w/ sync dst */
116 /* opcodes w/ data */
118 /* opcodes w/data, w/sync dst */
133 static uint64_t device_id;
134 static uint64_t device_cl;
135 static uint64_t device_type;
137 static uint32_t platform_key_handle;
139 static void(*bl2_entry)(void);
141 static struct h_reg pcr_hregs[24];
142 static struct h_reg fix_hregs[COUNT_FIX_HREGS];
143 static struct h_reg var_hregs[8];
144 static uint32_t hre_tpm_err;
145 static int hre_err = HRE_E_OK;
147 #define IS_PCR_HREG(spec) ((spec) & 0x20)
148 #define IS_FIX_HREG(spec) (((spec) & 0x38) == 0x08)
149 #define IS_VAR_HREG(spec) (((spec) & 0x38) == 0x10)
150 #define HREG_IDX(spec) ((spec) & (IS_PCR_HREG(spec) ? 0x1f : 0x7))
152 static int get_tpm(struct udevice **devp)
156 rc = uclass_first_device_err(UCLASS_TPM, devp);
158 printf("Could not find TPM (ret=%d)\n", rc);
159 return CMD_RET_FAILURE;
165 static const uint8_t vendor[] = "Guntermann & Drunck";
168 * @brief read a bunch of data from MMC into memory.
170 * @param mmc pointer to the mmc structure to use.
171 * @param src offset where the data starts on MMC/SD device (in bytes).
172 * @param dst pointer to the location where the read data should be stored.
173 * @param size number of bytes to read from the MMC/SD device.
174 * @return number of bytes read or -1 on error.
176 static int ccdm_mmc_read(struct mmc *mmc, u64 src, u8 *dst, int size)
180 ulong block_no, n, cnt;
186 blk_len = mmc->read_bl_len;
187 tmp_buf = malloc(blk_len);
190 block_no = src / blk_len;
194 n = mmc->block_dev.block_read(&mmc->block_dev, block_no++, 1,
198 result = min(size, (int)(blk_len - ofs));
199 memcpy(dst, tmp_buf + ofs, result);
203 cnt = size / blk_len;
205 n = mmc->block_dev.block_read(&mmc->block_dev, block_no, cnt,
209 size -= cnt * blk_len;
210 result += cnt * blk_len;
211 dst += cnt * blk_len;
215 n = mmc->block_dev.block_read(&mmc->block_dev, block_no++, 1,
219 memcpy(dst, tmp_buf, size);
232 * @brief returns a location where the 2nd stage bootloader can be(/ is) placed.
234 * @return pointer to the location for/of the 2nd stage bootloader
236 static u8 *get_2nd_stage_bl_location(ulong target_addr)
239 #ifdef CCDM_SECOND_STAGE
240 addr = env_get_ulong("loadaddr", 16, CONFIG_LOADADDR);
248 #ifdef CCDM_SECOND_STAGE
250 * @brief returns a location where the image can be(/ is) placed.
252 * @return pointer to the location for/of the image
254 static u8 *get_image_location(void)
257 /* TODO use other area? */
258 addr = env_get_ulong("loadaddr", 16, CONFIG_LOADADDR);
264 * @brief get the size of a given (TPM) NV area
265 * @param index NV index of the area to get size for
266 * @param size pointer to the size
267 * @return 0 on success, != 0 on error
269 static int get_tpm_nv_size(struct udevice *tpm, uint32_t index, uint32_t *size)
276 err = tpm_get_capability(tpm, TPM_CAP_NV_INDEX, index,
279 printf("tpm_get_capability(CAP_NV_INDEX, %08x) failed: %u\n",
284 /* skip tag and nvIndex */
286 /* skip 2 pcr info fields */
287 v16 = get_unaligned_be16(ptr);
288 ptr += 2 + v16 + 1 + 20;
289 v16 = get_unaligned_be16(ptr);
290 ptr += 2 + v16 + 1 + 20;
291 /* skip permission and flags */
294 *size = get_unaligned_be32(ptr);
299 * @brief search for a key by usage auth and pub key hash.
300 * @param auth usage auth of the key to search for
301 * @param pubkey_digest (SHA1) hash of the pub key structure of the key
302 * @param[out] handle the handle of the key iff found
303 * @return 0 if key was found in TPM; != 0 if not.
305 static int find_key(struct udevice *tpm, const uint8_t auth[20],
306 const uint8_t pubkey_digest[20], uint32_t *handle)
309 uint32_t key_handles[10];
317 /* fetch list of already loaded keys in the TPM */
318 err = tpm_get_capability(tpm, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
322 key_count = get_unaligned_be16(buf);
324 for (i = 0; i < key_count; ++i, ptr += 4)
325 key_handles[i] = get_unaligned_be32(ptr);
327 /* now search a(/ the) key which we can access with the given auth */
328 for (i = 0; i < key_count; ++i) {
329 buf_len = sizeof(buf);
330 err = tpm_get_pub_key_oiap(tpm, key_handles[i], auth, buf,
332 if (err && err != TPM_AUTHFAIL)
336 sha1_csum(buf, buf_len, digest);
337 if (!memcmp(digest, pubkey_digest, 20)) {
338 *handle = key_handles[i];
346 * @brief read CCDM common data from TPM NV
347 * @return 0 if CCDM common data was found and read, !=0 if something failed.
349 static int read_common_data(struct udevice *tpm)
356 if (get_tpm_nv_size(tpm, NV_COMMON_DATA_INDEX, &size) ||
357 size < NV_COMMON_DATA_MIN_SIZE)
359 err = tpm_nv_read_value(tpm, NV_COMMON_DATA_INDEX,
360 buf, min(sizeof(buf), size));
362 printf("tpm_nv_read_value() failed: %u\n", err);
366 device_id = get_unaligned_be64(buf);
367 device_cl = get_unaligned_be64(buf + 8);
368 device_type = get_unaligned_be64(buf + 16);
371 sha1_update(&ctx, buf, 24);
372 sha1_finish(&ctx, fix_hregs[FIX_HREG_DEVICE_ID_HASH].digest);
373 fix_hregs[FIX_HREG_DEVICE_ID_HASH].valid = true;
375 platform_key_handle = get_unaligned_be32(buf + 24);
381 * @brief compute hash of bootloader itself.
382 * @param[out] dst hash register where the hash should be stored
383 * @return 0 on success, != 0 on failure.
385 * @note MUST be called at a time where the boot loader is accessible at the
386 * configured location (; so take care when code is reallocated).
388 static int compute_self_hash(struct h_reg *dst)
390 sha1_csum((const uint8_t *)CONFIG_SYS_MONITOR_BASE,
391 CONFIG_SYS_MONITOR_LEN, dst->digest);
396 int ccdm_compute_self_hash(void)
398 if (!fix_hregs[FIX_HREG_SELF_HASH].valid)
399 compute_self_hash(&fix_hregs[FIX_HREG_SELF_HASH]);
404 * @brief compute the hash of the 2nd stage boot loader (on SD card)
405 * @param[out] dst hash register to store the computed hash
406 * @return 0 on success, != 0 on failure
408 * Determines the size and location of the 2nd stage boot loader on SD card,
409 * loads the 2nd stage boot loader and computes the (SHA1) hash value.
410 * Within the 1st stage boot loader, the 2nd stage boot loader is loaded at
411 * the desired memory location and the variable @a bl2_entry is set.
413 * @note This sets the variable @a bl2_entry to the entry point when the
414 * 2nd stage boot loader is loaded at its configured memory location.
416 static int compute_second_stage_hash(struct h_reg *dst)
419 u32 code_len, code_offset, target_addr, exec_entry;
421 u8 *load_addr = NULL;
424 mmc = find_mmc_device(0);
429 if (ccdm_mmc_read(mmc, 0, buf, sizeof(buf)) < 0)
432 code_offset = *(u32 *)(buf + ESDHC_BOOT_IMAGE_ADDR_OFS);
433 code_len = *(u32 *)(buf + ESDHC_BOOT_IMAGE_SIZE_OFS);
434 target_addr = *(u32 *)(buf + ESDHC_BOOT_IMAGE_TARGET_OFS);
435 exec_entry = *(u32 *)(buf + ESDHC_BOOT_IMAGE_ENTRY_OFS);
437 load_addr = get_2nd_stage_bl_location(target_addr);
438 if (load_addr == (u8 *)target_addr)
439 bl2_entry = (void(*)(void))exec_entry;
441 if (ccdm_mmc_read(mmc, code_offset, load_addr, code_len) < 0)
444 sha1_csum(load_addr, code_len, dst->digest);
456 * @brief get pointer to hash register by specification
457 * @param spec specification of a hash register
458 * @return pointer to hash register or NULL if @a spec does not qualify a
459 * valid hash register; NULL else.
461 static struct h_reg *get_hreg(uint8_t spec)
465 idx = HREG_IDX(spec);
466 if (IS_FIX_HREG(spec)) {
467 if (idx < ARRAY_SIZE(fix_hregs))
468 return fix_hregs + idx;
469 hre_err = HRE_E_INVALID_HREG;
470 } else if (IS_PCR_HREG(spec)) {
471 if (idx < ARRAY_SIZE(pcr_hregs))
472 return pcr_hregs + idx;
473 hre_err = HRE_E_INVALID_HREG;
474 } else if (IS_VAR_HREG(spec)) {
475 if (idx < ARRAY_SIZE(var_hregs))
476 return var_hregs + idx;
477 hre_err = HRE_E_INVALID_HREG;
483 * @brief get pointer of a hash register by specification and usage.
484 * @param spec specification of a hash register
485 * @param mode access mode (read or write or read/write)
486 * @return pointer to hash register if found and valid; NULL else.
488 * This func uses @a get_reg() to determine the hash register for a given spec.
489 * If a register is found it is validated according to the desired access mode.
490 * The value of automatic registers (PCR register and fixed registers) is
491 * loaded or computed on read access.
493 static struct h_reg *access_hreg(struct udevice *tpm, uint8_t spec,
494 enum access_mode mode)
496 struct h_reg *result;
498 result = get_hreg(spec);
502 if (mode & HREG_WR) {
503 if (IS_FIX_HREG(spec)) {
504 hre_err = HRE_E_INVALID_HREG;
508 if (mode & HREG_RD) {
509 if (!result->valid) {
510 if (IS_PCR_HREG(spec)) {
511 hre_tpm_err = tpm_pcr_read(tpm, HREG_IDX(spec),
513 result->valid = (hre_tpm_err == TPM_SUCCESS);
514 } else if (IS_FIX_HREG(spec)) {
515 switch (HREG_IDX(spec)) {
516 case FIX_HREG_DEVICE_ID_HASH:
517 read_common_data(tpm);
519 case FIX_HREG_SELF_HASH:
520 ccdm_compute_self_hash();
522 case FIX_HREG_STAGE2_HASH:
523 compute_second_stage_hash(result);
525 case FIX_HREG_VENDOR:
526 memcpy(result->digest, vendor, 20);
527 result->valid = true;
531 result->valid = true;
534 if (!result->valid) {
535 hre_err = HRE_E_INVALID_HREG;
543 static void *compute_and(void *_dst, const void *_src, size_t n)
546 const uint8_t *src = _src;
549 for (i = n; i-- > 0; )
555 static void *compute_or(void *_dst, const void *_src, size_t n)
558 const uint8_t *src = _src;
561 for (i = n; i-- > 0; )
567 static void *compute_xor(void *_dst, const void *_src, size_t n)
570 const uint8_t *src = _src;
573 for (i = n; i-- > 0; )
579 static void *compute_extend(void *_dst, const void *_src, size_t n)
585 sha1_update(&ctx, _dst, n);
586 sha1_update(&ctx, _src, n);
587 sha1_finish(&ctx, digest);
588 memcpy(_dst, digest, min(n, sizeof(digest)));
593 static int hre_op_loadkey(struct udevice *tpm, struct h_reg *src_reg,
594 struct h_reg *dst_reg, const void *key,
597 uint32_t parent_handle;
600 if (!src_reg || !dst_reg || !src_reg->valid || !dst_reg->valid)
602 if (find_key(tpm, src_reg->digest, dst_reg->digest, &parent_handle))
604 hre_tpm_err = tpm_load_key2_oiap(tpm, parent_handle, key, key_size,
605 src_reg->digest, &key_handle);
607 hre_err = HRE_E_TPM_FAILURE;
610 /* TODO remember key handle somehow? */
616 * @brief executes the next opcode on the hash register engine.
617 * @param[in,out] ip pointer to the opcode (instruction pointer)
618 * @param[in,out] code_size (remaining) size of the code
619 * @return new instruction pointer on success, NULL on error.
621 static const uint8_t *hre_execute_op(struct udevice *tpm, const uint8_t **ip,
624 bool dst_modified = false;
630 struct h_reg *src_reg, *dst_reg;
632 const uint8_t *src_buf, *data;
635 void * (*bin_func)(void *, const void *, size_t);
640 ins = get_unaligned_be32(*ip);
643 src_spec = (ins >> 18) & 0x3f;
644 dst_spec = (ins >> 12) & 0x3f;
645 data_size = (ins & 0x7ff);
647 debug("HRE: ins=%08x (op=%02x, s=%02x, d=%02x, L=%d)\n", ins,
648 opcode, src_spec, dst_spec, data_size);
650 if ((opcode & 0x80) && (data_size + 4) > *code_size)
653 src_reg = access_hreg(tpm, src_spec, HREG_RD);
654 if (hre_err || hre_tpm_err)
656 dst_reg = access_hreg(tpm, dst_spec,
657 (opcode & 0x40) ? HREG_RDWR : HREG_WR);
658 if (hre_err || hre_tpm_err)
666 for (i = 0; i < 20; ++i) {
667 if (src_reg->digest[i])
676 bin_func = compute_xor;
679 bin_func = compute_and;
682 bin_func = compute_or;
685 bin_func = compute_extend;
690 src_buf = src_reg->digest;
695 } else if (data_size == 1) {
696 memset(buf, *data, 20);
698 } else if (data_size >= 20) {
702 for (ptr = (uint8_t *)src_buf, i = 20; i > 0;
703 i -= data_size, ptr += data_size)
705 min_t(size_t, i, data_size));
708 bin_func(dst_reg->digest, src_buf, 20);
709 dst_reg->valid = true;
713 if (hre_op_loadkey(tpm, src_reg, dst_reg, data, data_size))
720 if (dst_reg && dst_modified && IS_PCR_HREG(dst_spec)) {
721 hre_tpm_err = tpm_extend(tpm, HREG_IDX(dst_spec),
722 dst_reg->digest, dst_reg->digest);
724 hre_err = HRE_E_TPM_FAILURE;
733 *code_size -= data_size;
740 * @brief runs a program on the hash register engine.
741 * @param code pointer to the (HRE) code.
742 * @param code_size size of the code (in bytes).
743 * @return 0 on success, != 0 on failure.
745 static int hre_run_program(struct udevice *tpm, const uint8_t *code,
749 const uint8_t *ip = code;
751 code_left = code_size;
754 while (code_left > 0)
755 if (!hre_execute_op(tpm, &ip, &code_left))
761 static int check_hmac(struct key_program *hmac,
762 const uint8_t *data, size_t data_size)
764 uint8_t key[20], computed_hmac[20];
767 type = get_unaligned_be32(hmac->code);
770 memset(key, 0, sizeof(key));
771 compute_extend(key, pcr_hregs[1].digest, 20);
772 compute_extend(key, pcr_hregs[2].digest, 20);
773 compute_extend(key, pcr_hregs[3].digest, 20);
774 compute_extend(key, pcr_hregs[4].digest, 20);
776 sha1_hmac(key, sizeof(key), data, data_size, computed_hmac);
778 return memcmp(computed_hmac, hmac->code + 4, 20);
781 static int verify_program(struct key_program *prg)
784 crc = crc32(0, prg->code, prg->code_size);
786 if (crc != prg->code_crc) {
787 printf("HRC crc mismatch: %08x != %08x\n",
794 #if defined(CCDM_FIRST_STAGE) || (defined CCDM_AUTO_FIRST_STAGE)
795 static struct key_program *load_sd_key_program(void)
797 u32 code_len, code_offset;
800 struct key_program *result = NULL, *hmac = NULL;
801 struct key_program header;
803 mmc = find_mmc_device(0);
808 if (ccdm_mmc_read(mmc, 0, buf, sizeof(buf)) <= 0)
811 code_offset = *(u32 *)(buf + ESDHC_BOOT_IMAGE_ADDR_OFS);
812 code_len = *(u32 *)(buf + ESDHC_BOOT_IMAGE_SIZE_OFS);
814 code_offset += code_len;
815 /* TODO: the following needs to be the size of the 2nd stage env */
816 code_offset += CONFIG_ENV_SIZE;
818 if (ccdm_mmc_read(mmc, code_offset, buf, 4*3) < 0)
821 header.magic = get_unaligned_be32(buf);
822 header.code_crc = get_unaligned_be32(buf + 4);
823 header.code_size = get_unaligned_be32(buf + 8);
825 if (header.magic != MAGIC_KEY_PROGRAM)
828 result = malloc(sizeof(struct key_program) + header.code_size);
833 printf("load key program chunk from SD card (%u bytes) ",
836 if (ccdm_mmc_read(mmc, code_offset, result->code, header.code_size)
839 code_offset += header.code_size;
842 if (verify_program(result))
845 if (ccdm_mmc_read(mmc, code_offset, buf, 4*3) < 0)
848 header.magic = get_unaligned_be32(buf);
849 header.code_crc = get_unaligned_be32(buf + 4);
850 header.code_size = get_unaligned_be32(buf + 8);
852 if (header.magic == MAGIC_HMAC) {
853 puts("check integrity\n");
854 hmac = malloc(sizeof(struct key_program) + header.code_size);
859 if (ccdm_mmc_read(mmc, code_offset, hmac->code,
860 hmac->code_size) < 0)
862 if (verify_program(hmac))
864 if (check_hmac(hmac, result->code, result->code_size)) {
865 puts("key program integrity could not be verified\n");
868 puts("key program verified\n");
884 #ifdef CCDM_SECOND_STAGE
886 * @brief load a key program from file system.
887 * @param ifname interface of the file system
888 * @param dev_part_str device part of the file system
889 * @param fs_type tyep of the file system
890 * @param path path of the file to load.
891 * @return the loaded structure or NULL on failure.
893 static struct key_program *load_key_chunk(const char *ifname,
894 const char *dev_part_str, int fs_type,
897 struct key_program *result = NULL;
898 struct key_program header;
903 if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
905 if (fs_read(path, (ulong)buf, 0, 12, &i) < 0)
909 header.magic = get_unaligned_be32(buf);
910 header.code_crc = get_unaligned_be32(buf + 4);
911 header.code_size = get_unaligned_be32(buf + 8);
913 if (header.magic != MAGIC_HMAC && header.magic != MAGIC_KEY_PROGRAM)
916 result = malloc(sizeof(struct key_program) + header.code_size);
919 if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
921 if (fs_read(path, (ulong)result, 0,
922 sizeof(struct key_program) + header.code_size, &i) < 0)
928 crc = crc32(0, result->code, result->code_size);
930 if (crc != result->code_crc) {
931 printf("%s: HRC crc mismatch: %08x != %08x\n",
932 path, crc, result->code_crc);
946 #if defined(CCDM_FIRST_STAGE) || (defined CCDM_AUTO_FIRST_STAGE)
947 static const uint8_t prg_stage1_prepare[] = {
948 0x00, 0x20, 0x00, 0x00, /* opcode: SYNC f0 */
949 0x00, 0x24, 0x00, 0x00, /* opcode: SYNC f1 */
950 0x01, 0x80, 0x00, 0x00, /* opcode: CHECK0 PCR0 */
951 0x81, 0x22, 0x00, 0x00, /* opcode: LOAD PCR0, f0 */
952 0x01, 0x84, 0x00, 0x00, /* opcode: CHECK0 PCR1 */
953 0x81, 0x26, 0x10, 0x00, /* opcode: LOAD PCR1, f1 */
954 0x01, 0x88, 0x00, 0x00, /* opcode: CHECK0 PCR2 */
955 0x81, 0x2a, 0x20, 0x00, /* opcode: LOAD PCR2, f2 */
956 0x01, 0x8c, 0x00, 0x00, /* opcode: CHECK0 PCR3 */
957 0x81, 0x2e, 0x30, 0x00, /* opcode: LOAD PCR3, f3 */
960 static int first_stage_actions(struct udevice *tpm)
963 struct key_program *sd_prg = NULL;
965 puts("CCDM S1: start actions\n");
966 #ifndef CCDM_SECOND_STAGE
967 if (tpm_continue_self_test(tpm))
970 tpm_continue_self_test(tpm);
974 if (hre_run_program(tpm, prg_stage1_prepare,
975 sizeof(prg_stage1_prepare)))
978 sd_prg = load_sd_key_program();
980 if (hre_run_program(tpm, sd_prg->code, sd_prg->code_size))
982 puts("SD code run successfully\n");
984 puts("no key program found on SD\n");
993 printf("CCDM S1: actions done (%d)\n", result);
998 #ifdef CCDM_FIRST_STAGE
999 static int first_stage_init(void)
1001 struct udevice *tpm;
1005 ret = get_tpm(&tpm);
1006 if (ret || tpm_init(tpm) || tpm_startup(tpm, TPM_ST_CLEAR))
1008 ret = first_stage_actions(tpm);
1009 #ifndef CCDM_SECOND_STAGE
1020 #ifdef CCDM_SECOND_STAGE
1021 static const uint8_t prg_stage2_prepare[] = {
1022 0x00, 0x80, 0x00, 0x00, /* opcode: SYNC PCR0 */
1023 0x00, 0x84, 0x00, 0x00, /* opcode: SYNC PCR1 */
1024 0x00, 0x88, 0x00, 0x00, /* opcode: SYNC PCR2 */
1025 0x00, 0x8c, 0x00, 0x00, /* opcode: SYNC PCR3 */
1026 0x00, 0x90, 0x00, 0x00, /* opcode: SYNC PCR4 */
1029 static const uint8_t prg_stage2_success[] = {
1030 0x81, 0x02, 0x40, 0x14, /* opcode: LOAD PCR4, #<20B data> */
1031 0x48, 0xfd, 0x95, 0x17, 0xe7, 0x54, 0x6b, 0x68, /* data */
1032 0x92, 0x31, 0x18, 0x05, 0xf8, 0x58, 0x58, 0x3c, /* data */
1033 0xe4, 0xd2, 0x81, 0xe0, /* data */
1036 static const uint8_t prg_stage_fail[] = {
1037 0x81, 0x01, 0x00, 0x14, /* opcode: LOAD v0, #<20B data> */
1038 0xc0, 0x32, 0xad, 0xc1, 0xff, 0x62, 0x9c, 0x9b, /* data */
1039 0x66, 0xf2, 0x27, 0x49, 0xad, 0x66, 0x7e, 0x6b, /* data */
1040 0xea, 0xdf, 0x14, 0x4b, /* data */
1041 0x81, 0x42, 0x30, 0x00, /* opcode: LOAD PCR3, v0 */
1042 0x81, 0x42, 0x40, 0x00, /* opcode: LOAD PCR4, v0 */
1045 static int second_stage_init(void)
1047 static const char mac_suffix[] = ".mac";
1048 bool did_first_stage_run = true;
1050 char *cptr, *mmcdev = NULL;
1051 struct key_program *hmac_blob = NULL;
1052 const char *image_path = "/ccdm.itb";
1053 char *mac_path = NULL;
1056 struct udevice *tpm;
1060 printf("CCDM S2\n");
1061 ret = get_tpm(&tpm);
1062 if (ret || tpm_init(tpm))
1064 err = tpm_startup(tpm, TPM_ST_CLEAR);
1065 if (err != TPM_INVALID_POSTINIT)
1066 did_first_stage_run = false;
1068 #ifdef CCDM_AUTO_FIRST_STAGE
1069 if (!did_first_stage_run && first_stage_actions(tpm))
1072 if (!did_first_stage_run)
1076 if (hre_run_program(tpm, prg_stage2_prepare,
1077 sizeof(prg_stage2_prepare)))
1080 /* run "prepboot" from env to get "mmcdev" set */
1081 cptr = env_get("prepboot");
1082 if (cptr && !run_command(cptr, 0))
1083 mmcdev = env_get("mmcdev");
1087 cptr = env_get("ramdiskimage");
1091 mac_path = malloc(strlen(image_path) + strlen(mac_suffix) + 1);
1092 if (mac_path == NULL)
1094 strcpy(mac_path, image_path);
1095 strcat(mac_path, mac_suffix);
1097 /* read image from mmcdev (ccdm.itb) */
1098 image_addr = (ulong)get_image_location();
1099 if (fs_set_blk_dev("mmc", mmcdev, FS_TYPE_EXT))
1101 if (fs_read(image_path, image_addr, 0, 0, &image_size) < 0)
1103 if (image_size <= 0)
1105 printf("CCDM image found on %s, %lld bytes\n", mmcdev, image_size);
1107 hmac_blob = load_key_chunk("mmc", mmcdev, FS_TYPE_EXT, mac_path);
1109 puts("failed to load mac file\n");
1112 if (verify_program(hmac_blob)) {
1113 puts("corrupted mac file\n");
1116 if (check_hmac(hmac_blob, (u8 *)image_addr, image_size)) {
1117 puts("image integrity could not be verified\n");
1120 puts("CCDM image OK\n");
1122 hre_run_program(tpm, prg_stage2_success, sizeof(prg_stage2_success));
1127 hre_run_program(tpm, prg_stage_fail, sizeof(prg_stage_fail));
1138 int show_self_hash(void)
1140 struct h_reg *hash_ptr;
1141 #ifdef CCDM_SECOND_STAGE
1145 if (compute_self_hash(hash_ptr))
1148 hash_ptr = &fix_hregs[FIX_HREG_SELF_HASH];
1150 puts("self hash: ");
1151 if (hash_ptr && hash_ptr->valid)
1152 print_buffer(0, hash_ptr->digest, 1, 20, 20);
1160 * @brief let the system hang.
1163 * Will stop the boot process; display a message and signal the error condition
1164 * by blinking the "status" and the "finder" LED of the controller board.
1166 * @note the develop version runs the blink cycle 2 times and then returns.
1167 * The release version never returns.
1169 static void ccdm_hang(void)
1171 static const u64 f0 = 0x0ba3bb8ba2e880; /* blink code "finder" LED */
1172 static const u64 s0 = 0x00f0f0f0f0f0f0; /* blink code "status" LED */
1179 I2C_SET_BUS(I2C_SOC_0);
1180 pca9698_direction_output(0x22, 0, 0); /* Finder */
1181 pca9698_direction_output(0x22, 4, 0); /* Status */
1183 puts("### ERROR ### Please RESET the board ###\n");
1184 bootstage_error(BOOTSTAGE_ID_NEED_RESET);
1186 puts("*** ERROR ******** THIS WOULD HANG ******** ERROR ***\n");
1187 puts("** but we continue since this is a DEVELOP version **\n");
1188 puts("*** ERROR ******** THIS WOULD HANG ******** ERROR ***\n");
1189 for (j = 2; j-- > 0;) {
1196 for (i = 54; i-- > 0;) {
1197 pca9698_set_value(0x22, 0, !(f & 1));
1198 pca9698_set_value(0x22, 4, (s & 1));
1204 puts("\ncontinue...\n");
1207 int startup_ccdm_id_module(void)
1210 unsigned int orig_i2c_bus;
1212 orig_i2c_bus = i2c_get_bus_num();
1213 i2c_set_bus_num(I2C_SOC_1);
1220 #ifdef CCDM_FIRST_STAGE
1221 result = first_stage_init();
1223 puts("1st stage init failed\n");
1227 #ifdef CCDM_SECOND_STAGE
1228 result = second_stage_init();
1230 puts("2nd stage init failed\n");
1239 i2c_set_bus_num(orig_i2c_bus);
projects / oweals / u-boot.git / blob