1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3 * (C) Copyright 2008 Semihalf
4 *
5 * (C) Copyright 2000-2005
6 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
7 ********************************************************************
8 * NOTE: This header file defines an interface to U-Boot. Including
9 * this (unmodified) header file in another file is considered normal
10 * use of U-Boot, and does *not* fall under the heading of "derived
11 * work".
12 ********************************************************************
13 */
14
15 #ifndef __IMAGE_H__
16 #define __IMAGE_H__
17
18 #include "compiler.h"
19 #include <asm/byteorder.h>
20 #include <stdbool.h>
21
22 /* Define this to avoid #ifdefs later on */
23 struct lmb;
24 struct fdt_region;
25
26 #ifdef USE_HOSTCC
27 #include <sys/types.h>
28
29 /* new uImage format support enabled on host */
30 #define IMAGE_ENABLE_FIT 1
31 #define IMAGE_ENABLE_OF_LIBFDT 1
32 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
33 #define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1
34 #define CONFIG_FIT_ENABLE_SHA256_SUPPORT
35 #define CONFIG_SHA1
36 #define CONFIG_SHA256
37
38 #define IMAGE_ENABLE_IGNORE 0
39 #define IMAGE_INDENT_STRING ""
40
41 #else
42
43 #include <lmb.h>
44 #include <asm/u-boot.h>
45 #include <command.h>
46
47 /* Take notice of the 'ignore' property for hashes */
48 #define IMAGE_ENABLE_IGNORE 1
49 #define IMAGE_INDENT_STRING " "
50
51 #define IMAGE_ENABLE_FIT CONFIG_IS_ENABLED(FIT)
52 #define IMAGE_ENABLE_OF_LIBFDT CONFIG_IS_ENABLED(OF_LIBFDT)
53
54 #endif /* USE_HOSTCC */
55
56 #if IMAGE_ENABLE_FIT
57 #include <hash.h>
58 #include <linux/libfdt.h>
59 #include <fdt_support.h>
60 # ifdef CONFIG_SPL_BUILD
61 # ifdef CONFIG_SPL_CRC32_SUPPORT
62 # define IMAGE_ENABLE_CRC32 1
63 # endif
64 # ifdef CONFIG_SPL_MD5_SUPPORT
65 # define IMAGE_ENABLE_MD5 1
66 # endif
67 # ifdef CONFIG_SPL_SHA1_SUPPORT
68 # define IMAGE_ENABLE_SHA1 1
69 # endif
70 # else
71 # define IMAGE_ENABLE_CRC32 1
72 # define IMAGE_ENABLE_MD5 1
73 # define IMAGE_ENABLE_SHA1 1
74 # endif
75
76 #ifndef IMAGE_ENABLE_CRC32
77 #define IMAGE_ENABLE_CRC32 0
78 #endif
79
80 #ifndef IMAGE_ENABLE_MD5
81 #define IMAGE_ENABLE_MD5 0
82 #endif
83
84 #ifndef IMAGE_ENABLE_SHA1
85 #define IMAGE_ENABLE_SHA1 0
86 #endif
87
88 #if defined(CONFIG_FIT_ENABLE_SHA256_SUPPORT) || \
89 defined(CONFIG_SPL_SHA256_SUPPORT)
90 #define IMAGE_ENABLE_SHA256 1
91 #else
92 #define IMAGE_ENABLE_SHA256 0
93 #endif
94
95 #endif /* IMAGE_ENABLE_FIT */
96
97 #ifdef CONFIG_SYS_BOOT_GET_CMDLINE
98 # define IMAGE_BOOT_GET_CMDLINE 1
99 #else
100 # define IMAGE_BOOT_GET_CMDLINE 0
101 #endif
102
103 #ifdef CONFIG_OF_BOARD_SETUP
104 # define IMAGE_OF_BOARD_SETUP 1
105 #else
106 # define IMAGE_OF_BOARD_SETUP 0
107 #endif
108
109 #ifdef CONFIG_OF_SYSTEM_SETUP
110 # define IMAGE_OF_SYSTEM_SETUP 1
111 #else
112 # define IMAGE_OF_SYSTEM_SETUP 0
113 #endif
114 /* An invalid size, meaning that the image size is not known */
115 #define IMAGE_SIZE_INVAL (-1UL)
116
117 enum ih_category {
118 IH_ARCH,
119 IH_COMP,
120 IH_OS,
121 IH_TYPE,
122
123 IH_COUNT,
124 };
125
126 /*
127 * Operating System Codes
128 *
129 * The following are exposed to uImage header.
130 * New IDs *MUST* be appended at the end of the list and *NEVER*
131 * inserted for backward compatibility.
132 */
133 enum {
134 IH_OS_INVALID = 0, /* Invalid OS */
135 IH_OS_OPENBSD, /* OpenBSD */
136 IH_OS_NETBSD, /* NetBSD */
137 IH_OS_FREEBSD, /* FreeBSD */
138 IH_OS_4_4BSD, /* 4.4BSD */
139 IH_OS_LINUX, /* Linux */
140 IH_OS_SVR4, /* SVR4 */
141 IH_OS_ESIX, /* Esix */
142 IH_OS_SOLARIS, /* Solaris */
143 IH_OS_IRIX, /* Irix */
144 IH_OS_SCO, /* SCO */
145 IH_OS_DELL, /* Dell */
146 IH_OS_NCR, /* NCR */
147 IH_OS_LYNXOS, /* LynxOS */
148 IH_OS_VXWORKS, /* VxWorks */
149 IH_OS_PSOS, /* pSOS */
150 IH_OS_QNX, /* QNX */
151 IH_OS_U_BOOT, /* Firmware */
152 IH_OS_RTEMS, /* RTEMS */
153 IH_OS_ARTOS, /* ARTOS */
154 IH_OS_UNITY, /* Unity OS */
155 IH_OS_INTEGRITY, /* INTEGRITY */
156 IH_OS_OSE, /* OSE */
157 IH_OS_PLAN9, /* Plan 9 */
158 IH_OS_OPENRTOS, /* OpenRTOS */
159 IH_OS_ARM_TRUSTED_FIRMWARE, /* ARM Trusted Firmware */
160 IH_OS_TEE, /* Trusted Execution Environment */
161 IH_OS_OPENSBI, /* RISC-V OpenSBI */
162
163 IH_OS_COUNT,
164 };
165
166 /*
167 * CPU Architecture Codes (supported by Linux)
168 *
169 * The following are exposed to uImage header.
170 * New IDs *MUST* be appended at the end of the list and *NEVER*
171 * inserted for backward compatibility.
172 */
173 enum {
174 IH_ARCH_INVALID = 0, /* Invalid CPU */
175 IH_ARCH_ALPHA, /* Alpha */
176 IH_ARCH_ARM, /* ARM */
177 IH_ARCH_I386, /* Intel x86 */
178 IH_ARCH_IA64, /* IA64 */
179 IH_ARCH_MIPS, /* MIPS */
180 IH_ARCH_MIPS64, /* MIPS 64 Bit */
181 IH_ARCH_PPC, /* PowerPC */
182 IH_ARCH_S390, /* IBM S390 */
183 IH_ARCH_SH, /* SuperH */
184 IH_ARCH_SPARC, /* Sparc */
185 IH_ARCH_SPARC64, /* Sparc 64 Bit */
186 IH_ARCH_M68K, /* M68K */
187 IH_ARCH_NIOS, /* Nios-32 */
188 IH_ARCH_MICROBLAZE, /* MicroBlaze */
189 IH_ARCH_NIOS2, /* Nios-II */
190 IH_ARCH_BLACKFIN, /* Blackfin */
191 IH_ARCH_AVR32, /* AVR32 */
192 IH_ARCH_ST200, /* STMicroelectronics ST200 */
193 IH_ARCH_SANDBOX, /* Sandbox architecture (test only) */
194 IH_ARCH_NDS32, /* ANDES Technology - NDS32 */
195 IH_ARCH_OPENRISC, /* OpenRISC 1000 */
196 IH_ARCH_ARM64, /* ARM64 */
197 IH_ARCH_ARC, /* Synopsys DesignWare ARC */
198 IH_ARCH_X86_64, /* AMD x86_64, Intel and Via */
199 IH_ARCH_XTENSA, /* Xtensa */
200 IH_ARCH_RISCV, /* RISC-V */
201
202 IH_ARCH_COUNT,
203 };
204
205 /*
206 * Image Types
207 *
208 * "Standalone Programs" are directly runnable in the environment
209 * provided by U-Boot; it is expected that (if they behave
210 * well) you can continue to work in U-Boot after return from
211 * the Standalone Program.
212 * "OS Kernel Images" are usually images of some Embedded OS which
213 * will take over control completely. Usually these programs
214 * will install their own set of exception handlers, device
215 * drivers, set up the MMU, etc. - this means, that you cannot
216 * expect to re-enter U-Boot except by resetting the CPU.
217 * "RAMDisk Images" are more or less just data blocks, and their
218 * parameters (address, size) are passed to an OS kernel that is
219 * being started.
220 * "Multi-File Images" contain several images, typically an OS
221 * (Linux) kernel image and one or more data images like
222 * RAMDisks. This construct is useful for instance when you want
223 * to boot over the network using BOOTP etc., where the boot
224 * server provides just a single image file, but you want to get
225 * for instance an OS kernel and a RAMDisk image.
226 *
227 * "Multi-File Images" start with a list of image sizes, each
228 * image size (in bytes) specified by an "uint32_t" in network
229 * byte order. This list is terminated by an "(uint32_t)0".
230 * Immediately after the terminating 0 follow the images, one by
231 * one, all aligned on "uint32_t" boundaries (size rounded up to
232 * a multiple of 4 bytes - except for the last file).
233 *
234 * "Firmware Images" are binary images containing firmware (like
235 * U-Boot or FPGA images) which usually will be programmed to
236 * flash memory.
237 *
238 * "Script files" are command sequences that will be executed by
239 * U-Boot's command interpreter; this feature is especially
240 * useful when you configure U-Boot to use a real shell (hush)
241 * as command interpreter (=> Shell Scripts).
242 *
243 * The following are exposed to uImage header.
244 * New IDs *MUST* be appended at the end of the list and *NEVER*
245 * inserted for backward compatibility.
246 */
247
248 enum {
249 IH_TYPE_INVALID = 0, /* Invalid Image */
250 IH_TYPE_STANDALONE, /* Standalone Program */
251 IH_TYPE_KERNEL, /* OS Kernel Image */
252 IH_TYPE_RAMDISK, /* RAMDisk Image */
253 IH_TYPE_MULTI, /* Multi-File Image */
254 IH_TYPE_FIRMWARE, /* Firmware Image */
255 IH_TYPE_SCRIPT, /* Script file */
256 IH_TYPE_FILESYSTEM, /* Filesystem Image (any type) */
257 IH_TYPE_FLATDT, /* Binary Flat Device Tree Blob */
258 IH_TYPE_KWBIMAGE, /* Kirkwood Boot Image */
259 IH_TYPE_IMXIMAGE, /* Freescale IMXBoot Image */
260 IH_TYPE_UBLIMAGE, /* Davinci UBL Image */
261 IH_TYPE_OMAPIMAGE, /* TI OMAP Config Header Image */
262 IH_TYPE_AISIMAGE, /* TI Davinci AIS Image */
263 /* OS Kernel Image, can run from any load address */
264 IH_TYPE_KERNEL_NOLOAD,
265 IH_TYPE_PBLIMAGE, /* Freescale PBL Boot Image */
266 IH_TYPE_MXSIMAGE, /* Freescale MXSBoot Image */
267 IH_TYPE_GPIMAGE, /* TI Keystone GPHeader Image */
268 IH_TYPE_ATMELIMAGE, /* ATMEL ROM bootable Image */
269 IH_TYPE_SOCFPGAIMAGE, /* Altera SOCFPGA CV/AV Preloader */
270 IH_TYPE_X86_SETUP, /* x86 setup.bin Image */
271 IH_TYPE_LPC32XXIMAGE, /* x86 setup.bin Image */
272 IH_TYPE_LOADABLE, /* A list of typeless images */
273 IH_TYPE_RKIMAGE, /* Rockchip Boot Image */
274 IH_TYPE_RKSD, /* Rockchip SD card */
275 IH_TYPE_RKSPI, /* Rockchip SPI image */
276 IH_TYPE_ZYNQIMAGE, /* Xilinx Zynq Boot Image */
277 IH_TYPE_ZYNQMPIMAGE, /* Xilinx ZynqMP Boot Image */
278 IH_TYPE_ZYNQMPBIF, /* Xilinx ZynqMP Boot Image (bif) */
279 IH_TYPE_FPGA, /* FPGA Image */
280 IH_TYPE_VYBRIDIMAGE, /* VYBRID .vyb Image */
281 IH_TYPE_TEE, /* Trusted Execution Environment OS Image */
282 IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */
283 IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */
284 IH_TYPE_STM32IMAGE, /* STMicroelectronics STM32 Image */
285 IH_TYPE_SOCFPGAIMAGE_V1, /* Altera SOCFPGA A10 Preloader */
286 IH_TYPE_MTKIMAGE, /* MediaTek BootROM loadable Image */
287 IH_TYPE_IMX8MIMAGE, /* Freescale IMX8MBoot Image */
288 IH_TYPE_IMX8IMAGE, /* Freescale IMX8Boot Image */
289 IH_TYPE_COPRO, /* Coprocessor Image for remoteproc*/
290
291 IH_TYPE_COUNT, /* Number of image types */
292 };
293
294 /*
295 * Compression Types
296 *
297 * The following are exposed to uImage header.
298 * New IDs *MUST* be appended at the end of the list and *NEVER*
299 * inserted for backward compatibility.
300 */
301 enum {
302 IH_COMP_NONE = 0, /* No Compression Used */
303 IH_COMP_GZIP, /* gzip Compression Used */
304 IH_COMP_BZIP2, /* bzip2 Compression Used */
305 IH_COMP_LZMA, /* lzma Compression Used */
306 IH_COMP_LZO, /* lzo Compression Used */
307 IH_COMP_LZ4, /* lz4 Compression Used */
308
309 IH_COMP_COUNT,
310 };
311
312 #define LZ4F_MAGIC 0x184D2204 /* LZ4 Magic Number */
313 #define IH_MAGIC 0x27051956 /* Image Magic Number */
314 #define IH_NMLEN 32 /* Image Name Length */
315
316 /* Reused from common.h */
317 #define ROUND(a, b) (((a) + (b) - 1) & ~((b) - 1))
318
319 /*
320 * Legacy format image header,
321 * all data in network byte order (aka natural aka bigendian).
322 */
323 typedef struct image_header {
324 uint32_t ih_magic; /* Image Header Magic Number */
325 uint32_t ih_hcrc; /* Image Header CRC Checksum */
326 uint32_t ih_time; /* Image Creation Timestamp */
327 uint32_t ih_size; /* Image Data Size */
328 uint32_t ih_load; /* Data Load Address */
329 uint32_t ih_ep; /* Entry Point Address */
330 uint32_t ih_dcrc; /* Image Data CRC Checksum */
331 uint8_t ih_os; /* Operating System */
332 uint8_t ih_arch; /* CPU architecture */
333 uint8_t ih_type; /* Image Type */
334 uint8_t ih_comp; /* Compression Type */
335 uint8_t ih_name[IH_NMLEN]; /* Image Name */
336 } image_header_t;
337
338 typedef struct image_info {
339 ulong start, end; /* start/end of blob */
340 ulong image_start, image_len; /* start of image within blob, len of image */
341 ulong load; /* load addr for the image */
342 uint8_t comp, type, os; /* compression, type of image, os type */
343 uint8_t arch; /* CPU architecture */
344 } image_info_t;
345
346 /*
347 * Legacy and FIT format headers used by do_bootm() and do_bootm_<os>()
348 * routines.
349 */
350 typedef struct bootm_headers {
351 /*
352 * Legacy os image header, if it is a multi component image
353 * then boot_get_ramdisk() and get_fdt() will attempt to get
354 * data from second and third component accordingly.
355 */
356 image_header_t *legacy_hdr_os; /* image header pointer */
357 image_header_t legacy_hdr_os_copy; /* header copy */
358 ulong legacy_hdr_valid;
359
360 #if IMAGE_ENABLE_FIT
361 const char *fit_uname_cfg; /* configuration node unit name */
362
363 void *fit_hdr_os; /* os FIT image header */
364 const char *fit_uname_os; /* os subimage node unit name */
365 int fit_noffset_os; /* os subimage node offset */
366
367 void *fit_hdr_rd; /* init ramdisk FIT image header */
368 const char *fit_uname_rd; /* init ramdisk subimage node unit name */
369 int fit_noffset_rd; /* init ramdisk subimage node offset */
370
371 void *fit_hdr_fdt; /* FDT blob FIT image header */
372 const char *fit_uname_fdt; /* FDT blob subimage node unit name */
373 int fit_noffset_fdt;/* FDT blob subimage node offset */
374
375 void *fit_hdr_setup; /* x86 setup FIT image header */
376 const char *fit_uname_setup; /* x86 setup subimage node name */
377 int fit_noffset_setup;/* x86 setup subimage node offset */
378 #endif
379
380 #ifndef USE_HOSTCC
381 image_info_t os; /* os image info */
382 ulong ep; /* entry point of OS */
383
384 ulong rd_start, rd_end;/* ramdisk start/end */
385
386 char *ft_addr; /* flat dev tree address */
387 ulong ft_len; /* length of flat device tree */
388
389 ulong initrd_start;
390 ulong initrd_end;
391 ulong cmdline_start;
392 ulong cmdline_end;
393 bd_t *kbd;
394 #endif
395
396 int verify; /* env_get("verify")[0] != 'n' */
397
398 #define BOOTM_STATE_START (0x00000001)
399 #define BOOTM_STATE_FINDOS (0x00000002)
400 #define BOOTM_STATE_FINDOTHER (0x00000004)
401 #define BOOTM_STATE_LOADOS (0x00000008)
402 #define BOOTM_STATE_RAMDISK (0x00000010)
403 #define BOOTM_STATE_FDT (0x00000020)
404 #define BOOTM_STATE_OS_CMDLINE (0x00000040)
405 #define BOOTM_STATE_OS_BD_T (0x00000080)
406 #define BOOTM_STATE_OS_PREP (0x00000100)
407 #define BOOTM_STATE_OS_FAKE_GO (0x00000200) /* 'Almost' run the OS */
408 #define BOOTM_STATE_OS_GO (0x00000400)
409 int state;
410
411 #ifdef CONFIG_LMB
412 struct lmb lmb; /* for memory mgmt */
413 #endif
414 } bootm_headers_t;
415
416 extern bootm_headers_t images;
417
418 /*
419 * Some systems (for example LWMON) have very short watchdog periods;
420 * we must make sure to split long operations like memmove() or
421 * checksum calculations into reasonable chunks.
422 */
423 #ifndef CHUNKSZ
424 #define CHUNKSZ (64 * 1024)
425 #endif
426
427 #ifndef CHUNKSZ_CRC32
428 #define CHUNKSZ_CRC32 (64 * 1024)
429 #endif
430
431 #ifndef CHUNKSZ_MD5
432 #define CHUNKSZ_MD5 (64 * 1024)
433 #endif
434
435 #ifndef CHUNKSZ_SHA1
436 #define CHUNKSZ_SHA1 (64 * 1024)
437 #endif
438
439 #define uimage_to_cpu(x) be32_to_cpu(x)
440 #define cpu_to_uimage(x) cpu_to_be32(x)
441
442 /*
443 * Translation table for entries of a specific type; used by
444 * get_table_entry_id() and get_table_entry_name().
445 */
446 typedef struct table_entry {
447 int id;
448 char *sname; /* short (input) name to find table entry */
449 char *lname; /* long (output) name to print for messages */
450 } table_entry_t;
451
452 /*
453 * get_table_entry_id() scans the translation table trying to find an
454 * entry that matches the given short name. If a matching entry is
455 * found, it's id is returned to the caller.
456 */
457 int get_table_entry_id(const table_entry_t *table,
458 const char *table_name, const char *name);
459 /*
460 * get_table_entry_name() scans the translation table trying to find
461 * an entry that matches the given id. If a matching entry is found,
462 * its long name is returned to the caller.
463 */
464 char *get_table_entry_name(const table_entry_t *table, char *msg, int id);
465
466 const char *genimg_get_os_name(uint8_t os);
467
468 /**
469 * genimg_get_os_short_name() - get the short name for an OS
470 *
471 * @param os OS (IH_OS_...)
472 * @return OS short name, or "unknown" if unknown
473 */
474 const char *genimg_get_os_short_name(uint8_t comp);
475
476 const char *genimg_get_arch_name(uint8_t arch);
477
478 /**
479 * genimg_get_arch_short_name() - get the short name for an architecture
480 *
481 * @param arch Architecture type (IH_ARCH_...)
482 * @return architecture short name, or "unknown" if unknown
483 */
484 const char *genimg_get_arch_short_name(uint8_t arch);
485
486 const char *genimg_get_type_name(uint8_t type);
487
488 /**
489 * genimg_get_type_short_name() - get the short name for an image type
490 *
491 * @param type Image type (IH_TYPE_...)
492 * @return image short name, or "unknown" if unknown
493 */
494 const char *genimg_get_type_short_name(uint8_t type);
495
496 const char *genimg_get_comp_name(uint8_t comp);
497
498 /**
499 * genimg_get_comp_short_name() - get the short name for a compression method
500 *
501 * @param comp compression method (IH_COMP_...)
502 * @return compression method short name, or "unknown" if unknown
503 */
504 const char *genimg_get_comp_short_name(uint8_t comp);
505
506 /**
507 * genimg_get_cat_name() - Get the name of an item in a category
508 *
509 * @category: Category of item
510 * @id: Item ID
511 * @return name of item, or "Unknown ..." if unknown
512 */
513 const char *genimg_get_cat_name(enum ih_category category, uint id);
514
515 /**
516 * genimg_get_cat_short_name() - Get the short name of an item in a category
517 *
518 * @category: Category of item
519 * @id: Item ID
520 * @return short name of item, or "Unknown ..." if unknown
521 */
522 const char *genimg_get_cat_short_name(enum ih_category category, uint id);
523
524 /**
525 * genimg_get_cat_count() - Get the number of items in a category
526 *
527 * @category: Category to check
528 * @return the number of items in the category (IH_xxx_COUNT)
529 */
530 int genimg_get_cat_count(enum ih_category category);
531
532 /**
533 * genimg_get_cat_desc() - Get the description of a category
534 *
535 * @return the description of a category, e.g. "architecture". This
536 * effectively converts the enum to a string.
537 */
538 const char *genimg_get_cat_desc(enum ih_category category);
539
540 int genimg_get_os_id(const char *name);
541 int genimg_get_arch_id(const char *name);
542 int genimg_get_type_id(const char *name);
543 int genimg_get_comp_id(const char *name);
544 void genimg_print_size(uint32_t size);
545
546 #if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || \
547 defined(USE_HOSTCC)
548 #define IMAGE_ENABLE_TIMESTAMP 1
549 #else
550 #define IMAGE_ENABLE_TIMESTAMP 0
551 #endif
552 void genimg_print_time(time_t timestamp);
553
554 /* What to do with a image load address ('load = <> 'in the FIT) */
555 enum fit_load_op {
556 FIT_LOAD_IGNORED, /* Ignore load address */
557 FIT_LOAD_OPTIONAL, /* Can be provided, but optional */
558 FIT_LOAD_OPTIONAL_NON_ZERO, /* Optional, a value of 0 is ignored */
559 FIT_LOAD_REQUIRED, /* Must be provided */
560 };
561
562 int boot_get_setup(bootm_headers_t *images, uint8_t arch, ulong *setup_start,
563 ulong *setup_len);
564
565 #ifndef USE_HOSTCC
566 /* Image format types, returned by _get_format() routine */
567 #define IMAGE_FORMAT_INVALID 0x00
568 #if defined(CONFIG_LEGACY_IMAGE_FORMAT)
569 #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */
570 #endif
571 #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */
572 #define IMAGE_FORMAT_ANDROID 0x03 /* Android boot image */
573
574 ulong genimg_get_kernel_addr_fit(char * const img_addr,
575 const char **fit_uname_config,
576 const char **fit_uname_kernel);
577 ulong genimg_get_kernel_addr(char * const img_addr);
578 int genimg_get_format(const void *img_addr);
579 int genimg_has_config(bootm_headers_t *images);
580
581 int boot_get_fpga(int argc, char * const argv[], bootm_headers_t *images,
582 uint8_t arch, const ulong *ld_start, ulong * const ld_len);
583 int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
584 uint8_t arch, ulong *rd_start, ulong *rd_end);
585
586 /**
587 * boot_get_loadable - routine to load a list of binaries to memory
588 * @argc: Ignored Argument
589 * @argv: Ignored Argument
590 * @images: pointer to the bootm images structure
591 * @arch: expected architecture for the image
592 * @ld_start: Ignored Argument
593 * @ld_len: Ignored Argument
594 *
595 * boot_get_loadable() will take the given FIT configuration, and look
596 * for a field named "loadables". Loadables, is a list of elements in
597 * the FIT given as strings. exe:
598 * loadables = "linux_kernel", "fdt-2";
599 * this function will attempt to parse each string, and load the
600 * corresponding element from the FIT into memory. Once placed,
601 * no aditional actions are taken.
602 *
603 * @return:
604 * 0, if only valid images or no images are found
605 * error code, if an error occurs during fit_image_load
606 */
607 int boot_get_loadable(int argc, char * const argv[], bootm_headers_t *images,
608 uint8_t arch, const ulong *ld_start, ulong * const ld_len);
609 #endif /* !USE_HOSTCC */
610
611 int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch,
612 ulong *setup_start, ulong *setup_len);
613
614 /**
615 * boot_get_fdt_fit() - load a DTB from a FIT file (applying overlays)
616 *
617 * This deals with all aspects of loading an DTB from a FIT.
618 * The correct base image based on configuration will be selected, and
619 * then any overlays specified will be applied (as present in fit_uname_configp).
620 *
621 * @param images Boot images structure
622 * @param addr Address of FIT in memory
623 * @param fit_unamep On entry this is the requested image name
624 * (e.g. "kernel") or NULL to use the default. On exit
625 * points to the selected image name
626 * @param fit_uname_configp On entry this is the requested configuration
627 * name (e.g. "conf-1") or NULL to use the default. On
628 * exit points to the selected configuration name.
629 * @param arch Expected architecture (IH_ARCH_...)
630 * @param datap Returns address of loaded image
631 * @param lenp Returns length of loaded image
632 *
633 * @return node offset of base image, or -ve error code on error
634 */
635 int boot_get_fdt_fit(bootm_headers_t *images, ulong addr,
636 const char **fit_unamep, const char **fit_uname_configp,
637 int arch, ulong *datap, ulong *lenp);
638
639 /**
640 * fit_image_load() - load an image from a FIT
641 *
642 * This deals with all aspects of loading an image from a FIT, including
643 * selecting the right image based on configuration, verifying it, printing
644 * out progress messages, checking the type/arch/os and optionally copying it
645 * to the right load address.
646 *
647 * The property to look up is defined by image_type.
648 *
649 * @param images Boot images structure
650 * @param addr Address of FIT in memory
651 * @param fit_unamep On entry this is the requested image name
652 * (e.g. "kernel") or NULL to use the default. On exit
653 * points to the selected image name
654 * @param fit_uname_configp On entry this is the requested configuration
655 * name (e.g. "conf-1") or NULL to use the default. On
656 * exit points to the selected configuration name.
657 * @param arch Expected architecture (IH_ARCH_...)
658 * @param image_type Required image type (IH_TYPE_...). If this is
659 * IH_TYPE_KERNEL then we allow IH_TYPE_KERNEL_NOLOAD
660 * also.
661 * @param bootstage_id ID of starting bootstage to use for progress updates.
662 * This will be added to the BOOTSTAGE_SUB values when
663 * calling bootstage_mark()
664 * @param load_op Decribes what to do with the load address
665 * @param datap Returns address of loaded image
666 * @param lenp Returns length of loaded image
667 * @return node offset of image, or -ve error code on error
668 */
669 int fit_image_load(bootm_headers_t *images, ulong addr,
670 const char **fit_unamep, const char **fit_uname_configp,
671 int arch, int image_type, int bootstage_id,
672 enum fit_load_op load_op, ulong *datap, ulong *lenp);
673
674 #ifndef USE_HOSTCC
675 /**
676 * fit_get_node_from_config() - Look up an image a FIT by type
677 *
678 * This looks in the selected conf- node (images->fit_uname_cfg) for a
679 * particular image type (e.g. "kernel") and then finds the image that is
680 * referred to.
681 *
682 * For example, for something like:
683 *
684 * images {
685 * kernel {
686 * ...
687 * };
688 * };
689 * configurations {
690 * conf-1 {
691 * kernel = "kernel";
692 * };
693 * };
694 *
695 * the function will return the node offset of the kernel@1 node, assuming
696 * that conf-1 is the chosen configuration.
697 *
698 * @param images Boot images structure
699 * @param prop_name Property name to look up (FIT_..._PROP)
700 * @param addr Address of FIT in memory
701 */
702 int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name,
703 ulong addr);
704
705 int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch,
706 bootm_headers_t *images,
707 char **of_flat_tree, ulong *of_size);
708 void boot_fdt_add_mem_rsv_regions(struct lmb *lmb, void *fdt_blob);
709 int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size);
710
711 int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len,
712 ulong *initrd_start, ulong *initrd_end);
713 int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end);
714 #ifdef CONFIG_SYS_BOOT_GET_KBD
715 int boot_get_kbd(struct lmb *lmb, bd_t **kbd);
716 #endif /* CONFIG_SYS_BOOT_GET_KBD */
717 #endif /* !USE_HOSTCC */
718
719 /*******************************************************************/
720 /* Legacy format specific code (prefixed with image_) */
721 /*******************************************************************/
image_get_header_size(void)722 static inline uint32_t image_get_header_size(void)
723 {
724 return (sizeof(image_header_t));
725 }
726
727 #define image_get_hdr_l(f) \
728 static inline uint32_t image_get_##f(const image_header_t *hdr) \
729 { \
730 return uimage_to_cpu(hdr->ih_##f); \
731 }
732 image_get_hdr_l(magic) /* image_get_magic */
image_get_hdr_l(hcrc)733 image_get_hdr_l(hcrc) /* image_get_hcrc */
734 image_get_hdr_l(time) /* image_get_time */
735 image_get_hdr_l(size) /* image_get_size */
736 image_get_hdr_l(load) /* image_get_load */
737 image_get_hdr_l(ep) /* image_get_ep */
738 image_get_hdr_l(dcrc) /* image_get_dcrc */
739
740 #define image_get_hdr_b(f) \
741 static inline uint8_t image_get_##f(const image_header_t *hdr) \
742 { \
743 return hdr->ih_##f; \
744 }
745 image_get_hdr_b(os) /* image_get_os */
746 image_get_hdr_b(arch) /* image_get_arch */
747 image_get_hdr_b(type) /* image_get_type */
748 image_get_hdr_b(comp) /* image_get_comp */
749
750 static inline char *image_get_name(const image_header_t *hdr)
751 {
752 return (char *)hdr->ih_name;
753 }
754
image_get_data_size(const image_header_t * hdr)755 static inline uint32_t image_get_data_size(const image_header_t *hdr)
756 {
757 return image_get_size(hdr);
758 }
759
760 /**
761 * image_get_data - get image payload start address
762 * @hdr: image header
763 *
764 * image_get_data() returns address of the image payload. For single
765 * component images it is image data start. For multi component
766 * images it points to the null terminated table of sub-images sizes.
767 *
768 * returns:
769 * image payload data start address
770 */
image_get_data(const image_header_t * hdr)771 static inline ulong image_get_data(const image_header_t *hdr)
772 {
773 return ((ulong)hdr + image_get_header_size());
774 }
775
image_get_image_size(const image_header_t * hdr)776 static inline uint32_t image_get_image_size(const image_header_t *hdr)
777 {
778 return (image_get_size(hdr) + image_get_header_size());
779 }
image_get_image_end(const image_header_t * hdr)780 static inline ulong image_get_image_end(const image_header_t *hdr)
781 {
782 return ((ulong)hdr + image_get_image_size(hdr));
783 }
784
785 #define image_set_hdr_l(f) \
786 static inline void image_set_##f(image_header_t *hdr, uint32_t val) \
787 { \
788 hdr->ih_##f = cpu_to_uimage(val); \
789 }
790 image_set_hdr_l(magic) /* image_set_magic */
image_set_hdr_l(hcrc)791 image_set_hdr_l(hcrc) /* image_set_hcrc */
792 image_set_hdr_l(time) /* image_set_time */
793 image_set_hdr_l(size) /* image_set_size */
794 image_set_hdr_l(load) /* image_set_load */
795 image_set_hdr_l(ep) /* image_set_ep */
796 image_set_hdr_l(dcrc) /* image_set_dcrc */
797
798 #define image_set_hdr_b(f) \
799 static inline void image_set_##f(image_header_t *hdr, uint8_t val) \
800 { \
801 hdr->ih_##f = val; \
802 }
803 image_set_hdr_b(os) /* image_set_os */
804 image_set_hdr_b(arch) /* image_set_arch */
805 image_set_hdr_b(type) /* image_set_type */
806 image_set_hdr_b(comp) /* image_set_comp */
807
808 static inline void image_set_name(image_header_t *hdr, const char *name)
809 {
810 strncpy(image_get_name(hdr), name, IH_NMLEN);
811 }
812
813 int image_check_hcrc(const image_header_t *hdr);
814 int image_check_dcrc(const image_header_t *hdr);
815 #ifndef USE_HOSTCC
816 ulong env_get_bootm_low(void);
817 phys_size_t env_get_bootm_size(void);
818 phys_size_t env_get_bootm_mapsize(void);
819 #endif
820 void memmove_wd(void *to, void *from, size_t len, ulong chunksz);
821
image_check_magic(const image_header_t * hdr)822 static inline int image_check_magic(const image_header_t *hdr)
823 {
824 return (image_get_magic(hdr) == IH_MAGIC);
825 }
image_check_type(const image_header_t * hdr,uint8_t type)826 static inline int image_check_type(const image_header_t *hdr, uint8_t type)
827 {
828 return (image_get_type(hdr) == type);
829 }
image_check_arch(const image_header_t * hdr,uint8_t arch)830 static inline int image_check_arch(const image_header_t *hdr, uint8_t arch)
831 {
832 return (image_get_arch(hdr) == arch) ||
833 (image_get_arch(hdr) == IH_ARCH_ARM && arch == IH_ARCH_ARM64);
834 }
image_check_os(const image_header_t * hdr,uint8_t os)835 static inline int image_check_os(const image_header_t *hdr, uint8_t os)
836 {
837 return (image_get_os(hdr) == os);
838 }
839
840 ulong image_multi_count(const image_header_t *hdr);
841 void image_multi_getimg(const image_header_t *hdr, ulong idx,
842 ulong *data, ulong *len);
843
844 void image_print_contents(const void *hdr);
845
846 #ifndef USE_HOSTCC
image_check_target_arch(const image_header_t * hdr)847 static inline int image_check_target_arch(const image_header_t *hdr)
848 {
849 #ifndef IH_ARCH_DEFAULT
850 # error "please define IH_ARCH_DEFAULT in your arch asm/u-boot.h"
851 #endif
852 return image_check_arch(hdr, IH_ARCH_DEFAULT);
853 }
854 #endif /* USE_HOSTCC */
855
856 /**
857 * image_decomp() - decompress an image
858 *
859 * @comp: Compression algorithm that is used (IH_COMP_...)
860 * @load: Destination load address in U-Boot memory
861 * @image_start Image start address (where we are decompressing from)
862 * @type: OS type (IH_OS_...)
863 * @load_bug: Place to decompress to
864 * @image_buf: Address to decompress from
865 * @image_len: Number of bytes in @image_buf to decompress
866 * @unc_len: Available space for decompression
867 * @return 0 if OK, -ve on error (BOOTM_ERR_...)
868 */
869 int image_decomp(int comp, ulong load, ulong image_start, int type,
870 void *load_buf, void *image_buf, ulong image_len,
871 uint unc_len, ulong *load_end);
872
873 /**
874 * Set up properties in the FDT
875 *
876 * This sets up properties in the FDT that is to be passed to linux.
877 *
878 * @images: Images information
879 * @blob: FDT to update
880 * @of_size: Size of the FDT
881 * @lmb: Points to logical memory block structure
882 * @return 0 if ok, <0 on failure
883 */
884 int image_setup_libfdt(bootm_headers_t *images, void *blob,
885 int of_size, struct lmb *lmb);
886
887 /**
888 * Set up the FDT to use for booting a kernel
889 *
890 * This performs ramdisk setup, sets up the FDT if required, and adds
891 * paramters to the FDT if libfdt is available.
892 *
893 * @param images Images information
894 * @return 0 if ok, <0 on failure
895 */
896 int image_setup_linux(bootm_headers_t *images);
897
898 /**
899 * bootz_setup() - Extract stat and size of a Linux xImage
900 *
901 * @image: Address of image
902 * @start: Returns start address of image
903 * @end : Returns end address of image
904 * @return 0 if OK, 1 if the image was not recognised
905 */
906 int bootz_setup(ulong image, ulong *start, ulong *end);
907
908 /**
909 * Return the correct start address and size of a Linux aarch64 Image.
910 *
911 * @image: Address of image
912 * @start: Returns start address of image
913 * @size : Returns size image
914 * @force_reloc: Ignore image->ep field, always place image to RAM start
915 * @return 0 if OK, 1 if the image was not recognised
916 */
917 int booti_setup(ulong image, ulong *relocated_addr, ulong *size,
918 bool force_reloc);
919
920 /*******************************************************************/
921 /* New uImage format specific code (prefixed with fit_) */
922 /*******************************************************************/
923
924 #define FIT_IMAGES_PATH "/images"
925 #define FIT_CONFS_PATH "/configurations"
926
927 /* hash/signature/key node */
928 #define FIT_HASH_NODENAME "hash"
929 #define FIT_ALGO_PROP "algo"
930 #define FIT_VALUE_PROP "value"
931 #define FIT_IGNORE_PROP "uboot-ignore"
932 #define FIT_SIG_NODENAME "signature"
933 #define FIT_KEY_REQUIRED "required"
934 #define FIT_KEY_HINT "key-name-hint"
935
936 /* cipher node */
937 #define FIT_CIPHER_NODENAME "cipher"
938 #define FIT_ALGO_PROP "algo"
939
940 /* image node */
941 #define FIT_DATA_PROP "data"
942 #define FIT_DATA_POSITION_PROP "data-position"
943 #define FIT_DATA_OFFSET_PROP "data-offset"
944 #define FIT_DATA_SIZE_PROP "data-size"
945 #define FIT_TIMESTAMP_PROP "timestamp"
946 #define FIT_DESC_PROP "description"
947 #define FIT_ARCH_PROP "arch"
948 #define FIT_TYPE_PROP "type"
949 #define FIT_OS_PROP "os"
950 #define FIT_COMP_PROP "compression"
951 #define FIT_ENTRY_PROP "entry"
952 #define FIT_LOAD_PROP "load"
953
954 /* configuration node */
955 #define FIT_KERNEL_PROP "kernel"
956 #define FIT_RAMDISK_PROP "ramdisk"
957 #define FIT_FDT_PROP "fdt"
958 #define FIT_LOADABLE_PROP "loadables"
959 #define FIT_DEFAULT_PROP "default"
960 #define FIT_SETUP_PROP "setup"
961 #define FIT_FPGA_PROP "fpga"
962 #define FIT_FIRMWARE_PROP "firmware"
963 #define FIT_STANDALONE_PROP "standalone"
964
965 #define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE
966
967 #if IMAGE_ENABLE_FIT
968 /* cmdline argument format parsing */
969 int fit_parse_conf(const char *spec, ulong addr_curr,
970 ulong *addr, const char **conf_name);
971 int fit_parse_subimage(const char *spec, ulong addr_curr,
972 ulong *addr, const char **image_name);
973
974 int fit_get_subimage_count(const void *fit, int images_noffset);
975 void fit_print_contents(const void *fit);
976 void fit_image_print(const void *fit, int noffset, const char *p);
977
978 /**
979 * fit_get_end - get FIT image size
980 * @fit: pointer to the FIT format image header
981 *
982 * returns:
983 * size of the FIT image (blob) in memory
984 */
fit_get_size(const void * fit)985 static inline ulong fit_get_size(const void *fit)
986 {
987 return fdt_totalsize(fit);
988 }
989
990 /**
991 * fit_get_end - get FIT image end
992 * @fit: pointer to the FIT format image header
993 *
994 * returns:
995 * end address of the FIT image (blob) in memory
996 */
997 ulong fit_get_end(const void *fit);
998
999 /**
1000 * fit_get_name - get FIT node name
1001 * @fit: pointer to the FIT format image header
1002 *
1003 * returns:
1004 * NULL, on error
1005 * pointer to node name, on success
1006 */
fit_get_name(const void * fit_hdr,int noffset,int * len)1007 static inline const char *fit_get_name(const void *fit_hdr,
1008 int noffset, int *len)
1009 {
1010 return fdt_get_name(fit_hdr, noffset, len);
1011 }
1012
1013 int fit_get_desc(const void *fit, int noffset, char **desc);
1014 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp);
1015
1016 int fit_image_get_node(const void *fit, const char *image_uname);
1017 int fit_image_get_os(const void *fit, int noffset, uint8_t *os);
1018 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch);
1019 int fit_image_get_type(const void *fit, int noffset, uint8_t *type);
1020 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp);
1021 int fit_image_get_load(const void *fit, int noffset, ulong *load);
1022 int fit_image_get_entry(const void *fit, int noffset, ulong *entry);
1023 int fit_image_get_data(const void *fit, int noffset,
1024 const void **data, size_t *size);
1025 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset);
1026 int fit_image_get_data_position(const void *fit, int noffset,
1027 int *data_position);
1028 int fit_image_get_data_size(const void *fit, int noffset, int *data_size);
1029 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
1030 size_t *data_size);
1031 int fit_image_get_data_and_size(const void *fit, int noffset,
1032 const void **data, size_t *size);
1033
1034 int fit_image_hash_get_algo(const void *fit, int noffset, char **algo);
1035 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1036 int *value_len);
1037
1038 int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
1039
1040 int fit_cipher_data(const char *keydir, void *keydest, void *fit,
1041 const char *comment, int require_keys,
1042 const char *engine_id, const char *cmdname);
1043
1044 /**
1045 * fit_add_verification_data() - add verification data to FIT image nodes
1046 *
1047 * @keydir: Directory containing keys
1048 * @kwydest: FDT blob to write public key information to
1049 * @fit: Pointer to the FIT format image header
1050 * @comment: Comment to add to signature nodes
1051 * @require_keys: Mark all keys as 'required'
1052 * @engine_id: Engine to use for signing
1053 * @cmdname: Command name used when reporting errors
1054 *
1055 * Adds hash values for all component images in the FIT blob.
1056 * Hashes are calculated for all component images which have hash subnodes
1057 * with algorithm property set to one of the supported hash algorithms.
1058 *
1059 * Also add signatures if signature nodes are present.
1060 *
1061 * returns
1062 * 0, on success
1063 * libfdt error code, on failure
1064 */
1065 int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
1066 const char *comment, int require_keys,
1067 const char *engine_id, const char *cmdname);
1068
1069 int fit_image_verify_with_data(const void *fit, int image_noffset,
1070 const void *data, size_t size);
1071 int fit_image_verify(const void *fit, int noffset);
1072 int fit_config_verify(const void *fit, int conf_noffset);
1073 int fit_all_image_verify(const void *fit);
1074 int fit_config_decrypt(const void *fit, int conf_noffset);
1075 int fit_image_check_os(const void *fit, int noffset, uint8_t os);
1076 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch);
1077 int fit_image_check_type(const void *fit, int noffset, uint8_t type);
1078 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp);
1079
1080 /**
1081 * fit_check_format() - Check that the FIT is valid
1082 *
1083 * This performs various checks on the FIT to make sure it is suitable for
1084 * use, looking for mandatory properties, nodes, etc.
1085 *
1086 * If FIT_FULL_CHECK is enabled, it also runs it through libfdt to make
1087 * sure that there are no strange tags or broken nodes in the FIT.
1088 *
1089 * @fit: pointer to the FIT format image header
1090 * @return 0 if OK, -ENOEXEC if not an FDT file, -EINVAL if the full FDT check
1091 * failed (e.g. due to bad structure), -ENOMSG if the description is
1092 * missing, -ENODATA if the timestamp is missing, -ENOENT if the /images
1093 * path is missing
1094 */
1095 int fit_check_format(const void *fit, ulong size);
1096
1097 int fit_conf_find_compat(const void *fit, const void *fdt);
1098
1099 /**
1100 * fit_conf_get_node - get node offset for configuration of a given unit name
1101 * @fit: pointer to the FIT format image header
1102 * @conf_uname: configuration node unit name (NULL to use default)
1103 *
1104 * fit_conf_get_node() finds a configuration (within the '/configurations'
1105 * parent node) of a provided unit name. If configuration is found its node
1106 * offset is returned to the caller.
1107 *
1108 * When NULL is provided in second argument fit_conf_get_node() will search
1109 * for a default configuration node instead. Default configuration node unit
1110 * name is retrieved from FIT_DEFAULT_PROP property of the '/configurations'
1111 * node.
1112 *
1113 * returns:
1114 * configuration node offset when found (>=0)
1115 * negative number on failure (FDT_ERR_* code)
1116 */
1117 int fit_conf_get_node(const void *fit, const char *conf_uname);
1118
1119 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1120 const char *prop_name);
1121 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1122 const char *prop_name, int index);
1123
1124 /**
1125 * fit_conf_get_prop_node() - Get node refered to by a configuration
1126 * @fit: FIT to check
1127 * @noffset: Offset of conf@xxx node to check
1128 * @prop_name: Property to read from the conf node
1129 *
1130 * The conf- nodes contain references to other nodes, using properties
1131 * like 'kernel = "kernel"'. Given such a property name (e.g. "kernel"),
1132 * return the offset of the node referred to (e.g. offset of node
1133 * "/images/kernel".
1134 */
1135 int fit_conf_get_prop_node(const void *fit, int noffset,
1136 const char *prop_name);
1137
1138 int fit_check_ramdisk(const void *fit, int os_noffset,
1139 uint8_t arch, int verify);
1140
1141 int calculate_hash(const void *data, int data_len, const char *algo,
1142 uint8_t *value, int *value_len);
1143
1144 /*
1145 * At present we only support signing on the host, and verification on the
1146 * device
1147 */
1148 #if defined(USE_HOSTCC)
1149 # if defined(CONFIG_FIT_SIGNATURE)
1150 # define IMAGE_ENABLE_SIGN 1
1151 # define IMAGE_ENABLE_VERIFY 1
1152 # include <openssl/evp.h>
1153 # else
1154 # define IMAGE_ENABLE_SIGN 0
1155 # define IMAGE_ENABLE_VERIFY 0
1156 # endif
1157 #else
1158 # define IMAGE_ENABLE_SIGN 0
1159 # define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
1160 #endif
1161
1162 #ifdef USE_HOSTCC
1163 void *image_get_host_blob(void);
1164 void image_set_host_blob(void *host_blob);
1165 # define gd_fdt_blob() image_get_host_blob()
1166 #else
1167 # define gd_fdt_blob() (gd->fdt_blob)
1168 #endif
1169
1170 #ifdef CONFIG_FIT_BEST_MATCH
1171 #define IMAGE_ENABLE_BEST_MATCH 1
1172 #else
1173 #define IMAGE_ENABLE_BEST_MATCH 0
1174 #endif
1175
1176 /* Information passed to the signing routines */
1177 struct image_sign_info {
1178 const char *keydir; /* Directory conaining keys */
1179 const char *keyname; /* Name of key to use */
1180 void *fit; /* Pointer to FIT blob */
1181 int node_offset; /* Offset of signature node */
1182 const char *name; /* Algorithm name */
1183 struct checksum_algo *checksum; /* Checksum algorithm information */
1184 struct padding_algo *padding; /* Padding algorithm information */
1185 struct crypto_algo *crypto; /* Crypto algorithm information */
1186 const void *fdt_blob; /* FDT containing public keys */
1187 int required_keynode; /* Node offset of key to use: -1=any */
1188 const char *require_keys; /* Value for 'required' property */
1189 const char *engine_id; /* Engine to use for signing */
1190 };
1191
1192 #endif /* Allow struct image_region to always be defined for rsa.h */
1193
1194 /* A part of an image, used for hashing */
1195 struct image_region {
1196 const void *data;
1197 int size;
1198 };
1199
1200 #if IMAGE_ENABLE_FIT
1201
1202 #if IMAGE_ENABLE_VERIFY
1203 # include <u-boot/rsa-checksum.h>
1204 #endif
1205 struct checksum_algo {
1206 const char *name;
1207 const int checksum_len;
1208 const int der_len;
1209 const uint8_t *der_prefix;
1210 #if IMAGE_ENABLE_SIGN
1211 const EVP_MD *(*calculate_sign)(void);
1212 #endif
1213 int (*calculate)(const char *name,
1214 const struct image_region region[],
1215 int region_count, uint8_t *checksum);
1216 };
1217
1218 struct crypto_algo {
1219 const char *name; /* Name of algorithm */
1220 const int key_len;
1221
1222 /**
1223 * sign() - calculate and return signature for given input data
1224 *
1225 * @info: Specifies key and FIT information
1226 * @data: Pointer to the input data
1227 * @data_len: Data length
1228 * @sigp: Set to an allocated buffer holding the signature
1229 * @sig_len: Set to length of the calculated hash
1230 *
1231 * This computes input data signature according to selected algorithm.
1232 * Resulting signature value is placed in an allocated buffer, the
1233 * pointer is returned as *sigp. The length of the calculated
1234 * signature is returned via the sig_len pointer argument. The caller
1235 * should free *sigp.
1236 *
1237 * @return: 0, on success, -ve on error
1238 */
1239 int (*sign)(struct image_sign_info *info,
1240 const struct image_region region[],
1241 int region_count, uint8_t **sigp, uint *sig_len);
1242
1243 /**
1244 * add_verify_data() - Add verification information to FDT
1245 *
1246 * Add public key information to the FDT node, suitable for
1247 * verification at run-time. The information added depends on the
1248 * algorithm being used.
1249 *
1250 * @info: Specifies key and FIT information
1251 * @keydest: Destination FDT blob for public key data
1252 * @return: 0, on success, -ve on error
1253 */
1254 int (*add_verify_data)(struct image_sign_info *info, void *keydest);
1255
1256 /**
1257 * verify() - Verify a signature against some data
1258 *
1259 * @info: Specifies key and FIT information
1260 * @data: Pointer to the input data
1261 * @data_len: Data length
1262 * @sig: Signature
1263 * @sig_len: Number of bytes in signature
1264 * @return 0 if verified, -ve on error
1265 */
1266 int (*verify)(struct image_sign_info *info,
1267 const struct image_region region[], int region_count,
1268 uint8_t *sig, uint sig_len);
1269 };
1270
1271 struct padding_algo {
1272 const char *name;
1273 int (*verify)(struct image_sign_info *info,
1274 uint8_t *pad, int pad_len,
1275 const uint8_t *hash, int hash_len);
1276 };
1277
1278 /**
1279 * image_get_checksum_algo() - Look up a checksum algorithm
1280 *
1281 * @param full_name Name of algorithm in the form "checksum,crypto"
1282 * @return pointer to algorithm information, or NULL if not found
1283 */
1284 struct checksum_algo *image_get_checksum_algo(const char *full_name);
1285
1286 /**
1287 * image_get_crypto_algo() - Look up a cryptosystem algorithm
1288 *
1289 * @param full_name Name of algorithm in the form "checksum,crypto"
1290 * @return pointer to algorithm information, or NULL if not found
1291 */
1292 struct crypto_algo *image_get_crypto_algo(const char *full_name);
1293
1294 /**
1295 * image_get_padding_algo() - Look up a padding algorithm
1296 *
1297 * @param name Name of padding algorithm
1298 * @return pointer to algorithm information, or NULL if not found
1299 */
1300 struct padding_algo *image_get_padding_algo(const char *name);
1301
1302 /**
1303 * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
1304 *
1305 * @fit: FIT to check
1306 * @image_noffset: Offset of image node to check
1307 * @data: Image data to check
1308 * @size: Size of image data
1309 * @sig_blob: FDT containing public keys
1310 * @no_sigsp: Returns 1 if no signatures were required, and
1311 * therefore nothing was checked. The caller may wish
1312 * to fall back to other mechanisms, or refuse to
1313 * boot.
1314 * @return 0 if all verified ok, <0 on error
1315 */
1316 int fit_image_verify_required_sigs(const void *fit, int image_noffset,
1317 const char *data, size_t size, const void *sig_blob,
1318 int *no_sigsp);
1319
1320 /**
1321 * fit_image_check_sig() - Check a single image signature node
1322 *
1323 * @fit: FIT to check
1324 * @noffset: Offset of signature node to check
1325 * @data: Image data to check
1326 * @size: Size of image data
1327 * @required_keynode: Offset in the control FDT of the required key node,
1328 * if any. If this is given, then the image wil not
1329 * pass verification unless that key is used. If this is
1330 * -1 then any signature will do.
1331 * @err_msgp: In the event of an error, this will be pointed to a
1332 * help error string to display to the user.
1333 * @return 0 if all verified ok, <0 on error
1334 */
1335 int fit_image_check_sig(const void *fit, int noffset, const void *data,
1336 size_t size, int required_keynode, char **err_msgp);
1337
1338 int fit_image_decrypt_data(const void *fit,
1339 int image_noffset, int cipher_noffset,
1340 const void *data, size_t size,
1341 void **data_unciphered, size_t *size_unciphered);
1342
1343 /**
1344 * fit_region_make_list() - Make a list of regions to hash
1345 *
1346 * Given a list of FIT regions (offset, size) provided by libfdt, create
1347 * a list of regions (void *, size) for use by the signature creationg
1348 * and verification code.
1349 *
1350 * @fit: FIT image to process
1351 * @fdt_regions: Regions as returned by libfdt
1352 * @count: Number of regions returned by libfdt
1353 * @region: Place to put list of regions (NULL to allocate it)
1354 * @return pointer to list of regions, or NULL if out of memory
1355 */
1356 struct image_region *fit_region_make_list(const void *fit,
1357 struct fdt_region *fdt_regions, int count,
1358 struct image_region *region);
1359
fit_image_check_target_arch(const void * fdt,int node)1360 static inline int fit_image_check_target_arch(const void *fdt, int node)
1361 {
1362 #ifndef USE_HOSTCC
1363 return fit_image_check_arch(fdt, node, IH_ARCH_DEFAULT);
1364 #else
1365 return 0;
1366 #endif
1367 }
1368
1369 /*
1370 * At present we only support ciphering on the host, and unciphering on the
1371 * device
1372 */
1373 #if defined(USE_HOSTCC)
1374 # if defined(CONFIG_FIT_CIPHER)
1375 # define IMAGE_ENABLE_ENCRYPT 1
1376 # define IMAGE_ENABLE_DECRYPT 1
1377 # include <openssl/evp.h>
1378 # else
1379 # define IMAGE_ENABLE_ENCRYPT 0
1380 # define IMAGE_ENABLE_DECRYPT 0
1381 # endif
1382 #else
1383 # define IMAGE_ENABLE_ENCRYPT 0
1384 # define IMAGE_ENABLE_DECRYPT CONFIG_IS_ENABLED(FIT_CIPHER)
1385 #endif
1386
1387 /* Information passed to the ciphering routines */
1388 struct image_cipher_info {
1389 const char *keydir; /* Directory containing keys */
1390 const char *keyname; /* Name of key to use */
1391 const char *ivname; /* Name of IV to use */
1392 const void *fit; /* Pointer to FIT blob */
1393 int node_noffset; /* Offset of the cipher node */
1394 const char *name; /* Algorithm name */
1395 struct cipher_algo *cipher; /* Cipher algorithm information */
1396 const void *fdt_blob; /* FDT containing key and IV */
1397 const void *key; /* Value of the key */
1398 const void *iv; /* Value of the IV */
1399 size_t size_unciphered; /* Size of the unciphered data */
1400 };
1401
1402 struct cipher_algo {
1403 const char *name; /* Name of algorithm */
1404 int key_len; /* Length of the key */
1405 int iv_len; /* Length of the IV */
1406
1407 #if IMAGE_ENABLE_ENCRYPT
1408 const EVP_CIPHER * (*calculate_type)(void);
1409 #endif
1410
1411 int (*encrypt)(struct image_cipher_info *info,
1412 const unsigned char *data, int data_len,
1413 unsigned char **cipher, int *cipher_len);
1414
1415 int (*add_cipher_data)(struct image_cipher_info *info,
1416 void *keydest);
1417
1418 int (*decrypt)(struct image_cipher_info *info,
1419 const void *cipher, size_t cipher_len,
1420 void **data, size_t *data_len);
1421 };
1422
1423 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo);
1424
1425 struct cipher_algo *image_get_cipher_algo(const char *full_name);
1426
1427 #ifdef CONFIG_FIT_VERBOSE
1428 #define fit_unsupported(msg) printf("! %s:%d " \
1429 "FIT images not supported for '%s'\n", \
1430 __FILE__, __LINE__, (msg))
1431
1432 #define fit_unsupported_reset(msg) printf("! %s:%d " \
1433 "FIT images not supported for '%s' " \
1434 "- must reset board to recover!\n", \
1435 __FILE__, __LINE__, (msg))
1436 #else
1437 #define fit_unsupported(msg)
1438 #define fit_unsupported_reset(msg)
1439 #endif /* CONFIG_FIT_VERBOSE */
1440 #endif /* CONFIG_FIT */
1441
1442 #if defined(CONFIG_ANDROID_BOOT_IMAGE)
1443 struct andr_img_hdr;
1444 int android_image_check_header(const struct andr_img_hdr *hdr);
1445 int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify,
1446 ulong *os_data, ulong *os_len);
1447 int android_image_get_ramdisk(const struct andr_img_hdr *hdr,
1448 ulong *rd_data, ulong *rd_len);
1449 int android_image_get_second(const struct andr_img_hdr *hdr,
1450 ulong *second_data, ulong *second_len);
1451 ulong android_image_get_end(const struct andr_img_hdr *hdr);
1452 ulong android_image_get_kload(const struct andr_img_hdr *hdr);
1453 ulong android_image_get_kcomp(const struct andr_img_hdr *hdr);
1454 void android_print_contents(const struct andr_img_hdr *hdr);
1455
1456 #endif /* CONFIG_ANDROID_BOOT_IMAGE */
1457
1458 /**
1459 * board_fit_config_name_match() - Check for a matching board name
1460 *
1461 * This is used when SPL loads a FIT containing multiple device tree files
1462 * and wants to work out which one to use. The description of each one is
1463 * passed to this function. The description comes from the 'description' field
1464 * in each (FDT) image node.
1465 *
1466 * @name: Device tree description
1467 * @return 0 if this device tree should be used, non-zero to try the next
1468 */
1469 int board_fit_config_name_match(const char *name);
1470
1471 #if defined(CONFIG_SPL_FIT_IMAGE_POST_PROCESS) || \
1472 defined(CONFIG_FIT_IMAGE_POST_PROCESS)
1473 /**
1474 * board_fit_image_post_process() - Do any post-process on FIT binary data
1475 *
1476 * This is used to do any sort of image manipulation, verification, decryption
1477 * etc. in a platform or board specific way. Obviously, anything done here would
1478 * need to be comprehended in how the images were prepared before being injected
1479 * into the FIT creation (i.e. the binary blobs would have been pre-processed
1480 * before being added to the FIT image).
1481 *
1482 * @image: pointer to the image start pointer
1483 * @size: pointer to the image size
1484 * @return no return value (failure should be handled internally)
1485 */
1486 void board_fit_image_post_process(void **p_image, size_t *p_size);
1487 #endif /* CONFIG_SPL_FIT_IMAGE_POST_PROCESS */
1488
1489 #define FDT_ERROR ((ulong)(-1))
1490
1491 ulong fdt_getprop_u32(const void *fdt, int node, const char *prop);
1492
1493 /**
1494 * fit_find_config_node() - Find the node for the best DTB in a FIT image
1495 *
1496 * A FIT image contains one or more DTBs. This function parses the
1497 * configurations described in the FIT images and returns the node of
1498 * the first matching DTB. To check if a DTB matches a board, this function
1499 * calls board_fit_config_name_match(). If no matching DTB is found, it returns
1500 * the node described by the default configuration if it exists.
1501 *
1502 * @fdt: pointer to flat device tree
1503 * @return the node if found, -ve otherwise
1504 */
1505 int fit_find_config_node(const void *fdt);
1506
1507 /**
1508 * Mapping of image types to function handlers to be invoked on the associated
1509 * loaded images
1510 *
1511 * @type: Type of image, I.E. IH_TYPE_*
1512 * @handler: Function to call on loaded image
1513 */
1514 struct fit_loadable_tbl {
1515 int type;
1516 /**
1517 * handler() - Process a loaded image
1518 *
1519 * @data: Pointer to start of loaded image data
1520 * @size: Size of loaded image data
1521 */
1522 void (*handler)(ulong data, size_t size);
1523 };
1524
1525 /*
1526 * Define a FIT loadable image type handler
1527 *
1528 * _type is a valid uimage_type ID as defined in the "Image Type" enum above
1529 * _handler is the handler function to call after this image type is loaded
1530 */
1531 #define U_BOOT_FIT_LOADABLE_HANDLER(_type, _handler) \
1532 ll_entry_declare(struct fit_loadable_tbl, _function, fit_loadable) = { \
1533 .type = _type, \
1534 .handler = _handler, \
1535 }
1536
1537 #endif /* __IMAGE_H__ */
1538