1 /*
2 * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <lib/debugfs.h>
9 #include <limits.h>
10 #include <plat/arm/common/plat_arm.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <tools_share/firmware_image_package.h>
14
15 #include "dev.h"
16
17 #define NR_FIPS 1
18 #define STOC_HEADER (sizeof(fip_toc_header_t))
19 #define STOC_ENTRY (sizeof(fip_toc_entry_t))
20
21 struct fipfile {
22 chan_t *c;
23 long offset[NR_FILES];
24 long size[NR_FILES];
25 };
26
27 struct fip_entry {
28 uuid_t uuid;
29 long long offset_address;
30 long long size;
31 long long flags;
32 };
33
34 struct uuidnames {
35 const char name[NAMELEN];
36 const uuid_t uuid;
37 };
38
39 /*******************************************************************************
40 * This array links the FIP file names to their UUID.
41 * The elements are ordered according to the image number stored in
42 * tbbr_img_def.h, starting at index 1.
43 *
44 * TODO: this name to uuid binding will preferably be done using
45 * the coming Property Access Layer / Firmware CONFiguration feature.
46 ******************************************************************************/
47 static const struct uuidnames uuidnames[] = {
48 {"", { {0}, {0}, {0}, 0, 0, {0} } },
49 {"bl2.bin", UUID_TRUSTED_BOOT_FIRMWARE_BL2},
50 {"scp-bl2.bin", UUID_SCP_FIRMWARE_SCP_BL2},
51 {"bl31.bin", UUID_EL3_RUNTIME_FIRMWARE_BL31},
52 {"bl32.bin", UUID_SECURE_PAYLOAD_BL32},
53 {"bl33.bin", UUID_NON_TRUSTED_FIRMWARE_BL33},
54 {"tb-fw.crt", UUID_TRUSTED_BOOT_FW_CERT},
55 {"trstd-k.crt", UUID_TRUSTED_KEY_CERT},
56 {"scp-fw-k.crt", UUID_SCP_FW_KEY_CERT},
57 {"soc-fw-k.crt", UUID_SOC_FW_KEY_CERT},
58 {"tos-fw-k.crt", UUID_TRUSTED_OS_FW_KEY_CERT},
59 {"nt-fw-k.crt", UUID_NON_TRUSTED_FW_KEY_CERT},
60 {"scp-fw-c.crt", UUID_SCP_FW_CONTENT_CERT},
61 {"soc-fw-c.crt", UUID_SOC_FW_CONTENT_CERT},
62 {"tos-fw-c.crt", UUID_TRUSTED_OS_FW_CONTENT_CERT},
63 {"nt-fw-c.crt", UUID_NON_TRUSTED_FW_CONTENT_CERT},
64 { },
65 {"fwu.crt", UUID_TRUSTED_FWU_CERT},
66 {"scp-bl2u.bin", UUID_TRUSTED_UPDATE_FIRMWARE_SCP_BL2U},
67 {"bl2u.bin", UUID_TRUSTED_UPDATE_FIRMWARE_BL2U},
68 {"ns-bl2u.bin", UUID_TRUSTED_UPDATE_FIRMWARE_NS_BL2U},
69 {"bl32-xtr1.bin", UUID_SECURE_PAYLOAD_BL32_EXTRA1},
70 {"bl32-xtr2.bin", UUID_SECURE_PAYLOAD_BL32_EXTRA2},
71 {"hw.cfg", UUID_HW_CONFIG},
72 {"tb-fw.cfg", UUID_TB_FW_CONFIG},
73 {"soc-fw.cfg", UUID_SOC_FW_CONFIG},
74 {"tos-fw.cfg", UUID_TOS_FW_CONFIG},
75 {"nt-fw.cfg", UUID_NT_FW_CONFIG},
76 {"fw.cfg", UUID_FW_CONFIG},
77 {"rot-k.crt", UUID_ROT_KEY_CERT},
78 {"nt-k.crt", UUID_NON_TRUSTED_WORLD_KEY_CERT},
79 {"sip-sp.crt", UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
80 {"plat-sp.crt", UUID_PLAT_SECURE_PARTITION_CONTENT_CERT}
81 };
82
83 /*******************************************************************************
84 * This array contains all the available FIP files.
85 ******************************************************************************/
86 static struct fipfile archives[NR_FIPS];
87
88 /*******************************************************************************
89 * This variable stores the current number of registered FIP files.
90 ******************************************************************************/
91 static int nfips;
92
93 /*******************************************************************************
94 * This function parses the ToC of the FIP.
95 ******************************************************************************/
get_entry(chan_t * c,struct fip_entry * entry)96 static int get_entry(chan_t *c, struct fip_entry *entry)
97 {
98 int n;
99
100 n = devtab[c->index]->read(c, entry, sizeof(struct fip_entry));
101 if (n <= 0) {
102 return n;
103 }
104
105 if (n != sizeof(struct fip_entry)) {
106 return -1;
107 }
108
109 if (entry->size == 0) {
110 return 0;
111 }
112
113 return 1;
114 }
115
116 /*******************************************************************************
117 * This function exposes the FIP images as files.
118 ******************************************************************************/
fipgen(chan_t * c,const dirtab_t * tab,int ntab,int n,dir_t * dir)119 static int fipgen(chan_t *c, const dirtab_t *tab, int ntab, int n, dir_t *dir)
120 {
121 int i, r;
122 long off;
123 chan_t nc;
124 struct fip_entry entry;
125 struct fipfile *fip;
126 static const char unk[] = "unknown";
127
128 if (c->dev >= nfips) {
129 panic();
130 }
131
132 if (clone(archives[c->dev].c, &nc) == NULL) {
133 panic();
134 }
135
136 fip = &archives[nc.dev];
137
138 off = STOC_HEADER;
139 for (i = 0; i <= n; i++) {
140 if (fip->offset[i] == -1) {
141 return 0;
142 }
143
144 if (devtab[nc.index]->seek(&nc, off, KSEEK_SET) < 0) {
145 return -1;
146 }
147
148 r = get_entry(&nc, &entry);
149 if (r <= 0) {
150 return r;
151 }
152
153 off += sizeof(entry);
154 }
155
156 for (i = 1; i < NELEM(uuidnames); i++) {
157 if (memcmp(&uuidnames[i].uuid,
158 &entry.uuid, sizeof(uuid_t)) == 0) {
159 break;
160 }
161 }
162
163 if (i < NELEM(uuidnames)) {
164 make_dir_entry(c, dir, uuidnames[i].name,
165 entry.size, n, O_READ);
166 } else {
167 // TODO: set name depending on uuid node value
168 make_dir_entry(c, dir, unk, entry.size, n, O_READ);
169 }
170
171 return 1;
172 }
173
fipwalk(chan_t * c,const char * name)174 static int fipwalk(chan_t *c, const char *name)
175 {
176 return devwalk(c, name, NULL, 0, fipgen);
177 }
178
fipstat(chan_t * c,const char * file,dir_t * dir)179 static int fipstat(chan_t *c, const char *file, dir_t *dir)
180 {
181 return devstat(c, file, dir, NULL, 0, fipgen);
182 }
183
184 /*******************************************************************************
185 * This function copies at most n bytes of the FIP image referred by c into
186 * buf.
187 ******************************************************************************/
fipread(chan_t * c,void * buf,int n)188 static int fipread(chan_t *c, void *buf, int n)
189 {
190 long off;
191 chan_t cs;
192 struct fipfile *fip;
193 long size;
194
195 /* Only makes sense when using debug language */
196 assert(c->qid != CHDIR);
197
198 if ((c->dev >= nfips) || ((c->qid & CHDIR) != 0)) {
199 panic();
200 }
201
202 fip = &archives[c->dev];
203
204 if ((c->qid >= NR_FILES) || (fip->offset[c->qid] < 0)) {
205 panic();
206 }
207
208 if (clone(fip->c, &cs) == NULL) {
209 panic();
210 }
211
212 size = fip->size[c->qid];
213 if (c->offset >= size) {
214 return 0;
215 }
216
217 if (n < 0) {
218 return -1;
219 }
220
221 if (n > (size - c->offset)) {
222 n = size - c->offset;
223 }
224
225 off = fip->offset[c->qid] + c->offset;
226 if (devtab[cs.index]->seek(&cs, off, KSEEK_SET) < 0) {
227 return -1;
228 }
229
230 n = devtab[cs.index]->read(&cs, buf, n);
231 if (n > 0) {
232 c->offset += n;
233 }
234
235 return n;
236 }
237
238 /*******************************************************************************
239 * This function parses the FIP spec and registers its images in order to
240 * expose them as files in the driver namespace.
241 * It acts as an initialization function for the FIP driver.
242 * It returns a pointer to the newly created channel.
243 ******************************************************************************/
fipmount(chan_t * c,const char * spec)244 static chan_t *fipmount(chan_t *c, const char *spec)
245 {
246 int r, n, t;
247 chan_t *cspec;
248 uint32_t hname;
249 struct fip_entry entry;
250 struct fipfile *fip;
251 dir_t dir;
252
253 if (nfips == NR_FIPS) {
254 return NULL;
255 }
256
257 fip = &archives[nfips];
258
259 for (n = 0; n < NR_FILES; n++) {
260 fip->offset[n] = -1;
261 }
262
263 cspec = path_to_channel(spec, O_READ);
264 if (cspec == NULL) {
265 return NULL;
266 }
267
268 fip->c = cspec;
269
270 r = devtab[cspec->index]->read(cspec, &hname, sizeof(hname));
271 if (r < 0) {
272 goto err;
273 }
274
275 if ((r != sizeof(hname)) || (hname != TOC_HEADER_NAME)) {
276 goto err;
277 }
278
279 if (stat(spec, &dir) < 0) {
280 goto err;
281 }
282
283 t = cspec->index;
284 if (devtab[t]->seek(cspec, STOC_HEADER, KSEEK_SET) < 0) {
285 goto err;
286 }
287
288 for (n = 0; n < NR_FILES; n++) {
289 switch (get_entry(cspec, &entry)) {
290 case 0:
291 return attach('F', nfips++);
292 case -1:
293 goto err;
294 default:
295 if ((entry.offset_address + entry.size) > dir.length) {
296 goto err;
297 }
298
299 fip->offset[n] = entry.offset_address;
300 fip->size[n] = entry.size;
301 break;
302 }
303 }
304
305 err:
306 channel_close(cspec);
307 return NULL;
308 }
309
310 const dev_t fipdevtab = {
311 .id = 'F',
312 .stat = fipstat,
313 .clone = devclone,
314 .attach = devattach,
315 .walk = fipwalk,
316 .read = fipread,
317 .write = deverrwrite,
318 .mount = fipmount,
319 .seek = devseek
320 };
321
322