2 * Freescale i.MX23/i.MX28 SB image generator
4 * Copyright (C) 2012-2013 Marek Vasut <marex@denx.de>
6 * SPDX-License-Identifier: GPL-2.0+
18 #include <openssl/evp.h>
20 #include "imagetool.h"
27 * |-Write to address command block
30 * |-ORR address with mask command block
32 * |-Write to address command block
36 #define SB_HAB_DCD_WRITE 0xccUL
37 #define SB_HAB_DCD_CHECK 0xcfUL
38 #define SB_HAB_DCD_NOOP 0xc0UL
39 #define SB_HAB_DCD_MASK_BIT (1 << 3)
40 #define SB_HAB_DCD_SET_BIT (1 << 4)
42 /* Addr.n = Value.n */
43 #define SB_DCD_WRITE \
44 (SB_HAB_DCD_WRITE << 24)
45 /* Addr.n &= ~Value.n */
47 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT)
48 /* Addr.n |= Value.n */
50 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
51 /* (Addr.n & Value.n) == 0 */
52 #define SB_DCD_CHK_EQZ \
53 (SB_HAB_DCD_CHECK << 24)
54 /* (Addr.n & Value.n) == Value.n */
55 #define SB_DCD_CHK_EQ \
56 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT)
57 /* (Addr.n & Value.n) != Value.n */
58 #define SB_DCD_CHK_NEQ \
59 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_MASK_BIT)
60 /* (Addr.n & Value.n) != 0 */
61 #define SB_DCD_CHK_NEZ \
62 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
65 (SB_HAB_DCD_NOOP << 24)
68 struct sb_dcd_ctx *dcd;
74 /* Size of the whole DCD block. */
77 /* Pointer to previous DCD command block. */
78 uint32_t *prev_dcd_head;
100 struct sb_cmd_ctx *cmd;
105 struct sb_command payload;
106 struct sb_command c_payload;
109 struct sb_section_ctx {
115 struct sb_section_ctx *sect;
117 struct sb_cmd_ctx *cmd_head;
118 struct sb_cmd_ctx *cmd_tail;
120 struct sb_sections_header payload;
123 struct sb_image_ctx {
124 unsigned int in_section:1;
125 unsigned int in_dcd:1;
126 /* Image configuration */
127 unsigned int verbose_boot:1;
128 unsigned int silent_dump:1;
129 char *input_filename;
130 char *output_filename;
132 uint8_t image_key[16];
134 /* Number of section in the image */
135 unsigned int sect_count;
136 /* Bootable section */
137 unsigned int sect_boot;
138 unsigned int sect_boot_found:1;
140 struct sb_section_ctx *sect_head;
141 struct sb_section_ctx *sect_tail;
143 struct sb_dcd_ctx *dcd_head;
144 struct sb_dcd_ctx *dcd_tail;
146 EVP_CIPHER_CTX cipher_ctx;
149 struct sb_key_dictionary_key sb_dict_key;
151 struct sb_boot_image_header payload;
155 * Instruction semantics:
159 * LOAD IVT address IVT_entry_point
160 * FILL address pattern length
161 * JUMP [HAB] address [r0_arg]
162 * CALL [HAB] address [r0_arg]
164 * For i.MX23, mode = USB/I2C/SPI1_FLASH/SPI2_FLASH/NAND_BCH
165 * JTAG/SPI3_EEPROM/SD_SSP0/SD_SSP1
166 * For i.MX28, mode = USB/I2C/SPI2_FLASH/SPI3_FLASH/NAND_BCH
167 * JTAG/SPI2_EEPROM/SD_SSP0/SD_SSP1
173 static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc)
175 EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
178 /* If there is no init vector, init vector is all zeroes. */
180 iv = ictx->image_key;
182 EVP_CIPHER_CTX_init(ctx);
183 ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc);
185 EVP_CIPHER_CTX_set_padding(ctx, 0);
189 static int sb_aes_crypt(struct sb_image_ctx *ictx, uint8_t *in_data,
190 uint8_t *out_data, int in_len)
192 EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
196 outbuf = malloc(in_len);
199 memset(outbuf, 0, sizeof(in_len));
201 ret = EVP_CipherUpdate(ctx, outbuf, &outlen, in_data, in_len);
208 memcpy(out_data, outbuf, outlen);
215 static int sb_aes_deinit(EVP_CIPHER_CTX *ctx)
217 return EVP_CIPHER_CTX_cleanup(ctx);
220 static int sb_aes_reinit(struct sb_image_ctx *ictx, int enc)
223 EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
224 struct sb_boot_image_header *sb_header = &ictx->payload;
225 uint8_t *iv = sb_header->iv;
227 ret = sb_aes_deinit(ctx);
230 return sb_aes_init(ictx, iv, enc);
236 static uint32_t crc32(uint8_t *data, uint32_t len)
238 const uint32_t poly = 0x04c11db7;
239 uint32_t crc32 = 0xffffffff;
240 unsigned int byte, bit;
242 for (byte = 0; byte < len; byte++) {
243 crc32 ^= data[byte] << 24;
245 for (bit = 8; bit > 0; bit--) {
246 if (crc32 & (1UL << 31))
247 crc32 = (crc32 << 1) ^ poly;
249 crc32 = (crc32 << 1);
259 static void soprintf(struct sb_image_ctx *ictx, const char *fmt, ...)
263 if (ictx->silent_dump)
267 vfprintf(stdout, fmt, ap);
274 static time_t sb_get_timestamp(void)
276 struct tm time_2000 = {
277 .tm_yday = 1, /* Jan. 1st */
278 .tm_year = 100, /* 2000 */
280 time_t seconds_to_2000 = mktime(&time_2000);
281 time_t seconds_to_now = time(NULL);
283 return seconds_to_now - seconds_to_2000;
286 static int sb_get_time(time_t time, struct tm *tm)
288 struct tm time_2000 = {
289 .tm_yday = 1, /* Jan. 1st */
290 .tm_year = 0, /* 1900 */
292 const time_t seconds_to_2000 = mktime(&time_2000);
293 const time_t seconds_to_now = seconds_to_2000 + time;
295 ret = gmtime_r(&seconds_to_now, tm);
296 return ret ? 0 : -EINVAL;
299 static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
301 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
302 struct sb_boot_image_header *sb_header = &ictx->payload;
303 uint8_t *sb_header_ptr = (uint8_t *)sb_header;
305 /* Encrypt the header, compute the digest. */
306 sb_aes_crypt(ictx, sb_header_ptr, NULL, sizeof(*sb_header));
307 EVP_DigestUpdate(md_ctx, sb_header_ptr, sizeof(*sb_header));
310 static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx)
312 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
313 struct sb_section_ctx *sctx = ictx->sect_head;
314 struct sb_sections_header *shdr;
315 uint8_t *sb_sections_header_ptr;
316 const int size = sizeof(*shdr);
319 shdr = &sctx->payload;
320 sb_sections_header_ptr = (uint8_t *)shdr;
322 sb_aes_crypt(ictx, sb_sections_header_ptr,
323 ictx->sb_dict_key.cbc_mac, size);
324 EVP_DigestUpdate(md_ctx, sb_sections_header_ptr, size);
330 static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx)
332 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
334 sb_aes_crypt(ictx, ictx->image_key, ictx->sb_dict_key.key,
335 sizeof(ictx->sb_dict_key.key));
336 EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
339 static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx)
341 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
343 EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
344 sb_aes_crypt(ictx, ictx->sb_dict_key.key, ictx->image_key,
345 sizeof(ictx->sb_dict_key.key));
348 static void sb_encrypt_tag(struct sb_image_ctx *ictx,
349 struct sb_cmd_ctx *cctx)
351 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
352 struct sb_command *cmd = &cctx->payload;
354 sb_aes_crypt(ictx, (uint8_t *)cmd,
355 (uint8_t *)&cctx->c_payload, sizeof(*cmd));
356 EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd));
359 static int sb_encrypt_image(struct sb_image_ctx *ictx)
361 /* Start image-wide crypto. */
362 EVP_MD_CTX_init(&ictx->md_ctx);
363 EVP_DigestInit(&ictx->md_ctx, EVP_sha1());
368 sb_aes_init(ictx, NULL, 1);
369 sb_encrypt_sb_header(ictx);
372 * SB sections header.
374 sb_encrypt_sb_sections_header(ictx);
379 sb_aes_reinit(ictx, 1);
380 sb_encrypt_key_dictionary_key(ictx);
385 struct sb_cmd_ctx *cctx;
386 struct sb_command *ccmd;
387 struct sb_section_ctx *sctx = ictx->sect_head;
390 cctx = sctx->cmd_head;
392 sb_aes_reinit(ictx, 1);
395 ccmd = &cctx->payload;
397 sb_encrypt_tag(ictx, cctx);
399 if (ccmd->header.tag == ROM_TAG_CMD) {
400 sb_aes_reinit(ictx, 1);
401 } else if (ccmd->header.tag == ROM_LOAD_CMD) {
402 sb_aes_crypt(ictx, cctx->data, cctx->data,
404 EVP_DigestUpdate(&ictx->md_ctx, cctx->data,
415 * Dump the SHA1 of the whole image.
417 sb_aes_reinit(ictx, 1);
419 EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL);
420 sb_aes_crypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest));
422 /* Stop the encryption session. */
423 sb_aes_deinit(&ictx->cipher_ctx);
428 static int sb_load_file(struct sb_cmd_ctx *cctx, char *filename)
430 long real_size, roundup_size;
437 fprintf(stderr, "ERR: Missing filename!\n");
441 fp = fopen(filename, "r");
445 ret = fseek(fp, 0, SEEK_END);
449 real_size = ftell(fp);
453 ret = fseek(fp, 0, SEEK_SET);
457 roundup_size = roundup(real_size, SB_BLOCK_SIZE);
458 data = calloc(1, roundup_size);
462 size = fread(data, 1, real_size, fp);
463 if (size != (unsigned long)real_size)
467 cctx->length = roundup_size;
477 fprintf(stderr, "ERR: Failed to load file \"%s\"\n", filename);
481 static uint8_t sb_command_checksum(struct sb_command *inst)
483 uint8_t *inst_ptr = (uint8_t *)inst;
487 for (i = 0; i < sizeof(struct sb_command); i++)
493 static int sb_token_to_long(char *tok, uint32_t *rid)
498 if (tok[0] != '0' || tok[1] != 'x') {
499 fprintf(stderr, "ERR: Invalid hexadecimal number!\n");
506 id = strtoul(tok, &endptr, 16);
507 if ((errno == ERANGE && id == ULONG_MAX) || (errno != 0 && id == 0)) {
508 fprintf(stderr, "ERR: Value can't be decoded!\n");
512 /* Check for 32-bit overflow. */
513 if (id > 0xffffffff) {
514 fprintf(stderr, "ERR: Value too big!\n");
519 fprintf(stderr, "ERR: Deformed value!\n");
527 static int sb_grow_dcd(struct sb_dcd_ctx *dctx, unsigned int inc_size)
534 dctx->size += inc_size;
535 tmp = realloc(dctx->payload, dctx->size);
541 /* Assemble and update the HAB DCD header. */
542 dctx->payload[0] = htonl((SB_HAB_DCD_TAG << 24) |
549 static int sb_build_dcd(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
551 struct sb_dcd_ctx *dctx;
557 dctx = calloc(1, sizeof(*dctx));
561 ret = sb_grow_dcd(dctx, 4);
565 /* Read DCD block number. */
566 tok = strtok(cmd->cmd, " ");
568 fprintf(stderr, "#%i ERR: DCD block without number!\n",
574 /* Parse the DCD block number. */
575 ret = sb_token_to_long(tok, &id);
577 fprintf(stderr, "#%i ERR: Malformed DCD block number!\n",
585 * The DCD block is now constructed. Append it to the list.
586 * WARNING: The DCD size is still not computed and will be
587 * updated while parsing it's commands.
589 if (!ictx->dcd_head) {
590 ictx->dcd_head = dctx;
591 ictx->dcd_tail = dctx;
593 ictx->dcd_tail->dcd = dctx;
594 ictx->dcd_tail = dctx;
605 static int sb_build_dcd_block(struct sb_image_ctx *ictx,
606 struct sb_cmd_list *cmd,
610 uint32_t address, value, length;
613 struct sb_dcd_ctx *dctx = ictx->dcd_tail;
616 if (dctx->prev_dcd_head && (type != SB_DCD_NOOP) &&
617 ((dctx->prev_dcd_head[0] & 0xff0000ff) == type)) {
618 /* Same instruction as before, just append it. */
619 ret = sb_grow_dcd(dctx, 8);
622 } else if (type == SB_DCD_NOOP) {
623 ret = sb_grow_dcd(dctx, 4);
627 /* Update DCD command block pointer. */
628 dctx->prev_dcd_head = dctx->payload +
629 dctx->size / sizeof(*dctx->payload) - 1;
631 /* NOOP has only 4 bytes and no payload. */
635 * Either a different instruction block started now
636 * or this is the first instruction block.
638 ret = sb_grow_dcd(dctx, 12);
642 /* Update DCD command block pointer. */
643 dctx->prev_dcd_head = dctx->payload +
644 dctx->size / sizeof(*dctx->payload) - 3;
647 dcd = dctx->payload + dctx->size / sizeof(*dctx->payload) - 2;
650 * Prepare the command.
652 tok = strtok(cmd->cmd, " ");
654 fprintf(stderr, "#%i ERR: Missing DCD address!\n",
660 /* Read DCD destination address. */
661 ret = sb_token_to_long(tok, &address);
663 fprintf(stderr, "#%i ERR: Incorrect DCD address!\n",
668 tok = strtok(NULL, " ");
670 fprintf(stderr, "#%i ERR: Missing DCD value!\n",
676 /* Read DCD operation value. */
677 ret = sb_token_to_long(tok, &value);
679 fprintf(stderr, "#%i ERR: Incorrect DCD value!\n",
684 /* Fill in the new DCD entry. */
685 dcd[0] = htonl(address);
686 dcd[1] = htonl(value);
689 /* Update the DCD command block. */
690 length = dctx->size -
691 ((dctx->prev_dcd_head - dctx->payload) *
692 sizeof(*dctx->payload));
693 dctx->prev_dcd_head[0] = htonl(type | (length << 8));
699 static int sb_build_section(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
701 struct sb_section_ctx *sctx;
702 struct sb_sections_header *shdr;
704 uint32_t bootable = 0;
708 sctx = calloc(1, sizeof(*sctx));
712 /* Read section number. */
713 tok = strtok(cmd->cmd, " ");
715 fprintf(stderr, "#%i ERR: Section without number!\n",
721 /* Parse the section number. */
722 ret = sb_token_to_long(tok, &id);
724 fprintf(stderr, "#%i ERR: Malformed section number!\n",
729 /* Read section's BOOTABLE flag. */
730 tok = strtok(NULL, " ");
731 if (tok && (strlen(tok) == 8) && !strncmp(tok, "BOOTABLE", 8))
732 bootable = SB_SECTION_FLAG_BOOTABLE;
734 sctx->boot = bootable;
736 shdr = &sctx->payload;
737 shdr->section_number = id;
738 shdr->section_flags = bootable;
741 * The section is now constructed. Append it to the list.
742 * WARNING: The section size is still not computed and will
743 * be updated while parsing it's commands.
747 /* Mark that this section is bootable one. */
749 if (ictx->sect_boot_found) {
751 "#%i WARN: Multiple bootable section!\n",
754 ictx->sect_boot = id;
755 ictx->sect_boot_found = 1;
759 if (!ictx->sect_head) {
760 ictx->sect_head = sctx;
761 ictx->sect_tail = sctx;
763 ictx->sect_tail->sect = sctx;
764 ictx->sect_tail = sctx;
774 static int sb_build_command_nop(struct sb_image_ctx *ictx)
776 struct sb_section_ctx *sctx = ictx->sect_tail;
777 struct sb_cmd_ctx *cctx;
778 struct sb_command *ccmd;
780 cctx = calloc(1, sizeof(*cctx));
784 ccmd = &cctx->payload;
787 * Construct the command.
789 ccmd->header.checksum = 0x5a;
790 ccmd->header.tag = ROM_NOP_CMD;
792 cctx->size = sizeof(*ccmd);
795 * Append the command to the last section.
797 if (!sctx->cmd_head) {
798 sctx->cmd_head = cctx;
799 sctx->cmd_tail = cctx;
801 sctx->cmd_tail->cmd = cctx;
802 sctx->cmd_tail = cctx;
808 static int sb_build_command_tag(struct sb_image_ctx *ictx,
809 struct sb_cmd_list *cmd)
811 struct sb_section_ctx *sctx = ictx->sect_tail;
812 struct sb_cmd_ctx *cctx;
813 struct sb_command *ccmd;
816 cctx = calloc(1, sizeof(*cctx));
820 ccmd = &cctx->payload;
823 * Prepare the command.
825 /* Check for the LAST keyword. */
826 tok = strtok(cmd->cmd, " ");
827 if (tok && !strcmp(tok, "LAST"))
828 ccmd->header.flags = ROM_TAG_CMD_FLAG_ROM_LAST_TAG;
831 * Construct the command.
833 ccmd->header.checksum = 0x5a;
834 ccmd->header.tag = ROM_TAG_CMD;
836 cctx->size = sizeof(*ccmd);
839 * Append the command to the last section.
841 if (!sctx->cmd_head) {
842 sctx->cmd_head = cctx;
843 sctx->cmd_tail = cctx;
845 sctx->cmd_tail->cmd = cctx;
846 sctx->cmd_tail = cctx;
852 static int sb_build_command_load(struct sb_image_ctx *ictx,
853 struct sb_cmd_list *cmd)
855 struct sb_section_ctx *sctx = ictx->sect_tail;
856 struct sb_cmd_ctx *cctx;
857 struct sb_command *ccmd;
859 int ret, is_ivt = 0, is_dcd = 0;
860 uint32_t dest, dcd = 0;
862 cctx = calloc(1, sizeof(*cctx));
866 ccmd = &cctx->payload;
869 * Prepare the command.
871 tok = strtok(cmd->cmd, " ");
873 fprintf(stderr, "#%i ERR: Missing LOAD address or 'IVT'!\n",
879 /* Check for "IVT" flag. */
880 if (!strcmp(tok, "IVT"))
882 if (!strcmp(tok, "DCD"))
884 if (is_ivt || is_dcd) {
885 tok = strtok(NULL, " ");
887 fprintf(stderr, "#%i ERR: Missing LOAD address!\n",
894 /* Read load destination address. */
895 ret = sb_token_to_long(tok, &dest);
897 fprintf(stderr, "#%i ERR: Incorrect LOAD address!\n",
902 /* Read filename or IVT entrypoint or DCD block ID. */
903 tok = strtok(NULL, " ");
906 "#%i ERR: Missing LOAD filename or IVT ep or DCD block ID!\n",
914 struct sb_ivt_header *ivt;
916 ret = sb_token_to_long(tok, &ivtep);
920 "#%i ERR: Incorrect IVT entry point!\n",
925 ivt = calloc(1, sizeof(*ivt));
931 ivt->header = sb_hab_ivt_header();
935 cctx->data = (uint8_t *)ivt;
936 cctx->length = sizeof(*ivt);
938 struct sb_dcd_ctx *dctx = ictx->dcd_head;
942 ret = sb_token_to_long(tok, &dcdid);
946 "#%i ERR: Incorrect DCD block ID!\n",
952 if (dctx->id == dcdid)
958 fprintf(stderr, "#%i ERR: DCD block %08x not found!\n",
963 asize = roundup(dctx->size, SB_BLOCK_SIZE);
964 payload = calloc(1, asize);
970 memcpy(payload, dctx->payload, dctx->size);
972 cctx->data = payload;
973 cctx->length = asize;
975 /* Set the Load DCD flag. */
976 dcd = ROM_LOAD_CMD_FLAG_DCD_LOAD;
978 /* Regular LOAD of a file. */
979 ret = sb_load_file(cctx, tok);
981 fprintf(stderr, "#%i ERR: Cannot load '%s'!\n",
987 if (cctx->length & (SB_BLOCK_SIZE - 1)) {
988 fprintf(stderr, "#%i ERR: Unaligned payload!\n",
993 * Construct the command.
995 ccmd->header.checksum = 0x5a;
996 ccmd->header.tag = ROM_LOAD_CMD;
997 ccmd->header.flags = dcd;
999 ccmd->load.address = dest;
1000 ccmd->load.count = cctx->length;
1001 ccmd->load.crc32 = crc32(cctx->data, cctx->length);
1003 cctx->size = sizeof(*ccmd) + cctx->length;
1006 * Append the command to the last section.
1008 if (!sctx->cmd_head) {
1009 sctx->cmd_head = cctx;
1010 sctx->cmd_tail = cctx;
1012 sctx->cmd_tail->cmd = cctx;
1013 sctx->cmd_tail = cctx;
1023 static int sb_build_command_fill(struct sb_image_ctx *ictx,
1024 struct sb_cmd_list *cmd)
1026 struct sb_section_ctx *sctx = ictx->sect_tail;
1027 struct sb_cmd_ctx *cctx;
1028 struct sb_command *ccmd;
1030 uint32_t address, pattern, length;
1033 cctx = calloc(1, sizeof(*cctx));
1037 ccmd = &cctx->payload;
1040 * Prepare the command.
1042 tok = strtok(cmd->cmd, " ");
1044 fprintf(stderr, "#%i ERR: Missing FILL address!\n",
1050 /* Read fill destination address. */
1051 ret = sb_token_to_long(tok, &address);
1053 fprintf(stderr, "#%i ERR: Incorrect FILL address!\n",
1058 tok = strtok(NULL, " ");
1060 fprintf(stderr, "#%i ERR: Missing FILL pattern!\n",
1066 /* Read fill pattern address. */
1067 ret = sb_token_to_long(tok, &pattern);
1069 fprintf(stderr, "#%i ERR: Incorrect FILL pattern!\n",
1074 tok = strtok(NULL, " ");
1076 fprintf(stderr, "#%i ERR: Missing FILL length!\n",
1082 /* Read fill pattern address. */
1083 ret = sb_token_to_long(tok, &length);
1085 fprintf(stderr, "#%i ERR: Incorrect FILL length!\n",
1091 * Construct the command.
1093 ccmd->header.checksum = 0x5a;
1094 ccmd->header.tag = ROM_FILL_CMD;
1096 ccmd->fill.address = address;
1097 ccmd->fill.count = length;
1098 ccmd->fill.pattern = pattern;
1100 cctx->size = sizeof(*ccmd);
1103 * Append the command to the last section.
1105 if (!sctx->cmd_head) {
1106 sctx->cmd_head = cctx;
1107 sctx->cmd_tail = cctx;
1109 sctx->cmd_tail->cmd = cctx;
1110 sctx->cmd_tail = cctx;
1120 static int sb_build_command_jump_call(struct sb_image_ctx *ictx,
1121 struct sb_cmd_list *cmd,
1122 unsigned int is_call)
1124 struct sb_section_ctx *sctx = ictx->sect_tail;
1125 struct sb_cmd_ctx *cctx;
1126 struct sb_command *ccmd;
1128 uint32_t dest, arg = 0x0;
1131 const char *cmdname = is_call ? "CALL" : "JUMP";
1133 cctx = calloc(1, sizeof(*cctx));
1137 ccmd = &cctx->payload;
1140 * Prepare the command.
1142 tok = strtok(cmd->cmd, " ");
1145 "#%i ERR: Missing %s address or 'HAB'!\n",
1146 cmd->lineno, cmdname);
1151 /* Check for "HAB" flag. */
1152 if (!strcmp(tok, "HAB")) {
1153 hab = is_call ? ROM_CALL_CMD_FLAG_HAB : ROM_JUMP_CMD_FLAG_HAB;
1154 tok = strtok(NULL, " ");
1156 fprintf(stderr, "#%i ERR: Missing %s address!\n",
1157 cmd->lineno, cmdname);
1162 /* Read load destination address. */
1163 ret = sb_token_to_long(tok, &dest);
1165 fprintf(stderr, "#%i ERR: Incorrect %s address!\n",
1166 cmd->lineno, cmdname);
1170 tok = strtok(NULL, " ");
1172 ret = sb_token_to_long(tok, &arg);
1175 "#%i ERR: Incorrect %s argument!\n",
1176 cmd->lineno, cmdname);
1182 * Construct the command.
1184 ccmd->header.checksum = 0x5a;
1185 ccmd->header.tag = is_call ? ROM_CALL_CMD : ROM_JUMP_CMD;
1186 ccmd->header.flags = hab;
1188 ccmd->call.address = dest;
1189 ccmd->call.argument = arg;
1191 cctx->size = sizeof(*ccmd);
1194 * Append the command to the last section.
1196 if (!sctx->cmd_head) {
1197 sctx->cmd_head = cctx;
1198 sctx->cmd_tail = cctx;
1200 sctx->cmd_tail->cmd = cctx;
1201 sctx->cmd_tail = cctx;
1211 static int sb_build_command_jump(struct sb_image_ctx *ictx,
1212 struct sb_cmd_list *cmd)
1214 return sb_build_command_jump_call(ictx, cmd, 0);
1217 static int sb_build_command_call(struct sb_image_ctx *ictx,
1218 struct sb_cmd_list *cmd)
1220 return sb_build_command_jump_call(ictx, cmd, 1);
1223 static int sb_build_command_mode(struct sb_image_ctx *ictx,
1224 struct sb_cmd_list *cmd)
1226 struct sb_section_ctx *sctx = ictx->sect_tail;
1227 struct sb_cmd_ctx *cctx;
1228 struct sb_command *ccmd;
1232 uint32_t mode = 0xffffffff;
1234 cctx = calloc(1, sizeof(*cctx));
1238 ccmd = &cctx->payload;
1241 * Prepare the command.
1243 tok = strtok(cmd->cmd, " ");
1245 fprintf(stderr, "#%i ERR: Missing MODE boot mode argument!\n",
1251 for (i = 0; i < ARRAY_SIZE(modetable); i++) {
1252 if (!strcmp(tok, modetable[i].name)) {
1253 mode = modetable[i].mode;
1257 if (!modetable[i].altname)
1260 if (!strcmp(tok, modetable[i].altname)) {
1261 mode = modetable[i].mode;
1266 if (mode == 0xffffffff) {
1267 fprintf(stderr, "#%i ERR: Invalid MODE boot mode argument!\n",
1274 * Construct the command.
1276 ccmd->header.checksum = 0x5a;
1277 ccmd->header.tag = ROM_MODE_CMD;
1279 ccmd->mode.mode = mode;
1281 cctx->size = sizeof(*ccmd);
1284 * Append the command to the last section.
1286 if (!sctx->cmd_head) {
1287 sctx->cmd_head = cctx;
1288 sctx->cmd_tail = cctx;
1290 sctx->cmd_tail->cmd = cctx;
1291 sctx->cmd_tail = cctx;
1301 static int sb_prefill_image_header(struct sb_image_ctx *ictx)
1303 struct sb_boot_image_header *hdr = &ictx->payload;
1305 /* Fill signatures */
1306 memcpy(hdr->signature1, "STMP", 4);
1307 memcpy(hdr->signature2, "sgtl", 4);
1309 /* SB Image version 1.1 */
1310 hdr->major_version = SB_VERSION_MAJOR;
1311 hdr->minor_version = SB_VERSION_MINOR;
1313 /* Boot image major version */
1314 hdr->product_version.major = htons(0x999);
1315 hdr->product_version.minor = htons(0x999);
1316 hdr->product_version.revision = htons(0x999);
1317 /* Boot image major version */
1318 hdr->component_version.major = htons(0x999);
1319 hdr->component_version.minor = htons(0x999);
1320 hdr->component_version.revision = htons(0x999);
1322 /* Drive tag must be 0x0 for i.MX23 */
1325 hdr->header_blocks =
1326 sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE;
1327 hdr->section_header_size =
1328 sizeof(struct sb_sections_header) / SB_BLOCK_SIZE;
1329 hdr->timestamp_us = sb_get_timestamp() * 1000000;
1331 /* FIXME -- add proper config option */
1332 hdr->flags = ictx->verbose_boot ? SB_IMAGE_FLAG_VERBOSE : 0,
1334 /* FIXME -- We support only default key */
1340 static int sb_postfill_image_header(struct sb_image_ctx *ictx)
1342 struct sb_boot_image_header *hdr = &ictx->payload;
1343 struct sb_section_ctx *sctx = ictx->sect_head;
1344 uint32_t kd_size, sections_blocks;
1347 /* The main SB header size in blocks. */
1348 hdr->image_blocks = hdr->header_blocks;
1350 /* Size of the key dictionary, which has single zero entry. */
1351 kd_size = hdr->key_count * sizeof(struct sb_key_dictionary_key);
1352 hdr->image_blocks += kd_size / SB_BLOCK_SIZE;
1354 /* Now count the payloads. */
1355 hdr->section_count = ictx->sect_count;
1357 hdr->image_blocks += sctx->size / SB_BLOCK_SIZE;
1361 if (!ictx->sect_boot_found) {
1362 fprintf(stderr, "ERR: No bootable section selected!\n");
1365 hdr->first_boot_section_id = ictx->sect_boot;
1367 /* The n * SB section size in blocks. */
1368 sections_blocks = hdr->section_count * hdr->section_header_size;
1369 hdr->image_blocks += sections_blocks;
1371 /* Key dictionary offset. */
1372 hdr->key_dictionary_block = hdr->header_blocks + sections_blocks;
1374 /* Digest of the whole image. */
1375 hdr->image_blocks += 2;
1377 /* Pointer past the dictionary. */
1378 hdr->first_boot_tag_block =
1379 hdr->key_dictionary_block + kd_size / SB_BLOCK_SIZE;
1381 /* Compute header digest. */
1382 EVP_MD_CTX_init(&md_ctx);
1384 EVP_DigestInit(&md_ctx, EVP_sha1());
1385 EVP_DigestUpdate(&md_ctx, hdr->signature1,
1386 sizeof(struct sb_boot_image_header) -
1387 sizeof(hdr->digest));
1388 EVP_DigestFinal(&md_ctx, hdr->digest, NULL);
1393 static int sb_fixup_sections_and_tags(struct sb_image_ctx *ictx)
1395 /* Fixup the placement of sections. */
1396 struct sb_boot_image_header *ihdr = &ictx->payload;
1397 struct sb_section_ctx *sctx = ictx->sect_head;
1398 struct sb_sections_header *shdr;
1399 struct sb_cmd_ctx *cctx;
1400 struct sb_command *ccmd;
1401 uint32_t offset = ihdr->first_boot_tag_block;
1404 shdr = &sctx->payload;
1406 /* Fill in the section TAG offset. */
1407 shdr->section_offset = offset + 1;
1408 offset += shdr->section_size;
1410 /* Section length is measured from the TAG block. */
1411 shdr->section_size--;
1413 /* Fixup the TAG command. */
1414 cctx = sctx->cmd_head;
1416 ccmd = &cctx->payload;
1417 if (ccmd->header.tag == ROM_TAG_CMD) {
1418 ccmd->tag.section_number = shdr->section_number;
1419 ccmd->tag.section_length = shdr->section_size;
1420 ccmd->tag.section_flags = shdr->section_flags;
1423 /* Update the command checksum. */
1424 ccmd->header.checksum = sb_command_checksum(ccmd);
1435 static int sb_parse_line(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
1438 char *line = cmd->cmd;
1442 /* Analyze the identifier on this line first. */
1443 tok = strtok_r(line, " ", &rptr);
1444 if (!tok || (strlen(tok) == 0)) {
1445 fprintf(stderr, "#%i ERR: Invalid line!\n", cmd->lineno);
1452 if (!strcmp(tok, "DCD")) {
1453 ictx->in_section = 0;
1455 sb_build_dcd(ictx, cmd);
1460 if (!strcmp(tok, "SECTION")) {
1461 ictx->in_section = 1;
1463 sb_build_section(ictx, cmd);
1467 if (!ictx->in_section && !ictx->in_dcd) {
1468 fprintf(stderr, "#%i ERR: Data outside of a section!\n",
1473 if (ictx->in_section) {
1474 /* Section commands */
1475 if (!strcmp(tok, "NOP")) {
1476 ret = sb_build_command_nop(ictx);
1477 } else if (!strcmp(tok, "TAG")) {
1478 ret = sb_build_command_tag(ictx, cmd);
1479 } else if (!strcmp(tok, "LOAD")) {
1480 ret = sb_build_command_load(ictx, cmd);
1481 } else if (!strcmp(tok, "FILL")) {
1482 ret = sb_build_command_fill(ictx, cmd);
1483 } else if (!strcmp(tok, "JUMP")) {
1484 ret = sb_build_command_jump(ictx, cmd);
1485 } else if (!strcmp(tok, "CALL")) {
1486 ret = sb_build_command_call(ictx, cmd);
1487 } else if (!strcmp(tok, "MODE")) {
1488 ret = sb_build_command_mode(ictx, cmd);
1491 "#%i ERR: Unsupported instruction '%s'!\n",
1495 } else if (ictx->in_dcd) {
1497 uint32_t ilen = '1';
1499 tok = strtok_r(tok, ".", &lptr);
1500 if (!tok || (strlen(tok) == 0) || (lptr && strlen(lptr) != 1)) {
1501 fprintf(stderr, "#%i ERR: Invalid line!\n",
1507 (lptr[0] != '1' && lptr[0] != '2' && lptr[0] != '4')) {
1508 fprintf(stderr, "#%i ERR: Invalid instruction width!\n",
1514 ilen = lptr[0] - '1';
1517 if (!strcmp(tok, "WRITE")) {
1518 ret = sb_build_dcd_block(ictx, cmd,
1519 SB_DCD_WRITE | ilen);
1520 } else if (!strcmp(tok, "ANDC")) {
1521 ret = sb_build_dcd_block(ictx, cmd,
1522 SB_DCD_ANDC | ilen);
1523 } else if (!strcmp(tok, "ORR")) {
1524 ret = sb_build_dcd_block(ictx, cmd,
1526 } else if (!strcmp(tok, "EQZ")) {
1527 ret = sb_build_dcd_block(ictx, cmd,
1528 SB_DCD_CHK_EQZ | ilen);
1529 } else if (!strcmp(tok, "EQ")) {
1530 ret = sb_build_dcd_block(ictx, cmd,
1531 SB_DCD_CHK_EQ | ilen);
1532 } else if (!strcmp(tok, "NEQ")) {
1533 ret = sb_build_dcd_block(ictx, cmd,
1534 SB_DCD_CHK_NEQ | ilen);
1535 } else if (!strcmp(tok, "NEZ")) {
1536 ret = sb_build_dcd_block(ictx, cmd,
1537 SB_DCD_CHK_NEZ | ilen);
1538 } else if (!strcmp(tok, "NOOP")) {
1539 ret = sb_build_dcd_block(ictx, cmd, SB_DCD_NOOP);
1542 "#%i ERR: Unsupported instruction '%s'!\n",
1547 fprintf(stderr, "#%i ERR: Unsupported instruction '%s'!\n",
1553 * Here we have at least one section with one command, otherwise we
1554 * would have failed already higher above.
1556 * FIXME -- should the updating happen here ?
1558 if (ictx->in_section && !ret) {
1559 ictx->sect_tail->size += ictx->sect_tail->cmd_tail->size;
1560 ictx->sect_tail->payload.section_size =
1561 ictx->sect_tail->size / SB_BLOCK_SIZE;
1567 static int sb_load_cmdfile(struct sb_image_ctx *ictx)
1569 struct sb_cmd_list cmd;
1576 fp = fopen(ictx->cfg_filename, "r");
1580 while ((rlen = getline(&line, &len, fp)) > 0) {
1581 memset(&cmd, 0, sizeof(cmd));
1583 /* Strip the trailing newline. */
1584 line[rlen - 1] = '\0';
1588 cmd.lineno = lineno++;
1590 sb_parse_line(ictx, &cmd);
1601 fprintf(stderr, "ERR: Failed to load file \"%s\"\n",
1602 ictx->cfg_filename);
1606 static int sb_build_tree_from_cfg(struct sb_image_ctx *ictx)
1610 ret = sb_load_cmdfile(ictx);
1614 ret = sb_prefill_image_header(ictx);
1618 ret = sb_postfill_image_header(ictx);
1622 ret = sb_fixup_sections_and_tags(ictx);
1629 static int sb_verify_image_header(struct sb_image_ctx *ictx,
1630 FILE *fp, long fsize)
1632 /* Verify static fields in the image header. */
1633 struct sb_boot_image_header *hdr = &ictx->payload;
1634 const char *stat[2] = { "[PASS]", "[FAIL]" };
1637 unsigned char digest[20];
1641 /* Start image-wide crypto. */
1642 EVP_MD_CTX_init(&ictx->md_ctx);
1643 EVP_DigestInit(&ictx->md_ctx, EVP_sha1());
1645 soprintf(ictx, "---------- Verifying SB Image Header ----------\n");
1647 size = fread(&ictx->payload, 1, sizeof(ictx->payload), fp);
1648 if (size != sizeof(ictx->payload)) {
1649 fprintf(stderr, "ERR: SB image header too short!\n");
1653 /* Compute header digest. */
1654 EVP_MD_CTX_init(&md_ctx);
1655 EVP_DigestInit(&md_ctx, EVP_sha1());
1656 EVP_DigestUpdate(&md_ctx, hdr->signature1,
1657 sizeof(struct sb_boot_image_header) -
1658 sizeof(hdr->digest));
1659 EVP_DigestFinal(&md_ctx, digest, NULL);
1661 sb_aes_init(ictx, NULL, 1);
1662 sb_encrypt_sb_header(ictx);
1664 if (memcmp(digest, hdr->digest, 20))
1666 soprintf(ictx, "%s Image header checksum: %s\n", stat[!!ret],
1667 ret ? "BAD" : "OK");
1671 if (memcmp(hdr->signature1, "STMP", 4) ||
1672 memcmp(hdr->signature2, "sgtl", 4))
1674 soprintf(ictx, "%s Signatures: '%.4s' '%.4s'\n",
1675 stat[!!ret], hdr->signature1, hdr->signature2);
1679 if ((hdr->major_version != SB_VERSION_MAJOR) ||
1680 ((hdr->minor_version != 1) && (hdr->minor_version != 2)))
1682 soprintf(ictx, "%s Image version: v%i.%i\n", stat[!!ret],
1683 hdr->major_version, hdr->minor_version);
1687 ret = sb_get_time(hdr->timestamp_us / 1000000, &tm);
1689 "%s Creation time: %02i:%02i:%02i %02i/%02i/%04i\n",
1690 stat[!!ret], tm.tm_hour, tm.tm_min, tm.tm_sec,
1691 tm.tm_mday, tm.tm_mon, tm.tm_year + 2000);
1695 soprintf(ictx, "%s Product version: %x.%x.%x\n", stat[0],
1696 ntohs(hdr->product_version.major),
1697 ntohs(hdr->product_version.minor),
1698 ntohs(hdr->product_version.revision));
1699 soprintf(ictx, "%s Component version: %x.%x.%x\n", stat[0],
1700 ntohs(hdr->component_version.major),
1701 ntohs(hdr->component_version.minor),
1702 ntohs(hdr->component_version.revision));
1704 if (hdr->flags & ~SB_IMAGE_FLAG_VERBOSE)
1706 soprintf(ictx, "%s Image flags: %s\n", stat[!!ret],
1707 hdr->flags & SB_IMAGE_FLAG_VERBOSE ? "Verbose_boot" : "");
1711 if (hdr->drive_tag != 0)
1713 soprintf(ictx, "%s Drive tag: %i\n", stat[!!ret],
1718 sz = sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE;
1719 if (hdr->header_blocks != sz)
1721 soprintf(ictx, "%s Image header size (blocks): %i\n", stat[!!ret],
1722 hdr->header_blocks);
1726 sz = sizeof(struct sb_sections_header) / SB_BLOCK_SIZE;
1727 if (hdr->section_header_size != sz)
1729 soprintf(ictx, "%s Section header size (blocks): %i\n", stat[!!ret],
1730 hdr->section_header_size);
1734 soprintf(ictx, "%s Sections count: %i\n", stat[!!ret],
1735 hdr->section_count);
1736 soprintf(ictx, "%s First bootable section %i\n", stat[!!ret],
1737 hdr->first_boot_section_id);
1739 if (hdr->image_blocks != fsize / SB_BLOCK_SIZE)
1741 soprintf(ictx, "%s Image size (blocks): %i\n", stat[!!ret],
1746 sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count;
1747 if (hdr->key_dictionary_block != sz)
1749 soprintf(ictx, "%s Key dict offset (blocks): %i\n", stat[!!ret],
1750 hdr->key_dictionary_block);
1754 if (hdr->key_count != 1)
1756 soprintf(ictx, "%s Number of encryption keys: %i\n", stat[!!ret],
1761 sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count;
1762 sz += hdr->key_count *
1763 sizeof(struct sb_key_dictionary_key) / SB_BLOCK_SIZE;
1764 if (hdr->first_boot_tag_block != (unsigned)sz)
1766 soprintf(ictx, "%s First TAG block (blocks): %i\n", stat[!!ret],
1767 hdr->first_boot_tag_block);
1774 static void sb_decrypt_tag(struct sb_image_ctx *ictx,
1775 struct sb_cmd_ctx *cctx)
1777 EVP_MD_CTX *md_ctx = &ictx->md_ctx;
1778 struct sb_command *cmd = &cctx->payload;
1780 sb_aes_crypt(ictx, (uint8_t *)&cctx->c_payload,
1781 (uint8_t *)&cctx->payload, sizeof(*cmd));
1782 EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd));
1785 static int sb_verify_command(struct sb_image_ctx *ictx,
1786 struct sb_cmd_ctx *cctx, FILE *fp,
1787 unsigned long *tsize)
1789 struct sb_command *ccmd = &cctx->payload;
1790 unsigned long size, asize;
1791 char *csum, *flag = "";
1794 uint8_t csn, csc = ccmd->header.checksum;
1795 ccmd->header.checksum = 0x5a;
1796 csn = sb_command_checksum(ccmd);
1797 ccmd->header.checksum = csc;
1803 csum = ret ? "checksum BAD" : "checksum OK";
1805 switch (ccmd->header.tag) {
1807 soprintf(ictx, " NOOP # %s\n", csum);
1810 if (ccmd->header.flags & ROM_TAG_CMD_FLAG_ROM_LAST_TAG)
1812 soprintf(ictx, " TAG %s # %s\n", flag, csum);
1813 sb_aes_reinit(ictx, 0);
1816 soprintf(ictx, " LOAD addr=0x%08x length=0x%08x # %s\n",
1817 ccmd->load.address, ccmd->load.count, csum);
1819 cctx->length = ccmd->load.count;
1820 asize = roundup(cctx->length, SB_BLOCK_SIZE);
1821 cctx->data = malloc(asize);
1825 size = fread(cctx->data, 1, asize, fp);
1826 if (size != asize) {
1828 "ERR: SB LOAD command payload too short!\n");
1834 EVP_DigestUpdate(&ictx->md_ctx, cctx->data, asize);
1835 sb_aes_crypt(ictx, cctx->data, cctx->data, asize);
1837 if (ccmd->load.crc32 != crc32(cctx->data, asize)) {
1839 "ERR: SB LOAD command payload CRC32 invalid!\n");
1845 " FILL addr=0x%08x length=0x%08x pattern=0x%08x # %s\n",
1846 ccmd->fill.address, ccmd->fill.count,
1847 ccmd->fill.pattern, csum);
1850 if (ccmd->header.flags & ROM_JUMP_CMD_FLAG_HAB)
1853 " JUMP%s addr=0x%08x r0_arg=0x%08x # %s\n",
1854 flag, ccmd->fill.address, ccmd->jump.argument, csum);
1857 if (ccmd->header.flags & ROM_CALL_CMD_FLAG_HAB)
1860 " CALL%s addr=0x%08x r0_arg=0x%08x # %s\n",
1861 flag, ccmd->fill.address, ccmd->jump.argument, csum);
1864 for (i = 0; i < ARRAY_SIZE(modetable); i++) {
1865 if (ccmd->mode.mode == modetable[i].mode) {
1866 soprintf(ictx, " MODE %s # %s\n",
1867 modetable[i].name, csum);
1871 fprintf(stderr, " MODE !INVALID! # %s\n", csum);
1878 static int sb_verify_commands(struct sb_image_ctx *ictx,
1879 struct sb_section_ctx *sctx, FILE *fp)
1881 unsigned long size, tsize = 0;
1882 struct sb_cmd_ctx *cctx;
1885 sb_aes_reinit(ictx, 0);
1887 while (tsize < sctx->size) {
1888 cctx = calloc(1, sizeof(*cctx));
1891 if (!sctx->cmd_head) {
1892 sctx->cmd_head = cctx;
1893 sctx->cmd_tail = cctx;
1895 sctx->cmd_tail->cmd = cctx;
1896 sctx->cmd_tail = cctx;
1899 size = fread(&cctx->c_payload, 1, sizeof(cctx->c_payload), fp);
1900 if (size != sizeof(cctx->c_payload)) {
1901 fprintf(stderr, "ERR: SB command header too short!\n");
1907 sb_decrypt_tag(ictx, cctx);
1909 ret = sb_verify_command(ictx, cctx, fp, &tsize);
1917 static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp)
1919 struct sb_boot_image_header *hdr = &ictx->payload;
1920 struct sb_sections_header *shdr;
1923 struct sb_section_ctx *sctx;
1925 char *bootable = "";
1927 soprintf(ictx, "----- Verifying SB Sections and Commands -----\n");
1929 for (i = 0; i < hdr->section_count; i++) {
1930 sctx = calloc(1, sizeof(*sctx));
1933 if (!ictx->sect_head) {
1934 ictx->sect_head = sctx;
1935 ictx->sect_tail = sctx;
1937 ictx->sect_tail->sect = sctx;
1938 ictx->sect_tail = sctx;
1941 size = fread(&sctx->payload, 1, sizeof(sctx->payload), fp);
1942 if (size != sizeof(sctx->payload)) {
1943 fprintf(stderr, "ERR: SB section header too short!\n");
1948 size = fread(&ictx->sb_dict_key, 1, sizeof(ictx->sb_dict_key), fp);
1949 if (size != sizeof(ictx->sb_dict_key)) {
1950 fprintf(stderr, "ERR: SB key dictionary too short!\n");
1954 sb_encrypt_sb_sections_header(ictx);
1955 sb_aes_reinit(ictx, 0);
1956 sb_decrypt_key_dictionary_key(ictx);
1958 sb_aes_reinit(ictx, 0);
1960 sctx = ictx->sect_head;
1962 shdr = &sctx->payload;
1964 if (shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) {
1966 bootable = " BOOTABLE";
1969 sctx->size = (shdr->section_size * SB_BLOCK_SIZE) +
1970 sizeof(struct sb_command);
1971 soprintf(ictx, "SECTION 0x%x%s # size = %i bytes\n",
1972 shdr->section_number, bootable, sctx->size);
1974 if (shdr->section_flags & ~SB_SECTION_FLAG_BOOTABLE)
1975 fprintf(stderr, " WARN: Unknown section flag(s) %08x\n",
1976 shdr->section_flags);
1978 if ((shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) &&
1979 (hdr->first_boot_section_id != shdr->section_number)) {
1981 " WARN: Bootable section does ID not match image header ID!\n");
1984 ret = sb_verify_commands(ictx, sctx, fp);
1993 * check if the first TAG command is at sctx->section_offset
1998 static int sb_verify_image_end(struct sb_image_ctx *ictx,
1999 FILE *fp, off_t filesz)
2006 soprintf(ictx, "------------- Verifying image end -------------\n");
2008 size = fread(digest, 1, sizeof(digest), fp);
2009 if (size != sizeof(digest)) {
2010 fprintf(stderr, "ERR: SB key dictionary too short!\n");
2015 if (pos != filesz) {
2016 fprintf(stderr, "ERR: Trailing data past the image!\n");
2020 /* Check the image digest. */
2021 EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL);
2023 /* Decrypt the image digest from the input image. */
2024 sb_aes_reinit(ictx, 0);
2025 sb_aes_crypt(ictx, digest, digest, sizeof(digest));
2027 /* Check all of 20 bytes of the SHA1 hash. */
2028 ret = memcmp(digest, ictx->digest, 20) ? -EINVAL : 0;
2031 soprintf(ictx, "[FAIL] Full-image checksum: BAD\n");
2033 soprintf(ictx, "[PASS] Full-image checksum: OK\n");
2039 static int sb_build_tree_from_img(struct sb_image_ctx *ictx)
2045 if (!ictx->input_filename) {
2046 fprintf(stderr, "ERR: Missing filename!\n");
2050 fp = fopen(ictx->input_filename, "r");
2054 ret = fseek(fp, 0, SEEK_END);
2058 filesize = ftell(fp);
2062 ret = fseek(fp, 0, SEEK_SET);
2066 if (filesize < (signed)sizeof(ictx->payload)) {
2067 fprintf(stderr, "ERR: File too short!\n");
2071 if (filesize & (SB_BLOCK_SIZE - 1)) {
2072 fprintf(stderr, "ERR: The file is not aligned!\n");
2076 /* Load and verify image header */
2077 ret = sb_verify_image_header(ictx, fp, filesize);
2081 /* Load and verify sections and commands */
2082 ret = sb_verify_sections_cmds(ictx, fp);
2086 ret = sb_verify_image_end(ictx, fp, filesize);
2093 soprintf(ictx, "-------------------- Result -------------------\n");
2094 soprintf(ictx, "Verification %s\n", ret ? "FAILED" : "PASSED");
2096 /* Stop the encryption session. */
2097 sb_aes_deinit(&ictx->cipher_ctx);
2105 fprintf(stderr, "ERR: Failed to load file \"%s\"\n",
2106 ictx->input_filename);
2110 static void sb_free_image(struct sb_image_ctx *ictx)
2112 struct sb_section_ctx *sctx = ictx->sect_head, *s_head;
2113 struct sb_dcd_ctx *dctx = ictx->dcd_head, *d_head;
2114 struct sb_cmd_ctx *cctx, *c_head;
2118 c_head = sctx->cmd_head;
2122 c_head = c_head->cmd;
2135 free(d_head->payload);
2141 * MXSSB-MKIMAGE glue code.
2143 static int mxsimage_check_image_types(uint8_t type)
2145 if (type == IH_TYPE_MXSIMAGE)
2146 return EXIT_SUCCESS;
2148 return EXIT_FAILURE;
2151 static void mxsimage_set_header(void *ptr, struct stat *sbuf, int ifd,
2152 struct image_tool_params *params)
2156 int mxsimage_check_params(struct image_tool_params *params)
2160 if (!strlen(params->imagename)) {
2162 "Error: %s - Configuration file not specified, it is needed for mxsimage generation\n",
2169 * XIP is not allowed and verify that incompatible
2170 * parameters are not sent at the same time
2171 * For example, if list is required a data image must not be provided
2173 return (params->dflag && (params->fflag || params->lflag)) ||
2174 (params->fflag && (params->dflag || params->lflag)) ||
2175 (params->lflag && (params->dflag || params->fflag)) ||
2176 (params->xflag) || !(strlen(params->imagename));
2179 static int mxsimage_verify_print_header(char *file, int silent)
2182 struct sb_image_ctx ctx;
2184 memset(&ctx, 0, sizeof(ctx));
2186 ctx.input_filename = file;
2187 ctx.silent_dump = silent;
2189 ret = sb_build_tree_from_img(&ctx);
2190 sb_free_image(&ctx);
2196 static int mxsimage_verify_header(unsigned char *ptr, int image_size,
2197 struct image_tool_params *params)
2199 struct sb_boot_image_header *hdr;
2204 hdr = (struct sb_boot_image_header *)ptr;
2207 * Check if the header contains the MXS image signatures,
2208 * if so, do a full-image verification.
2210 if (memcmp(hdr->signature1, "STMP", 4) ||
2211 memcmp(hdr->signature2, "sgtl", 4))
2214 imagefile = params->imagefile;
2216 return mxsimage_verify_print_header(params->imagefile, 1);
2219 static void mxsimage_print_header(const void *hdr)
2222 mxsimage_verify_print_header(imagefile, 0);
2225 static int sb_build_image(struct sb_image_ctx *ictx,
2226 struct image_type_params *tparams)
2228 struct sb_boot_image_header *sb_header = &ictx->payload;
2229 struct sb_section_ctx *sctx;
2230 struct sb_cmd_ctx *cctx;
2231 struct sb_command *ccmd;
2232 struct sb_key_dictionary_key *sb_dict_key = &ictx->sb_dict_key;
2234 uint8_t *image, *iptr;
2236 /* Calculate image size. */
2237 uint32_t size = sizeof(*sb_header) +
2238 ictx->sect_count * sizeof(struct sb_sections_header) +
2239 sizeof(*sb_dict_key) + sizeof(ictx->digest);
2241 sctx = ictx->sect_head;
2247 image = malloc(size);
2252 memcpy(iptr, sb_header, sizeof(*sb_header));
2253 iptr += sizeof(*sb_header);
2255 sctx = ictx->sect_head;
2257 memcpy(iptr, &sctx->payload, sizeof(struct sb_sections_header));
2258 iptr += sizeof(struct sb_sections_header);
2262 memcpy(iptr, sb_dict_key, sizeof(*sb_dict_key));
2263 iptr += sizeof(*sb_dict_key);
2265 sctx = ictx->sect_head;
2267 cctx = sctx->cmd_head;
2269 ccmd = &cctx->payload;
2271 memcpy(iptr, &cctx->c_payload, sizeof(cctx->payload));
2272 iptr += sizeof(cctx->payload);
2274 if (ccmd->header.tag == ROM_LOAD_CMD) {
2275 memcpy(iptr, cctx->data, cctx->length);
2276 iptr += cctx->length;
2285 memcpy(iptr, ictx->digest, sizeof(ictx->digest));
2286 iptr += sizeof(ictx->digest);
2288 /* Configure the mkimage */
2289 tparams->hdr = image;
2290 tparams->header_size = size;
2295 static int mxsimage_generate(struct image_tool_params *params,
2296 struct image_type_params *tparams)
2299 struct sb_image_ctx ctx;
2301 /* Do not copy the U-Boot image! */
2302 params->skipcpy = 1;
2304 memset(&ctx, 0, sizeof(ctx));
2306 ctx.cfg_filename = params->imagename;
2307 ctx.output_filename = params->imagefile;
2308 ctx.verbose_boot = 1;
2310 ret = sb_build_tree_from_cfg(&ctx);
2314 ret = sb_encrypt_image(&ctx);
2316 ret = sb_build_image(&ctx, tparams);
2319 sb_free_image(&ctx);
2325 * mxsimage parameters
2327 static struct image_type_params mxsimage_params = {
2328 .name = "Freescale MXS Boot Image support",
2331 .check_image_type = mxsimage_check_image_types,
2332 .verify_header = mxsimage_verify_header,
2333 .print_header = mxsimage_print_header,
2334 .set_header = mxsimage_set_header,
2335 .check_params = mxsimage_check_params,
2336 .vrec_header = mxsimage_generate,
2339 void init_mxs_image_type(void)
2341 register_image_type(&mxsimage_params);
2345 void init_mxs_image_type(void)