2 * Freescale i.MX23/i.MX28 SB image generator
4 * Copyright (C) 2012-2013 Marek Vasut <marex@denx.de>
6 * SPDX-License-Identifier: GPL-2.0+
18 #include <openssl/evp.h>
20 #include "imagetool.h"
22 #include "pbl_crc32.h"
26 * OpenSSL 1.1.0 and newer compatibility functions:
27 * https://wiki.openssl.org/index.php/1.1_API_Changes
29 #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
30 (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
31 static void *OPENSSL_zalloc(size_t num)
33 void *ret = OPENSSL_malloc(num);
40 EVP_MD_CTX *EVP_MD_CTX_new(void)
42 return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
45 void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
47 EVP_MD_CTX_cleanup(ctx);
51 int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
53 return EVP_CIPHER_CTX_cleanup(ctx);
59 * |-Write to address command block
62 * |-ORR address with mask command block
64 * |-Write to address command block
68 #define SB_HAB_DCD_WRITE 0xccUL
69 #define SB_HAB_DCD_CHECK 0xcfUL
70 #define SB_HAB_DCD_NOOP 0xc0UL
71 #define SB_HAB_DCD_MASK_BIT (1 << 3)
72 #define SB_HAB_DCD_SET_BIT (1 << 4)
74 /* Addr.n = Value.n */
75 #define SB_DCD_WRITE \
76 (SB_HAB_DCD_WRITE << 24)
77 /* Addr.n &= ~Value.n */
79 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT)
80 /* Addr.n |= Value.n */
82 ((SB_HAB_DCD_WRITE << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
83 /* (Addr.n & Value.n) == 0 */
84 #define SB_DCD_CHK_EQZ \
85 (SB_HAB_DCD_CHECK << 24)
86 /* (Addr.n & Value.n) == Value.n */
87 #define SB_DCD_CHK_EQ \
88 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT)
89 /* (Addr.n & Value.n) != Value.n */
90 #define SB_DCD_CHK_NEQ \
91 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_MASK_BIT)
92 /* (Addr.n & Value.n) != 0 */
93 #define SB_DCD_CHK_NEZ \
94 ((SB_HAB_DCD_CHECK << 24) | SB_HAB_DCD_SET_BIT | SB_HAB_DCD_MASK_BIT)
97 (SB_HAB_DCD_NOOP << 24)
100 struct sb_dcd_ctx *dcd;
106 /* Size of the whole DCD block. */
109 /* Pointer to previous DCD command block. */
110 uint32_t *prev_dcd_head;
132 struct sb_cmd_ctx *cmd;
137 struct sb_command payload;
138 struct sb_command c_payload;
141 struct sb_section_ctx {
147 struct sb_section_ctx *sect;
149 struct sb_cmd_ctx *cmd_head;
150 struct sb_cmd_ctx *cmd_tail;
152 struct sb_sections_header payload;
155 struct sb_image_ctx {
156 unsigned int in_section:1;
157 unsigned int in_dcd:1;
158 /* Image configuration */
159 unsigned int display_progress:1;
160 unsigned int silent_dump:1;
161 char *input_filename;
162 char *output_filename;
164 uint8_t image_key[16];
166 /* Number of section in the image */
167 unsigned int sect_count;
168 /* Bootable section */
169 unsigned int sect_boot;
170 unsigned int sect_boot_found:1;
172 struct sb_section_ctx *sect_head;
173 struct sb_section_ctx *sect_tail;
175 struct sb_dcd_ctx *dcd_head;
176 struct sb_dcd_ctx *dcd_tail;
178 EVP_CIPHER_CTX *cipher_ctx;
181 struct sb_key_dictionary_key sb_dict_key;
183 struct sb_boot_image_header payload;
187 * Instruction semantics:
191 * LOAD IVT address IVT_entry_point
192 * FILL address pattern length
193 * JUMP [HAB] address [r0_arg]
194 * CALL [HAB] address [r0_arg]
196 * For i.MX23, mode = USB/I2C/SPI1_FLASH/SPI2_FLASH/NAND_BCH
197 * JTAG/SPI3_EEPROM/SD_SSP0/SD_SSP1
198 * For i.MX28, mode = USB/I2C/SPI2_FLASH/SPI3_FLASH/NAND_BCH
199 * JTAG/SPI2_EEPROM/SD_SSP0/SD_SSP1
205 static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc)
210 /* If there is no init vector, init vector is all zeroes. */
212 iv = ictx->image_key;
214 ctx = EVP_CIPHER_CTX_new();
215 ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc);
217 EVP_CIPHER_CTX_set_padding(ctx, 0);
218 ictx->cipher_ctx = ctx;
223 static int sb_aes_crypt(struct sb_image_ctx *ictx, uint8_t *in_data,
224 uint8_t *out_data, int in_len)
226 EVP_CIPHER_CTX *ctx = ictx->cipher_ctx;
230 outbuf = malloc(in_len);
233 memset(outbuf, 0, sizeof(in_len));
235 ret = EVP_CipherUpdate(ctx, outbuf, &outlen, in_data, in_len);
242 memcpy(out_data, outbuf, outlen);
249 static int sb_aes_deinit(EVP_CIPHER_CTX *ctx)
251 return EVP_CIPHER_CTX_reset(ctx);
254 static int sb_aes_reinit(struct sb_image_ctx *ictx, int enc)
257 EVP_CIPHER_CTX *ctx = ictx->cipher_ctx;
258 struct sb_boot_image_header *sb_header = &ictx->payload;
259 uint8_t *iv = sb_header->iv;
261 ret = sb_aes_deinit(ctx);
264 return sb_aes_init(ictx, iv, enc);
270 static void soprintf(struct sb_image_ctx *ictx, const char *fmt, ...)
274 if (ictx->silent_dump)
278 vfprintf(stdout, fmt, ap);
285 static time_t sb_get_timestamp(void)
287 struct tm time_2000 = {
288 .tm_yday = 1, /* Jan. 1st */
289 .tm_year = 100, /* 2000 */
291 time_t seconds_to_2000 = mktime(&time_2000);
292 time_t seconds_to_now = time(NULL);
294 return seconds_to_now - seconds_to_2000;
297 static int sb_get_time(time_t time, struct tm *tm)
299 struct tm time_2000 = {
300 .tm_yday = 1, /* Jan. 1st */
301 .tm_year = 0, /* 1900 */
303 const time_t seconds_to_2000 = mktime(&time_2000);
304 const time_t seconds_to_now = seconds_to_2000 + time;
306 ret = gmtime_r(&seconds_to_now, tm);
307 return ret ? 0 : -EINVAL;
310 static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
312 EVP_MD_CTX *md_ctx = ictx->md_ctx;
313 struct sb_boot_image_header *sb_header = &ictx->payload;
314 uint8_t *sb_header_ptr = (uint8_t *)sb_header;
316 /* Encrypt the header, compute the digest. */
317 sb_aes_crypt(ictx, sb_header_ptr, NULL, sizeof(*sb_header));
318 EVP_DigestUpdate(md_ctx, sb_header_ptr, sizeof(*sb_header));
321 static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx)
323 EVP_MD_CTX *md_ctx = ictx->md_ctx;
324 struct sb_section_ctx *sctx = ictx->sect_head;
325 struct sb_sections_header *shdr;
326 uint8_t *sb_sections_header_ptr;
327 const int size = sizeof(*shdr);
330 shdr = &sctx->payload;
331 sb_sections_header_ptr = (uint8_t *)shdr;
333 sb_aes_crypt(ictx, sb_sections_header_ptr,
334 ictx->sb_dict_key.cbc_mac, size);
335 EVP_DigestUpdate(md_ctx, sb_sections_header_ptr, size);
341 static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx)
343 EVP_MD_CTX *md_ctx = ictx->md_ctx;
345 sb_aes_crypt(ictx, ictx->image_key, ictx->sb_dict_key.key,
346 sizeof(ictx->sb_dict_key.key));
347 EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
350 static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx)
352 EVP_MD_CTX *md_ctx = ictx->md_ctx;
354 EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
355 sb_aes_crypt(ictx, ictx->sb_dict_key.key, ictx->image_key,
356 sizeof(ictx->sb_dict_key.key));
359 static void sb_encrypt_tag(struct sb_image_ctx *ictx,
360 struct sb_cmd_ctx *cctx)
362 EVP_MD_CTX *md_ctx = ictx->md_ctx;
363 struct sb_command *cmd = &cctx->payload;
365 sb_aes_crypt(ictx, (uint8_t *)cmd,
366 (uint8_t *)&cctx->c_payload, sizeof(*cmd));
367 EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd));
370 static int sb_encrypt_image(struct sb_image_ctx *ictx)
372 /* Start image-wide crypto. */
373 ictx->md_ctx = EVP_MD_CTX_new();
374 EVP_DigestInit(ictx->md_ctx, EVP_sha1());
379 sb_aes_init(ictx, NULL, 1);
380 sb_encrypt_sb_header(ictx);
383 * SB sections header.
385 sb_encrypt_sb_sections_header(ictx);
390 sb_aes_reinit(ictx, 1);
391 sb_encrypt_key_dictionary_key(ictx);
396 struct sb_cmd_ctx *cctx;
397 struct sb_command *ccmd;
398 struct sb_section_ctx *sctx = ictx->sect_head;
401 cctx = sctx->cmd_head;
403 sb_aes_reinit(ictx, 1);
406 ccmd = &cctx->payload;
408 sb_encrypt_tag(ictx, cctx);
410 if (ccmd->header.tag == ROM_TAG_CMD) {
411 sb_aes_reinit(ictx, 1);
412 } else if (ccmd->header.tag == ROM_LOAD_CMD) {
413 sb_aes_crypt(ictx, cctx->data, cctx->data,
415 EVP_DigestUpdate(ictx->md_ctx, cctx->data,
426 * Dump the SHA1 of the whole image.
428 sb_aes_reinit(ictx, 1);
430 EVP_DigestFinal(ictx->md_ctx, ictx->digest, NULL);
431 EVP_MD_CTX_free(ictx->md_ctx);
432 sb_aes_crypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest));
434 /* Stop the encryption session. */
435 sb_aes_deinit(ictx->cipher_ctx);
440 static int sb_load_file(struct sb_cmd_ctx *cctx, char *filename)
442 long real_size, roundup_size;
449 fprintf(stderr, "ERR: Missing filename!\n");
453 fp = fopen(filename, "r");
457 ret = fseek(fp, 0, SEEK_END);
461 real_size = ftell(fp);
465 ret = fseek(fp, 0, SEEK_SET);
469 roundup_size = roundup(real_size, SB_BLOCK_SIZE);
470 data = calloc(1, roundup_size);
474 size = fread(data, 1, real_size, fp);
475 if (size != (unsigned long)real_size)
479 cctx->length = roundup_size;
489 fprintf(stderr, "ERR: Failed to load file \"%s\"\n", filename);
493 static uint8_t sb_command_checksum(struct sb_command *inst)
495 uint8_t *inst_ptr = (uint8_t *)inst;
499 for (i = 0; i < sizeof(struct sb_command); i++)
505 static int sb_token_to_long(char *tok, uint32_t *rid)
510 if (tok[0] != '0' || tok[1] != 'x') {
511 fprintf(stderr, "ERR: Invalid hexadecimal number!\n");
518 id = strtoul(tok, &endptr, 16);
519 if ((errno == ERANGE && id == ULONG_MAX) || (errno != 0 && id == 0)) {
520 fprintf(stderr, "ERR: Value can't be decoded!\n");
524 /* Check for 32-bit overflow. */
525 if (id > 0xffffffff) {
526 fprintf(stderr, "ERR: Value too big!\n");
531 fprintf(stderr, "ERR: Deformed value!\n");
539 static int sb_grow_dcd(struct sb_dcd_ctx *dctx, unsigned int inc_size)
546 dctx->size += inc_size;
547 tmp = realloc(dctx->payload, dctx->size);
553 /* Assemble and update the HAB DCD header. */
554 dctx->payload[0] = htonl((SB_HAB_DCD_TAG << 24) |
561 static int sb_build_dcd(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
563 struct sb_dcd_ctx *dctx;
569 dctx = calloc(1, sizeof(*dctx));
573 ret = sb_grow_dcd(dctx, 4);
577 /* Read DCD block number. */
578 tok = strtok(cmd->cmd, " ");
580 fprintf(stderr, "#%i ERR: DCD block without number!\n",
586 /* Parse the DCD block number. */
587 ret = sb_token_to_long(tok, &id);
589 fprintf(stderr, "#%i ERR: Malformed DCD block number!\n",
597 * The DCD block is now constructed. Append it to the list.
598 * WARNING: The DCD size is still not computed and will be
599 * updated while parsing it's commands.
601 if (!ictx->dcd_head) {
602 ictx->dcd_head = dctx;
603 ictx->dcd_tail = dctx;
605 ictx->dcd_tail->dcd = dctx;
606 ictx->dcd_tail = dctx;
617 static int sb_build_dcd_block(struct sb_image_ctx *ictx,
618 struct sb_cmd_list *cmd,
622 uint32_t address, value, length;
625 struct sb_dcd_ctx *dctx = ictx->dcd_tail;
628 if (dctx->prev_dcd_head && (type != SB_DCD_NOOP) &&
629 ((dctx->prev_dcd_head[0] & 0xff0000ff) == type)) {
630 /* Same instruction as before, just append it. */
631 ret = sb_grow_dcd(dctx, 8);
634 } else if (type == SB_DCD_NOOP) {
635 ret = sb_grow_dcd(dctx, 4);
639 /* Update DCD command block pointer. */
640 dctx->prev_dcd_head = dctx->payload +
641 dctx->size / sizeof(*dctx->payload) - 1;
643 /* NOOP has only 4 bytes and no payload. */
647 * Either a different instruction block started now
648 * or this is the first instruction block.
650 ret = sb_grow_dcd(dctx, 12);
654 /* Update DCD command block pointer. */
655 dctx->prev_dcd_head = dctx->payload +
656 dctx->size / sizeof(*dctx->payload) - 3;
659 dcd = dctx->payload + dctx->size / sizeof(*dctx->payload) - 2;
662 * Prepare the command.
664 tok = strtok(cmd->cmd, " ");
666 fprintf(stderr, "#%i ERR: Missing DCD address!\n",
672 /* Read DCD destination address. */
673 ret = sb_token_to_long(tok, &address);
675 fprintf(stderr, "#%i ERR: Incorrect DCD address!\n",
680 tok = strtok(NULL, " ");
682 fprintf(stderr, "#%i ERR: Missing DCD value!\n",
688 /* Read DCD operation value. */
689 ret = sb_token_to_long(tok, &value);
691 fprintf(stderr, "#%i ERR: Incorrect DCD value!\n",
696 /* Fill in the new DCD entry. */
697 dcd[0] = htonl(address);
698 dcd[1] = htonl(value);
701 /* Update the DCD command block. */
702 length = dctx->size -
703 ((dctx->prev_dcd_head - dctx->payload) *
704 sizeof(*dctx->payload));
705 dctx->prev_dcd_head[0] = htonl(type | (length << 8));
711 static int sb_build_section(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
713 struct sb_section_ctx *sctx;
714 struct sb_sections_header *shdr;
716 uint32_t bootable = 0;
720 sctx = calloc(1, sizeof(*sctx));
724 /* Read section number. */
725 tok = strtok(cmd->cmd, " ");
727 fprintf(stderr, "#%i ERR: Section without number!\n",
733 /* Parse the section number. */
734 ret = sb_token_to_long(tok, &id);
736 fprintf(stderr, "#%i ERR: Malformed section number!\n",
741 /* Read section's BOOTABLE flag. */
742 tok = strtok(NULL, " ");
743 if (tok && (strlen(tok) == 8) && !strncmp(tok, "BOOTABLE", 8))
744 bootable = SB_SECTION_FLAG_BOOTABLE;
746 sctx->boot = bootable;
748 shdr = &sctx->payload;
749 shdr->section_number = id;
750 shdr->section_flags = bootable;
753 * The section is now constructed. Append it to the list.
754 * WARNING: The section size is still not computed and will
755 * be updated while parsing it's commands.
759 /* Mark that this section is bootable one. */
761 if (ictx->sect_boot_found) {
763 "#%i WARN: Multiple bootable section!\n",
766 ictx->sect_boot = id;
767 ictx->sect_boot_found = 1;
771 if (!ictx->sect_head) {
772 ictx->sect_head = sctx;
773 ictx->sect_tail = sctx;
775 ictx->sect_tail->sect = sctx;
776 ictx->sect_tail = sctx;
786 static int sb_build_command_nop(struct sb_image_ctx *ictx)
788 struct sb_section_ctx *sctx = ictx->sect_tail;
789 struct sb_cmd_ctx *cctx;
790 struct sb_command *ccmd;
792 cctx = calloc(1, sizeof(*cctx));
796 ccmd = &cctx->payload;
799 * Construct the command.
801 ccmd->header.checksum = 0x5a;
802 ccmd->header.tag = ROM_NOP_CMD;
804 cctx->size = sizeof(*ccmd);
807 * Append the command to the last section.
809 if (!sctx->cmd_head) {
810 sctx->cmd_head = cctx;
811 sctx->cmd_tail = cctx;
813 sctx->cmd_tail->cmd = cctx;
814 sctx->cmd_tail = cctx;
820 static int sb_build_command_tag(struct sb_image_ctx *ictx,
821 struct sb_cmd_list *cmd)
823 struct sb_section_ctx *sctx = ictx->sect_tail;
824 struct sb_cmd_ctx *cctx;
825 struct sb_command *ccmd;
828 cctx = calloc(1, sizeof(*cctx));
832 ccmd = &cctx->payload;
835 * Prepare the command.
837 /* Check for the LAST keyword. */
838 tok = strtok(cmd->cmd, " ");
839 if (tok && !strcmp(tok, "LAST"))
840 ccmd->header.flags = ROM_TAG_CMD_FLAG_ROM_LAST_TAG;
843 * Construct the command.
845 ccmd->header.checksum = 0x5a;
846 ccmd->header.tag = ROM_TAG_CMD;
848 cctx->size = sizeof(*ccmd);
851 * Append the command to the last section.
853 if (!sctx->cmd_head) {
854 sctx->cmd_head = cctx;
855 sctx->cmd_tail = cctx;
857 sctx->cmd_tail->cmd = cctx;
858 sctx->cmd_tail = cctx;
864 static int sb_build_command_load(struct sb_image_ctx *ictx,
865 struct sb_cmd_list *cmd)
867 struct sb_section_ctx *sctx = ictx->sect_tail;
868 struct sb_cmd_ctx *cctx;
869 struct sb_command *ccmd;
871 int ret, is_ivt = 0, is_dcd = 0;
872 uint32_t dest, dcd = 0;
874 cctx = calloc(1, sizeof(*cctx));
878 ccmd = &cctx->payload;
881 * Prepare the command.
883 tok = strtok(cmd->cmd, " ");
885 fprintf(stderr, "#%i ERR: Missing LOAD address or 'IVT'!\n",
891 /* Check for "IVT" flag. */
892 if (!strcmp(tok, "IVT"))
894 if (!strcmp(tok, "DCD"))
896 if (is_ivt || is_dcd) {
897 tok = strtok(NULL, " ");
899 fprintf(stderr, "#%i ERR: Missing LOAD address!\n",
906 /* Read load destination address. */
907 ret = sb_token_to_long(tok, &dest);
909 fprintf(stderr, "#%i ERR: Incorrect LOAD address!\n",
914 /* Read filename or IVT entrypoint or DCD block ID. */
915 tok = strtok(NULL, " ");
918 "#%i ERR: Missing LOAD filename or IVT ep or DCD block ID!\n",
926 struct sb_ivt_header *ivt;
928 ret = sb_token_to_long(tok, &ivtep);
932 "#%i ERR: Incorrect IVT entry point!\n",
937 ivt = calloc(1, sizeof(*ivt));
943 ivt->header = sb_hab_ivt_header();
947 cctx->data = (uint8_t *)ivt;
948 cctx->length = sizeof(*ivt);
950 struct sb_dcd_ctx *dctx = ictx->dcd_head;
954 ret = sb_token_to_long(tok, &dcdid);
958 "#%i ERR: Incorrect DCD block ID!\n",
964 if (dctx->id == dcdid)
970 fprintf(stderr, "#%i ERR: DCD block %08x not found!\n",
975 asize = roundup(dctx->size, SB_BLOCK_SIZE);
976 payload = calloc(1, asize);
982 memcpy(payload, dctx->payload, dctx->size);
984 cctx->data = payload;
985 cctx->length = asize;
987 /* Set the Load DCD flag. */
988 dcd = ROM_LOAD_CMD_FLAG_DCD_LOAD;
990 /* Regular LOAD of a file. */
991 ret = sb_load_file(cctx, tok);
993 fprintf(stderr, "#%i ERR: Cannot load '%s'!\n",
999 if (cctx->length & (SB_BLOCK_SIZE - 1)) {
1000 fprintf(stderr, "#%i ERR: Unaligned payload!\n",
1005 * Construct the command.
1007 ccmd->header.checksum = 0x5a;
1008 ccmd->header.tag = ROM_LOAD_CMD;
1009 ccmd->header.flags = dcd;
1011 ccmd->load.address = dest;
1012 ccmd->load.count = cctx->length;
1013 ccmd->load.crc32 = pbl_crc32(0,
1014 (const char *)cctx->data,
1017 cctx->size = sizeof(*ccmd) + cctx->length;
1020 * Append the command to the last section.
1022 if (!sctx->cmd_head) {
1023 sctx->cmd_head = cctx;
1024 sctx->cmd_tail = cctx;
1026 sctx->cmd_tail->cmd = cctx;
1027 sctx->cmd_tail = cctx;
1037 static int sb_build_command_fill(struct sb_image_ctx *ictx,
1038 struct sb_cmd_list *cmd)
1040 struct sb_section_ctx *sctx = ictx->sect_tail;
1041 struct sb_cmd_ctx *cctx;
1042 struct sb_command *ccmd;
1044 uint32_t address, pattern, length;
1047 cctx = calloc(1, sizeof(*cctx));
1051 ccmd = &cctx->payload;
1054 * Prepare the command.
1056 tok = strtok(cmd->cmd, " ");
1058 fprintf(stderr, "#%i ERR: Missing FILL address!\n",
1064 /* Read fill destination address. */
1065 ret = sb_token_to_long(tok, &address);
1067 fprintf(stderr, "#%i ERR: Incorrect FILL address!\n",
1072 tok = strtok(NULL, " ");
1074 fprintf(stderr, "#%i ERR: Missing FILL pattern!\n",
1080 /* Read fill pattern address. */
1081 ret = sb_token_to_long(tok, &pattern);
1083 fprintf(stderr, "#%i ERR: Incorrect FILL pattern!\n",
1088 tok = strtok(NULL, " ");
1090 fprintf(stderr, "#%i ERR: Missing FILL length!\n",
1096 /* Read fill pattern address. */
1097 ret = sb_token_to_long(tok, &length);
1099 fprintf(stderr, "#%i ERR: Incorrect FILL length!\n",
1105 * Construct the command.
1107 ccmd->header.checksum = 0x5a;
1108 ccmd->header.tag = ROM_FILL_CMD;
1110 ccmd->fill.address = address;
1111 ccmd->fill.count = length;
1112 ccmd->fill.pattern = pattern;
1114 cctx->size = sizeof(*ccmd);
1117 * Append the command to the last section.
1119 if (!sctx->cmd_head) {
1120 sctx->cmd_head = cctx;
1121 sctx->cmd_tail = cctx;
1123 sctx->cmd_tail->cmd = cctx;
1124 sctx->cmd_tail = cctx;
1134 static int sb_build_command_jump_call(struct sb_image_ctx *ictx,
1135 struct sb_cmd_list *cmd,
1136 unsigned int is_call)
1138 struct sb_section_ctx *sctx = ictx->sect_tail;
1139 struct sb_cmd_ctx *cctx;
1140 struct sb_command *ccmd;
1142 uint32_t dest, arg = 0x0;
1145 const char *cmdname = is_call ? "CALL" : "JUMP";
1147 cctx = calloc(1, sizeof(*cctx));
1151 ccmd = &cctx->payload;
1154 * Prepare the command.
1156 tok = strtok(cmd->cmd, " ");
1159 "#%i ERR: Missing %s address or 'HAB'!\n",
1160 cmd->lineno, cmdname);
1165 /* Check for "HAB" flag. */
1166 if (!strcmp(tok, "HAB")) {
1167 hab = is_call ? ROM_CALL_CMD_FLAG_HAB : ROM_JUMP_CMD_FLAG_HAB;
1168 tok = strtok(NULL, " ");
1170 fprintf(stderr, "#%i ERR: Missing %s address!\n",
1171 cmd->lineno, cmdname);
1176 /* Read load destination address. */
1177 ret = sb_token_to_long(tok, &dest);
1179 fprintf(stderr, "#%i ERR: Incorrect %s address!\n",
1180 cmd->lineno, cmdname);
1184 tok = strtok(NULL, " ");
1186 ret = sb_token_to_long(tok, &arg);
1189 "#%i ERR: Incorrect %s argument!\n",
1190 cmd->lineno, cmdname);
1196 * Construct the command.
1198 ccmd->header.checksum = 0x5a;
1199 ccmd->header.tag = is_call ? ROM_CALL_CMD : ROM_JUMP_CMD;
1200 ccmd->header.flags = hab;
1202 ccmd->call.address = dest;
1203 ccmd->call.argument = arg;
1205 cctx->size = sizeof(*ccmd);
1208 * Append the command to the last section.
1210 if (!sctx->cmd_head) {
1211 sctx->cmd_head = cctx;
1212 sctx->cmd_tail = cctx;
1214 sctx->cmd_tail->cmd = cctx;
1215 sctx->cmd_tail = cctx;
1225 static int sb_build_command_jump(struct sb_image_ctx *ictx,
1226 struct sb_cmd_list *cmd)
1228 return sb_build_command_jump_call(ictx, cmd, 0);
1231 static int sb_build_command_call(struct sb_image_ctx *ictx,
1232 struct sb_cmd_list *cmd)
1234 return sb_build_command_jump_call(ictx, cmd, 1);
1237 static int sb_build_command_mode(struct sb_image_ctx *ictx,
1238 struct sb_cmd_list *cmd)
1240 struct sb_section_ctx *sctx = ictx->sect_tail;
1241 struct sb_cmd_ctx *cctx;
1242 struct sb_command *ccmd;
1246 uint32_t mode = 0xffffffff;
1248 cctx = calloc(1, sizeof(*cctx));
1252 ccmd = &cctx->payload;
1255 * Prepare the command.
1257 tok = strtok(cmd->cmd, " ");
1259 fprintf(stderr, "#%i ERR: Missing MODE boot mode argument!\n",
1265 for (i = 0; i < ARRAY_SIZE(modetable); i++) {
1266 if (!strcmp(tok, modetable[i].name)) {
1267 mode = modetable[i].mode;
1271 if (!modetable[i].altname)
1274 if (!strcmp(tok, modetable[i].altname)) {
1275 mode = modetable[i].mode;
1280 if (mode == 0xffffffff) {
1281 fprintf(stderr, "#%i ERR: Invalid MODE boot mode argument!\n",
1288 * Construct the command.
1290 ccmd->header.checksum = 0x5a;
1291 ccmd->header.tag = ROM_MODE_CMD;
1293 ccmd->mode.mode = mode;
1295 cctx->size = sizeof(*ccmd);
1298 * Append the command to the last section.
1300 if (!sctx->cmd_head) {
1301 sctx->cmd_head = cctx;
1302 sctx->cmd_tail = cctx;
1304 sctx->cmd_tail->cmd = cctx;
1305 sctx->cmd_tail = cctx;
1315 static int sb_prefill_image_header(struct sb_image_ctx *ictx)
1317 struct sb_boot_image_header *hdr = &ictx->payload;
1319 /* Fill signatures */
1320 memcpy(hdr->signature1, "STMP", 4);
1321 memcpy(hdr->signature2, "sgtl", 4);
1323 /* SB Image version 1.1 */
1324 hdr->major_version = SB_VERSION_MAJOR;
1325 hdr->minor_version = SB_VERSION_MINOR;
1327 /* Boot image major version */
1328 hdr->product_version.major = htons(0x999);
1329 hdr->product_version.minor = htons(0x999);
1330 hdr->product_version.revision = htons(0x999);
1331 /* Boot image major version */
1332 hdr->component_version.major = htons(0x999);
1333 hdr->component_version.minor = htons(0x999);
1334 hdr->component_version.revision = htons(0x999);
1336 /* Drive tag must be 0x0 for i.MX23 */
1339 hdr->header_blocks =
1340 sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE;
1341 hdr->section_header_size =
1342 sizeof(struct sb_sections_header) / SB_BLOCK_SIZE;
1343 hdr->timestamp_us = sb_get_timestamp() * 1000000;
1345 hdr->flags = ictx->display_progress ?
1346 SB_IMAGE_FLAG_DISPLAY_PROGRESS : 0;
1348 /* FIXME -- We support only default key */
1354 static int sb_postfill_image_header(struct sb_image_ctx *ictx)
1356 struct sb_boot_image_header *hdr = &ictx->payload;
1357 struct sb_section_ctx *sctx = ictx->sect_head;
1358 uint32_t kd_size, sections_blocks;
1361 /* The main SB header size in blocks. */
1362 hdr->image_blocks = hdr->header_blocks;
1364 /* Size of the key dictionary, which has single zero entry. */
1365 kd_size = hdr->key_count * sizeof(struct sb_key_dictionary_key);
1366 hdr->image_blocks += kd_size / SB_BLOCK_SIZE;
1368 /* Now count the payloads. */
1369 hdr->section_count = ictx->sect_count;
1371 hdr->image_blocks += sctx->size / SB_BLOCK_SIZE;
1375 if (!ictx->sect_boot_found) {
1376 fprintf(stderr, "ERR: No bootable section selected!\n");
1379 hdr->first_boot_section_id = ictx->sect_boot;
1381 /* The n * SB section size in blocks. */
1382 sections_blocks = hdr->section_count * hdr->section_header_size;
1383 hdr->image_blocks += sections_blocks;
1385 /* Key dictionary offset. */
1386 hdr->key_dictionary_block = hdr->header_blocks + sections_blocks;
1388 /* Digest of the whole image. */
1389 hdr->image_blocks += 2;
1391 /* Pointer past the dictionary. */
1392 hdr->first_boot_tag_block =
1393 hdr->key_dictionary_block + kd_size / SB_BLOCK_SIZE;
1395 /* Compute header digest. */
1396 md_ctx = EVP_MD_CTX_new();
1398 EVP_DigestInit(md_ctx, EVP_sha1());
1399 EVP_DigestUpdate(md_ctx, hdr->signature1,
1400 sizeof(struct sb_boot_image_header) -
1401 sizeof(hdr->digest));
1402 EVP_DigestFinal(md_ctx, hdr->digest, NULL);
1403 EVP_MD_CTX_free(md_ctx);
1408 static int sb_fixup_sections_and_tags(struct sb_image_ctx *ictx)
1410 /* Fixup the placement of sections. */
1411 struct sb_boot_image_header *ihdr = &ictx->payload;
1412 struct sb_section_ctx *sctx = ictx->sect_head;
1413 struct sb_sections_header *shdr;
1414 struct sb_cmd_ctx *cctx;
1415 struct sb_command *ccmd;
1416 uint32_t offset = ihdr->first_boot_tag_block;
1419 shdr = &sctx->payload;
1421 /* Fill in the section TAG offset. */
1422 shdr->section_offset = offset + 1;
1423 offset += shdr->section_size;
1425 /* Section length is measured from the TAG block. */
1426 shdr->section_size--;
1428 /* Fixup the TAG command. */
1429 cctx = sctx->cmd_head;
1431 ccmd = &cctx->payload;
1432 if (ccmd->header.tag == ROM_TAG_CMD) {
1433 ccmd->tag.section_number = shdr->section_number;
1434 ccmd->tag.section_length = shdr->section_size;
1435 ccmd->tag.section_flags = shdr->section_flags;
1438 /* Update the command checksum. */
1439 ccmd->header.checksum = sb_command_checksum(ccmd);
1450 static int sb_parse_line(struct sb_image_ctx *ictx, struct sb_cmd_list *cmd)
1453 char *line = cmd->cmd;
1457 /* Analyze the identifier on this line first. */
1458 tok = strtok_r(line, " ", &rptr);
1459 if (!tok || (strlen(tok) == 0)) {
1460 fprintf(stderr, "#%i ERR: Invalid line!\n", cmd->lineno);
1466 /* set DISPLAY_PROGRESS flag */
1467 if (!strcmp(tok, "DISPLAYPROGRESS")) {
1468 ictx->display_progress = 1;
1473 if (!strcmp(tok, "DCD")) {
1474 ictx->in_section = 0;
1476 sb_build_dcd(ictx, cmd);
1481 if (!strcmp(tok, "SECTION")) {
1482 ictx->in_section = 1;
1484 sb_build_section(ictx, cmd);
1488 if (!ictx->in_section && !ictx->in_dcd) {
1489 fprintf(stderr, "#%i ERR: Data outside of a section!\n",
1494 if (ictx->in_section) {
1495 /* Section commands */
1496 if (!strcmp(tok, "NOP")) {
1497 ret = sb_build_command_nop(ictx);
1498 } else if (!strcmp(tok, "TAG")) {
1499 ret = sb_build_command_tag(ictx, cmd);
1500 } else if (!strcmp(tok, "LOAD")) {
1501 ret = sb_build_command_load(ictx, cmd);
1502 } else if (!strcmp(tok, "FILL")) {
1503 ret = sb_build_command_fill(ictx, cmd);
1504 } else if (!strcmp(tok, "JUMP")) {
1505 ret = sb_build_command_jump(ictx, cmd);
1506 } else if (!strcmp(tok, "CALL")) {
1507 ret = sb_build_command_call(ictx, cmd);
1508 } else if (!strcmp(tok, "MODE")) {
1509 ret = sb_build_command_mode(ictx, cmd);
1512 "#%i ERR: Unsupported instruction '%s'!\n",
1516 } else if (ictx->in_dcd) {
1518 uint32_t ilen = '1';
1520 tok = strtok_r(tok, ".", &lptr);
1521 if (!tok || (strlen(tok) == 0) || (lptr && strlen(lptr) != 1)) {
1522 fprintf(stderr, "#%i ERR: Invalid line!\n",
1528 (lptr[0] != '1' && lptr[0] != '2' && lptr[0] != '4')) {
1529 fprintf(stderr, "#%i ERR: Invalid instruction width!\n",
1535 ilen = lptr[0] - '1';
1538 if (!strcmp(tok, "WRITE")) {
1539 ret = sb_build_dcd_block(ictx, cmd,
1540 SB_DCD_WRITE | ilen);
1541 } else if (!strcmp(tok, "ANDC")) {
1542 ret = sb_build_dcd_block(ictx, cmd,
1543 SB_DCD_ANDC | ilen);
1544 } else if (!strcmp(tok, "ORR")) {
1545 ret = sb_build_dcd_block(ictx, cmd,
1547 } else if (!strcmp(tok, "EQZ")) {
1548 ret = sb_build_dcd_block(ictx, cmd,
1549 SB_DCD_CHK_EQZ | ilen);
1550 } else if (!strcmp(tok, "EQ")) {
1551 ret = sb_build_dcd_block(ictx, cmd,
1552 SB_DCD_CHK_EQ | ilen);
1553 } else if (!strcmp(tok, "NEQ")) {
1554 ret = sb_build_dcd_block(ictx, cmd,
1555 SB_DCD_CHK_NEQ | ilen);
1556 } else if (!strcmp(tok, "NEZ")) {
1557 ret = sb_build_dcd_block(ictx, cmd,
1558 SB_DCD_CHK_NEZ | ilen);
1559 } else if (!strcmp(tok, "NOOP")) {
1560 ret = sb_build_dcd_block(ictx, cmd, SB_DCD_NOOP);
1563 "#%i ERR: Unsupported instruction '%s'!\n",
1568 fprintf(stderr, "#%i ERR: Unsupported instruction '%s'!\n",
1574 * Here we have at least one section with one command, otherwise we
1575 * would have failed already higher above.
1577 * FIXME -- should the updating happen here ?
1579 if (ictx->in_section && !ret) {
1580 ictx->sect_tail->size += ictx->sect_tail->cmd_tail->size;
1581 ictx->sect_tail->payload.section_size =
1582 ictx->sect_tail->size / SB_BLOCK_SIZE;
1588 static int sb_load_cmdfile(struct sb_image_ctx *ictx)
1590 struct sb_cmd_list cmd;
1597 fp = fopen(ictx->cfg_filename, "r");
1601 while ((rlen = getline(&line, &len, fp)) > 0) {
1602 memset(&cmd, 0, sizeof(cmd));
1604 /* Strip the trailing newline. */
1605 line[rlen - 1] = '\0';
1609 cmd.lineno = lineno++;
1611 sb_parse_line(ictx, &cmd);
1622 fprintf(stderr, "ERR: Failed to load file \"%s\"\n",
1623 ictx->cfg_filename);
1627 static int sb_build_tree_from_cfg(struct sb_image_ctx *ictx)
1631 ret = sb_load_cmdfile(ictx);
1635 ret = sb_prefill_image_header(ictx);
1639 ret = sb_postfill_image_header(ictx);
1643 ret = sb_fixup_sections_and_tags(ictx);
1650 static int sb_verify_image_header(struct sb_image_ctx *ictx,
1651 FILE *fp, long fsize)
1653 /* Verify static fields in the image header. */
1654 struct sb_boot_image_header *hdr = &ictx->payload;
1655 const char *stat[2] = { "[PASS]", "[FAIL]" };
1658 unsigned char digest[20];
1662 /* Start image-wide crypto. */
1663 ictx->md_ctx = EVP_MD_CTX_new();
1664 EVP_DigestInit(ictx->md_ctx, EVP_sha1());
1666 soprintf(ictx, "---------- Verifying SB Image Header ----------\n");
1668 size = fread(&ictx->payload, 1, sizeof(ictx->payload), fp);
1669 if (size != sizeof(ictx->payload)) {
1670 fprintf(stderr, "ERR: SB image header too short!\n");
1674 /* Compute header digest. */
1675 md_ctx = EVP_MD_CTX_new();
1676 EVP_DigestInit(md_ctx, EVP_sha1());
1677 EVP_DigestUpdate(md_ctx, hdr->signature1,
1678 sizeof(struct sb_boot_image_header) -
1679 sizeof(hdr->digest));
1680 EVP_DigestFinal(md_ctx, digest, NULL);
1681 EVP_MD_CTX_free(md_ctx);
1683 sb_aes_init(ictx, NULL, 1);
1684 sb_encrypt_sb_header(ictx);
1686 if (memcmp(digest, hdr->digest, 20))
1688 soprintf(ictx, "%s Image header checksum: %s\n", stat[!!ret],
1689 ret ? "BAD" : "OK");
1693 if (memcmp(hdr->signature1, "STMP", 4) ||
1694 memcmp(hdr->signature2, "sgtl", 4))
1696 soprintf(ictx, "%s Signatures: '%.4s' '%.4s'\n",
1697 stat[!!ret], hdr->signature1, hdr->signature2);
1701 if ((hdr->major_version != SB_VERSION_MAJOR) ||
1702 ((hdr->minor_version != 1) && (hdr->minor_version != 2)))
1704 soprintf(ictx, "%s Image version: v%i.%i\n", stat[!!ret],
1705 hdr->major_version, hdr->minor_version);
1709 ret = sb_get_time(hdr->timestamp_us / 1000000, &tm);
1711 "%s Creation time: %02i:%02i:%02i %02i/%02i/%04i\n",
1712 stat[!!ret], tm.tm_hour, tm.tm_min, tm.tm_sec,
1713 tm.tm_mday, tm.tm_mon, tm.tm_year + 2000);
1717 soprintf(ictx, "%s Product version: %x.%x.%x\n", stat[0],
1718 ntohs(hdr->product_version.major),
1719 ntohs(hdr->product_version.minor),
1720 ntohs(hdr->product_version.revision));
1721 soprintf(ictx, "%s Component version: %x.%x.%x\n", stat[0],
1722 ntohs(hdr->component_version.major),
1723 ntohs(hdr->component_version.minor),
1724 ntohs(hdr->component_version.revision));
1726 if (hdr->flags & ~SB_IMAGE_FLAGS_MASK)
1728 soprintf(ictx, "%s Image flags: %s\n", stat[!!ret],
1729 hdr->flags & SB_IMAGE_FLAG_DISPLAY_PROGRESS ?
1730 "Display_progress" : "");
1734 if (hdr->drive_tag != 0)
1736 soprintf(ictx, "%s Drive tag: %i\n", stat[!!ret],
1741 sz = sizeof(struct sb_boot_image_header) / SB_BLOCK_SIZE;
1742 if (hdr->header_blocks != sz)
1744 soprintf(ictx, "%s Image header size (blocks): %i\n", stat[!!ret],
1745 hdr->header_blocks);
1749 sz = sizeof(struct sb_sections_header) / SB_BLOCK_SIZE;
1750 if (hdr->section_header_size != sz)
1752 soprintf(ictx, "%s Section header size (blocks): %i\n", stat[!!ret],
1753 hdr->section_header_size);
1757 soprintf(ictx, "%s Sections count: %i\n", stat[!!ret],
1758 hdr->section_count);
1759 soprintf(ictx, "%s First bootable section %i\n", stat[!!ret],
1760 hdr->first_boot_section_id);
1762 if (hdr->image_blocks != fsize / SB_BLOCK_SIZE)
1764 soprintf(ictx, "%s Image size (blocks): %i\n", stat[!!ret],
1769 sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count;
1770 if (hdr->key_dictionary_block != sz)
1772 soprintf(ictx, "%s Key dict offset (blocks): %i\n", stat[!!ret],
1773 hdr->key_dictionary_block);
1777 if (hdr->key_count != 1)
1779 soprintf(ictx, "%s Number of encryption keys: %i\n", stat[!!ret],
1784 sz = hdr->header_blocks + hdr->section_header_size * hdr->section_count;
1785 sz += hdr->key_count *
1786 sizeof(struct sb_key_dictionary_key) / SB_BLOCK_SIZE;
1787 if (hdr->first_boot_tag_block != (unsigned)sz)
1789 soprintf(ictx, "%s First TAG block (blocks): %i\n", stat[!!ret],
1790 hdr->first_boot_tag_block);
1797 static void sb_decrypt_tag(struct sb_image_ctx *ictx,
1798 struct sb_cmd_ctx *cctx)
1800 EVP_MD_CTX *md_ctx = ictx->md_ctx;
1801 struct sb_command *cmd = &cctx->payload;
1803 sb_aes_crypt(ictx, (uint8_t *)&cctx->c_payload,
1804 (uint8_t *)&cctx->payload, sizeof(*cmd));
1805 EVP_DigestUpdate(md_ctx, &cctx->c_payload, sizeof(*cmd));
1808 static int sb_verify_command(struct sb_image_ctx *ictx,
1809 struct sb_cmd_ctx *cctx, FILE *fp,
1810 unsigned long *tsize)
1812 struct sb_command *ccmd = &cctx->payload;
1813 unsigned long size, asize;
1814 char *csum, *flag = "";
1817 uint8_t csn, csc = ccmd->header.checksum;
1818 ccmd->header.checksum = 0x5a;
1819 csn = sb_command_checksum(ccmd);
1820 ccmd->header.checksum = csc;
1826 csum = ret ? "checksum BAD" : "checksum OK";
1828 switch (ccmd->header.tag) {
1830 soprintf(ictx, " NOOP # %s\n", csum);
1833 if (ccmd->header.flags & ROM_TAG_CMD_FLAG_ROM_LAST_TAG)
1835 soprintf(ictx, " TAG %s # %s\n", flag, csum);
1836 sb_aes_reinit(ictx, 0);
1839 soprintf(ictx, " LOAD addr=0x%08x length=0x%08x # %s\n",
1840 ccmd->load.address, ccmd->load.count, csum);
1842 cctx->length = ccmd->load.count;
1843 asize = roundup(cctx->length, SB_BLOCK_SIZE);
1844 cctx->data = malloc(asize);
1848 size = fread(cctx->data, 1, asize, fp);
1849 if (size != asize) {
1851 "ERR: SB LOAD command payload too short!\n");
1857 EVP_DigestUpdate(ictx->md_ctx, cctx->data, asize);
1858 sb_aes_crypt(ictx, cctx->data, cctx->data, asize);
1860 if (ccmd->load.crc32 != pbl_crc32(0,
1861 (const char *)cctx->data,
1864 "ERR: SB LOAD command payload CRC32 invalid!\n");
1870 " FILL addr=0x%08x length=0x%08x pattern=0x%08x # %s\n",
1871 ccmd->fill.address, ccmd->fill.count,
1872 ccmd->fill.pattern, csum);
1875 if (ccmd->header.flags & ROM_JUMP_CMD_FLAG_HAB)
1878 " JUMP%s addr=0x%08x r0_arg=0x%08x # %s\n",
1879 flag, ccmd->fill.address, ccmd->jump.argument, csum);
1882 if (ccmd->header.flags & ROM_CALL_CMD_FLAG_HAB)
1885 " CALL%s addr=0x%08x r0_arg=0x%08x # %s\n",
1886 flag, ccmd->fill.address, ccmd->jump.argument, csum);
1889 for (i = 0; i < ARRAY_SIZE(modetable); i++) {
1890 if (ccmd->mode.mode == modetable[i].mode) {
1891 soprintf(ictx, " MODE %s # %s\n",
1892 modetable[i].name, csum);
1896 fprintf(stderr, " MODE !INVALID! # %s\n", csum);
1903 static int sb_verify_commands(struct sb_image_ctx *ictx,
1904 struct sb_section_ctx *sctx, FILE *fp)
1906 unsigned long size, tsize = 0;
1907 struct sb_cmd_ctx *cctx;
1910 sb_aes_reinit(ictx, 0);
1912 while (tsize < sctx->size) {
1913 cctx = calloc(1, sizeof(*cctx));
1916 if (!sctx->cmd_head) {
1917 sctx->cmd_head = cctx;
1918 sctx->cmd_tail = cctx;
1920 sctx->cmd_tail->cmd = cctx;
1921 sctx->cmd_tail = cctx;
1924 size = fread(&cctx->c_payload, 1, sizeof(cctx->c_payload), fp);
1925 if (size != sizeof(cctx->c_payload)) {
1926 fprintf(stderr, "ERR: SB command header too short!\n");
1932 sb_decrypt_tag(ictx, cctx);
1934 ret = sb_verify_command(ictx, cctx, fp, &tsize);
1942 static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp)
1944 struct sb_boot_image_header *hdr = &ictx->payload;
1945 struct sb_sections_header *shdr;
1948 struct sb_section_ctx *sctx;
1950 char *bootable = "";
1952 soprintf(ictx, "----- Verifying SB Sections and Commands -----\n");
1954 for (i = 0; i < hdr->section_count; i++) {
1955 sctx = calloc(1, sizeof(*sctx));
1958 if (!ictx->sect_head) {
1959 ictx->sect_head = sctx;
1960 ictx->sect_tail = sctx;
1962 ictx->sect_tail->sect = sctx;
1963 ictx->sect_tail = sctx;
1966 size = fread(&sctx->payload, 1, sizeof(sctx->payload), fp);
1967 if (size != sizeof(sctx->payload)) {
1968 fprintf(stderr, "ERR: SB section header too short!\n");
1973 size = fread(&ictx->sb_dict_key, 1, sizeof(ictx->sb_dict_key), fp);
1974 if (size != sizeof(ictx->sb_dict_key)) {
1975 fprintf(stderr, "ERR: SB key dictionary too short!\n");
1979 sb_encrypt_sb_sections_header(ictx);
1980 sb_aes_reinit(ictx, 0);
1981 sb_decrypt_key_dictionary_key(ictx);
1983 sb_aes_reinit(ictx, 0);
1985 sctx = ictx->sect_head;
1987 shdr = &sctx->payload;
1989 if (shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) {
1991 bootable = " BOOTABLE";
1994 sctx->size = (shdr->section_size * SB_BLOCK_SIZE) +
1995 sizeof(struct sb_command);
1996 soprintf(ictx, "SECTION 0x%x%s # size = %i bytes\n",
1997 shdr->section_number, bootable, sctx->size);
1999 if (shdr->section_flags & ~SB_SECTION_FLAG_BOOTABLE)
2000 fprintf(stderr, " WARN: Unknown section flag(s) %08x\n",
2001 shdr->section_flags);
2003 if ((shdr->section_flags & SB_SECTION_FLAG_BOOTABLE) &&
2004 (hdr->first_boot_section_id != shdr->section_number)) {
2006 " WARN: Bootable section does ID not match image header ID!\n");
2009 ret = sb_verify_commands(ictx, sctx, fp);
2018 * check if the first TAG command is at sctx->section_offset
2023 static int sb_verify_image_end(struct sb_image_ctx *ictx,
2024 FILE *fp, off_t filesz)
2031 soprintf(ictx, "------------- Verifying image end -------------\n");
2033 size = fread(digest, 1, sizeof(digest), fp);
2034 if (size != sizeof(digest)) {
2035 fprintf(stderr, "ERR: SB key dictionary too short!\n");
2040 if (pos != filesz) {
2041 fprintf(stderr, "ERR: Trailing data past the image!\n");
2045 /* Check the image digest. */
2046 EVP_DigestFinal(ictx->md_ctx, ictx->digest, NULL);
2047 EVP_MD_CTX_free(ictx->md_ctx);
2049 /* Decrypt the image digest from the input image. */
2050 sb_aes_reinit(ictx, 0);
2051 sb_aes_crypt(ictx, digest, digest, sizeof(digest));
2053 /* Check all of 20 bytes of the SHA1 hash. */
2054 ret = memcmp(digest, ictx->digest, 20) ? -EINVAL : 0;
2057 soprintf(ictx, "[FAIL] Full-image checksum: BAD\n");
2059 soprintf(ictx, "[PASS] Full-image checksum: OK\n");
2065 static int sb_build_tree_from_img(struct sb_image_ctx *ictx)
2071 if (!ictx->input_filename) {
2072 fprintf(stderr, "ERR: Missing filename!\n");
2076 fp = fopen(ictx->input_filename, "r");
2080 ret = fseek(fp, 0, SEEK_END);
2084 filesize = ftell(fp);
2088 ret = fseek(fp, 0, SEEK_SET);
2092 if (filesize < (signed)sizeof(ictx->payload)) {
2093 fprintf(stderr, "ERR: File too short!\n");
2097 if (filesize & (SB_BLOCK_SIZE - 1)) {
2098 fprintf(stderr, "ERR: The file is not aligned!\n");
2102 /* Load and verify image header */
2103 ret = sb_verify_image_header(ictx, fp, filesize);
2107 /* Load and verify sections and commands */
2108 ret = sb_verify_sections_cmds(ictx, fp);
2112 ret = sb_verify_image_end(ictx, fp, filesize);
2119 soprintf(ictx, "-------------------- Result -------------------\n");
2120 soprintf(ictx, "Verification %s\n", ret ? "FAILED" : "PASSED");
2122 /* Stop the encryption session. */
2123 sb_aes_deinit(ictx->cipher_ctx);
2131 fprintf(stderr, "ERR: Failed to load file \"%s\"\n",
2132 ictx->input_filename);
2136 static void sb_free_image(struct sb_image_ctx *ictx)
2138 struct sb_section_ctx *sctx = ictx->sect_head, *s_head;
2139 struct sb_dcd_ctx *dctx = ictx->dcd_head, *d_head;
2140 struct sb_cmd_ctx *cctx, *c_head;
2144 c_head = sctx->cmd_head;
2148 c_head = c_head->cmd;
2161 free(d_head->payload);
2167 * MXSSB-MKIMAGE glue code.
2169 static int mxsimage_check_image_types(uint8_t type)
2171 if (type == IH_TYPE_MXSIMAGE)
2172 return EXIT_SUCCESS;
2174 return EXIT_FAILURE;
2177 static void mxsimage_set_header(void *ptr, struct stat *sbuf, int ifd,
2178 struct image_tool_params *params)
2182 int mxsimage_check_params(struct image_tool_params *params)
2186 if (!strlen(params->imagename)) {
2188 "Error: %s - Configuration file not specified, it is needed for mxsimage generation\n",
2195 * XIP is not allowed and verify that incompatible
2196 * parameters are not sent at the same time
2197 * For example, if list is required a data image must not be provided
2199 return (params->dflag && (params->fflag || params->lflag)) ||
2200 (params->fflag && (params->dflag || params->lflag)) ||
2201 (params->lflag && (params->dflag || params->fflag)) ||
2202 (params->xflag) || !(strlen(params->imagename));
2205 static int mxsimage_verify_print_header(char *file, int silent)
2208 struct sb_image_ctx ctx;
2210 memset(&ctx, 0, sizeof(ctx));
2212 ctx.input_filename = file;
2213 ctx.silent_dump = silent;
2215 ret = sb_build_tree_from_img(&ctx);
2216 sb_free_image(&ctx);
2222 static int mxsimage_verify_header(unsigned char *ptr, int image_size,
2223 struct image_tool_params *params)
2225 struct sb_boot_image_header *hdr;
2230 hdr = (struct sb_boot_image_header *)ptr;
2233 * Check if the header contains the MXS image signatures,
2234 * if so, do a full-image verification.
2236 if (memcmp(hdr->signature1, "STMP", 4) ||
2237 memcmp(hdr->signature2, "sgtl", 4))
2240 imagefile = params->imagefile;
2242 return mxsimage_verify_print_header(params->imagefile, 1);
2245 static void mxsimage_print_header(const void *hdr)
2248 mxsimage_verify_print_header(imagefile, 0);
2251 static int sb_build_image(struct sb_image_ctx *ictx,
2252 struct image_type_params *tparams)
2254 struct sb_boot_image_header *sb_header = &ictx->payload;
2255 struct sb_section_ctx *sctx;
2256 struct sb_cmd_ctx *cctx;
2257 struct sb_command *ccmd;
2258 struct sb_key_dictionary_key *sb_dict_key = &ictx->sb_dict_key;
2260 uint8_t *image, *iptr;
2262 /* Calculate image size. */
2263 uint32_t size = sizeof(*sb_header) +
2264 ictx->sect_count * sizeof(struct sb_sections_header) +
2265 sizeof(*sb_dict_key) + sizeof(ictx->digest);
2267 sctx = ictx->sect_head;
2273 image = malloc(size);
2278 memcpy(iptr, sb_header, sizeof(*sb_header));
2279 iptr += sizeof(*sb_header);
2281 sctx = ictx->sect_head;
2283 memcpy(iptr, &sctx->payload, sizeof(struct sb_sections_header));
2284 iptr += sizeof(struct sb_sections_header);
2288 memcpy(iptr, sb_dict_key, sizeof(*sb_dict_key));
2289 iptr += sizeof(*sb_dict_key);
2291 sctx = ictx->sect_head;
2293 cctx = sctx->cmd_head;
2295 ccmd = &cctx->payload;
2297 memcpy(iptr, &cctx->c_payload, sizeof(cctx->payload));
2298 iptr += sizeof(cctx->payload);
2300 if (ccmd->header.tag == ROM_LOAD_CMD) {
2301 memcpy(iptr, cctx->data, cctx->length);
2302 iptr += cctx->length;
2311 memcpy(iptr, ictx->digest, sizeof(ictx->digest));
2312 iptr += sizeof(ictx->digest);
2314 /* Configure the mkimage */
2315 tparams->hdr = image;
2316 tparams->header_size = size;
2321 static int mxsimage_generate(struct image_tool_params *params,
2322 struct image_type_params *tparams)
2325 struct sb_image_ctx ctx;
2327 /* Do not copy the U-Boot image! */
2328 params->skipcpy = 1;
2330 memset(&ctx, 0, sizeof(ctx));
2332 ctx.cfg_filename = params->imagename;
2333 ctx.output_filename = params->imagefile;
2335 ret = sb_build_tree_from_cfg(&ctx);
2339 ret = sb_encrypt_image(&ctx);
2341 ret = sb_build_image(&ctx, tparams);
2344 sb_free_image(&ctx);
2350 * mxsimage parameters
2354 "Freescale MXS Boot Image support",
2357 mxsimage_check_params,
2358 mxsimage_verify_header,
2359 mxsimage_print_header,
2360 mxsimage_set_header,
2362 mxsimage_check_image_types,