1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3 * (C) Copyright 2008 Semihalf
4 *
5 * (C) Copyright 2000-2005
6 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
7 ********************************************************************
8 * NOTE: This header file defines an interface to U-Boot. Including
9 * this (unmodified) header file in another file is considered normal
10 * use of U-Boot, and does *not* fall under the heading of "derived
11 * work".
12 ********************************************************************
13 */
14
15 #ifndef __IMAGE_H__
16 #define __IMAGE_H__
17
18 #include "compiler.h"
19 #include <asm/byteorder.h>
20 #include <stdbool.h>
21
22 /* Define this to avoid #ifdefs later on */
23 struct lmb;
24 struct fdt_region;
25
26 #ifdef USE_HOSTCC
27 #include <sys/types.h>
28 #include <linux/kconfig.h>
29
30 #define IMAGE_INDENT_STRING ""
31
32 #else
33
34 #include <lmb.h>
35 #include <asm/u-boot.h>
36 #include <command.h>
37 #include <linker_lists.h>
38
39 #define IMAGE_INDENT_STRING " "
40
41 #endif /* USE_HOSTCC */
42
43 #include <hash.h>
44 #include <linux/libfdt.h>
45 #include <fdt_support.h>
46 #include <u-boot/hash-checksum.h>
47
48 extern ulong image_load_addr; /* Default Load Address */
49 extern ulong image_save_addr; /* Default Save Address */
50 extern ulong image_save_size; /* Default Save Size */
51
52 /* An invalid size, meaning that the image size is not known */
53 #define IMAGE_SIZE_INVAL (-1UL)
54
55 enum ih_category {
56 IH_ARCH,
57 IH_COMP,
58 IH_OS,
59 IH_TYPE,
60
61 IH_COUNT,
62 };
63
64 /*
65 * Operating System Codes
66 *
67 * The following are exposed to uImage header.
68 * New IDs *MUST* be appended at the end of the list and *NEVER*
69 * inserted for backward compatibility.
70 */
71 enum {
72 IH_OS_INVALID = 0, /* Invalid OS */
73 IH_OS_OPENBSD, /* OpenBSD */
74 IH_OS_NETBSD, /* NetBSD */
75 IH_OS_FREEBSD, /* FreeBSD */
76 IH_OS_4_4BSD, /* 4.4BSD */
77 IH_OS_LINUX, /* Linux */
78 IH_OS_SVR4, /* SVR4 */
79 IH_OS_ESIX, /* Esix */
80 IH_OS_SOLARIS, /* Solaris */
81 IH_OS_IRIX, /* Irix */
82 IH_OS_SCO, /* SCO */
83 IH_OS_DELL, /* Dell */
84 IH_OS_NCR, /* NCR */
85 IH_OS_LYNXOS, /* LynxOS */
86 IH_OS_VXWORKS, /* VxWorks */
87 IH_OS_PSOS, /* pSOS */
88 IH_OS_QNX, /* QNX */
89 IH_OS_U_BOOT, /* Firmware */
90 IH_OS_RTEMS, /* RTEMS */
91 IH_OS_ARTOS, /* ARTOS */
92 IH_OS_UNITY, /* Unity OS */
93 IH_OS_INTEGRITY, /* INTEGRITY */
94 IH_OS_OSE, /* OSE */
95 IH_OS_PLAN9, /* Plan 9 */
96 IH_OS_OPENRTOS, /* OpenRTOS */
97 IH_OS_ARM_TRUSTED_FIRMWARE, /* ARM Trusted Firmware */
98 IH_OS_TEE, /* Trusted Execution Environment */
99 IH_OS_OPENSBI, /* RISC-V OpenSBI */
100 IH_OS_EFI, /* EFI Firmware (e.g. GRUB2) */
101
102 IH_OS_COUNT,
103 };
104
105 /*
106 * CPU Architecture Codes (supported by Linux)
107 *
108 * The following are exposed to uImage header.
109 * New IDs *MUST* be appended at the end of the list and *NEVER*
110 * inserted for backward compatibility.
111 */
112 enum {
113 IH_ARCH_INVALID = 0, /* Invalid CPU */
114 IH_ARCH_ALPHA, /* Alpha */
115 IH_ARCH_ARM, /* ARM */
116 IH_ARCH_I386, /* Intel x86 */
117 IH_ARCH_IA64, /* IA64 */
118 IH_ARCH_MIPS, /* MIPS */
119 IH_ARCH_MIPS64, /* MIPS 64 Bit */
120 IH_ARCH_PPC, /* PowerPC */
121 IH_ARCH_S390, /* IBM S390 */
122 IH_ARCH_SH, /* SuperH */
123 IH_ARCH_SPARC, /* Sparc */
124 IH_ARCH_SPARC64, /* Sparc 64 Bit */
125 IH_ARCH_M68K, /* M68K */
126 IH_ARCH_NIOS, /* Nios-32 */
127 IH_ARCH_MICROBLAZE, /* MicroBlaze */
128 IH_ARCH_NIOS2, /* Nios-II */
129 IH_ARCH_BLACKFIN, /* Blackfin */
130 IH_ARCH_AVR32, /* AVR32 */
131 IH_ARCH_ST200, /* STMicroelectronics ST200 */
132 IH_ARCH_SANDBOX, /* Sandbox architecture (test only) */
133 IH_ARCH_NDS32, /* ANDES Technology - NDS32 */
134 IH_ARCH_OPENRISC, /* OpenRISC 1000 */
135 IH_ARCH_ARM64, /* ARM64 */
136 IH_ARCH_ARC, /* Synopsys DesignWare ARC */
137 IH_ARCH_X86_64, /* AMD x86_64, Intel and Via */
138 IH_ARCH_XTENSA, /* Xtensa */
139 IH_ARCH_RISCV, /* RISC-V */
140
141 IH_ARCH_COUNT,
142 };
143
144 /*
145 * Image Types
146 *
147 * "Standalone Programs" are directly runnable in the environment
148 * provided by U-Boot; it is expected that (if they behave
149 * well) you can continue to work in U-Boot after return from
150 * the Standalone Program.
151 * "OS Kernel Images" are usually images of some Embedded OS which
152 * will take over control completely. Usually these programs
153 * will install their own set of exception handlers, device
154 * drivers, set up the MMU, etc. - this means, that you cannot
155 * expect to re-enter U-Boot except by resetting the CPU.
156 * "RAMDisk Images" are more or less just data blocks, and their
157 * parameters (address, size) are passed to an OS kernel that is
158 * being started.
159 * "Multi-File Images" contain several images, typically an OS
160 * (Linux) kernel image and one or more data images like
161 * RAMDisks. This construct is useful for instance when you want
162 * to boot over the network using BOOTP etc., where the boot
163 * server provides just a single image file, but you want to get
164 * for instance an OS kernel and a RAMDisk image.
165 *
166 * "Multi-File Images" start with a list of image sizes, each
167 * image size (in bytes) specified by an "uint32_t" in network
168 * byte order. This list is terminated by an "(uint32_t)0".
169 * Immediately after the terminating 0 follow the images, one by
170 * one, all aligned on "uint32_t" boundaries (size rounded up to
171 * a multiple of 4 bytes - except for the last file).
172 *
173 * "Firmware Images" are binary images containing firmware (like
174 * U-Boot or FPGA images) which usually will be programmed to
175 * flash memory.
176 *
177 * "Script files" are command sequences that will be executed by
178 * U-Boot's command interpreter; this feature is especially
179 * useful when you configure U-Boot to use a real shell (hush)
180 * as command interpreter (=> Shell Scripts).
181 *
182 * The following are exposed to uImage header.
183 * New IDs *MUST* be appended at the end of the list and *NEVER*
184 * inserted for backward compatibility.
185 */
186
187 enum {
188 IH_TYPE_INVALID = 0, /* Invalid Image */
189 IH_TYPE_STANDALONE, /* Standalone Program */
190 IH_TYPE_KERNEL, /* OS Kernel Image */
191 IH_TYPE_RAMDISK, /* RAMDisk Image */
192 IH_TYPE_MULTI, /* Multi-File Image */
193 IH_TYPE_FIRMWARE, /* Firmware Image */
194 IH_TYPE_SCRIPT, /* Script file */
195 IH_TYPE_FILESYSTEM, /* Filesystem Image (any type) */
196 IH_TYPE_FLATDT, /* Binary Flat Device Tree Blob */
197 IH_TYPE_KWBIMAGE, /* Kirkwood Boot Image */
198 IH_TYPE_IMXIMAGE, /* Freescale IMXBoot Image */
199 IH_TYPE_UBLIMAGE, /* Davinci UBL Image */
200 IH_TYPE_OMAPIMAGE, /* TI OMAP Config Header Image */
201 IH_TYPE_AISIMAGE, /* TI Davinci AIS Image */
202 /* OS Kernel Image, can run from any load address */
203 IH_TYPE_KERNEL_NOLOAD,
204 IH_TYPE_PBLIMAGE, /* Freescale PBL Boot Image */
205 IH_TYPE_MXSIMAGE, /* Freescale MXSBoot Image */
206 IH_TYPE_GPIMAGE, /* TI Keystone GPHeader Image */
207 IH_TYPE_ATMELIMAGE, /* ATMEL ROM bootable Image */
208 IH_TYPE_SOCFPGAIMAGE, /* Altera SOCFPGA CV/AV Preloader */
209 IH_TYPE_X86_SETUP, /* x86 setup.bin Image */
210 IH_TYPE_LPC32XXIMAGE, /* x86 setup.bin Image */
211 IH_TYPE_LOADABLE, /* A list of typeless images */
212 IH_TYPE_RKIMAGE, /* Rockchip Boot Image */
213 IH_TYPE_RKSD, /* Rockchip SD card */
214 IH_TYPE_RKSPI, /* Rockchip SPI image */
215 IH_TYPE_ZYNQIMAGE, /* Xilinx Zynq Boot Image */
216 IH_TYPE_ZYNQMPIMAGE, /* Xilinx ZynqMP Boot Image */
217 IH_TYPE_ZYNQMPBIF, /* Xilinx ZynqMP Boot Image (bif) */
218 IH_TYPE_FPGA, /* FPGA Image */
219 IH_TYPE_VYBRIDIMAGE, /* VYBRID .vyb Image */
220 IH_TYPE_TEE, /* Trusted Execution Environment OS Image */
221 IH_TYPE_FIRMWARE_IVT, /* Firmware Image with HABv4 IVT */
222 IH_TYPE_PMMC, /* TI Power Management Micro-Controller Firmware */
223 IH_TYPE_STM32IMAGE, /* STMicroelectronics STM32 Image */
224 IH_TYPE_SOCFPGAIMAGE_V1, /* Altera SOCFPGA A10 Preloader */
225 IH_TYPE_MTKIMAGE, /* MediaTek BootROM loadable Image */
226 IH_TYPE_IMX8MIMAGE, /* Freescale IMX8MBoot Image */
227 IH_TYPE_IMX8IMAGE, /* Freescale IMX8Boot Image */
228 IH_TYPE_COPRO, /* Coprocessor Image for remoteproc*/
229 IH_TYPE_SUNXI_EGON, /* Allwinner eGON Boot Image */
230
231 IH_TYPE_COUNT, /* Number of image types */
232 };
233
234 /*
235 * Compression Types
236 *
237 * The following are exposed to uImage header.
238 * New IDs *MUST* be appended at the end of the list and *NEVER*
239 * inserted for backward compatibility.
240 */
241 enum {
242 IH_COMP_NONE = 0, /* No Compression Used */
243 IH_COMP_GZIP, /* gzip Compression Used */
244 IH_COMP_BZIP2, /* bzip2 Compression Used */
245 IH_COMP_LZMA, /* lzma Compression Used */
246 IH_COMP_LZO, /* lzo Compression Used */
247 IH_COMP_LZ4, /* lz4 Compression Used */
248 IH_COMP_ZSTD, /* zstd Compression Used */
249
250 IH_COMP_COUNT,
251 };
252
253 #define LZ4F_MAGIC 0x184D2204 /* LZ4 Magic Number */
254 #define IH_MAGIC 0x27051956 /* Image Magic Number */
255 #define IH_NMLEN 32 /* Image Name Length */
256
257 /* Reused from common.h */
258 #define ROUND(a, b) (((a) + (b) - 1) & ~((b) - 1))
259
260 /*
261 * Legacy format image header,
262 * all data in network byte order (aka natural aka bigendian).
263 */
264 typedef struct image_header {
265 uint32_t ih_magic; /* Image Header Magic Number */
266 uint32_t ih_hcrc; /* Image Header CRC Checksum */
267 uint32_t ih_time; /* Image Creation Timestamp */
268 uint32_t ih_size; /* Image Data Size */
269 uint32_t ih_load; /* Data Load Address */
270 uint32_t ih_ep; /* Entry Point Address */
271 uint32_t ih_dcrc; /* Image Data CRC Checksum */
272 uint8_t ih_os; /* Operating System */
273 uint8_t ih_arch; /* CPU architecture */
274 uint8_t ih_type; /* Image Type */
275 uint8_t ih_comp; /* Compression Type */
276 uint8_t ih_name[IH_NMLEN]; /* Image Name */
277 } image_header_t;
278
279 typedef struct image_info {
280 ulong start, end; /* start/end of blob */
281 ulong image_start, image_len; /* start of image within blob, len of image */
282 ulong load; /* load addr for the image */
283 uint8_t comp, type, os; /* compression, type of image, os type */
284 uint8_t arch; /* CPU architecture */
285 } image_info_t;
286
287 /*
288 * Legacy and FIT format headers used by do_bootm() and do_bootm_<os>()
289 * routines.
290 */
291 typedef struct bootm_headers {
292 /*
293 * Legacy os image header, if it is a multi component image
294 * then boot_get_ramdisk() and get_fdt() will attempt to get
295 * data from second and third component accordingly.
296 */
297 image_header_t *legacy_hdr_os; /* image header pointer */
298 image_header_t legacy_hdr_os_copy; /* header copy */
299 ulong legacy_hdr_valid;
300
301 /*
302 * The fit_ members are only used with FIT, but it involves a lot of
303 * #ifdefs to avoid compiling that code. Since FIT is the standard
304 * format, even for SPL, this extra data size seems worth it.
305 */
306 const char *fit_uname_cfg; /* configuration node unit name */
307
308 void *fit_hdr_os; /* os FIT image header */
309 const char *fit_uname_os; /* os subimage node unit name */
310 int fit_noffset_os; /* os subimage node offset */
311
312 void *fit_hdr_rd; /* init ramdisk FIT image header */
313 const char *fit_uname_rd; /* init ramdisk subimage node unit name */
314 int fit_noffset_rd; /* init ramdisk subimage node offset */
315
316 void *fit_hdr_fdt; /* FDT blob FIT image header */
317 const char *fit_uname_fdt; /* FDT blob subimage node unit name */
318 int fit_noffset_fdt;/* FDT blob subimage node offset */
319
320 void *fit_hdr_setup; /* x86 setup FIT image header */
321 const char *fit_uname_setup; /* x86 setup subimage node name */
322 int fit_noffset_setup;/* x86 setup subimage node offset */
323
324 #ifndef USE_HOSTCC
325 image_info_t os; /* os image info */
326 ulong ep; /* entry point of OS */
327
328 ulong rd_start, rd_end;/* ramdisk start/end */
329
330 char *ft_addr; /* flat dev tree address */
331 ulong ft_len; /* length of flat device tree */
332
333 ulong initrd_start;
334 ulong initrd_end;
335 ulong cmdline_start;
336 ulong cmdline_end;
337 struct bd_info *kbd;
338 #endif
339
340 int verify; /* env_get("verify")[0] != 'n' */
341
342 #define BOOTM_STATE_START (0x00000001)
343 #define BOOTM_STATE_FINDOS (0x00000002)
344 #define BOOTM_STATE_FINDOTHER (0x00000004)
345 #define BOOTM_STATE_LOADOS (0x00000008)
346 #define BOOTM_STATE_RAMDISK (0x00000010)
347 #define BOOTM_STATE_FDT (0x00000020)
348 #define BOOTM_STATE_OS_CMDLINE (0x00000040)
349 #define BOOTM_STATE_OS_BD_T (0x00000080)
350 #define BOOTM_STATE_OS_PREP (0x00000100)
351 #define BOOTM_STATE_OS_FAKE_GO (0x00000200) /* 'Almost' run the OS */
352 #define BOOTM_STATE_OS_GO (0x00000400)
353 int state;
354
355 #if defined(CONFIG_LMB) && !defined(USE_HOSTCC)
356 struct lmb lmb; /* for memory mgmt */
357 #endif
358 } bootm_headers_t;
359
360 extern bootm_headers_t images;
361
362 /*
363 * Some systems (for example LWMON) have very short watchdog periods;
364 * we must make sure to split long operations like memmove() or
365 * checksum calculations into reasonable chunks.
366 */
367 #ifndef CHUNKSZ
368 #define CHUNKSZ (64 * 1024)
369 #endif
370
371 #ifndef CHUNKSZ_CRC32
372 #define CHUNKSZ_CRC32 (64 * 1024)
373 #endif
374
375 #ifndef CHUNKSZ_MD5
376 #define CHUNKSZ_MD5 (64 * 1024)
377 #endif
378
379 #ifndef CHUNKSZ_SHA1
380 #define CHUNKSZ_SHA1 (64 * 1024)
381 #endif
382
383 #define uimage_to_cpu(x) be32_to_cpu(x)
384 #define cpu_to_uimage(x) cpu_to_be32(x)
385
386 /*
387 * Translation table for entries of a specific type; used by
388 * get_table_entry_id() and get_table_entry_name().
389 */
390 typedef struct table_entry {
391 int id;
392 char *sname; /* short (input) name to find table entry */
393 char *lname; /* long (output) name to print for messages */
394 } table_entry_t;
395
396 /*
397 * Compression type and magic number mapping table.
398 */
399 struct comp_magic_map {
400 int comp_id;
401 const char *name;
402 unsigned char magic[2];
403 };
404
405 /*
406 * get_table_entry_id() scans the translation table trying to find an
407 * entry that matches the given short name. If a matching entry is
408 * found, it's id is returned to the caller.
409 */
410 int get_table_entry_id(const table_entry_t *table,
411 const char *table_name, const char *name);
412 /*
413 * get_table_entry_name() scans the translation table trying to find
414 * an entry that matches the given id. If a matching entry is found,
415 * its long name is returned to the caller.
416 */
417 char *get_table_entry_name(const table_entry_t *table, char *msg, int id);
418
419 const char *genimg_get_os_name(uint8_t os);
420
421 /**
422 * genimg_get_os_short_name() - get the short name for an OS
423 *
424 * @param os OS (IH_OS_...)
425 * @return OS short name, or "unknown" if unknown
426 */
427 const char *genimg_get_os_short_name(uint8_t comp);
428
429 const char *genimg_get_arch_name(uint8_t arch);
430
431 /**
432 * genimg_get_arch_short_name() - get the short name for an architecture
433 *
434 * @param arch Architecture type (IH_ARCH_...)
435 * @return architecture short name, or "unknown" if unknown
436 */
437 const char *genimg_get_arch_short_name(uint8_t arch);
438
439 const char *genimg_get_type_name(uint8_t type);
440
441 /**
442 * genimg_get_type_short_name() - get the short name for an image type
443 *
444 * @param type Image type (IH_TYPE_...)
445 * @return image short name, or "unknown" if unknown
446 */
447 const char *genimg_get_type_short_name(uint8_t type);
448
449 const char *genimg_get_comp_name(uint8_t comp);
450
451 /**
452 * genimg_get_comp_short_name() - get the short name for a compression method
453 *
454 * @param comp compression method (IH_COMP_...)
455 * @return compression method short name, or "unknown" if unknown
456 */
457 const char *genimg_get_comp_short_name(uint8_t comp);
458
459 /**
460 * genimg_get_cat_name() - Get the name of an item in a category
461 *
462 * @category: Category of item
463 * @id: Item ID
464 * @return name of item, or "Unknown ..." if unknown
465 */
466 const char *genimg_get_cat_name(enum ih_category category, uint id);
467
468 /**
469 * genimg_get_cat_short_name() - Get the short name of an item in a category
470 *
471 * @category: Category of item
472 * @id: Item ID
473 * @return short name of item, or "Unknown ..." if unknown
474 */
475 const char *genimg_get_cat_short_name(enum ih_category category, uint id);
476
477 /**
478 * genimg_get_cat_count() - Get the number of items in a category
479 *
480 * @category: Category to check
481 * @return the number of items in the category (IH_xxx_COUNT)
482 */
483 int genimg_get_cat_count(enum ih_category category);
484
485 /**
486 * genimg_get_cat_desc() - Get the description of a category
487 *
488 * @category: Category to check
489 * @return the description of a category, e.g. "architecture". This
490 * effectively converts the enum to a string.
491 */
492 const char *genimg_get_cat_desc(enum ih_category category);
493
494 /**
495 * genimg_cat_has_id() - Check whether a category has an item
496 *
497 * @category: Category to check
498 * @id: Item ID
499 * @return true or false as to whether a category has an item
500 */
501 bool genimg_cat_has_id(enum ih_category category, uint id);
502
503 int genimg_get_os_id(const char *name);
504 int genimg_get_arch_id(const char *name);
505 int genimg_get_type_id(const char *name);
506 int genimg_get_comp_id(const char *name);
507 void genimg_print_size(uint32_t size);
508
509 #if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || defined(USE_HOSTCC)
510 #define IMAGE_ENABLE_TIMESTAMP 1
511 #else
512 #define IMAGE_ENABLE_TIMESTAMP 0
513 #endif
514 void genimg_print_time(time_t timestamp);
515
516 /* What to do with a image load address ('load = <> 'in the FIT) */
517 enum fit_load_op {
518 FIT_LOAD_IGNORED, /* Ignore load address */
519 FIT_LOAD_OPTIONAL, /* Can be provided, but optional */
520 FIT_LOAD_OPTIONAL_NON_ZERO, /* Optional, a value of 0 is ignored */
521 FIT_LOAD_REQUIRED, /* Must be provided */
522 };
523
524 int boot_get_setup(bootm_headers_t *images, uint8_t arch, ulong *setup_start,
525 ulong *setup_len);
526
527 /* Image format types, returned by _get_format() routine */
528 #define IMAGE_FORMAT_INVALID 0x00
529 #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */
530 #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */
531 #define IMAGE_FORMAT_ANDROID 0x03 /* Android boot image */
532
533 ulong genimg_get_kernel_addr_fit(char * const img_addr,
534 const char **fit_uname_config,
535 const char **fit_uname_kernel);
536 ulong genimg_get_kernel_addr(char * const img_addr);
537 int genimg_get_format(const void *img_addr);
538 int genimg_has_config(bootm_headers_t *images);
539
540 int boot_get_fpga(int argc, char *const argv[], bootm_headers_t *images,
541 uint8_t arch, const ulong *ld_start, ulong * const ld_len);
542 int boot_get_ramdisk(int argc, char *const argv[], bootm_headers_t *images,
543 uint8_t arch, ulong *rd_start, ulong *rd_end);
544
545 /**
546 * boot_get_loadable - routine to load a list of binaries to memory
547 * @argc: Ignored Argument
548 * @argv: Ignored Argument
549 * @images: pointer to the bootm images structure
550 * @arch: expected architecture for the image
551 * @ld_start: Ignored Argument
552 * @ld_len: Ignored Argument
553 *
554 * boot_get_loadable() will take the given FIT configuration, and look
555 * for a field named "loadables". Loadables, is a list of elements in
556 * the FIT given as strings. exe:
557 * loadables = "linux_kernel", "fdt-2";
558 * this function will attempt to parse each string, and load the
559 * corresponding element from the FIT into memory. Once placed,
560 * no aditional actions are taken.
561 *
562 * @return:
563 * 0, if only valid images or no images are found
564 * error code, if an error occurs during fit_image_load
565 */
566 int boot_get_loadable(int argc, char *const argv[], bootm_headers_t *images,
567 uint8_t arch, const ulong *ld_start, ulong *const ld_len);
568
569 int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch,
570 ulong *setup_start, ulong *setup_len);
571
572 /**
573 * boot_get_fdt_fit() - load a DTB from a FIT file (applying overlays)
574 *
575 * This deals with all aspects of loading an DTB from a FIT.
576 * The correct base image based on configuration will be selected, and
577 * then any overlays specified will be applied (as present in fit_uname_configp).
578 *
579 * @param images Boot images structure
580 * @param addr Address of FIT in memory
581 * @param fit_unamep On entry this is the requested image name
582 * (e.g. "kernel") or NULL to use the default. On exit
583 * points to the selected image name
584 * @param fit_uname_configp On entry this is the requested configuration
585 * name (e.g. "conf-1") or NULL to use the default. On
586 * exit points to the selected configuration name.
587 * @param arch Expected architecture (IH_ARCH_...)
588 * @param datap Returns address of loaded image
589 * @param lenp Returns length of loaded image
590 *
591 * @return node offset of base image, or -ve error code on error
592 */
593 int boot_get_fdt_fit(bootm_headers_t *images, ulong addr,
594 const char **fit_unamep, const char **fit_uname_configp,
595 int arch, ulong *datap, ulong *lenp);
596
597 /**
598 * fit_image_load() - load an image from a FIT
599 *
600 * This deals with all aspects of loading an image from a FIT, including
601 * selecting the right image based on configuration, verifying it, printing
602 * out progress messages, checking the type/arch/os and optionally copying it
603 * to the right load address.
604 *
605 * The property to look up is defined by image_type.
606 *
607 * @param images Boot images structure
608 * @param addr Address of FIT in memory
609 * @param fit_unamep On entry this is the requested image name
610 * (e.g. "kernel") or NULL to use the default. On exit
611 * points to the selected image name
612 * @param fit_uname_configp On entry this is the requested configuration
613 * name (e.g. "conf-1") or NULL to use the default. On
614 * exit points to the selected configuration name.
615 * @param arch Expected architecture (IH_ARCH_...)
616 * @param image_type Required image type (IH_TYPE_...). If this is
617 * IH_TYPE_KERNEL then we allow IH_TYPE_KERNEL_NOLOAD
618 * also.
619 * @param bootstage_id ID of starting bootstage to use for progress updates.
620 * This will be added to the BOOTSTAGE_SUB values when
621 * calling bootstage_mark()
622 * @param load_op Decribes what to do with the load address
623 * @param datap Returns address of loaded image
624 * @param lenp Returns length of loaded image
625 * @return node offset of image, or -ve error code on error
626 */
627 int fit_image_load(bootm_headers_t *images, ulong addr,
628 const char **fit_unamep, const char **fit_uname_configp,
629 int arch, int image_type, int bootstage_id,
630 enum fit_load_op load_op, ulong *datap, ulong *lenp);
631
632 /**
633 * image_source_script() - Execute a script
634 *
635 * Executes a U-Boot script at a particular address in memory. The script should
636 * have a header (FIT or legacy) with the script type (IH_TYPE_SCRIPT).
637 *
638 * @addr: Address of script
639 * @fit_uname: FIT subimage name
640 * @return result code (enum command_ret_t)
641 */
642 int image_source_script(ulong addr, const char *fit_uname);
643
644 /**
645 * fit_get_node_from_config() - Look up an image a FIT by type
646 *
647 * This looks in the selected conf- node (images->fit_uname_cfg) for a
648 * particular image type (e.g. "kernel") and then finds the image that is
649 * referred to.
650 *
651 * For example, for something like:
652 *
653 * images {
654 * kernel {
655 * ...
656 * };
657 * };
658 * configurations {
659 * conf-1 {
660 * kernel = "kernel";
661 * };
662 * };
663 *
664 * the function will return the node offset of the kernel@1 node, assuming
665 * that conf-1 is the chosen configuration.
666 *
667 * @param images Boot images structure
668 * @param prop_name Property name to look up (FIT_..._PROP)
669 * @param addr Address of FIT in memory
670 */
671 int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name,
672 ulong addr);
673
674 int boot_get_fdt(int flag, int argc, char *const argv[], uint8_t arch,
675 bootm_headers_t *images,
676 char **of_flat_tree, ulong *of_size);
677 void boot_fdt_add_mem_rsv_regions(struct lmb *lmb, void *fdt_blob);
678 int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size);
679
680 int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len,
681 ulong *initrd_start, ulong *initrd_end);
682 int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end);
683 int boot_get_kbd(struct lmb *lmb, struct bd_info **kbd);
684
685 /*******************************************************************/
686 /* Legacy format specific code (prefixed with image_) */
687 /*******************************************************************/
image_get_header_size(void)688 static inline uint32_t image_get_header_size(void)
689 {
690 return (sizeof(image_header_t));
691 }
692
693 #define image_get_hdr_l(f) \
694 static inline uint32_t image_get_##f(const image_header_t *hdr) \
695 { \
696 return uimage_to_cpu(hdr->ih_##f); \
697 }
698 image_get_hdr_l(magic) /* image_get_magic */
image_get_hdr_l(hcrc)699 image_get_hdr_l(hcrc) /* image_get_hcrc */
700 image_get_hdr_l(time) /* image_get_time */
701 image_get_hdr_l(size) /* image_get_size */
702 image_get_hdr_l(load) /* image_get_load */
703 image_get_hdr_l(ep) /* image_get_ep */
704 image_get_hdr_l(dcrc) /* image_get_dcrc */
705
706 #define image_get_hdr_b(f) \
707 static inline uint8_t image_get_##f(const image_header_t *hdr) \
708 { \
709 return hdr->ih_##f; \
710 }
711 image_get_hdr_b(os) /* image_get_os */
712 image_get_hdr_b(arch) /* image_get_arch */
713 image_get_hdr_b(type) /* image_get_type */
714 image_get_hdr_b(comp) /* image_get_comp */
715
716 static inline char *image_get_name(const image_header_t *hdr)
717 {
718 return (char *)hdr->ih_name;
719 }
720
image_get_data_size(const image_header_t * hdr)721 static inline uint32_t image_get_data_size(const image_header_t *hdr)
722 {
723 return image_get_size(hdr);
724 }
725
726 /**
727 * image_get_data - get image payload start address
728 * @hdr: image header
729 *
730 * image_get_data() returns address of the image payload. For single
731 * component images it is image data start. For multi component
732 * images it points to the null terminated table of sub-images sizes.
733 *
734 * returns:
735 * image payload data start address
736 */
image_get_data(const image_header_t * hdr)737 static inline ulong image_get_data(const image_header_t *hdr)
738 {
739 return ((ulong)hdr + image_get_header_size());
740 }
741
image_get_image_size(const image_header_t * hdr)742 static inline uint32_t image_get_image_size(const image_header_t *hdr)
743 {
744 return (image_get_size(hdr) + image_get_header_size());
745 }
image_get_image_end(const image_header_t * hdr)746 static inline ulong image_get_image_end(const image_header_t *hdr)
747 {
748 return ((ulong)hdr + image_get_image_size(hdr));
749 }
750
751 #define image_set_hdr_l(f) \
752 static inline void image_set_##f(image_header_t *hdr, uint32_t val) \
753 { \
754 hdr->ih_##f = cpu_to_uimage(val); \
755 }
756 image_set_hdr_l(magic) /* image_set_magic */
image_set_hdr_l(hcrc)757 image_set_hdr_l(hcrc) /* image_set_hcrc */
758 image_set_hdr_l(time) /* image_set_time */
759 image_set_hdr_l(size) /* image_set_size */
760 image_set_hdr_l(load) /* image_set_load */
761 image_set_hdr_l(ep) /* image_set_ep */
762 image_set_hdr_l(dcrc) /* image_set_dcrc */
763
764 #define image_set_hdr_b(f) \
765 static inline void image_set_##f(image_header_t *hdr, uint8_t val) \
766 { \
767 hdr->ih_##f = val; \
768 }
769 image_set_hdr_b(os) /* image_set_os */
770 image_set_hdr_b(arch) /* image_set_arch */
771 image_set_hdr_b(type) /* image_set_type */
772 image_set_hdr_b(comp) /* image_set_comp */
773
774 static inline void image_set_name(image_header_t *hdr, const char *name)
775 {
776 strncpy(image_get_name(hdr), name, IH_NMLEN);
777 }
778
779 int image_check_hcrc(const image_header_t *hdr);
780 int image_check_dcrc(const image_header_t *hdr);
781 #ifndef USE_HOSTCC
782 ulong env_get_bootm_low(void);
783 phys_size_t env_get_bootm_size(void);
784 phys_size_t env_get_bootm_mapsize(void);
785 #endif
786 void memmove_wd(void *to, void *from, size_t len, ulong chunksz);
787
image_check_magic(const image_header_t * hdr)788 static inline int image_check_magic(const image_header_t *hdr)
789 {
790 return (image_get_magic(hdr) == IH_MAGIC);
791 }
image_check_type(const image_header_t * hdr,uint8_t type)792 static inline int image_check_type(const image_header_t *hdr, uint8_t type)
793 {
794 return (image_get_type(hdr) == type);
795 }
image_check_arch(const image_header_t * hdr,uint8_t arch)796 static inline int image_check_arch(const image_header_t *hdr, uint8_t arch)
797 {
798 /* Let's assume that sandbox can load any architecture */
799 if (!tools_build() && IS_ENABLED(CONFIG_SANDBOX))
800 return true;
801 return (image_get_arch(hdr) == arch) ||
802 (image_get_arch(hdr) == IH_ARCH_ARM && arch == IH_ARCH_ARM64);
803 }
image_check_os(const image_header_t * hdr,uint8_t os)804 static inline int image_check_os(const image_header_t *hdr, uint8_t os)
805 {
806 return (image_get_os(hdr) == os);
807 }
808
809 ulong image_multi_count(const image_header_t *hdr);
810 void image_multi_getimg(const image_header_t *hdr, ulong idx,
811 ulong *data, ulong *len);
812
813 void image_print_contents(const void *hdr);
814
815 #ifndef USE_HOSTCC
image_check_target_arch(const image_header_t * hdr)816 static inline int image_check_target_arch(const image_header_t *hdr)
817 {
818 #ifndef IH_ARCH_DEFAULT
819 # error "please define IH_ARCH_DEFAULT in your arch asm/u-boot.h"
820 #endif
821 return image_check_arch(hdr, IH_ARCH_DEFAULT);
822 }
823 #endif /* USE_HOSTCC */
824
825 /**
826 * image_decomp_type() - Find out compression type of an image
827 *
828 * @buf: Address in U-Boot memory where image is loaded.
829 * @len: Length of the compressed image.
830 * @return compression type or IH_COMP_NONE if not compressed.
831 *
832 * Note: Only following compression types are supported now.
833 * lzo, lzma, gzip, bzip2
834 */
835 int image_decomp_type(const unsigned char *buf, ulong len);
836
837 /**
838 * image_decomp() - decompress an image
839 *
840 * @comp: Compression algorithm that is used (IH_COMP_...)
841 * @load: Destination load address in U-Boot memory
842 * @image_start Image start address (where we are decompressing from)
843 * @type: OS type (IH_OS_...)
844 * @load_bug: Place to decompress to
845 * @image_buf: Address to decompress from
846 * @image_len: Number of bytes in @image_buf to decompress
847 * @unc_len: Available space for decompression
848 * @return 0 if OK, -ve on error (BOOTM_ERR_...)
849 */
850 int image_decomp(int comp, ulong load, ulong image_start, int type,
851 void *load_buf, void *image_buf, ulong image_len,
852 uint unc_len, ulong *load_end);
853
854 /**
855 * Set up properties in the FDT
856 *
857 * This sets up properties in the FDT that is to be passed to linux.
858 *
859 * @images: Images information
860 * @blob: FDT to update
861 * @of_size: Size of the FDT
862 * @lmb: Points to logical memory block structure
863 * @return 0 if ok, <0 on failure
864 */
865 int image_setup_libfdt(bootm_headers_t *images, void *blob,
866 int of_size, struct lmb *lmb);
867
868 /**
869 * Set up the FDT to use for booting a kernel
870 *
871 * This performs ramdisk setup, sets up the FDT if required, and adds
872 * paramters to the FDT if libfdt is available.
873 *
874 * @param images Images information
875 * @return 0 if ok, <0 on failure
876 */
877 int image_setup_linux(bootm_headers_t *images);
878
879 /**
880 * bootz_setup() - Extract stat and size of a Linux xImage
881 *
882 * @image: Address of image
883 * @start: Returns start address of image
884 * @end : Returns end address of image
885 * @return 0 if OK, 1 if the image was not recognised
886 */
887 int bootz_setup(ulong image, ulong *start, ulong *end);
888
889 /**
890 * Return the correct start address and size of a Linux aarch64 Image.
891 *
892 * @image: Address of image
893 * @start: Returns start address of image
894 * @size : Returns size image
895 * @force_reloc: Ignore image->ep field, always place image to RAM start
896 * @return 0 if OK, 1 if the image was not recognised
897 */
898 int booti_setup(ulong image, ulong *relocated_addr, ulong *size,
899 bool force_reloc);
900
901 /*******************************************************************/
902 /* New uImage format specific code (prefixed with fit_) */
903 /*******************************************************************/
904
905 #define FIT_IMAGES_PATH "/images"
906 #define FIT_CONFS_PATH "/configurations"
907
908 /* hash/signature/key node */
909 #define FIT_HASH_NODENAME "hash"
910 #define FIT_ALGO_PROP "algo"
911 #define FIT_VALUE_PROP "value"
912 #define FIT_IGNORE_PROP "uboot-ignore"
913 #define FIT_SIG_NODENAME "signature"
914 #define FIT_KEY_REQUIRED "required"
915 #define FIT_KEY_HINT "key-name-hint"
916
917 /* cipher node */
918 #define FIT_CIPHER_NODENAME "cipher"
919 #define FIT_ALGO_PROP "algo"
920
921 /* image node */
922 #define FIT_DATA_PROP "data"
923 #define FIT_DATA_POSITION_PROP "data-position"
924 #define FIT_DATA_OFFSET_PROP "data-offset"
925 #define FIT_DATA_SIZE_PROP "data-size"
926 #define FIT_TIMESTAMP_PROP "timestamp"
927 #define FIT_DESC_PROP "description"
928 #define FIT_ARCH_PROP "arch"
929 #define FIT_TYPE_PROP "type"
930 #define FIT_OS_PROP "os"
931 #define FIT_COMP_PROP "compression"
932 #define FIT_ENTRY_PROP "entry"
933 #define FIT_LOAD_PROP "load"
934
935 /* configuration node */
936 #define FIT_KERNEL_PROP "kernel"
937 #define FIT_RAMDISK_PROP "ramdisk"
938 #define FIT_FDT_PROP "fdt"
939 #define FIT_LOADABLE_PROP "loadables"
940 #define FIT_DEFAULT_PROP "default"
941 #define FIT_SETUP_PROP "setup"
942 #define FIT_FPGA_PROP "fpga"
943 #define FIT_FIRMWARE_PROP "firmware"
944 #define FIT_STANDALONE_PROP "standalone"
945
946 #define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE
947
948 /* cmdline argument format parsing */
949 int fit_parse_conf(const char *spec, ulong addr_curr,
950 ulong *addr, const char **conf_name);
951 int fit_parse_subimage(const char *spec, ulong addr_curr,
952 ulong *addr, const char **image_name);
953
954 int fit_get_subimage_count(const void *fit, int images_noffset);
955 void fit_print_contents(const void *fit);
956 void fit_image_print(const void *fit, int noffset, const char *p);
957
958 /**
959 * fit_get_end - get FIT image size
960 * @fit: pointer to the FIT format image header
961 *
962 * returns:
963 * size of the FIT image (blob) in memory
964 */
fit_get_size(const void * fit)965 static inline ulong fit_get_size(const void *fit)
966 {
967 return fdt_totalsize(fit);
968 }
969
970 /**
971 * fit_get_end - get FIT image end
972 * @fit: pointer to the FIT format image header
973 *
974 * returns:
975 * end address of the FIT image (blob) in memory
976 */
977 ulong fit_get_end(const void *fit);
978
979 /**
980 * fit_get_name - get FIT node name
981 * @fit: pointer to the FIT format image header
982 *
983 * returns:
984 * NULL, on error
985 * pointer to node name, on success
986 */
fit_get_name(const void * fit_hdr,int noffset,int * len)987 static inline const char *fit_get_name(const void *fit_hdr,
988 int noffset, int *len)
989 {
990 return fdt_get_name(fit_hdr, noffset, len);
991 }
992
993 int fit_get_desc(const void *fit, int noffset, char **desc);
994 int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp);
995
996 int fit_image_get_node(const void *fit, const char *image_uname);
997 int fit_image_get_os(const void *fit, int noffset, uint8_t *os);
998 int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch);
999 int fit_image_get_type(const void *fit, int noffset, uint8_t *type);
1000 int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp);
1001 int fit_image_get_load(const void *fit, int noffset, ulong *load);
1002 int fit_image_get_entry(const void *fit, int noffset, ulong *entry);
1003 int fit_image_get_data(const void *fit, int noffset,
1004 const void **data, size_t *size);
1005 int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset);
1006 int fit_image_get_data_position(const void *fit, int noffset,
1007 int *data_position);
1008 int fit_image_get_data_size(const void *fit, int noffset, int *data_size);
1009 int fit_image_get_data_size_unciphered(const void *fit, int noffset,
1010 size_t *data_size);
1011 int fit_image_get_data_and_size(const void *fit, int noffset,
1012 const void **data, size_t *size);
1013
1014 int fit_image_hash_get_algo(const void *fit, int noffset, char **algo);
1015 int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
1016 int *value_len);
1017
1018 int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
1019
1020 int fit_cipher_data(const char *keydir, void *keydest, void *fit,
1021 const char *comment, int require_keys,
1022 const char *engine_id, const char *cmdname);
1023
1024 /**
1025 * fit_add_verification_data() - add verification data to FIT image nodes
1026 *
1027 * @keydir: Directory containing keys
1028 * @kwydest: FDT blob to write public key information to
1029 * @fit: Pointer to the FIT format image header
1030 * @comment: Comment to add to signature nodes
1031 * @require_keys: Mark all keys as 'required'
1032 * @engine_id: Engine to use for signing
1033 * @cmdname: Command name used when reporting errors
1034 *
1035 * Adds hash values for all component images in the FIT blob.
1036 * Hashes are calculated for all component images which have hash subnodes
1037 * with algorithm property set to one of the supported hash algorithms.
1038 *
1039 * Also add signatures if signature nodes are present.
1040 *
1041 * returns
1042 * 0, on success
1043 * libfdt error code, on failure
1044 */
1045 int fit_add_verification_data(const char *keydir, const char *keyfile,
1046 void *keydest, void *fit, const char *comment,
1047 int require_keys, const char *engine_id,
1048 const char *cmdname);
1049
1050 int fit_image_verify_with_data(const void *fit, int image_noffset,
1051 const void *data, size_t size);
1052 int fit_image_verify(const void *fit, int noffset);
1053 int fit_config_verify(const void *fit, int conf_noffset);
1054 int fit_all_image_verify(const void *fit);
1055 int fit_config_decrypt(const void *fit, int conf_noffset);
1056 int fit_image_check_os(const void *fit, int noffset, uint8_t os);
1057 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch);
1058 int fit_image_check_type(const void *fit, int noffset, uint8_t type);
1059 int fit_image_check_comp(const void *fit, int noffset, uint8_t comp);
1060
1061 /**
1062 * fit_check_format() - Check that the FIT is valid
1063 *
1064 * This performs various checks on the FIT to make sure it is suitable for
1065 * use, looking for mandatory properties, nodes, etc.
1066 *
1067 * If FIT_FULL_CHECK is enabled, it also runs it through libfdt to make
1068 * sure that there are no strange tags or broken nodes in the FIT.
1069 *
1070 * @fit: pointer to the FIT format image header
1071 * @return 0 if OK, -ENOEXEC if not an FDT file, -EINVAL if the full FDT check
1072 * failed (e.g. due to bad structure), -ENOMSG if the description is
1073 * missing, -EBADMSG if the timestamp is missing, -ENOENT if the /images
1074 * path is missing
1075 */
1076 int fit_check_format(const void *fit, ulong size);
1077
1078 int fit_conf_find_compat(const void *fit, const void *fdt);
1079
1080 /**
1081 * fit_conf_get_node - get node offset for configuration of a given unit name
1082 * @fit: pointer to the FIT format image header
1083 * @conf_uname: configuration node unit name (NULL to use default)
1084 *
1085 * fit_conf_get_node() finds a configuration (within the '/configurations'
1086 * parent node) of a provided unit name. If configuration is found its node
1087 * offset is returned to the caller.
1088 *
1089 * When NULL is provided in second argument fit_conf_get_node() will search
1090 * for a default configuration node instead. Default configuration node unit
1091 * name is retrieved from FIT_DEFAULT_PROP property of the '/configurations'
1092 * node.
1093 *
1094 * returns:
1095 * configuration node offset when found (>=0)
1096 * negative number on failure (FDT_ERR_* code)
1097 */
1098 int fit_conf_get_node(const void *fit, const char *conf_uname);
1099
1100 int fit_conf_get_prop_node_count(const void *fit, int noffset,
1101 const char *prop_name);
1102 int fit_conf_get_prop_node_index(const void *fit, int noffset,
1103 const char *prop_name, int index);
1104
1105 /**
1106 * fit_conf_get_prop_node() - Get node refered to by a configuration
1107 * @fit: FIT to check
1108 * @noffset: Offset of conf@xxx node to check
1109 * @prop_name: Property to read from the conf node
1110 *
1111 * The conf- nodes contain references to other nodes, using properties
1112 * like 'kernel = "kernel"'. Given such a property name (e.g. "kernel"),
1113 * return the offset of the node referred to (e.g. offset of node
1114 * "/images/kernel".
1115 */
1116 int fit_conf_get_prop_node(const void *fit, int noffset,
1117 const char *prop_name);
1118
1119 int fit_check_ramdisk(const void *fit, int os_noffset,
1120 uint8_t arch, int verify);
1121
1122 int calculate_hash(const void *data, int data_len, const char *algo,
1123 uint8_t *value, int *value_len);
1124
1125 /*
1126 * At present we only support signing on the host, and verification on the
1127 * device
1128 */
1129 #if defined(USE_HOSTCC)
1130 # if defined(CONFIG_FIT_SIGNATURE)
1131 # define IMAGE_ENABLE_SIGN 1
1132 # define FIT_IMAGE_ENABLE_VERIFY 1
1133 # include <openssl/evp.h>
1134 # else
1135 # define IMAGE_ENABLE_SIGN 0
1136 # define FIT_IMAGE_ENABLE_VERIFY 0
1137 # endif
1138 #else
1139 # define IMAGE_ENABLE_SIGN 0
1140 # define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
1141 #endif
1142
1143 #ifdef USE_HOSTCC
1144 void *image_get_host_blob(void);
1145 void image_set_host_blob(void *host_blob);
1146 # define gd_fdt_blob() image_get_host_blob()
1147 #else
1148 # define gd_fdt_blob() (gd->fdt_blob)
1149 #endif
1150
1151 /*
1152 * Information passed to the signing routines
1153 *
1154 * Either 'keydir', 'keyname', or 'keyfile' can be NULL. However, either
1155 * 'keyfile', or both 'keydir' and 'keyname' should have valid values. If
1156 * neither are valid, some operations might fail with EINVAL.
1157 */
1158 struct image_sign_info {
1159 const char *keydir; /* Directory conaining keys */
1160 const char *keyname; /* Name of key to use */
1161 const char *keyfile; /* Filename of private or public key */
1162 const void *fit; /* Pointer to FIT blob */
1163 int node_offset; /* Offset of signature node */
1164 const char *name; /* Algorithm name */
1165 struct checksum_algo *checksum; /* Checksum algorithm information */
1166 struct padding_algo *padding; /* Padding algorithm information */
1167 struct crypto_algo *crypto; /* Crypto algorithm information */
1168 const void *fdt_blob; /* FDT containing public keys */
1169 int required_keynode; /* Node offset of key to use: -1=any */
1170 const char *require_keys; /* Value for 'required' property */
1171 const char *engine_id; /* Engine to use for signing */
1172 /*
1173 * Note: the following two fields are always valid even w/o
1174 * RSA_VERIFY_WITH_PKEY in order to make sure this structure is
1175 * the same on target and host. Otherwise, vboot test may fail.
1176 */
1177 const void *key; /* Pointer to public key in DER */
1178 int keylen; /* Length of public key */
1179 };
1180
1181 /* A part of an image, used for hashing */
1182 struct image_region {
1183 const void *data;
1184 int size;
1185 };
1186
1187 struct checksum_algo {
1188 const char *name;
1189 const int checksum_len;
1190 const int der_len;
1191 const uint8_t *der_prefix;
1192 #if IMAGE_ENABLE_SIGN
1193 const EVP_MD *(*calculate_sign)(void);
1194 #endif
1195 int (*calculate)(const char *name,
1196 const struct image_region *region,
1197 int region_count, uint8_t *checksum);
1198 };
1199
1200 struct crypto_algo {
1201 const char *name; /* Name of algorithm */
1202 const int key_len;
1203
1204 /**
1205 * sign() - calculate and return signature for given input data
1206 *
1207 * @info: Specifies key and FIT information
1208 * @data: Pointer to the input data
1209 * @data_len: Data length
1210 * @sigp: Set to an allocated buffer holding the signature
1211 * @sig_len: Set to length of the calculated hash
1212 *
1213 * This computes input data signature according to selected algorithm.
1214 * Resulting signature value is placed in an allocated buffer, the
1215 * pointer is returned as *sigp. The length of the calculated
1216 * signature is returned via the sig_len pointer argument. The caller
1217 * should free *sigp.
1218 *
1219 * @return: 0, on success, -ve on error
1220 */
1221 int (*sign)(struct image_sign_info *info,
1222 const struct image_region region[],
1223 int region_count, uint8_t **sigp, uint *sig_len);
1224
1225 /**
1226 * add_verify_data() - Add verification information to FDT
1227 *
1228 * Add public key information to the FDT node, suitable for
1229 * verification at run-time. The information added depends on the
1230 * algorithm being used.
1231 *
1232 * @info: Specifies key and FIT information
1233 * @keydest: Destination FDT blob for public key data
1234 * @return: 0, on success, -ve on error
1235 */
1236 int (*add_verify_data)(struct image_sign_info *info, void *keydest);
1237
1238 /**
1239 * verify() - Verify a signature against some data
1240 *
1241 * @info: Specifies key and FIT information
1242 * @data: Pointer to the input data
1243 * @data_len: Data length
1244 * @sig: Signature
1245 * @sig_len: Number of bytes in signature
1246 * @return 0 if verified, -ve on error
1247 */
1248 int (*verify)(struct image_sign_info *info,
1249 const struct image_region region[], int region_count,
1250 uint8_t *sig, uint sig_len);
1251 };
1252
1253 /* Declare a new U-Boot crypto algorithm handler */
1254 #define U_BOOT_CRYPTO_ALGO(__name) \
1255 ll_entry_declare(struct crypto_algo, __name, cryptos)
1256
1257 struct padding_algo {
1258 const char *name;
1259 int (*verify)(struct image_sign_info *info,
1260 uint8_t *pad, int pad_len,
1261 const uint8_t *hash, int hash_len);
1262 };
1263
1264 /* Declare a new U-Boot padding algorithm handler */
1265 #define U_BOOT_PADDING_ALGO(__name) \
1266 ll_entry_declare(struct padding_algo, __name, paddings)
1267
1268 /**
1269 * image_get_checksum_algo() - Look up a checksum algorithm
1270 *
1271 * @param full_name Name of algorithm in the form "checksum,crypto"
1272 * @return pointer to algorithm information, or NULL if not found
1273 */
1274 struct checksum_algo *image_get_checksum_algo(const char *full_name);
1275
1276 /**
1277 * image_get_crypto_algo() - Look up a cryptosystem algorithm
1278 *
1279 * @param full_name Name of algorithm in the form "checksum,crypto"
1280 * @return pointer to algorithm information, or NULL if not found
1281 */
1282 struct crypto_algo *image_get_crypto_algo(const char *full_name);
1283
1284 /**
1285 * image_get_padding_algo() - Look up a padding algorithm
1286 *
1287 * @param name Name of padding algorithm
1288 * @return pointer to algorithm information, or NULL if not found
1289 */
1290 struct padding_algo *image_get_padding_algo(const char *name);
1291
1292 /**
1293 * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
1294 *
1295 * @fit: FIT to check
1296 * @image_noffset: Offset of image node to check
1297 * @data: Image data to check
1298 * @size: Size of image data
1299 * @sig_blob: FDT containing public keys
1300 * @no_sigsp: Returns 1 if no signatures were required, and
1301 * therefore nothing was checked. The caller may wish
1302 * to fall back to other mechanisms, or refuse to
1303 * boot.
1304 * @return 0 if all verified ok, <0 on error
1305 */
1306 int fit_image_verify_required_sigs(const void *fit, int image_noffset,
1307 const char *data, size_t size, const void *sig_blob,
1308 int *no_sigsp);
1309
1310 /**
1311 * fit_image_check_sig() - Check a single image signature node
1312 *
1313 * @fit: FIT to check
1314 * @noffset: Offset of signature node to check
1315 * @data: Image data to check
1316 * @size: Size of image data
1317 * @required_keynode: Offset in the control FDT of the required key node,
1318 * if any. If this is given, then the image wil not
1319 * pass verification unless that key is used. If this is
1320 * -1 then any signature will do.
1321 * @err_msgp: In the event of an error, this will be pointed to a
1322 * help error string to display to the user.
1323 * @return 0 if all verified ok, <0 on error
1324 */
1325 int fit_image_check_sig(const void *fit, int noffset, const void *data,
1326 size_t size, int required_keynode, char **err_msgp);
1327
1328 int fit_image_decrypt_data(const void *fit,
1329 int image_noffset, int cipher_noffset,
1330 const void *data, size_t size,
1331 void **data_unciphered, size_t *size_unciphered);
1332
1333 /**
1334 * fit_region_make_list() - Make a list of regions to hash
1335 *
1336 * Given a list of FIT regions (offset, size) provided by libfdt, create
1337 * a list of regions (void *, size) for use by the signature creationg
1338 * and verification code.
1339 *
1340 * @fit: FIT image to process
1341 * @fdt_regions: Regions as returned by libfdt
1342 * @count: Number of regions returned by libfdt
1343 * @region: Place to put list of regions (NULL to allocate it)
1344 * @return pointer to list of regions, or NULL if out of memory
1345 */
1346 struct image_region *fit_region_make_list(const void *fit,
1347 struct fdt_region *fdt_regions, int count,
1348 struct image_region *region);
1349
fit_image_check_target_arch(const void * fdt,int node)1350 static inline int fit_image_check_target_arch(const void *fdt, int node)
1351 {
1352 #ifndef USE_HOSTCC
1353 return fit_image_check_arch(fdt, node, IH_ARCH_DEFAULT);
1354 #else
1355 return 0;
1356 #endif
1357 }
1358
1359 /*
1360 * At present we only support ciphering on the host, and unciphering on the
1361 * device
1362 */
1363 #if defined(USE_HOSTCC)
1364 # if defined(CONFIG_FIT_CIPHER)
1365 # define IMAGE_ENABLE_ENCRYPT 1
1366 # define IMAGE_ENABLE_DECRYPT 1
1367 # include <openssl/evp.h>
1368 # else
1369 # define IMAGE_ENABLE_ENCRYPT 0
1370 # define IMAGE_ENABLE_DECRYPT 0
1371 # endif
1372 #else
1373 # define IMAGE_ENABLE_ENCRYPT 0
1374 # define IMAGE_ENABLE_DECRYPT CONFIG_IS_ENABLED(FIT_CIPHER)
1375 #endif
1376
1377 /* Information passed to the ciphering routines */
1378 struct image_cipher_info {
1379 const char *keydir; /* Directory containing keys */
1380 const char *keyname; /* Name of key to use */
1381 const char *ivname; /* Name of IV to use */
1382 const void *fit; /* Pointer to FIT blob */
1383 int node_noffset; /* Offset of the cipher node */
1384 const char *name; /* Algorithm name */
1385 struct cipher_algo *cipher; /* Cipher algorithm information */
1386 const void *fdt_blob; /* FDT containing key and IV */
1387 const void *key; /* Value of the key */
1388 const void *iv; /* Value of the IV */
1389 size_t size_unciphered; /* Size of the unciphered data */
1390 };
1391
1392 struct cipher_algo {
1393 const char *name; /* Name of algorithm */
1394 int key_len; /* Length of the key */
1395 int iv_len; /* Length of the IV */
1396
1397 #if IMAGE_ENABLE_ENCRYPT
1398 const EVP_CIPHER * (*calculate_type)(void);
1399 #endif
1400
1401 int (*encrypt)(struct image_cipher_info *info,
1402 const unsigned char *data, int data_len,
1403 unsigned char **cipher, int *cipher_len);
1404
1405 int (*add_cipher_data)(struct image_cipher_info *info,
1406 void *keydest, void *fit, int node_noffset);
1407
1408 int (*decrypt)(struct image_cipher_info *info,
1409 const void *cipher, size_t cipher_len,
1410 void **data, size_t *data_len);
1411 };
1412
1413 int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo);
1414
1415 struct cipher_algo *image_get_cipher_algo(const char *full_name);
1416
1417 struct andr_img_hdr;
1418 int android_image_check_header(const struct andr_img_hdr *hdr);
1419 int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify,
1420 ulong *os_data, ulong *os_len);
1421 int android_image_get_ramdisk(const struct andr_img_hdr *hdr,
1422 ulong *rd_data, ulong *rd_len);
1423 int android_image_get_second(const struct andr_img_hdr *hdr,
1424 ulong *second_data, ulong *second_len);
1425 bool android_image_get_dtbo(ulong hdr_addr, ulong *addr, u32 *size);
1426 bool android_image_get_dtb_by_index(ulong hdr_addr, u32 index, ulong *addr,
1427 u32 *size);
1428 ulong android_image_get_end(const struct andr_img_hdr *hdr);
1429 ulong android_image_get_kload(const struct andr_img_hdr *hdr);
1430 ulong android_image_get_kcomp(const struct andr_img_hdr *hdr);
1431 void android_print_contents(const struct andr_img_hdr *hdr);
1432 bool android_image_print_dtb_contents(ulong hdr_addr);
1433
1434 /**
1435 * board_fit_config_name_match() - Check for a matching board name
1436 *
1437 * This is used when SPL loads a FIT containing multiple device tree files
1438 * and wants to work out which one to use. The description of each one is
1439 * passed to this function. The description comes from the 'description' field
1440 * in each (FDT) image node.
1441 *
1442 * @name: Device tree description
1443 * @return 0 if this device tree should be used, non-zero to try the next
1444 */
1445 int board_fit_config_name_match(const char *name);
1446
1447 /**
1448 * board_fit_image_post_process() - Do any post-process on FIT binary data
1449 *
1450 * This is used to do any sort of image manipulation, verification, decryption
1451 * etc. in a platform or board specific way. Obviously, anything done here would
1452 * need to be comprehended in how the images were prepared before being injected
1453 * into the FIT creation (i.e. the binary blobs would have been pre-processed
1454 * before being added to the FIT image).
1455 *
1456 * @fit: pointer to fit image
1457 * @node: offset of image node
1458 * @image: pointer to the image start pointer
1459 * @size: pointer to the image size
1460 * @return no return value (failure should be handled internally)
1461 */
1462 void board_fit_image_post_process(const void *fit, int node, void **p_image,
1463 size_t *p_size);
1464
1465 #define FDT_ERROR ((ulong)(-1))
1466
1467 ulong fdt_getprop_u32(const void *fdt, int node, const char *prop);
1468
1469 /**
1470 * fit_find_config_node() - Find the node for the best DTB in a FIT image
1471 *
1472 * A FIT image contains one or more DTBs. This function parses the
1473 * configurations described in the FIT images and returns the node of
1474 * the first matching DTB. To check if a DTB matches a board, this function
1475 * calls board_fit_config_name_match(). If no matching DTB is found, it returns
1476 * the node described by the default configuration if it exists.
1477 *
1478 * @fdt: pointer to flat device tree
1479 * @return the node if found, -ve otherwise
1480 */
1481 int fit_find_config_node(const void *fdt);
1482
1483 /**
1484 * Mapping of image types to function handlers to be invoked on the associated
1485 * loaded images
1486 *
1487 * @type: Type of image, I.E. IH_TYPE_*
1488 * @handler: Function to call on loaded image
1489 */
1490 struct fit_loadable_tbl {
1491 int type;
1492 /**
1493 * handler() - Process a loaded image
1494 *
1495 * @data: Pointer to start of loaded image data
1496 * @size: Size of loaded image data
1497 */
1498 void (*handler)(ulong data, size_t size);
1499 };
1500
1501 /*
1502 * Define a FIT loadable image type handler
1503 *
1504 * _type is a valid uimage_type ID as defined in the "Image Type" enum above
1505 * _handler is the handler function to call after this image type is loaded
1506 */
1507 #define U_BOOT_FIT_LOADABLE_HANDLER(_type, _handler) \
1508 ll_entry_declare(struct fit_loadable_tbl, _function, fit_loadable) = { \
1509 .type = _type, \
1510 .handler = _handler, \
1511 }
1512
1513 /**
1514 * fit_update - update storage with FIT image
1515 * @fit: Pointer to FIT image
1516 *
1517 * Update firmware on storage using FIT image as input.
1518 * The storage area to be update will be identified by the name
1519 * in FIT and matching it to "dfu_alt_info" variable.
1520 *
1521 * Return: 0 on success, non-zero otherwise
1522 */
1523 int fit_update(const void *fit);
1524
1525 #endif /* __IMAGE_H__ */
1526