1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright 2018-2019, 2022 NXP
9 #include <imx_container.h>
11 #include <asm/global_data.h>
13 #include <firmware/imx/sci/sci.h>
14 #include <asm/mach-imx/sys_proto.h>
15 #include <asm/arch-imx/cpu.h>
16 #include <asm/arch/sys_proto.h>
19 #include "u-boot/sha256.h"
20 #include <asm/mach-imx/ahab.h>
22 DECLARE_GLOBAL_DATA_PTR;
24 #define SEC_SECURE_RAM_BASE (0x31800000UL)
25 #define SEC_SECURE_RAM_END_BASE (SEC_SECURE_RAM_BASE + 0xFFFFUL)
26 #define SECO_LOCAL_SEC_SEC_SECURE_RAM_BASE (0x60000000UL)
29 #define AHAB_HASH_TYPE_MASK 0x00000700
30 #define AHAB_HASH_TYPE_SHA256 0
32 int ahab_auth_cntr_hdr(struct container_hdr *container, u16 length)
36 memcpy((void *)SEC_SECURE_RAM_BASE, (const void *)container,
37 ALIGN(length, CONFIG_SYS_CACHELINE_SIZE));
39 err = sc_seco_authenticate(-1, SC_SECO_AUTH_CONTAINER,
40 SECO_LOCAL_SEC_SEC_SECURE_RAM_BASE);
42 printf("Authenticate container hdr failed, return %d\n", err);
47 int ahab_auth_release(void)
51 err = sc_seco_authenticate(-1, SC_SECO_REL_CONTAINER, 0);
53 printf("Error: release container failed!\n");
58 int ahab_verify_cntr_image(struct boot_img_t *img, int image_index)
60 sc_faddr_t start, end;
65 debug("img %d, dst 0x%llx, src 0x%x, size 0x%x\n",
66 image_index, img->dst, img->offset, img->size);
68 /* Find the memreg and set permission for seco pt */
69 err = sc_rm_find_memreg(-1, &mr,
70 img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1),
71 ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE) - 1);
74 printf("Error: can't find memreg for image load address 0x%llx, error %d\n",
79 err = sc_rm_get_memreg_info(-1, mr, &start, &end);
81 debug("memreg %u 0x%llx -- 0x%llx\n", mr, start, end);
83 err = sc_rm_set_memreg_permissions(-1, mr,
84 SECO_PT, SC_RM_PERM_FULL);
86 printf("Set permission failed for img %d, error %d\n",
91 err = sc_seco_authenticate(-1, SC_SECO_VERIFY_IMAGE,
94 printf("Authenticate img %d failed, return %d\n",
99 err = sc_rm_set_memreg_permissions(-1, mr,
100 SECO_PT, SC_RM_PERM_NONE);
102 printf("Remove permission failed for img %d, error %d\n",
110 static inline bool check_in_dram(ulong addr)
113 struct bd_info *bd = gd->bd;
115 for (i = 0; i < CONFIG_NR_DRAM_BANKS; ++i) {
116 if (bd->bi_dram[i].size) {
117 if (addr >= bd->bi_dram[i].start &&
118 addr < (bd->bi_dram[i].start + bd->bi_dram[i].size))
126 int authenticate_os_container(ulong addr)
128 struct container_hdr *phdr;
132 struct boot_img_t *img;
134 #ifdef CONFIG_ARMV8_CE_SHA256
135 u8 hash_value[SHA256_SUM_LEN];
139 puts("Error: Image's address is not 4 byte aligned\n");
143 if (!check_in_dram(addr)) {
144 puts("Error: Image's address is invalid\n");
148 phdr = (struct container_hdr *)addr;
149 if (!valid_container_hdr(phdr)) {
150 printf("Error: Wrong container header\n");
154 if (!phdr->num_images) {
155 printf("Error: Wrong container, no image found\n");
159 length = phdr->length_lsb + (phdr->length_msb << 8);
161 debug("container length %u\n", length);
163 err = ahab_auth_cntr_hdr(phdr, length);
169 /* Copy images to dest address */
170 for (i = 0; i < phdr->num_images; i++) {
171 img = (struct boot_img_t *)(addr +
172 sizeof(struct container_hdr) +
173 i * sizeof(struct boot_img_t));
175 debug("img %d, dst 0x%x, src 0x%lux, size 0x%x\n",
176 i, (uint32_t) img->dst, img->offset + addr, img->size);
178 memcpy((void *)img->dst, (const void *)(img->offset + addr),
181 s = img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1);
182 e = ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE) - 1;
184 flush_dcache_range(s, e);
186 #ifdef CONFIG_ARMV8_CE_SHA256
187 if (((img->hab_flags & AHAB_HASH_TYPE_MASK) >> 8) == AHAB_HASH_TYPE_SHA256) {
188 sha256_csum_wd((void *)img->dst, img->size, hash_value, CHUNKSZ_SHA256);
189 err = memcmp(&img->hash, &hash_value, SHA256_SUM_LEN);
191 printf("img %d hash comparison failed, error %d\n", i, err);
197 ret = ahab_verify_cntr_image(img, i);
200 #ifdef CONFIG_ARMV8_CE_SHA256
211 static int do_authenticate(struct cmd_tbl *cmdtp, int flag, int argc,
217 return CMD_RET_USAGE;
219 addr = hextoul(argv[1], NULL);
221 printf("Authenticate OS container at 0x%lx\n", addr);
223 if (authenticate_os_container(addr))
224 return CMD_RET_FAILURE;
226 return CMD_RET_SUCCESS;
229 static void display_life_cycle(u16 lc)
231 printf("Lifecycle: 0x%04X, ", lc);
234 printf("Pristine\n\n");
243 printf("NXP closed\n\n");
246 printf("OEM closed\n\n");
249 printf("Partial field return\n\n");
252 printf("Full field return\n\n");
255 printf("No return\n\n");
258 printf("Unknown\n\n");
263 #define AHAB_AUTH_CONTAINER_REQ 0x87
264 #define AHAB_VERIFY_IMAGE_REQ 0x88
266 #define AHAB_NO_AUTHENTICATION_IND 0xee
267 #define AHAB_BAD_KEY_HASH_IND 0xfa
268 #define AHAB_INVALID_KEY_IND 0xf9
269 #define AHAB_BAD_SIGNATURE_IND 0xf0
270 #define AHAB_BAD_HASH_IND 0xf1
272 static void display_ahab_auth_event(u32 event)
274 u8 cmd = (event >> 16) & 0xff;
275 u8 resp_ind = (event >> 8) & 0xff;
278 case AHAB_AUTH_CONTAINER_REQ:
279 printf("\tCMD = AHAB_AUTH_CONTAINER_REQ (0x%02X)\n", cmd);
282 case AHAB_VERIFY_IMAGE_REQ:
283 printf("\tCMD = AHAB_VERIFY_IMAGE_REQ (0x%02X)\n", cmd);
291 case AHAB_NO_AUTHENTICATION_IND:
292 printf("AHAB_NO_AUTHENTICATION_IND (0x%02X)\n\n", resp_ind);
294 case AHAB_BAD_KEY_HASH_IND:
295 printf("AHAB_BAD_KEY_HASH_IND (0x%02X)\n\n", resp_ind);
297 case AHAB_INVALID_KEY_IND:
298 printf("AHAB_INVALID_KEY_IND (0x%02X)\n\n", resp_ind);
300 case AHAB_BAD_SIGNATURE_IND:
301 printf("AHAB_BAD_SIGNATURE_IND (0x%02X)\n\n", resp_ind);
303 case AHAB_BAD_HASH_IND:
304 printf("AHAB_BAD_HASH_IND (0x%02X)\n\n", resp_ind);
307 printf("Unknown Indicator (0x%02X)\n\n", resp_ind);
312 static int do_ahab_status(struct cmd_tbl *cmdtp, int flag, int argc,
320 err = sc_seco_chip_info(-1, &lc, NULL, NULL, NULL);
322 printf("Error in get lifecycle\n");
326 display_life_cycle(lc);
328 err = sc_seco_get_event(-1, idx, &event);
330 printf("SECO Event[%u] = 0x%08X\n", idx, event);
331 display_ahab_auth_event(event);
334 err = sc_seco_get_event(-1, idx, &event);
338 printf("No SECO Events Found!\n\n");
343 static int confirm_close(void)
345 puts("Warning: Please ensure your sample is in NXP closed state, "
346 "OEM SRK hash has been fused, \n"
347 " and you are able to boot a signed image successfully "
348 "without any SECO events reported.\n"
349 " If not, your sample will be unrecoverable.\n"
350 "\nReally perform this operation? <y/N>\n");
355 puts("Ahab close aborted\n");
359 static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc,
362 int confirmed = argc >= 2 && !strcmp(argv[1], "-y");
366 if (!confirmed && !confirm_close())
369 err = sc_seco_chip_info(-1, &lc, NULL, NULL, NULL);
371 printf("Error in get lifecycle\n");
376 puts("Current lifecycle is NOT NXP closed, can't move to OEM closed\n");
377 display_life_cycle(lc);
381 err = sc_seco_forward_lifecycle(-1, 16);
383 printf("Error in forward lifecycle to OEM closed\n");
387 printf("Change to OEM closed successfully\n");
392 U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
393 "autenticate OS container via AHAB",
395 "addr - OS container hex address\n"
398 U_BOOT_CMD(ahab_status, CONFIG_SYS_MAXARGS, 1, do_ahab_status,
399 "display AHAB lifecycle and events from seco",
403 U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close,
404 "Change AHAB lifecycle to OEM closed",