/* * (C) Copyright 2008 Semihalf * * (C) Copyright 2000-2005 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. * * SPDX-License-Identifier: GPL-2.0+ ******************************************************************** * NOTE: This header file defines an interface to U-Boot. Including * this (unmodified) header file in another file is considered normal * use of U-Boot, and does *not* fall under the heading of "derived * work". ******************************************************************** */ #ifndef __IMAGE_H__ #define __IMAGE_H__ #include "compiler.h" #include <asm/byteorder.h> /* Define this to avoid #ifdefs later on */ struct lmb; #ifdef USE_HOSTCC /* new uImage format support enabled on host */ #define CONFIG_FIT 1 #define CONFIG_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" #else #include <lmb.h> #include <asm/u-boot.h> #include <command.h> /* Take notice of the 'ignore' property for hashes */ #define IMAGE_ENABLE_IGNORE 1 #define IMAGE_INDENT_STRING " " #endif /* USE_HOSTCC */ #if defined(CONFIG_FIT) #include <libfdt.h> #include <fdt_support.h> # ifdef CONFIG_SPL_BUILD # ifdef CONFIG_SPL_CRC32_SUPPORT # define IMAGE_ENABLE_CRC32 1 # endif # ifdef CONFIG_SPL_MD5_SUPPORT # define IMAGE_ENABLE_MD5 1 # endif # ifdef CONFIG_SPL_SHA1_SUPPORT # define IMAGE_ENABLE_SHA1 1 # endif # ifdef CONFIG_SPL_SHA256_SUPPORT # define IMAGE_ENABLE_SHA256 1 # endif # else # define CONFIG_CRC32 /* FIT images need CRC32 support */ # define CONFIG_MD5 /* and MD5 */ # define CONFIG_SHA1 /* and SHA1 */ # define CONFIG_SHA256 /* and SHA256 */ # define IMAGE_ENABLE_CRC32 1 # define IMAGE_ENABLE_MD5 1 # define IMAGE_ENABLE_SHA1 1 # define IMAGE_ENABLE_SHA256 1 # endif #ifndef IMAGE_ENABLE_CRC32 #define IMAGE_ENABLE_CRC32 0 #endif #ifndef IMAGE_ENABLE_MD5 #define IMAGE_ENABLE_MD5 0 #endif #ifndef IMAGE_ENABLE_SHA1 #define IMAGE_ENABLE_SHA1 0 #endif #ifndef IMAGE_ENABLE_SHA256 #define IMAGE_ENABLE_SHA256 0 #endif #endif /* CONFIG_FIT */ #ifdef CONFIG_SYS_BOOT_RAMDISK_HIGH # define IMAGE_ENABLE_RAMDISK_HIGH 1 #else # define IMAGE_ENABLE_RAMDISK_HIGH 0 #endif #ifdef CONFIG_OF_LIBFDT # define IMAGE_ENABLE_OF_LIBFDT 1 #else # define IMAGE_ENABLE_OF_LIBFDT 0 #endif #ifdef CONFIG_SYS_BOOT_GET_CMDLINE # define IMAGE_BOOT_GET_CMDLINE 1 #else # define IMAGE_BOOT_GET_CMDLINE 0 #endif #ifdef CONFIG_OF_BOARD_SETUP # define IMAGE_OF_BOARD_SETUP 1 #else # define IMAGE_OF_BOARD_SETUP 0 #endif /* * Operating System Codes */ #define IH_OS_INVALID 0 /* Invalid OS */ #define IH_OS_OPENBSD 1 /* OpenBSD */ #define IH_OS_NETBSD 2 /* NetBSD */ #define IH_OS_FREEBSD 3 /* FreeBSD */ #define IH_OS_4_4BSD 4 /* 4.4BSD */ #define IH_OS_LINUX 5 /* Linux */ #define IH_OS_SVR4 6 /* SVR4 */ #define IH_OS_ESIX 7 /* Esix */ #define IH_OS_SOLARIS 8 /* Solaris */ #define IH_OS_IRIX 9 /* Irix */ #define IH_OS_SCO 10 /* SCO */ #define IH_OS_DELL 11 /* Dell */ #define IH_OS_NCR 12 /* NCR */ #define IH_OS_LYNXOS 13 /* LynxOS */ #define IH_OS_VXWORKS 14 /* VxWorks */ #define IH_OS_PSOS 15 /* pSOS */ #define IH_OS_QNX 16 /* QNX */ #define IH_OS_U_BOOT 17 /* Firmware */ #define IH_OS_RTEMS 18 /* RTEMS */ #define IH_OS_ARTOS 19 /* ARTOS */ #define IH_OS_UNITY 20 /* Unity OS */ #define IH_OS_INTEGRITY 21 /* INTEGRITY */ #define IH_OS_OSE 22 /* OSE */ #define IH_OS_PLAN9 23 /* Plan 9 */ /* * CPU Architecture Codes (supported by Linux) */ #define IH_ARCH_INVALID 0 /* Invalid CPU */ #define IH_ARCH_ALPHA 1 /* Alpha */ #define IH_ARCH_ARM 2 /* ARM */ #define IH_ARCH_I386 3 /* Intel x86 */ #define IH_ARCH_IA64 4 /* IA64 */ #define IH_ARCH_MIPS 5 /* MIPS */ #define IH_ARCH_MIPS64 6 /* MIPS 64 Bit */ #define IH_ARCH_PPC 7 /* PowerPC */ #define IH_ARCH_S390 8 /* IBM S390 */ #define IH_ARCH_SH 9 /* SuperH */ #define IH_ARCH_SPARC 10 /* Sparc */ #define IH_ARCH_SPARC64 11 /* Sparc 64 Bit */ #define IH_ARCH_M68K 12 /* M68K */ #define IH_ARCH_MICROBLAZE 14 /* MicroBlaze */ #define IH_ARCH_NIOS2 15 /* Nios-II */ #define IH_ARCH_BLACKFIN 16 /* Blackfin */ #define IH_ARCH_AVR32 17 /* AVR32 */ #define IH_ARCH_ST200 18 /* STMicroelectronics ST200 */ #define IH_ARCH_SANDBOX 19 /* Sandbox architecture (test only) */ #define IH_ARCH_NDS32 20 /* ANDES Technology - NDS32 */ #define IH_ARCH_OPENRISC 21 /* OpenRISC 1000 */ #define IH_ARCH_ARM64 22 /* ARM64 */ #define IH_ARCH_ARC 23 /* Synopsys DesignWare ARC */ /* * Image Types * * "Standalone Programs" are directly runnable in the environment * provided by U-Boot; it is expected that (if they behave * well) you can continue to work in U-Boot after return from * the Standalone Program. * "OS Kernel Images" are usually images of some Embedded OS which * will take over control completely. Usually these programs * will install their own set of exception handlers, device * drivers, set up the MMU, etc. - this means, that you cannot * expect to re-enter U-Boot except by resetting the CPU. * "RAMDisk Images" are more or less just data blocks, and their * parameters (address, size) are passed to an OS kernel that is * being started. * "Multi-File Images" contain several images, typically an OS * (Linux) kernel image and one or more data images like * RAMDisks. This construct is useful for instance when you want * to boot over the network using BOOTP etc., where the boot * server provides just a single image file, but you want to get * for instance an OS kernel and a RAMDisk image. * * "Multi-File Images" start with a list of image sizes, each * image size (in bytes) specified by an "uint32_t" in network * byte order. This list is terminated by an "(uint32_t)0". * Immediately after the terminating 0 follow the images, one by * one, all aligned on "uint32_t" boundaries (size rounded up to * a multiple of 4 bytes - except for the last file). * * "Firmware Images" are binary images containing firmware (like * U-Boot or FPGA images) which usually will be programmed to * flash memory. * * "Script files" are command sequences that will be executed by * U-Boot's command interpreter; this feature is especially * useful when you configure U-Boot to use a real shell (hush) * as command interpreter (=> Shell Scripts). */ #define IH_TYPE_INVALID 0 /* Invalid Image */ #define IH_TYPE_STANDALONE 1 /* Standalone Program */ #define IH_TYPE_KERNEL 2 /* OS Kernel Image */ #define IH_TYPE_RAMDISK 3 /* RAMDisk Image */ #define IH_TYPE_MULTI 4 /* Multi-File Image */ #define IH_TYPE_FIRMWARE 5 /* Firmware Image */ #define IH_TYPE_SCRIPT 6 /* Script file */ #define IH_TYPE_FILESYSTEM 7 /* Filesystem Image (any type) */ #define IH_TYPE_FLATDT 8 /* Binary Flat Device Tree Blob */ #define IH_TYPE_KWBIMAGE 9 /* Kirkwood Boot Image */ #define IH_TYPE_IMXIMAGE 10 /* Freescale IMXBoot Image */ #define IH_TYPE_UBLIMAGE 11 /* Davinci UBL Image */ #define IH_TYPE_OMAPIMAGE 12 /* TI OMAP Config Header Image */ #define IH_TYPE_AISIMAGE 13 /* TI Davinci AIS Image */ #define IH_TYPE_KERNEL_NOLOAD 14 /* OS Kernel Image, can run from any load address */ #define IH_TYPE_PBLIMAGE 15 /* Freescale PBL Boot Image */ #define IH_TYPE_MXSIMAGE 16 /* Freescale MXSBoot Image */ #define IH_TYPE_GPIMAGE 17 /* TI Keystone GPHeader Image */ /* * Compression Types */ #define IH_COMP_NONE 0 /* No Compression Used */ #define IH_COMP_GZIP 1 /* gzip Compression Used */ #define IH_COMP_BZIP2 2 /* bzip2 Compression Used */ #define IH_COMP_LZMA 3 /* lzma Compression Used */ #define IH_COMP_LZO 4 /* lzo Compression Used */ #define IH_MAGIC 0x27051956 /* Image Magic Number */ #define IH_NMLEN 32 /* Image Name Length */ /* Reused from common.h */ #define ROUND(a, b) (((a) + (b) - 1) & ~((b) - 1)) /* * Legacy format image header, * all data in network byte order (aka natural aka bigendian). */ typedef struct image_header { __be32 ih_magic; /* Image Header Magic Number */ __be32 ih_hcrc; /* Image Header CRC Checksum */ __be32 ih_time; /* Image Creation Timestamp */ __be32 ih_size; /* Image Data Size */ __be32 ih_load; /* Data Load Address */ __be32 ih_ep; /* Entry Point Address */ __be32 ih_dcrc; /* Image Data CRC Checksum */ uint8_t ih_os; /* Operating System */ uint8_t ih_arch; /* CPU architecture */ uint8_t ih_type; /* Image Type */ uint8_t ih_comp; /* Compression Type */ uint8_t ih_name[IH_NMLEN]; /* Image Name */ } image_header_t; typedef struct image_info { ulong start, end; /* start/end of blob */ ulong image_start, image_len; /* start of image within blob, len of image */ ulong load; /* load addr for the image */ uint8_t comp, type, os; /* compression, type of image, os type */ } image_info_t; /* * Legacy and FIT format headers used by do_bootm() and do_bootm_<os>() * routines. */ typedef struct bootm_headers { /* * Legacy os image header, if it is a multi component image * then boot_get_ramdisk() and get_fdt() will attempt to get * data from second and third component accordingly. */ image_header_t *legacy_hdr_os; /* image header pointer */ image_header_t legacy_hdr_os_copy; /* header copy */ ulong legacy_hdr_valid; #if defined(CONFIG_FIT) const char *fit_uname_cfg; /* configuration node unit name */ void *fit_hdr_os; /* os FIT image header */ const char *fit_uname_os; /* os subimage node unit name */ int fit_noffset_os; /* os subimage node offset */ void *fit_hdr_rd; /* init ramdisk FIT image header */ const char *fit_uname_rd; /* init ramdisk subimage node unit name */ int fit_noffset_rd; /* init ramdisk subimage node offset */ void *fit_hdr_fdt; /* FDT blob FIT image header */ const char *fit_uname_fdt; /* FDT blob subimage node unit name */ int fit_noffset_fdt;/* FDT blob subimage node offset */ #endif #ifndef USE_HOSTCC image_info_t os; /* os image info */ ulong ep; /* entry point of OS */ ulong rd_start, rd_end;/* ramdisk start/end */ char *ft_addr; /* flat dev tree address */ ulong ft_len; /* length of flat device tree */ ulong initrd_start; ulong initrd_end; ulong cmdline_start; ulong cmdline_end; bd_t *kbd; #endif int verify; /* getenv("verify")[0] != 'n' */ #define BOOTM_STATE_START (0x00000001) #define BOOTM_STATE_FINDOS (0x00000002) #define BOOTM_STATE_FINDOTHER (0x00000004) #define BOOTM_STATE_LOADOS (0x00000008) #define BOOTM_STATE_RAMDISK (0x00000010) #define BOOTM_STATE_FDT (0x00000020) #define BOOTM_STATE_OS_CMDLINE (0x00000040) #define BOOTM_STATE_OS_BD_T (0x00000080) #define BOOTM_STATE_OS_PREP (0x00000100) #define BOOTM_STATE_OS_FAKE_GO (0x00000200) /* 'Almost' run the OS */ #define BOOTM_STATE_OS_GO (0x00000400) int state; #ifdef CONFIG_LMB struct lmb lmb; /* for memory mgmt */ #endif } bootm_headers_t; extern bootm_headers_t images; /* * Some systems (for example LWMON) have very short watchdog periods; * we must make sure to split long operations like memmove() or * checksum calculations into reasonable chunks. */ #ifndef CHUNKSZ #define CHUNKSZ (64 * 1024) #endif #ifndef CHUNKSZ_CRC32 #define CHUNKSZ_CRC32 (64 * 1024) #endif #ifndef CHUNKSZ_MD5 #define CHUNKSZ_MD5 (64 * 1024) #endif #ifndef CHUNKSZ_SHA1 #define CHUNKSZ_SHA1 (64 * 1024) #endif #define uimage_to_cpu(x) be32_to_cpu(x) #define cpu_to_uimage(x) cpu_to_be32(x) /* * Translation table for entries of a specific type; used by * get_table_entry_id() and get_table_entry_name(). */ typedef struct table_entry { int id; char *sname; /* short (input) name to find table entry */ char *lname; /* long (output) name to print for messages */ } table_entry_t; /* * get_table_entry_id() scans the translation table trying to find an * entry that matches the given short name. If a matching entry is * found, it's id is returned to the caller. */ int get_table_entry_id(const table_entry_t *table, const char *table_name, const char *name); /* * get_table_entry_name() scans the translation table trying to find * an entry that matches the given id. If a matching entry is found, * its long name is returned to the caller. */ char *get_table_entry_name(const table_entry_t *table, char *msg, int id); const char *genimg_get_os_name(uint8_t os); const char *genimg_get_arch_name(uint8_t arch); const char *genimg_get_type_name(uint8_t type); const char *genimg_get_comp_name(uint8_t comp); int genimg_get_os_id(const char *name); int genimg_get_arch_id(const char *name); int genimg_get_type_id(const char *name); int genimg_get_comp_id(const char *name); void genimg_print_size(uint32_t size); #if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || \ defined(USE_HOSTCC) #define IMAGE_ENABLE_TIMESTAMP 1 #else #define IMAGE_ENABLE_TIMESTAMP 0 #endif void genimg_print_time(time_t timestamp); /* What to do with a image load address ('load = <> 'in the FIT) */ enum fit_load_op { FIT_LOAD_IGNORED, /* Ignore load address */ FIT_LOAD_OPTIONAL, /* Can be provided, but optional */ FIT_LOAD_REQUIRED, /* Must be provided */ }; #ifndef USE_HOSTCC /* Image format types, returned by _get_format() routine */ #define IMAGE_FORMAT_INVALID 0x00 #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */ #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */ int genimg_get_format(const void *img_addr); int genimg_has_config(bootm_headers_t *images); ulong genimg_get_image(ulong img_addr); int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images, uint8_t arch, ulong *rd_start, ulong *rd_end); /** * fit_image_load() - load an image from a FIT * * This deals with all aspects of loading an image from a FIT, including * selecting the right image based on configuration, verifying it, printing * out progress messages, checking the type/arch/os and optionally copying it * to the right load address. * * @param images Boot images structure * @param prop_name Property name to look up (FIT_..._PROP) * @param addr Address of FIT in memory * @param fit_unamep On entry this is the requested image name * (e.g. "kernel@1") or NULL to use the default. On exit * points to the selected image name * @param fit_uname_configp On entry this is the requested configuration * name (e.g. "conf@1") or NULL to use the default. On * exit points to the selected configuration name. * @param arch Expected architecture (IH_ARCH_...) * @param image_type Required image type (IH_TYPE_...). If this is * IH_TYPE_KERNEL then we allow IH_TYPE_KERNEL_NOLOAD * also. * @param bootstage_id ID of starting bootstage to use for progress updates. * This will be added to the BOOTSTAGE_SUB values when * calling bootstage_mark() * @param load_op Decribes what to do with the load address * @param datap Returns address of loaded image * @param lenp Returns length of loaded image */ int fit_image_load(bootm_headers_t *images, const char *prop_name, ulong addr, const char **fit_unamep, const char **fit_uname_configp, int arch, int image_type, int bootstage_id, enum fit_load_op load_op, ulong *datap, ulong *lenp); /** * fit_get_node_from_config() - Look up an image a FIT by type * * This looks in the selected conf@ node (images->fit_uname_cfg) for a * particular image type (e.g. "kernel") and then finds the image that is * referred to. * * For example, for something like: * * images { * kernel@1 { * ... * }; * }; * configurations { * conf@1 { * kernel = "kernel@1"; * }; * }; * * the function will return the node offset of the kernel@1 node, assuming * that conf@1 is the chosen configuration. * * @param images Boot images structure * @param prop_name Property name to look up (FIT_..._PROP) * @param addr Address of FIT in memory */ int fit_get_node_from_config(bootm_headers_t *images, const char *prop_name, ulong addr); int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch, bootm_headers_t *images, char **of_flat_tree, ulong *of_size); void boot_fdt_add_mem_rsv_regions(struct lmb *lmb, void *fdt_blob); int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size); int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len, ulong *initrd_start, ulong *initrd_end); int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end); #ifdef CONFIG_SYS_BOOT_GET_KBD int boot_get_kbd(struct lmb *lmb, bd_t **kbd); #endif /* CONFIG_SYS_BOOT_GET_KBD */ #endif /* !USE_HOSTCC */ /*******************************************************************/ /* Legacy format specific code (prefixed with image_) */ /*******************************************************************/ static inline uint32_t image_get_header_size(void) { return (sizeof(image_header_t)); } #define image_get_hdr_l(f) \ static inline uint32_t image_get_##f(const image_header_t *hdr) \ { \ return uimage_to_cpu(hdr->ih_##f); \ } image_get_hdr_l(magic) /* image_get_magic */ image_get_hdr_l(hcrc) /* image_get_hcrc */ image_get_hdr_l(time) /* image_get_time */ image_get_hdr_l(size) /* image_get_size */ image_get_hdr_l(load) /* image_get_load */ image_get_hdr_l(ep) /* image_get_ep */ image_get_hdr_l(dcrc) /* image_get_dcrc */ #define image_get_hdr_b(f) \ static inline uint8_t image_get_##f(const image_header_t *hdr) \ { \ return hdr->ih_##f; \ } image_get_hdr_b(os) /* image_get_os */ image_get_hdr_b(arch) /* image_get_arch */ image_get_hdr_b(type) /* image_get_type */ image_get_hdr_b(comp) /* image_get_comp */ static inline char *image_get_name(const image_header_t *hdr) { return (char *)hdr->ih_name; } static inline uint32_t image_get_data_size(const image_header_t *hdr) { return image_get_size(hdr); } /** * image_get_data - get image payload start address * @hdr: image header * * image_get_data() returns address of the image payload. For single * component images it is image data start. For multi component * images it points to the null terminated table of sub-images sizes. * * returns: * image payload data start address */ static inline ulong image_get_data(const image_header_t *hdr) { return ((ulong)hdr + image_get_header_size()); } static inline uint32_t image_get_image_size(const image_header_t *hdr) { return (image_get_size(hdr) + image_get_header_size()); } static inline ulong image_get_image_end(const image_header_t *hdr) { return ((ulong)hdr + image_get_image_size(hdr)); } #define image_set_hdr_l(f) \ static inline void image_set_##f(image_header_t *hdr, uint32_t val) \ { \ hdr->ih_##f = cpu_to_uimage(val); \ } image_set_hdr_l(magic) /* image_set_magic */ image_set_hdr_l(hcrc) /* image_set_hcrc */ image_set_hdr_l(time) /* image_set_time */ image_set_hdr_l(size) /* image_set_size */ image_set_hdr_l(load) /* image_set_load */ image_set_hdr_l(ep) /* image_set_ep */ image_set_hdr_l(dcrc) /* image_set_dcrc */ #define image_set_hdr_b(f) \ static inline void image_set_##f(image_header_t *hdr, uint8_t val) \ { \ hdr->ih_##f = val; \ } image_set_hdr_b(os) /* image_set_os */ image_set_hdr_b(arch) /* image_set_arch */ image_set_hdr_b(type) /* image_set_type */ image_set_hdr_b(comp) /* image_set_comp */ static inline void image_set_name(image_header_t *hdr, const char *name) { strncpy(image_get_name(hdr), name, IH_NMLEN); } int image_check_hcrc(const image_header_t *hdr); int image_check_dcrc(const image_header_t *hdr); #ifndef USE_HOSTCC ulong getenv_bootm_low(void); phys_size_t getenv_bootm_size(void); phys_size_t getenv_bootm_mapsize(void); void memmove_wd(void *to, void *from, size_t len, ulong chunksz); #endif static inline int image_check_magic(const image_header_t *hdr) { return (image_get_magic(hdr) == IH_MAGIC); } static inline int image_check_type(const image_header_t *hdr, uint8_t type) { return (image_get_type(hdr) == type); } static inline int image_check_arch(const image_header_t *hdr, uint8_t arch) { return (image_get_arch(hdr) == arch); } static inline int image_check_os(const image_header_t *hdr, uint8_t os) { return (image_get_os(hdr) == os); } ulong image_multi_count(const image_header_t *hdr); void image_multi_getimg(const image_header_t *hdr, ulong idx, ulong *data, ulong *len); void image_print_contents(const void *hdr); #ifndef USE_HOSTCC static inline int image_check_target_arch(const image_header_t *hdr) { #ifndef IH_ARCH_DEFAULT # error "please define IH_ARCH_DEFAULT in your arch asm/u-boot.h" #endif return image_check_arch(hdr, IH_ARCH_DEFAULT); } #endif /* USE_HOSTCC */ /** * Set up properties in the FDT * * This sets up properties in the FDT that is to be passed to linux. * * @images: Images information * @blob: FDT to update * @of_size: Size of the FDT * @lmb: Points to logical memory block structure * @return 0 if ok, <0 on failure */ int image_setup_libfdt(bootm_headers_t *images, void *blob, int of_size, struct lmb *lmb); /** * Set up the FDT to use for booting a kernel * * This performs ramdisk setup, sets up the FDT if required, and adds * paramters to the FDT if libfdt is available. * * @param images Images information * @return 0 if ok, <0 on failure */ int image_setup_linux(bootm_headers_t *images); /** * bootz_setup() - Extract stat and size of a Linux xImage * * @image: Address of image * @start: Returns start address of image * @end : Returns end address of image * @return 0 if OK, 1 if the image was not recognised */ int bootz_setup(ulong image, ulong *start, ulong *end); /*******************************************************************/ /* New uImage format specific code (prefixed with fit_) */ /*******************************************************************/ #if defined(CONFIG_FIT) #define FIT_IMAGES_PATH "/images" #define FIT_CONFS_PATH "/configurations" /* hash/signature node */ #define FIT_HASH_NODENAME "hash" #define FIT_ALGO_PROP "algo" #define FIT_VALUE_PROP "value" #define FIT_IGNORE_PROP "uboot-ignore" #define FIT_SIG_NODENAME "signature" /* image node */ #define FIT_DATA_PROP "data" #define FIT_TIMESTAMP_PROP "timestamp" #define FIT_DESC_PROP "description" #define FIT_ARCH_PROP "arch" #define FIT_TYPE_PROP "type" #define FIT_OS_PROP "os" #define FIT_COMP_PROP "compression" #define FIT_ENTRY_PROP "entry" #define FIT_LOAD_PROP "load" /* configuration node */ #define FIT_KERNEL_PROP "kernel" #define FIT_RAMDISK_PROP "ramdisk" #define FIT_FDT_PROP "fdt" #define FIT_DEFAULT_PROP "default" #define FIT_MAX_HASH_LEN 20 /* max(crc32_len(4), sha1_len(20)) */ /* cmdline argument format parsing */ int fit_parse_conf(const char *spec, ulong addr_curr, ulong *addr, const char **conf_name); int fit_parse_subimage(const char *spec, ulong addr_curr, ulong *addr, const char **image_name); void fit_print_contents(const void *fit); void fit_image_print(const void *fit, int noffset, const char *p); /** * fit_get_end - get FIT image size * @fit: pointer to the FIT format image header * * returns: * size of the FIT image (blob) in memory */ static inline ulong fit_get_size(const void *fit) { return fdt_totalsize(fit); } /** * fit_get_end - get FIT image end * @fit: pointer to the FIT format image header * * returns: * end address of the FIT image (blob) in memory */ static inline ulong fit_get_end(const void *fit) { return (ulong)fit + fdt_totalsize(fit); } /** * fit_get_name - get FIT node name * @fit: pointer to the FIT format image header * * returns: * NULL, on error * pointer to node name, on success */ static inline const char *fit_get_name(const void *fit_hdr, int noffset, int *len) { return fdt_get_name(fit_hdr, noffset, len); } int fit_get_desc(const void *fit, int noffset, char **desc); int fit_get_timestamp(const void *fit, int noffset, time_t *timestamp); int fit_image_get_node(const void *fit, const char *image_uname); int fit_image_get_os(const void *fit, int noffset, uint8_t *os); int fit_image_get_arch(const void *fit, int noffset, uint8_t *arch); int fit_image_get_type(const void *fit, int noffset, uint8_t *type); int fit_image_get_comp(const void *fit, int noffset, uint8_t *comp); int fit_image_get_load(const void *fit, int noffset, ulong *load); int fit_image_get_entry(const void *fit, int noffset, ulong *entry); int fit_image_get_data(const void *fit, int noffset, const void **data, size_t *size); int fit_image_hash_get_algo(const void *fit, int noffset, char **algo); int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, int *value_len); int fit_set_timestamp(void *fit, int noffset, time_t timestamp); /** * fit_add_verification_data() - add verification data to FIT image nodes * * @keydir: Directory containing keys * @kwydest: FDT blob to write public key information to * @fit: Pointer to the FIT format image header * @comment: Comment to add to signature nodes * @require_keys: Mark all keys as 'required' * * Adds hash values for all component images in the FIT blob. * Hashes are calculated for all component images which have hash subnodes * with algorithm property set to one of the supported hash algorithms. * * Also add signatures if signature nodes are present. * * returns * 0, on success * libfdt error code, on failure */ int fit_add_verification_data(const char *keydir, void *keydest, void *fit, const char *comment, int require_keys); int fit_image_verify(const void *fit, int noffset); int fit_config_verify(const void *fit, int conf_noffset); int fit_all_image_verify(const void *fit); int fit_image_check_os(const void *fit, int noffset, uint8_t os); int fit_image_check_arch(const void *fit, int noffset, uint8_t arch); int fit_image_check_type(const void *fit, int noffset, uint8_t type); int fit_image_check_comp(const void *fit, int noffset, uint8_t comp); int fit_check_format(const void *fit); int fit_conf_find_compat(const void *fit, const void *fdt); int fit_conf_get_node(const void *fit, const char *conf_uname); /** * fit_conf_get_prop_node() - Get node refered to by a configuration * @fit: FIT to check * @noffset: Offset of conf@xxx node to check * @prop_name: Property to read from the conf node * * The conf@ nodes contain references to other nodes, using properties * like 'kernel = "kernel@1"'. Given such a property name (e.g. "kernel"), * return the offset of the node referred to (e.g. offset of node * "/images/kernel@1". */ int fit_conf_get_prop_node(const void *fit, int noffset, const char *prop_name); void fit_conf_print(const void *fit, int noffset, const char *p); int fit_check_ramdisk(const void *fit, int os_noffset, uint8_t arch, int verify); int calculate_hash(const void *data, int data_len, const char *algo, uint8_t *value, int *value_len); /* * At present we only support signing on the host, and verification on the * device */ #if defined(CONFIG_FIT_SIGNATURE) # ifdef USE_HOSTCC # define IMAGE_ENABLE_SIGN 1 # define IMAGE_ENABLE_VERIFY 1 # include <openssl/evp.h> #else # define IMAGE_ENABLE_SIGN 0 # define IMAGE_ENABLE_VERIFY 1 # endif #else # define IMAGE_ENABLE_SIGN 0 # define IMAGE_ENABLE_VERIFY 0 #endif #ifdef USE_HOSTCC void *image_get_host_blob(void); void image_set_host_blob(void *host_blob); # define gd_fdt_blob() image_get_host_blob() #else # define gd_fdt_blob() (gd->fdt_blob) #endif #ifdef CONFIG_FIT_BEST_MATCH #define IMAGE_ENABLE_BEST_MATCH 1 #else #define IMAGE_ENABLE_BEST_MATCH 0 #endif /* Information passed to the signing routines */ struct image_sign_info { const char *keydir; /* Directory conaining keys */ const char *keyname; /* Name of key to use */ void *fit; /* Pointer to FIT blob */ int node_offset; /* Offset of signature node */ struct image_sig_algo *algo; /* Algorithm information */ const void *fdt_blob; /* FDT containing public keys */ int required_keynode; /* Node offset of key to use: -1=any */ const char *require_keys; /* Value for 'required' property */ }; /* A part of an image, used for hashing */ struct image_region { const void *data; int size; }; #if IMAGE_ENABLE_VERIFY # include <rsa-checksum.h> #endif struct checksum_algo { const char *name; const int checksum_len; const int pad_len; #if IMAGE_ENABLE_SIGN const EVP_MD *(*calculate_sign)(void); #endif void (*calculate)(const struct image_region region[], int region_count, uint8_t *checksum); const uint8_t *rsa_padding; }; struct image_sig_algo { const char *name; /* Name of algorithm */ /** * sign() - calculate and return signature for given input data * * @info: Specifies key and FIT information * @data: Pointer to the input data * @data_len: Data length * @sigp: Set to an allocated buffer holding the signature * @sig_len: Set to length of the calculated hash * * This computes input data signature according to selected algorithm. * Resulting signature value is placed in an allocated buffer, the * pointer is returned as *sigp. The length of the calculated * signature is returned via the sig_len pointer argument. The caller * should free *sigp. * * @return: 0, on success, -ve on error */ int (*sign)(struct image_sign_info *info, const struct image_region region[], int region_count, uint8_t **sigp, uint *sig_len); /** * add_verify_data() - Add verification information to FDT * * Add public key information to the FDT node, suitable for * verification at run-time. The information added depends on the * algorithm being used. * * @info: Specifies key and FIT information * @keydest: Destination FDT blob for public key data * @return: 0, on success, -ve on error */ int (*add_verify_data)(struct image_sign_info *info, void *keydest); /** * verify() - Verify a signature against some data * * @info: Specifies key and FIT information * @data: Pointer to the input data * @data_len: Data length * @sig: Signature * @sig_len: Number of bytes in signature * @return 0 if verified, -ve on error */ int (*verify)(struct image_sign_info *info, const struct image_region region[], int region_count, uint8_t *sig, uint sig_len); /* pointer to checksum algorithm */ struct checksum_algo *checksum; }; /** * image_get_sig_algo() - Look up a signature algortihm * * @param name Name of algorithm * @return pointer to algorithm information, or NULL if not found */ struct image_sig_algo *image_get_sig_algo(const char *name); /** * fit_image_verify_required_sigs() - Verify signatures marked as 'required' * * @fit: FIT to check * @image_noffset: Offset of image node to check * @data: Image data to check * @size: Size of image data * @sig_blob: FDT containing public keys * @no_sigsp: Returns 1 if no signatures were required, and * therefore nothing was checked. The caller may wish * to fall back to other mechanisms, or refuse to * boot. * @return 0 if all verified ok, <0 on error */ int fit_image_verify_required_sigs(const void *fit, int image_noffset, const char *data, size_t size, const void *sig_blob, int *no_sigsp); /** * fit_image_check_sig() - Check a single image signature node * * @fit: FIT to check * @noffset: Offset of signature node to check * @data: Image data to check * @size: Size of image data * @required_keynode: Offset in the control FDT of the required key node, * if any. If this is given, then the image wil not * pass verification unless that key is used. If this is * -1 then any signature will do. * @err_msgp: In the event of an error, this will be pointed to a * help error string to display to the user. * @return 0 if all verified ok, <0 on error */ int fit_image_check_sig(const void *fit, int noffset, const void *data, size_t size, int required_keynode, char **err_msgp); /** * fit_region_make_list() - Make a list of regions to hash * * Given a list of FIT regions (offset, size) provided by libfdt, create * a list of regions (void *, size) for use by the signature creationg * and verification code. * * @fit: FIT image to process * @fdt_regions: Regions as returned by libfdt * @count: Number of regions returned by libfdt * @region: Place to put list of regions (NULL to allocate it) * @return pointer to list of regions, or NULL if out of memory */ struct image_region *fit_region_make_list(const void *fit, struct fdt_region *fdt_regions, int count, struct image_region *region); static inline int fit_image_check_target_arch(const void *fdt, int node) { #ifndef USE_HOSTCC return fit_image_check_arch(fdt, node, IH_ARCH_DEFAULT); #else return 0; #endif } #ifdef CONFIG_FIT_VERBOSE #define fit_unsupported(msg) printf("! %s:%d " \ "FIT images not supported for '%s'\n", \ __FILE__, __LINE__, (msg)) #define fit_unsupported_reset(msg) printf("! %s:%d " \ "FIT images not supported for '%s' " \ "- must reset board to recover!\n", \ __FILE__, __LINE__, (msg)) #else #define fit_unsupported(msg) #define fit_unsupported_reset(msg) #endif /* CONFIG_FIT_VERBOSE */ #endif /* CONFIG_FIT */ #endif /* __IMAGE_H__ */