Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / f7ae49fc4f363a803dab3be078e93ead8e75a8e9 / . / board / xilinx / zynq / cmds.c
blob: 10984662b6837784b1e230d7f0762eb7c70bb843 [file] [log] [blame]
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright (C) 2018 Xilinx, Inc.
4 */
5
6#include <common.h>
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]7#include <command.h>
Simon Glassf7ae49f2020-05-10 11:40:05 -0600[diff] [blame^]8#include <log.h>
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]9#include <asm/io.h>
10#include <asm/arch/hardware.h>
11#include <asm/arch/sys_proto.h>
12#include <malloc.h>
13#include <u-boot/md5.h>
14#include <u-boot/rsa.h>
15#include <u-boot/rsa-mod-exp.h>
16#include <u-boot/sha256.h>
17#include <zynqpl.h>
18#include <fpga.h>
19#include <zynq_bootimg.h>
20
21DECLARE_GLOBAL_DATA_PTR;
22
23#ifdef CONFIG_CMD_ZYNQ_RSA
24
25#define ZYNQ_EFUSE_RSA_ENABLE_MASK 0x400
26#define ZYNQ_ATTRIBUTE_PL_IMAGE_MASK 0x20
27#define ZYNQ_ATTRIBUTE_CHECKSUM_TYPE_MASK 0x7000
28#define ZYNQ_ATTRIBUTE_RSA_PRESENT_MASK 0x8000
29#define ZYNQ_ATTRIBUTE_RSA_PART_OWNER_MASK 0x30000
30
31#define ZYNQ_RSA_MODULAR_SIZE 256
32#define ZYNQ_RSA_MODULAR_EXT_SIZE 256
33#define ZYNQ_RSA_EXPO_SIZE 64
34#define ZYNQ_RSA_SPK_SIGNATURE_SIZE 256
35#define ZYNQ_RSA_PARTITION_SIGNATURE_SIZE 256
36#define ZYNQ_RSA_SIGNATURE_SIZE 0x6C0
37#define ZYNQ_RSA_HEADER_SIZE 4
38#define ZYNQ_RSA_MAGIC_WORD_SIZE 60
39#define ZYNQ_RSA_PART_OWNER_UBOOT 1
40#define ZYNQ_RSA_ALIGN_PPK_START 64
41
42#define WORD_LENGTH_SHIFT 2
43
44static u8 *ppkmodular;
45static u8 *ppkmodularex;
46
47struct zynq_rsa_public_key {
48 uint len; /* Length of modulus[] in number of u32 */
49 u32 n0inv; /* -1 / modulus[0] mod 2^32 */
50 u32 *modulus; /* modulus as little endian array */
51 u32 *rr; /* R^2 as little endian array */
52};
53
54static struct zynq_rsa_public_key public_key;
55
56static struct partition_hdr part_hdr[ZYNQ_MAX_PARTITION_NUMBER];
57
58/*
59 * Extract the primary public key components from already autheticated FSBL
60 */
61static void zynq_extract_ppk(u32 fsbl_len)
62{
63 u32 padsize;
64 u8 *ppkptr;
65
66 debug("%s\n", __func__);
67
68 /*
69 * Extract the authenticated PPK from OCM i.e at end of the FSBL
70 */
71 ppkptr = (u8 *)(fsbl_len + ZYNQ_OCM_BASEADDR);
72 padsize = ((u32)ppkptr % ZYNQ_RSA_ALIGN_PPK_START);
73 if (padsize)
74 ppkptr += (ZYNQ_RSA_ALIGN_PPK_START - padsize);
75
76 ppkptr += ZYNQ_RSA_HEADER_SIZE;
77
78 ppkptr += ZYNQ_RSA_MAGIC_WORD_SIZE;
79
80 ppkmodular = (u8 *)ppkptr;
81 ppkptr += ZYNQ_RSA_MODULAR_SIZE;
82 ppkmodularex = (u8 *)ppkptr;
83 ppkptr += ZYNQ_RSA_MODULAR_EXT_SIZE;
84}
85
86/*
87 * Calculate the inverse(-1 / modulus[0] mod 2^32 ) for the PPK
88 */
89static u32 zynq_calc_inv(void)
90{
91 u32 modulus = public_key.modulus[0];
92 u32 tmp = BIT(1);
93 u32 inverse;
94
95 inverse = modulus & BIT(0);
96
97 while (tmp) {
98 inverse *= 2 - modulus * inverse;
99 tmp *= tmp;
100 }
101
102 return ~(inverse - 1);
103}
104
105/*
106 * Recreate the signature by padding the bytes and verify with hash value
107 */
108static int zynq_pad_and_check(u8 *signature, u8 *hash)
109{
110 u8 padding[] = {0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48,
111 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04,
112 0x20};
113 u8 *pad_ptr = signature + 256;
114 u32 pad = 202;
115 u32 ii;
116
117 /*
118 * Re-Create PKCS#1v1.5 Padding
119 * MSB ----------------------------------------------------LSB
120 * 0x0 || 0x1 || 0xFF(for 202 bytes) || 0x0 || T_padding || SHA256 Hash
121 */
122 if (*--pad_ptr != 0 || *--pad_ptr != 1)
123 return -1;
124
125 for (ii = 0; ii < pad; ii++) {
126 if (*--pad_ptr != 0xFF)
127 return -1;
128 }
129
130 if (*--pad_ptr != 0)
131 return -1;
132
133 for (ii = 0; ii < sizeof(padding); ii++) {
134 if (*--pad_ptr != padding[ii])
135 return -1;
136 }
137
138 for (ii = 0; ii < 32; ii++) {
139 if (*--pad_ptr != hash[ii])
140 return -1;
141 }
142 return 0;
143}
144
145/*
146 * Verify and extract the hash value from signature using the public key
147 * and compare it with calculated hash value.
148 */
149static int zynq_rsa_verify_key(const struct zynq_rsa_public_key *key,
150 const u8 *sig, const u32 sig_len, const u8 *hash)
151{
152 int status;
153 void *buf;
154
155 if (!key || !sig || !hash)
156 return -1;
157
158 if (sig_len != (key->len * sizeof(u32))) {
159 printf("Signature is of incorrect length %d\n", sig_len);
160 return -1;
161 }
162
163 /* Sanity check for stack size */
164 if (sig_len > ZYNQ_RSA_SPK_SIGNATURE_SIZE) {
165 printf("Signature length %u exceeds maximum %d\n", sig_len,
166 ZYNQ_RSA_SPK_SIGNATURE_SIZE);
167 return -1;
168 }
169
170 buf = malloc(sig_len);
171 if (!buf)
172 return -1;
173
174 memcpy(buf, sig, sig_len);
175
176 status = zynq_pow_mod((u32 *)key, (u32 *)buf);
177 if (status == -1) {
178 free(buf);
179 return status;
180 }
181
182 status = zynq_pad_and_check((u8 *)buf, (u8 *)hash);
183
184 free(buf);
185 return status;
186}
187
188/*
189 * Authenticate the partition
190 */
191static int zynq_authenticate_part(u8 *buffer, u32 size)
192{
193 u8 hash_signature[32];
194 u8 *spk_modular;
195 u8 *spk_modular_ex;
196 u8 *signature_ptr;
197 u32 status;
198
199 debug("%s\n", __func__);
200
201 signature_ptr = (u8 *)(buffer + size - ZYNQ_RSA_SIGNATURE_SIZE);
202
203 signature_ptr += ZYNQ_RSA_HEADER_SIZE;
204
205 signature_ptr += ZYNQ_RSA_MAGIC_WORD_SIZE;
206
207 ppkmodular = (u8 *)signature_ptr;
208 signature_ptr += ZYNQ_RSA_MODULAR_SIZE;
209 ppkmodularex = signature_ptr;
210 signature_ptr += ZYNQ_RSA_MODULAR_EXT_SIZE;
211 signature_ptr += ZYNQ_RSA_EXPO_SIZE;
212
213 sha256_csum_wd((const unsigned char *)signature_ptr,
214 (ZYNQ_RSA_MODULAR_EXT_SIZE + ZYNQ_RSA_EXPO_SIZE +
215 ZYNQ_RSA_MODULAR_SIZE),
216 (unsigned char *)hash_signature, 0x1000);
217
218 spk_modular = (u8 *)signature_ptr;
219 signature_ptr += ZYNQ_RSA_MODULAR_SIZE;
220 spk_modular_ex = (u8 *)signature_ptr;
221 signature_ptr += ZYNQ_RSA_MODULAR_EXT_SIZE;
222 signature_ptr += ZYNQ_RSA_EXPO_SIZE;
223
224 public_key.len = ZYNQ_RSA_MODULAR_SIZE / sizeof(u32);
225 public_key.modulus = (u32 *)ppkmodular;
226 public_key.rr = (u32 *)ppkmodularex;
227 public_key.n0inv = zynq_calc_inv();
228
229 status = zynq_rsa_verify_key(&public_key, signature_ptr,
230 ZYNQ_RSA_SPK_SIGNATURE_SIZE,
231 hash_signature);
232 if (status)
233 return status;
234
235 signature_ptr += ZYNQ_RSA_SPK_SIGNATURE_SIZE;
236
237 sha256_csum_wd((const unsigned char *)buffer,
238 (size - ZYNQ_RSA_PARTITION_SIGNATURE_SIZE),
239 (unsigned char *)hash_signature, 0x1000);
240
241 public_key.len = ZYNQ_RSA_MODULAR_SIZE / sizeof(u32);
242 public_key.modulus = (u32 *)spk_modular;
243 public_key.rr = (u32 *)spk_modular_ex;
244 public_key.n0inv = zynq_calc_inv();
245
246 return zynq_rsa_verify_key(&public_key, (u8 *)signature_ptr,
247 ZYNQ_RSA_PARTITION_SIGNATURE_SIZE,
248 (u8 *)hash_signature);
249}
250
251/*
252 * Parses the partition header and verfies the authenticated and
253 * encrypted image.
254 */
255static int zynq_verify_image(u32 src_ptr)
256{
257 u32 silicon_ver, image_base_addr, status;
258 u32 partition_num = 0;
259 u32 efuseval, srcaddr, size, fsbl_len;
260 struct partition_hdr *hdr_ptr;
261 u32 part_data_len, part_img_len, part_attr;
262 u32 part_load_addr, part_dst_addr, part_chksum_offset;
263 u32 part_start_addr, part_total_size, partitioncount;
264 bool encrypt_part_flag = false;
265 bool part_chksum_flag = false;
266 bool signed_part_flag = false;
267
268 image_base_addr = src_ptr;
269
270 silicon_ver = zynq_get_silicon_version();
271
272 /* RSA not supported in silicon versions 1.0 and 2.0 */
273 if (silicon_ver == 0 || silicon_ver == 1)
274 return -1;
275
276 zynq_get_partition_info(image_base_addr, &fsbl_len,
277 &part_hdr[0]);
278
279 /* Extract ppk if efuse was blown Otherwise return error */
280 efuseval = readl(&efuse_base->status);
281 if (!(efuseval & ZYNQ_EFUSE_RSA_ENABLE_MASK))
282 return -1;
283
284 zynq_extract_ppk(fsbl_len);
285
286 partitioncount = zynq_get_part_count(&part_hdr[0]);
287
288 /*
289 * As the first two partitions are related to fsbl,
290 * we can ignore those two in bootimage and the below
291 * code doesn't need to validate it as fsbl is already
292 * done by now
293 */
294 if (partitioncount <= 2 ||
295 partitioncount > ZYNQ_MAX_PARTITION_NUMBER)
296 return -1;
297
298 while (partition_num < partitioncount) {
299 if (((part_hdr[partition_num].partitionattr &
300 ZYNQ_ATTRIBUTE_RSA_PART_OWNER_MASK) >> 16) !=
301 ZYNQ_RSA_PART_OWNER_UBOOT) {
302 printf("UBOOT is not Owner for partition %d\n",
303 partition_num);
304 partition_num++;
305 continue;
306 }
307 hdr_ptr = &part_hdr[partition_num];
308 status = zynq_validate_hdr(hdr_ptr);
309 if (status)
310 return status;
311
312 part_data_len = hdr_ptr->datawordlen;
313 part_img_len = hdr_ptr->imagewordlen;
314 part_attr = hdr_ptr->partitionattr;
315 part_load_addr = hdr_ptr->loadaddr;
316 part_chksum_offset = hdr_ptr->checksumoffset;
317 part_start_addr = hdr_ptr->partitionstart;
318 part_total_size = hdr_ptr->partitionwordlen;
319
320 if (part_data_len != part_img_len) {
321 debug("Encrypted\n");
322 encrypt_part_flag = true;
323 }
324
325 if (part_attr & ZYNQ_ATTRIBUTE_CHECKSUM_TYPE_MASK)
326 part_chksum_flag = true;
327
328 if (part_attr & ZYNQ_ATTRIBUTE_RSA_PRESENT_MASK) {
329 debug("RSA Signed\n");
330 signed_part_flag = true;
331 size = part_total_size << WORD_LENGTH_SHIFT;
332 } else {
333 size = part_img_len;
334 }
335
336 if (!signed_part_flag && !part_chksum_flag) {
337 printf("Partition not signed & no chksum\n");
338 partition_num++;
339 continue;
340 }
341
342 srcaddr = image_base_addr +
343 (part_start_addr << WORD_LENGTH_SHIFT);
344
345 /*
346 * This validation is just for PS DDR.
347 * TODO: Update this for PL DDR check as well.
348 */
349 if (part_load_addr < gd->bd->bi_dram[0].start &&
350 ((part_load_addr + part_data_len) >
351 (gd->bd->bi_dram[0].start +
352 gd->bd->bi_dram[0].size))) {
353 printf("INVALID_LOAD_ADDRESS_FAIL\n");
354 return -1;
355 }
356
357 if (part_attr & ZYNQ_ATTRIBUTE_PL_IMAGE_MASK)
358 part_load_addr = srcaddr;
359 else
360 memcpy((u32 *)part_load_addr, (u32 *)srcaddr,
361 size);
362
363 if (part_chksum_flag) {
364 part_chksum_offset = image_base_addr +
365 (part_chksum_offset <<
366 WORD_LENGTH_SHIFT);
367 status = zynq_validate_partition(part_load_addr,
368 (part_total_size <<
369 WORD_LENGTH_SHIFT),
370 part_chksum_offset);
371 if (status != 0) {
372 printf("PART_CHKSUM_FAIL\n");
373 return -1;
374 }
375 debug("Partition Validation Done\n");
376 }
377
378 if (signed_part_flag) {
379 status = zynq_authenticate_part((u8 *)part_load_addr,
380 size);
381 if (status != 0) {
382 printf("AUTHENTICATION_FAIL\n");
383 return -1;
384 }
385 debug("Authentication Done\n");
386 }
387
388 if (encrypt_part_flag) {
389 debug("DECRYPTION\n");
390
391 part_dst_addr = part_load_addr;
392
393 if (part_attr & ZYNQ_ATTRIBUTE_PL_IMAGE_MASK) {
394 partition_num++;
395 continue;
396 }
397
398 status = zynq_decrypt_load(part_load_addr,
399 part_img_len,
400 part_dst_addr,
401 part_data_len);
402 if (status != 0) {
403 printf("DECRYPTION_FAIL\n");
404 return -1;
405 }
406 }
407 partition_num++;
408 }
409
410 return 0;
411}
412
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]413static int do_zynq_rsa(struct cmd_tbl *cmdtp, int flag, int argc,
414 char *const argv[])
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]415{
416 u32 src_ptr;
417 char *endp;
418
T Karthik Reddy958d1b12019-03-12 20:20:21 +0530[diff] [blame]419 if (argc != cmdtp->maxargs)
420 return CMD_RET_FAILURE;
421
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]422 src_ptr = simple_strtoul(argv[2], &endp, 16);
423 if (*argv[2] == 0 || *endp != 0)
424 return CMD_RET_USAGE;
T Karthik Reddy958d1b12019-03-12 20:20:21 +0530[diff] [blame]425
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]426 if (zynq_verify_image(src_ptr))
427 return CMD_RET_FAILURE;
428
429 return CMD_RET_SUCCESS;
430}
431#endif
432
433#ifdef CONFIG_CMD_ZYNQ_AES
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]434static int zynq_decrypt_image(struct cmd_tbl *cmdtp, int flag, int argc,
435 char *const argv[])
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]436{
437 char *endp;
438 u32 srcaddr, srclen, dstaddr, dstlen;
439 int status;
440
T Karthik Reddy958d1b12019-03-12 20:20:21 +0530[diff] [blame]441 if (argc < 5 && argc > cmdtp->maxargs)
442 return CMD_RET_USAGE;
443
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]444 srcaddr = simple_strtoul(argv[2], &endp, 16);
445 if (*argv[2] == 0 || *endp != 0)
446 return CMD_RET_USAGE;
447 srclen = simple_strtoul(argv[3], &endp, 16);
448 if (*argv[3] == 0 || *endp != 0)
449 return CMD_RET_USAGE;
450 dstaddr = simple_strtoul(argv[4], &endp, 16);
451 if (*argv[4] == 0 || *endp != 0)
452 return CMD_RET_USAGE;
453 dstlen = simple_strtoul(argv[5], &endp, 16);
454 if (*argv[5] == 0 || *endp != 0)
455 return CMD_RET_USAGE;
456
457 /*
458 * Roundup source and destination lengths to
459 * word size
460 */
461 if (srclen % 4)
462 srclen = roundup(srclen, 4);
463 if (dstlen % 4)
464 dstlen = roundup(dstlen, 4);
465
466 status = zynq_decrypt_load(srcaddr, srclen >> 2, dstaddr, dstlen >> 2);
467 if (status != 0)
468 return CMD_RET_FAILURE;
469
470 return CMD_RET_SUCCESS;
471}
472#endif
473
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]474static struct cmd_tbl zynq_commands[] = {
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]475#ifdef CONFIG_CMD_ZYNQ_RSA
476 U_BOOT_CMD_MKENT(rsa, 3, 1, do_zynq_rsa, "", ""),
477#endif
478#ifdef CONFIG_CMD_ZYNQ_AES
479 U_BOOT_CMD_MKENT(aes, 6, 1, zynq_decrypt_image, "", ""),
480#endif
481};
482
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]483static int do_zynq(struct cmd_tbl *cmdtp, int flag, int argc,
484 char *const argv[])
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]485{
Simon Glass09140112020-05-10 11:40:03 -0600[diff] [blame]486 struct cmd_tbl *zynq_cmd;
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]487 int ret;
488
489 if (!ARRAY_SIZE(zynq_commands)) {
490 puts("No zynq specific command enabled\n");
491 return CMD_RET_USAGE;
492 }
493
494 if (argc < 2)
495 return CMD_RET_USAGE;
496 zynq_cmd = find_cmd_tbl(argv[1], zynq_commands,
497 ARRAY_SIZE(zynq_commands));
T Karthik Reddy958d1b12019-03-12 20:20:21 +0530[diff] [blame]498 if (!zynq_cmd)
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]499 return CMD_RET_USAGE;
500
501 ret = zynq_cmd->cmd(zynq_cmd, flag, argc, argv);
502
503 return cmd_process_error(zynq_cmd, ret);
504}
505
Michal Simek0dc69f42018-11-19 15:46:04 +0100[diff] [blame]506#ifdef CONFIG_SYS_LONGHELP
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]507static char zynq_help_text[] =
508 ""
509#ifdef CONFIG_CMD_ZYNQ_RSA
510 "rsa <baseaddr> - Verifies the authenticated and encrypted\n"
511 " zynq images and loads them back to load\n"
512 " addresses as specified in BOOT image(BOOT.BIN)\n"
513#endif
514#ifdef CONFIG_CMD_ZYNQ_AES
515 "aes <srcaddr> <srclen> <dstaddr> <dstlen>\n"
516 " - Decrypts the encrypted image present in source\n"
517 " address and places the decrypted image at\n"
518 " destination address\n"
519#endif
520 ;
Michal Simek0dc69f42018-11-19 15:46:04 +0100[diff] [blame]521#endif
Siva Durga Prasad Paladugu37e3a362018-06-26 15:02:19 +0530[diff] [blame]522
523U_BOOT_CMD(zynq, 6, 0, do_zynq,
524 "Zynq specific commands", zynq_help_text
525);