Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0+ |
| 2 | /* |
| 3 | * Copyright (C) 2018 Xilinx, Inc. |
| 4 | */ |
| 5 | |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 6 | #include <command.h> |
Simon Glass | 0f2af88 | 2020-05-10 11:40:05 -0600 | [diff] [blame] | 7 | #include <log.h> |
Simon Glass | 3ba929a | 2020-10-30 21:38:53 -0600 | [diff] [blame] | 8 | #include <asm/global_data.h> |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 9 | #include <asm/io.h> |
| 10 | #include <asm/arch/hardware.h> |
| 11 | #include <asm/arch/sys_proto.h> |
| 12 | #include <malloc.h> |
Simon Glass | 4dcacfc | 2020-05-10 11:40:13 -0600 | [diff] [blame] | 13 | #include <linux/bitops.h> |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 14 | #include <u-boot/md5.h> |
| 15 | #include <u-boot/rsa.h> |
| 16 | #include <u-boot/rsa-mod-exp.h> |
| 17 | #include <u-boot/sha256.h> |
| 18 | #include <zynqpl.h> |
| 19 | #include <fpga.h> |
| 20 | #include <zynq_bootimg.h> |
| 21 | |
| 22 | DECLARE_GLOBAL_DATA_PTR; |
| 23 | |
| 24 | #ifdef CONFIG_CMD_ZYNQ_RSA |
| 25 | |
| 26 | #define ZYNQ_EFUSE_RSA_ENABLE_MASK 0x400 |
| 27 | #define ZYNQ_ATTRIBUTE_PL_IMAGE_MASK 0x20 |
| 28 | #define ZYNQ_ATTRIBUTE_CHECKSUM_TYPE_MASK 0x7000 |
| 29 | #define ZYNQ_ATTRIBUTE_RSA_PRESENT_MASK 0x8000 |
| 30 | #define ZYNQ_ATTRIBUTE_RSA_PART_OWNER_MASK 0x30000 |
| 31 | |
| 32 | #define ZYNQ_RSA_MODULAR_SIZE 256 |
| 33 | #define ZYNQ_RSA_MODULAR_EXT_SIZE 256 |
| 34 | #define ZYNQ_RSA_EXPO_SIZE 64 |
| 35 | #define ZYNQ_RSA_SPK_SIGNATURE_SIZE 256 |
| 36 | #define ZYNQ_RSA_PARTITION_SIGNATURE_SIZE 256 |
| 37 | #define ZYNQ_RSA_SIGNATURE_SIZE 0x6C0 |
| 38 | #define ZYNQ_RSA_HEADER_SIZE 4 |
| 39 | #define ZYNQ_RSA_MAGIC_WORD_SIZE 60 |
| 40 | #define ZYNQ_RSA_PART_OWNER_UBOOT 1 |
| 41 | #define ZYNQ_RSA_ALIGN_PPK_START 64 |
| 42 | |
| 43 | #define WORD_LENGTH_SHIFT 2 |
| 44 | |
| 45 | static u8 *ppkmodular; |
| 46 | static u8 *ppkmodularex; |
| 47 | |
| 48 | struct zynq_rsa_public_key { |
| 49 | uint len; /* Length of modulus[] in number of u32 */ |
| 50 | u32 n0inv; /* -1 / modulus[0] mod 2^32 */ |
| 51 | u32 *modulus; /* modulus as little endian array */ |
| 52 | u32 *rr; /* R^2 as little endian array */ |
| 53 | }; |
| 54 | |
| 55 | static struct zynq_rsa_public_key public_key; |
| 56 | |
| 57 | static struct partition_hdr part_hdr[ZYNQ_MAX_PARTITION_NUMBER]; |
| 58 | |
| 59 | /* |
| 60 | * Extract the primary public key components from already autheticated FSBL |
| 61 | */ |
| 62 | static void zynq_extract_ppk(u32 fsbl_len) |
| 63 | { |
| 64 | u32 padsize; |
| 65 | u8 *ppkptr; |
| 66 | |
| 67 | debug("%s\n", __func__); |
| 68 | |
| 69 | /* |
| 70 | * Extract the authenticated PPK from OCM i.e at end of the FSBL |
| 71 | */ |
| 72 | ppkptr = (u8 *)(fsbl_len + ZYNQ_OCM_BASEADDR); |
| 73 | padsize = ((u32)ppkptr % ZYNQ_RSA_ALIGN_PPK_START); |
| 74 | if (padsize) |
| 75 | ppkptr += (ZYNQ_RSA_ALIGN_PPK_START - padsize); |
| 76 | |
| 77 | ppkptr += ZYNQ_RSA_HEADER_SIZE; |
| 78 | |
| 79 | ppkptr += ZYNQ_RSA_MAGIC_WORD_SIZE; |
| 80 | |
| 81 | ppkmodular = (u8 *)ppkptr; |
| 82 | ppkptr += ZYNQ_RSA_MODULAR_SIZE; |
| 83 | ppkmodularex = (u8 *)ppkptr; |
| 84 | ppkptr += ZYNQ_RSA_MODULAR_EXT_SIZE; |
| 85 | } |
| 86 | |
| 87 | /* |
| 88 | * Calculate the inverse(-1 / modulus[0] mod 2^32 ) for the PPK |
| 89 | */ |
| 90 | static u32 zynq_calc_inv(void) |
| 91 | { |
| 92 | u32 modulus = public_key.modulus[0]; |
| 93 | u32 tmp = BIT(1); |
| 94 | u32 inverse; |
| 95 | |
| 96 | inverse = modulus & BIT(0); |
| 97 | |
| 98 | while (tmp) { |
| 99 | inverse *= 2 - modulus * inverse; |
| 100 | tmp *= tmp; |
| 101 | } |
| 102 | |
| 103 | return ~(inverse - 1); |
| 104 | } |
| 105 | |
| 106 | /* |
| 107 | * Recreate the signature by padding the bytes and verify with hash value |
| 108 | */ |
| 109 | static int zynq_pad_and_check(u8 *signature, u8 *hash) |
| 110 | { |
| 111 | u8 padding[] = {0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, |
| 112 | 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, |
| 113 | 0x20}; |
| 114 | u8 *pad_ptr = signature + 256; |
| 115 | u32 pad = 202; |
| 116 | u32 ii; |
| 117 | |
| 118 | /* |
| 119 | * Re-Create PKCS#1v1.5 Padding |
| 120 | * MSB ----------------------------------------------------LSB |
| 121 | * 0x0 || 0x1 || 0xFF(for 202 bytes) || 0x0 || T_padding || SHA256 Hash |
| 122 | */ |
| 123 | if (*--pad_ptr != 0 || *--pad_ptr != 1) |
| 124 | return -1; |
| 125 | |
| 126 | for (ii = 0; ii < pad; ii++) { |
| 127 | if (*--pad_ptr != 0xFF) |
| 128 | return -1; |
| 129 | } |
| 130 | |
| 131 | if (*--pad_ptr != 0) |
| 132 | return -1; |
| 133 | |
| 134 | for (ii = 0; ii < sizeof(padding); ii++) { |
| 135 | if (*--pad_ptr != padding[ii]) |
| 136 | return -1; |
| 137 | } |
| 138 | |
| 139 | for (ii = 0; ii < 32; ii++) { |
| 140 | if (*--pad_ptr != hash[ii]) |
| 141 | return -1; |
| 142 | } |
| 143 | return 0; |
| 144 | } |
| 145 | |
| 146 | /* |
| 147 | * Verify and extract the hash value from signature using the public key |
| 148 | * and compare it with calculated hash value. |
| 149 | */ |
| 150 | static int zynq_rsa_verify_key(const struct zynq_rsa_public_key *key, |
| 151 | const u8 *sig, const u32 sig_len, const u8 *hash) |
| 152 | { |
| 153 | int status; |
| 154 | void *buf; |
| 155 | |
| 156 | if (!key || !sig || !hash) |
| 157 | return -1; |
| 158 | |
| 159 | if (sig_len != (key->len * sizeof(u32))) { |
| 160 | printf("Signature is of incorrect length %d\n", sig_len); |
| 161 | return -1; |
| 162 | } |
| 163 | |
| 164 | /* Sanity check for stack size */ |
| 165 | if (sig_len > ZYNQ_RSA_SPK_SIGNATURE_SIZE) { |
| 166 | printf("Signature length %u exceeds maximum %d\n", sig_len, |
| 167 | ZYNQ_RSA_SPK_SIGNATURE_SIZE); |
| 168 | return -1; |
| 169 | } |
| 170 | |
| 171 | buf = malloc(sig_len); |
| 172 | if (!buf) |
| 173 | return -1; |
| 174 | |
| 175 | memcpy(buf, sig, sig_len); |
| 176 | |
| 177 | status = zynq_pow_mod((u32 *)key, (u32 *)buf); |
| 178 | if (status == -1) { |
| 179 | free(buf); |
| 180 | return status; |
| 181 | } |
| 182 | |
| 183 | status = zynq_pad_and_check((u8 *)buf, (u8 *)hash); |
| 184 | |
| 185 | free(buf); |
| 186 | return status; |
| 187 | } |
| 188 | |
| 189 | /* |
| 190 | * Authenticate the partition |
| 191 | */ |
| 192 | static int zynq_authenticate_part(u8 *buffer, u32 size) |
| 193 | { |
| 194 | u8 hash_signature[32]; |
| 195 | u8 *spk_modular; |
| 196 | u8 *spk_modular_ex; |
| 197 | u8 *signature_ptr; |
| 198 | u32 status; |
| 199 | |
| 200 | debug("%s\n", __func__); |
| 201 | |
| 202 | signature_ptr = (u8 *)(buffer + size - ZYNQ_RSA_SIGNATURE_SIZE); |
| 203 | |
| 204 | signature_ptr += ZYNQ_RSA_HEADER_SIZE; |
| 205 | |
| 206 | signature_ptr += ZYNQ_RSA_MAGIC_WORD_SIZE; |
| 207 | |
| 208 | ppkmodular = (u8 *)signature_ptr; |
| 209 | signature_ptr += ZYNQ_RSA_MODULAR_SIZE; |
| 210 | ppkmodularex = signature_ptr; |
| 211 | signature_ptr += ZYNQ_RSA_MODULAR_EXT_SIZE; |
| 212 | signature_ptr += ZYNQ_RSA_EXPO_SIZE; |
| 213 | |
| 214 | sha256_csum_wd((const unsigned char *)signature_ptr, |
| 215 | (ZYNQ_RSA_MODULAR_EXT_SIZE + ZYNQ_RSA_EXPO_SIZE + |
| 216 | ZYNQ_RSA_MODULAR_SIZE), |
| 217 | (unsigned char *)hash_signature, 0x1000); |
| 218 | |
| 219 | spk_modular = (u8 *)signature_ptr; |
| 220 | signature_ptr += ZYNQ_RSA_MODULAR_SIZE; |
| 221 | spk_modular_ex = (u8 *)signature_ptr; |
| 222 | signature_ptr += ZYNQ_RSA_MODULAR_EXT_SIZE; |
| 223 | signature_ptr += ZYNQ_RSA_EXPO_SIZE; |
| 224 | |
| 225 | public_key.len = ZYNQ_RSA_MODULAR_SIZE / sizeof(u32); |
| 226 | public_key.modulus = (u32 *)ppkmodular; |
| 227 | public_key.rr = (u32 *)ppkmodularex; |
| 228 | public_key.n0inv = zynq_calc_inv(); |
| 229 | |
| 230 | status = zynq_rsa_verify_key(&public_key, signature_ptr, |
| 231 | ZYNQ_RSA_SPK_SIGNATURE_SIZE, |
| 232 | hash_signature); |
| 233 | if (status) |
| 234 | return status; |
| 235 | |
| 236 | signature_ptr += ZYNQ_RSA_SPK_SIGNATURE_SIZE; |
| 237 | |
| 238 | sha256_csum_wd((const unsigned char *)buffer, |
| 239 | (size - ZYNQ_RSA_PARTITION_SIGNATURE_SIZE), |
| 240 | (unsigned char *)hash_signature, 0x1000); |
| 241 | |
| 242 | public_key.len = ZYNQ_RSA_MODULAR_SIZE / sizeof(u32); |
| 243 | public_key.modulus = (u32 *)spk_modular; |
| 244 | public_key.rr = (u32 *)spk_modular_ex; |
| 245 | public_key.n0inv = zynq_calc_inv(); |
| 246 | |
| 247 | return zynq_rsa_verify_key(&public_key, (u8 *)signature_ptr, |
| 248 | ZYNQ_RSA_PARTITION_SIGNATURE_SIZE, |
| 249 | (u8 *)hash_signature); |
| 250 | } |
| 251 | |
| 252 | /* |
| 253 | * Parses the partition header and verfies the authenticated and |
| 254 | * encrypted image. |
| 255 | */ |
| 256 | static int zynq_verify_image(u32 src_ptr) |
| 257 | { |
| 258 | u32 silicon_ver, image_base_addr, status; |
| 259 | u32 partition_num = 0; |
| 260 | u32 efuseval, srcaddr, size, fsbl_len; |
| 261 | struct partition_hdr *hdr_ptr; |
| 262 | u32 part_data_len, part_img_len, part_attr; |
| 263 | u32 part_load_addr, part_dst_addr, part_chksum_offset; |
| 264 | u32 part_start_addr, part_total_size, partitioncount; |
| 265 | bool encrypt_part_flag = false; |
| 266 | bool part_chksum_flag = false; |
| 267 | bool signed_part_flag = false; |
| 268 | |
| 269 | image_base_addr = src_ptr; |
| 270 | |
| 271 | silicon_ver = zynq_get_silicon_version(); |
| 272 | |
| 273 | /* RSA not supported in silicon versions 1.0 and 2.0 */ |
| 274 | if (silicon_ver == 0 || silicon_ver == 1) |
| 275 | return -1; |
| 276 | |
| 277 | zynq_get_partition_info(image_base_addr, &fsbl_len, |
| 278 | &part_hdr[0]); |
| 279 | |
| 280 | /* Extract ppk if efuse was blown Otherwise return error */ |
| 281 | efuseval = readl(&efuse_base->status); |
| 282 | if (!(efuseval & ZYNQ_EFUSE_RSA_ENABLE_MASK)) |
| 283 | return -1; |
| 284 | |
| 285 | zynq_extract_ppk(fsbl_len); |
| 286 | |
| 287 | partitioncount = zynq_get_part_count(&part_hdr[0]); |
| 288 | |
| 289 | /* |
| 290 | * As the first two partitions are related to fsbl, |
| 291 | * we can ignore those two in bootimage and the below |
| 292 | * code doesn't need to validate it as fsbl is already |
| 293 | * done by now |
| 294 | */ |
| 295 | if (partitioncount <= 2 || |
| 296 | partitioncount > ZYNQ_MAX_PARTITION_NUMBER) |
| 297 | return -1; |
| 298 | |
| 299 | while (partition_num < partitioncount) { |
| 300 | if (((part_hdr[partition_num].partitionattr & |
| 301 | ZYNQ_ATTRIBUTE_RSA_PART_OWNER_MASK) >> 16) != |
| 302 | ZYNQ_RSA_PART_OWNER_UBOOT) { |
| 303 | printf("UBOOT is not Owner for partition %d\n", |
| 304 | partition_num); |
| 305 | partition_num++; |
| 306 | continue; |
| 307 | } |
| 308 | hdr_ptr = &part_hdr[partition_num]; |
| 309 | status = zynq_validate_hdr(hdr_ptr); |
| 310 | if (status) |
| 311 | return status; |
| 312 | |
| 313 | part_data_len = hdr_ptr->datawordlen; |
| 314 | part_img_len = hdr_ptr->imagewordlen; |
| 315 | part_attr = hdr_ptr->partitionattr; |
| 316 | part_load_addr = hdr_ptr->loadaddr; |
| 317 | part_chksum_offset = hdr_ptr->checksumoffset; |
| 318 | part_start_addr = hdr_ptr->partitionstart; |
| 319 | part_total_size = hdr_ptr->partitionwordlen; |
| 320 | |
| 321 | if (part_data_len != part_img_len) { |
| 322 | debug("Encrypted\n"); |
| 323 | encrypt_part_flag = true; |
| 324 | } |
| 325 | |
| 326 | if (part_attr & ZYNQ_ATTRIBUTE_CHECKSUM_TYPE_MASK) |
| 327 | part_chksum_flag = true; |
| 328 | |
| 329 | if (part_attr & ZYNQ_ATTRIBUTE_RSA_PRESENT_MASK) { |
| 330 | debug("RSA Signed\n"); |
| 331 | signed_part_flag = true; |
| 332 | size = part_total_size << WORD_LENGTH_SHIFT; |
| 333 | } else { |
| 334 | size = part_img_len; |
| 335 | } |
| 336 | |
| 337 | if (!signed_part_flag && !part_chksum_flag) { |
| 338 | printf("Partition not signed & no chksum\n"); |
| 339 | partition_num++; |
| 340 | continue; |
| 341 | } |
| 342 | |
| 343 | srcaddr = image_base_addr + |
| 344 | (part_start_addr << WORD_LENGTH_SHIFT); |
| 345 | |
| 346 | /* |
| 347 | * This validation is just for PS DDR. |
| 348 | * TODO: Update this for PL DDR check as well. |
| 349 | */ |
| 350 | if (part_load_addr < gd->bd->bi_dram[0].start && |
| 351 | ((part_load_addr + part_data_len) > |
| 352 | (gd->bd->bi_dram[0].start + |
| 353 | gd->bd->bi_dram[0].size))) { |
| 354 | printf("INVALID_LOAD_ADDRESS_FAIL\n"); |
| 355 | return -1; |
| 356 | } |
| 357 | |
| 358 | if (part_attr & ZYNQ_ATTRIBUTE_PL_IMAGE_MASK) |
| 359 | part_load_addr = srcaddr; |
| 360 | else |
| 361 | memcpy((u32 *)part_load_addr, (u32 *)srcaddr, |
| 362 | size); |
| 363 | |
| 364 | if (part_chksum_flag) { |
| 365 | part_chksum_offset = image_base_addr + |
| 366 | (part_chksum_offset << |
| 367 | WORD_LENGTH_SHIFT); |
| 368 | status = zynq_validate_partition(part_load_addr, |
| 369 | (part_total_size << |
| 370 | WORD_LENGTH_SHIFT), |
| 371 | part_chksum_offset); |
| 372 | if (status != 0) { |
| 373 | printf("PART_CHKSUM_FAIL\n"); |
| 374 | return -1; |
| 375 | } |
| 376 | debug("Partition Validation Done\n"); |
| 377 | } |
| 378 | |
| 379 | if (signed_part_flag) { |
| 380 | status = zynq_authenticate_part((u8 *)part_load_addr, |
| 381 | size); |
| 382 | if (status != 0) { |
| 383 | printf("AUTHENTICATION_FAIL\n"); |
| 384 | return -1; |
| 385 | } |
| 386 | debug("Authentication Done\n"); |
| 387 | } |
| 388 | |
| 389 | if (encrypt_part_flag) { |
| 390 | debug("DECRYPTION\n"); |
| 391 | |
| 392 | part_dst_addr = part_load_addr; |
| 393 | |
| 394 | if (part_attr & ZYNQ_ATTRIBUTE_PL_IMAGE_MASK) { |
| 395 | partition_num++; |
| 396 | continue; |
| 397 | } |
| 398 | |
| 399 | status = zynq_decrypt_load(part_load_addr, |
| 400 | part_img_len, |
| 401 | part_dst_addr, |
Siva Durga Prasad Paladugu | c575058 | 2015-12-09 18:46:43 +0530 | [diff] [blame] | 402 | part_data_len, |
| 403 | BIT_NONE); |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 404 | if (status != 0) { |
| 405 | printf("DECRYPTION_FAIL\n"); |
| 406 | return -1; |
| 407 | } |
| 408 | } |
| 409 | partition_num++; |
| 410 | } |
| 411 | |
| 412 | return 0; |
| 413 | } |
| 414 | |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 415 | static int do_zynq_rsa(struct cmd_tbl *cmdtp, int flag, int argc, |
| 416 | char *const argv[]) |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 417 | { |
| 418 | u32 src_ptr; |
| 419 | char *endp; |
| 420 | |
T Karthik Reddy | 8fafec8 | 2019-03-12 20:20:21 +0530 | [diff] [blame] | 421 | if (argc != cmdtp->maxargs) |
| 422 | return CMD_RET_FAILURE; |
| 423 | |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 424 | src_ptr = hextoul(argv[2], &endp); |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 425 | if (*argv[2] == 0 || *endp != 0) |
| 426 | return CMD_RET_USAGE; |
T Karthik Reddy | 8fafec8 | 2019-03-12 20:20:21 +0530 | [diff] [blame] | 427 | |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 428 | if (zynq_verify_image(src_ptr)) |
| 429 | return CMD_RET_FAILURE; |
| 430 | |
| 431 | return CMD_RET_SUCCESS; |
| 432 | } |
| 433 | #endif |
| 434 | |
| 435 | #ifdef CONFIG_CMD_ZYNQ_AES |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 436 | static int zynq_decrypt_image(struct cmd_tbl *cmdtp, int flag, int argc, |
| 437 | char *const argv[]) |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 438 | { |
| 439 | char *endp; |
| 440 | u32 srcaddr, srclen, dstaddr, dstlen; |
| 441 | int status; |
Siva Durga Prasad Paladugu | c575058 | 2015-12-09 18:46:43 +0530 | [diff] [blame] | 442 | u8 imgtype = BIT_NONE; |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 443 | |
T Karthik Reddy | 8fafec8 | 2019-03-12 20:20:21 +0530 | [diff] [blame] | 444 | if (argc < 5 && argc > cmdtp->maxargs) |
| 445 | return CMD_RET_USAGE; |
| 446 | |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 447 | if (argc == 5) { |
| 448 | if (!strcmp("load", argv[2])) |
| 449 | imgtype = BIT_FULL; |
| 450 | else if (!strcmp("loadp", argv[2])) |
| 451 | imgtype = BIT_PARTIAL; |
| 452 | else |
| 453 | return CMD_RET_USAGE; |
| 454 | |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 455 | srcaddr = hextoul(argv[3], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 456 | if (*argv[3] == 0 || *endp != 0) |
| 457 | return CMD_RET_USAGE; |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 458 | srclen = hextoul(argv[4], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 459 | if (*argv[4] == 0 || *endp != 0) |
| 460 | return CMD_RET_USAGE; |
| 461 | |
| 462 | dstaddr = 0xFFFFFFFF; |
| 463 | dstlen = srclen; |
| 464 | } else { |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 465 | srcaddr = hextoul(argv[2], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 466 | if (*argv[2] == 0 || *endp != 0) |
| 467 | return CMD_RET_USAGE; |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 468 | srclen = hextoul(argv[3], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 469 | if (*argv[3] == 0 || *endp != 0) |
| 470 | return CMD_RET_USAGE; |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 471 | dstaddr = hextoul(argv[4], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 472 | if (*argv[4] == 0 || *endp != 0) |
| 473 | return CMD_RET_USAGE; |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 474 | dstlen = hextoul(argv[5], &endp); |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 475 | if (*argv[5] == 0 || *endp != 0) |
| 476 | return CMD_RET_USAGE; |
| 477 | } |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 478 | |
| 479 | /* |
| 480 | * Roundup source and destination lengths to |
| 481 | * word size |
| 482 | */ |
| 483 | if (srclen % 4) |
| 484 | srclen = roundup(srclen, 4); |
| 485 | if (dstlen % 4) |
| 486 | dstlen = roundup(dstlen, 4); |
| 487 | |
Siva Durga Prasad Paladugu | c575058 | 2015-12-09 18:46:43 +0530 | [diff] [blame] | 488 | status = zynq_decrypt_load(srcaddr, srclen >> 2, dstaddr, |
| 489 | dstlen >> 2, imgtype); |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 490 | if (status != 0) |
| 491 | return CMD_RET_FAILURE; |
| 492 | |
| 493 | return CMD_RET_SUCCESS; |
| 494 | } |
| 495 | #endif |
| 496 | |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 497 | static struct cmd_tbl zynq_commands[] = { |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 498 | #ifdef CONFIG_CMD_ZYNQ_RSA |
| 499 | U_BOOT_CMD_MKENT(rsa, 3, 1, do_zynq_rsa, "", ""), |
| 500 | #endif |
| 501 | #ifdef CONFIG_CMD_ZYNQ_AES |
| 502 | U_BOOT_CMD_MKENT(aes, 6, 1, zynq_decrypt_image, "", ""), |
| 503 | #endif |
| 504 | }; |
| 505 | |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 506 | static int do_zynq(struct cmd_tbl *cmdtp, int flag, int argc, |
| 507 | char *const argv[]) |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 508 | { |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 509 | struct cmd_tbl *zynq_cmd; |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 510 | int ret; |
| 511 | |
| 512 | if (!ARRAY_SIZE(zynq_commands)) { |
| 513 | puts("No zynq specific command enabled\n"); |
| 514 | return CMD_RET_USAGE; |
| 515 | } |
| 516 | |
| 517 | if (argc < 2) |
| 518 | return CMD_RET_USAGE; |
| 519 | zynq_cmd = find_cmd_tbl(argv[1], zynq_commands, |
| 520 | ARRAY_SIZE(zynq_commands)); |
T Karthik Reddy | 8fafec8 | 2019-03-12 20:20:21 +0530 | [diff] [blame] | 521 | if (!zynq_cmd) |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 522 | return CMD_RET_USAGE; |
| 523 | |
| 524 | ret = zynq_cmd->cmd(zynq_cmd, flag, argc, argv); |
| 525 | |
| 526 | return cmd_process_error(zynq_cmd, ret); |
| 527 | } |
| 528 | |
Tom Rini | 03f146c | 2023-10-07 15:13:08 -0400 | [diff] [blame] | 529 | U_BOOT_LONGHELP(zynq, |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 530 | "" |
| 531 | #ifdef CONFIG_CMD_ZYNQ_RSA |
| 532 | "rsa <baseaddr> - Verifies the authenticated and encrypted\n" |
| 533 | " zynq images and loads them back to load\n" |
| 534 | " addresses as specified in BOOT image(BOOT.BIN)\n" |
| 535 | #endif |
| 536 | #ifdef CONFIG_CMD_ZYNQ_AES |
| 537 | "aes <srcaddr> <srclen> <dstaddr> <dstlen>\n" |
| 538 | " - Decrypts the encrypted image present in source\n" |
| 539 | " address and places the decrypted image at\n" |
| 540 | " destination address\n" |
T Karthik Reddy | d09321f | 2019-03-12 20:20:22 +0530 | [diff] [blame] | 541 | "aes load <srcaddr> <srclen>\n" |
| 542 | "aes loadp <srcaddr> <srclen>\n" |
| 543 | " if operation type is load or loadp, it loads the encrypted\n" |
| 544 | " full or partial bitstream on to PL respectively.\n" |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 545 | #endif |
Tom Rini | 03f146c | 2023-10-07 15:13:08 -0400 | [diff] [blame] | 546 | ); |
Siva Durga Prasad Paladugu | e460352 | 2018-06-26 15:02:19 +0530 | [diff] [blame] | 547 | |
| 548 | U_BOOT_CMD(zynq, 6, 0, do_zynq, |
| 549 | "Zynq specific commands", zynq_help_text |
| 550 | ); |