Tom Rini | 10e4779 | 2018-05-06 17:58:06 -0400 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0+ |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 2 | /* |
| 3 | * Copyright 2015 Freescale Semiconductor, Inc. |
Gaurav Jain | 119c700 | 2022-06-23 16:31:35 +0530 | [diff] [blame] | 4 | * Copyright 2022 NXP |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 5 | */ |
| 6 | |
| 7 | #include <common.h> |
Simon Glass | 11c89f3 | 2017-05-17 17:18:03 -0600 | [diff] [blame] | 8 | #include <dm.h> |
Simon Glass | 5e6201b | 2019-08-01 09:46:51 -0600 | [diff] [blame] | 9 | #include <env.h> |
Ovidiu Panait | 7dbb021 | 2022-01-01 19:13:29 +0200 | [diff] [blame] | 10 | #include <init.h> |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 11 | #include <fsl_validate.h> |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 12 | #include <fsl_secboot_err.h> |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 13 | #include <fsl_sfp.h> |
Simon Glass | 0f2af88 | 2020-05-10 11:40:05 -0600 | [diff] [blame] | 14 | #include <log.h> |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 15 | #include <dm/root.h> |
Tom Rini | bf1dfd8 | 2022-06-17 16:24:34 -0400 | [diff] [blame] | 16 | #include <asm/fsl_secure_boot.h> |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 17 | |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 18 | #if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_FRAMEWORK) |
| 19 | #include <spl.h> |
| 20 | #endif |
| 21 | |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 22 | #ifdef CONFIG_FSL_CORENET |
| 23 | #include <asm/fsl_pamu.h> |
| 24 | #endif |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 25 | |
York Sun | c4f047c | 2017-03-27 11:41:03 -0700 | [diff] [blame] | 26 | #ifdef CONFIG_ARCH_LS1021A |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 27 | #include <asm/arch/immap_ls102xa.h> |
| 28 | #endif |
| 29 | |
| 30 | #if defined(CONFIG_MPC85xx) |
Tom Rini | 364d002 | 2023-01-10 11:19:45 -0500 | [diff] [blame] | 31 | #define CFG_DCFG_ADDR CFG_SYS_MPC85xx_GUTS_ADDR |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 32 | #else |
Tom Rini | 364d002 | 2023-01-10 11:19:45 -0500 | [diff] [blame] | 33 | #define CFG_DCFG_ADDR CFG_SYS_FSL_GUTS_ADDR |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 34 | #endif |
| 35 | |
| 36 | #ifdef CONFIG_SYS_FSL_CCSR_GUR_LE |
| 37 | #define gur_in32(a) in_le32(a) |
| 38 | #else |
| 39 | #define gur_in32(a) in_be32(a) |
| 40 | #endif |
| 41 | |
| 42 | /* Check the Boot Mode. If Secure, return 1 else return 0 */ |
| 43 | int fsl_check_boot_mode_secure(void) |
| 44 | { |
| 45 | uint32_t val; |
Tom Rini | 6a5dccc | 2022-11-16 13:10:41 -0500 | [diff] [blame] | 46 | struct ccsr_sfp_regs *sfp_regs = (void *)(CFG_SYS_SFP_ADDR); |
Tom Rini | 364d002 | 2023-01-10 11:19:45 -0500 | [diff] [blame] | 47 | struct ccsr_gur __iomem *gur = (void *)(CFG_DCFG_ADDR); |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 48 | |
| 49 | val = sfp_in32(&sfp_regs->ospr) & ITS_MASK; |
| 50 | if (val == ITS_MASK) |
| 51 | return 1; |
| 52 | |
| 53 | #if defined(CONFIG_FSL_CORENET) || !defined(CONFIG_MPC85xx) |
| 54 | /* For PBL based platforms check the SB_EN bit in RCWSR */ |
| 55 | val = gur_in32(&gur->rcwsr[RCW_SB_EN_REG_INDEX - 1]) & RCW_SB_EN_MASK; |
| 56 | if (val == RCW_SB_EN_MASK) |
| 57 | return 1; |
| 58 | #endif |
| 59 | |
| 60 | #if defined(CONFIG_MPC85xx) && !defined(CONFIG_FSL_CORENET) |
| 61 | /* For Non-PBL Platforms, check the Device Status register 2*/ |
| 62 | val = gur_in32(&gur->pordevsr2) & MPC85xx_PORDEVSR2_SBC_MASK; |
| 63 | if (val != MPC85xx_PORDEVSR2_SBC_MASK) |
| 64 | return 1; |
| 65 | |
| 66 | #endif |
| 67 | return 0; |
| 68 | } |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 69 | |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 70 | #ifndef CONFIG_SPL_BUILD |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 71 | int fsl_setenv_chain_of_trust(void) |
| 72 | { |
| 73 | /* Check Boot Mode |
| 74 | * If Boot Mode is Non-Secure, no changes are required |
| 75 | */ |
| 76 | if (fsl_check_boot_mode_secure() == 0) |
| 77 | return 0; |
| 78 | |
| 79 | /* If Boot mode is Secure, set the environment variables |
| 80 | * bootdelay = 0 (To disable Boot Prompt) |
Tom Rini | bf1dfd8 | 2022-06-17 16:24:34 -0400 | [diff] [blame] | 81 | * bootcmd = CHAIN_BOOT_CMD (Validate and execute Boot script) |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 82 | */ |
Udit Agarwal | 9bca662 | 2019-06-11 09:37:49 +0000 | [diff] [blame] | 83 | env_set("bootdelay", "-2"); |
Sumit Garg | 9cbcc4d | 2017-06-05 23:51:51 +0530 | [diff] [blame] | 84 | |
| 85 | #ifdef CONFIG_ARM |
Simon Glass | 6a38e41 | 2017-08-03 12:22:09 -0600 | [diff] [blame] | 86 | env_set("secureboot", "y"); |
Sumit Garg | 9cbcc4d | 2017-06-05 23:51:51 +0530 | [diff] [blame] | 87 | #else |
Tom Rini | bf1dfd8 | 2022-06-17 16:24:34 -0400 | [diff] [blame] | 88 | env_set("bootcmd", CHAIN_BOOT_CMD); |
Sumit Garg | 9cbcc4d | 2017-06-05 23:51:51 +0530 | [diff] [blame] | 89 | #endif |
| 90 | |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 91 | return 0; |
| 92 | } |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 93 | #endif |
| 94 | |
| 95 | #ifdef CONFIG_SPL_BUILD |
| 96 | void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr) |
| 97 | { |
| 98 | int res; |
| 99 | |
| 100 | /* |
| 101 | * Check Boot Mode |
| 102 | * If Boot Mode is Non-Secure, skip validation |
| 103 | */ |
| 104 | if (fsl_check_boot_mode_secure() == 0) |
| 105 | return; |
| 106 | |
| 107 | printf("SPL: Validating U-Boot image\n"); |
| 108 | |
| 109 | #ifdef CONFIG_ADDR_MAP |
| 110 | init_addr_map(); |
| 111 | #endif |
| 112 | |
| 113 | #ifdef CONFIG_FSL_CORENET |
| 114 | if (pamu_init() < 0) |
| 115 | fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT); |
| 116 | #endif |
| 117 | |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 118 | /* |
| 119 | * dm_init_and_scan() is called as part of common SPL framework, so no |
| 120 | * need to call it again but in case of powerpc platforms which currently |
| 121 | * do not use common SPL framework, so need to call this function here. |
| 122 | */ |
| 123 | #if defined(CONFIG_SPL_DM) && (!defined(CONFIG_SPL_FRAMEWORK)) |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 124 | dm_init_and_scan(true); |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 125 | #endif |
| 126 | res = fsl_secboot_validate(hdr_addr, CONFIG_SPL_UBOOT_KEY_HASH, |
| 127 | &img_addr); |
| 128 | |
| 129 | if (res == 0) |
Michal Simek | 22dc113 | 2023-06-05 13:58:59 +0200 | [diff] [blame] | 130 | printf("SPL: Validation of U-Boot successful\n"); |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 131 | } |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 132 | |
| 133 | #ifdef CONFIG_SPL_FRAMEWORK |
| 134 | /* Override weak funtion defined in SPL framework to enable validation |
| 135 | * of main u-boot image before jumping to u-boot image. |
| 136 | */ |
| 137 | void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) |
| 138 | { |
| 139 | typedef void __noreturn (*image_entry_noargs_t)(void); |
| 140 | uint32_t hdr_addr; |
| 141 | |
| 142 | image_entry_noargs_t image_entry = |
| 143 | (image_entry_noargs_t)(unsigned long)spl_image->entry_point; |
| 144 | |
| 145 | hdr_addr = (spl_image->entry_point + spl_image->size - |
Tom Rini | cb18926 | 2022-12-02 16:42:50 -0500 | [diff] [blame] | 146 | FSL_U_BOOT_HDR_SIZE); |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 147 | spl_validate_uboot(hdr_addr, (uintptr_t)spl_image->entry_point); |
| 148 | /* |
| 149 | * In case of failure in validation, spl_validate_uboot would |
| 150 | * not return back in case of Production environment with ITS=1. |
| 151 | * Thus U-Boot will not start. |
| 152 | * In Development environment (ITS=0 and SB_EN=1), the function |
| 153 | * may return back in case of non-fatal failures. |
| 154 | */ |
| 155 | |
Tom Rini | f1c2fc0 | 2017-01-11 10:45:48 -0500 | [diff] [blame] | 156 | debug("image entry point: 0x%lX\n", spl_image->entry_point); |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 157 | image_entry(); |
| 158 | } |
| 159 | #endif /* ifdef CONFIG_SPL_FRAMEWORK */ |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 160 | #endif /* ifdef CONFIG_SPL_BUILD */ |