blob: b06235f291d0b0f08e2625c96b1bcd0149bd61e6 [file] [log] [blame]
Tom Rini10e47792018-05-06 17:58:06 -04001// SPDX-License-Identifier: GPL-2.0+
gaurav ranac3a50422015-02-27 09:45:35 +05302/*
3 * Copyright 2015 Freescale Semiconductor, Inc.
gaurav ranac3a50422015-02-27 09:45:35 +05304 */
5
6#include <common.h>
7#include <command.h>
8#include <fsl_validate.h>
9
Saksham Jain7f048b32016-03-23 16:24:44 +053010int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
gaurav ranaf79323c2015-03-10 14:08:50 +053011 char * const argv[])
12{
Aneesh Bansal8a47d5c2016-01-22 16:37:28 +053013 if (fsl_check_boot_mode_secure() == 0) {
14 printf("Boot Mode is Non-Secure. Not entering spin loop.\n");
15 return 0;
16 }
17
gaurav ranaf79323c2015-03-10 14:08:50 +053018 printf("Core is entering spin loop.\n");
19loop:
20 goto loop;
21
22 return 0;
23}
24
Tom Rinid5a73852018-01-03 08:57:50 -050025#ifndef CONFIG_SPL_BUILD
gaurav ranac3a50422015-02-27 09:45:35 +053026static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc,
27 char * const argv[])
28{
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053029 char *hash_str = NULL;
Aneesh Bansal85921ba2015-12-08 14:14:15 +053030 uintptr_t haddr;
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053031 int ret;
Saksham Jain04fcf522016-03-23 16:24:45 +053032 uintptr_t img_addr = 0;
33 char buf[20];
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053034
gaurav ranac3a50422015-02-27 09:45:35 +053035 if (argc < 2)
36 return cmd_usage(cmdtp);
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053037 else if (argc > 2)
38 /* Second arg - Optional - Hash Str*/
39 hash_str = argv[2];
40
41 /* First argument - header address -32/64bit */
Aneesh Bansal85921ba2015-12-08 14:14:15 +053042 haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053043
Aneesh Bansal85921ba2015-12-08 14:14:15 +053044 /* With esbc_validate command, Image address must be
45 * part of header. So, the function is called
46 * by passing this argument as 0.
47 */
Saksham Jain04fcf522016-03-23 16:24:45 +053048 ret = fsl_secboot_validate(haddr, hash_str, &img_addr);
49
50 /* Need to set "img_addr" even if validation failure.
51 * Required when SB_EN in RCW set and non-fatal error
52 * to continue U-Boot
53 */
54 sprintf(buf, "%lx", img_addr);
Simon Glass6a38e412017-08-03 12:22:09 -060055 env_set("img_addr", buf);
Saksham Jain04fcf522016-03-23 16:24:45 +053056
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053057 if (ret)
58 return 1;
gaurav ranac3a50422015-02-27 09:45:35 +053059
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053060 printf("esbc_validate command successful\n");
61 return 0;
gaurav ranac3a50422015-02-27 09:45:35 +053062}
63
64/***************************************************/
65static char esbc_validate_help_text[] =
66 "esbc_validate hdr_addr <hash_val> - Validates signature using\n"
67 " RSA verification\n"
68 " $hdr_addr Address of header of the image\n"
69 " to be validated.\n"
70 " $hash_val -Optional\n"
71 " It provides Hash of public/srk key to be\n"
72 " used to verify signature.\n";
73
74U_BOOT_CMD(
75 esbc_validate, 3, 0, do_esbc_validate,
76 "Validates signature on a given image using RSA verification",
77 esbc_validate_help_text
78);
gaurav ranaf79323c2015-03-10 14:08:50 +053079
80U_BOOT_CMD(
81 esbc_halt, 1, 0, do_esbc_halt,
Aneesh Bansal8a47d5c2016-01-22 16:37:28 +053082 "Put the core in spin loop (Secure Boot Only)",
gaurav ranaf79323c2015-03-10 14:08:50 +053083 ""
84);
Tom Rinid5a73852018-01-03 08:57:50 -050085#endif