Tom Rini | 10e4779 | 2018-05-06 17:58:06 -0400 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0+ |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 2 | /* |
| 3 | * Copyright 2015 Freescale Semiconductor, Inc. |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 4 | */ |
| 5 | |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 6 | #include <command.h> |
Simon Glass | 5e6201b | 2019-08-01 09:46:51 -0600 | [diff] [blame] | 7 | #include <env.h> |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 8 | #include <fsl_validate.h> |
Tom Rini | dec7ea0 | 2024-05-20 13:35:03 -0600 | [diff] [blame] | 9 | #include <vsprintf.h> |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 10 | |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 11 | int do_esbc_halt(struct cmd_tbl *cmdtp, int flag, int argc, |
| 12 | char *const argv[]) |
gaurav rana | f79323c | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 13 | { |
Aneesh Bansal | 8a47d5c | 2016-01-22 16:37:28 +0530 | [diff] [blame] | 14 | if (fsl_check_boot_mode_secure() == 0) { |
| 15 | printf("Boot Mode is Non-Secure. Not entering spin loop.\n"); |
| 16 | return 0; |
| 17 | } |
| 18 | |
gaurav rana | f79323c | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 19 | printf("Core is entering spin loop.\n"); |
| 20 | loop: |
| 21 | goto loop; |
| 22 | |
| 23 | return 0; |
| 24 | } |
| 25 | |
Tom Rini | d5a7385 | 2018-01-03 08:57:50 -0500 | [diff] [blame] | 26 | #ifndef CONFIG_SPL_BUILD |
Simon Glass | ed38aef | 2020-05-10 11:40:03 -0600 | [diff] [blame] | 27 | static int do_esbc_validate(struct cmd_tbl *cmdtp, int flag, int argc, |
| 28 | char *const argv[]) |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 29 | { |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 30 | char *hash_str = NULL; |
Aneesh Bansal | 85921ba | 2015-12-08 14:14:15 +0530 | [diff] [blame] | 31 | uintptr_t haddr; |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 32 | int ret; |
Saksham Jain | 04fcf52 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 33 | uintptr_t img_addr = 0; |
| 34 | char buf[20]; |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 35 | |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 36 | if (argc < 2) |
| 37 | return cmd_usage(cmdtp); |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 38 | else if (argc > 2) |
| 39 | /* Second arg - Optional - Hash Str*/ |
| 40 | hash_str = argv[2]; |
| 41 | |
| 42 | /* First argument - header address -32/64bit */ |
Simon Glass | 3ff49ec | 2021-07-24 09:03:29 -0600 | [diff] [blame] | 43 | haddr = (uintptr_t)hextoul(argv[1], NULL); |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 44 | |
Aneesh Bansal | 85921ba | 2015-12-08 14:14:15 +0530 | [diff] [blame] | 45 | /* With esbc_validate command, Image address must be |
| 46 | * part of header. So, the function is called |
| 47 | * by passing this argument as 0. |
| 48 | */ |
Saksham Jain | 04fcf52 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 49 | ret = fsl_secboot_validate(haddr, hash_str, &img_addr); |
| 50 | |
| 51 | /* Need to set "img_addr" even if validation failure. |
| 52 | * Required when SB_EN in RCW set and non-fatal error |
| 53 | * to continue U-Boot |
| 54 | */ |
| 55 | sprintf(buf, "%lx", img_addr); |
Simon Glass | 6a38e41 | 2017-08-03 12:22:09 -0600 | [diff] [blame] | 56 | env_set("img_addr", buf); |
Saksham Jain | 04fcf52 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 57 | |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 58 | if (ret) |
| 59 | return 1; |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 60 | |
Aneesh Bansal | 2b379bf | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 61 | printf("esbc_validate command successful\n"); |
| 62 | return 0; |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 63 | } |
| 64 | |
| 65 | /***************************************************/ |
Tom Rini | 4c1ca0d | 2024-06-19 10:09:44 -0600 | [diff] [blame] | 66 | U_BOOT_LONGHELP(esbc_validate, |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 67 | "esbc_validate hdr_addr <hash_val> - Validates signature using\n" |
| 68 | " RSA verification\n" |
| 69 | " $hdr_addr Address of header of the image\n" |
| 70 | " to be validated.\n" |
| 71 | " $hash_val -Optional\n" |
| 72 | " It provides Hash of public/srk key to be\n" |
Tom Rini | 4c1ca0d | 2024-06-19 10:09:44 -0600 | [diff] [blame] | 73 | " used to verify signature.\n"); |
gaurav rana | c3a5042 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 74 | |
| 75 | U_BOOT_CMD( |
| 76 | esbc_validate, 3, 0, do_esbc_validate, |
| 77 | "Validates signature on a given image using RSA verification", |
| 78 | esbc_validate_help_text |
| 79 | ); |
gaurav rana | f79323c | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 80 | |
| 81 | U_BOOT_CMD( |
| 82 | esbc_halt, 1, 0, do_esbc_halt, |
Aneesh Bansal | 8a47d5c | 2016-01-22 16:37:28 +0530 | [diff] [blame] | 83 | "Put the core in spin loop (Secure Boot Only)", |
gaurav rana | f79323c | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 84 | "" |
| 85 | ); |
Tom Rini | d5a7385 | 2018-01-03 08:57:50 -0500 | [diff] [blame] | 86 | #endif |