blob: 3344653ba2da2674f1b1264e8bdc36d88173095b [file] [log] [blame]
Tom Rini10e47792018-05-06 17:58:06 -04001// SPDX-License-Identifier: GPL-2.0+
gaurav ranac3a50422015-02-27 09:45:35 +05302/*
3 * Copyright 2015 Freescale Semiconductor, Inc.
gaurav ranac3a50422015-02-27 09:45:35 +05304 */
5
gaurav ranac3a50422015-02-27 09:45:35 +05306#include <command.h>
Simon Glass5e6201b2019-08-01 09:46:51 -06007#include <env.h>
gaurav ranac3a50422015-02-27 09:45:35 +05308#include <fsl_validate.h>
Tom Rinidec7ea02024-05-20 13:35:03 -06009#include <vsprintf.h>
gaurav ranac3a50422015-02-27 09:45:35 +053010
Simon Glassed38aef2020-05-10 11:40:03 -060011int do_esbc_halt(struct cmd_tbl *cmdtp, int flag, int argc,
12 char *const argv[])
gaurav ranaf79323c2015-03-10 14:08:50 +053013{
Aneesh Bansal8a47d5c2016-01-22 16:37:28 +053014 if (fsl_check_boot_mode_secure() == 0) {
15 printf("Boot Mode is Non-Secure. Not entering spin loop.\n");
16 return 0;
17 }
18
gaurav ranaf79323c2015-03-10 14:08:50 +053019 printf("Core is entering spin loop.\n");
20loop:
21 goto loop;
22
23 return 0;
24}
25
Tom Rinid5a73852018-01-03 08:57:50 -050026#ifndef CONFIG_SPL_BUILD
Simon Glassed38aef2020-05-10 11:40:03 -060027static int do_esbc_validate(struct cmd_tbl *cmdtp, int flag, int argc,
28 char *const argv[])
gaurav ranac3a50422015-02-27 09:45:35 +053029{
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053030 char *hash_str = NULL;
Aneesh Bansal85921ba2015-12-08 14:14:15 +053031 uintptr_t haddr;
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053032 int ret;
Saksham Jain04fcf522016-03-23 16:24:45 +053033 uintptr_t img_addr = 0;
34 char buf[20];
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053035
gaurav ranac3a50422015-02-27 09:45:35 +053036 if (argc < 2)
37 return cmd_usage(cmdtp);
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053038 else if (argc > 2)
39 /* Second arg - Optional - Hash Str*/
40 hash_str = argv[2];
41
42 /* First argument - header address -32/64bit */
Simon Glass3ff49ec2021-07-24 09:03:29 -060043 haddr = (uintptr_t)hextoul(argv[1], NULL);
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053044
Aneesh Bansal85921ba2015-12-08 14:14:15 +053045 /* With esbc_validate command, Image address must be
46 * part of header. So, the function is called
47 * by passing this argument as 0.
48 */
Saksham Jain04fcf522016-03-23 16:24:45 +053049 ret = fsl_secboot_validate(haddr, hash_str, &img_addr);
50
51 /* Need to set "img_addr" even if validation failure.
52 * Required when SB_EN in RCW set and non-fatal error
53 * to continue U-Boot
54 */
55 sprintf(buf, "%lx", img_addr);
Simon Glass6a38e412017-08-03 12:22:09 -060056 env_set("img_addr", buf);
Saksham Jain04fcf522016-03-23 16:24:45 +053057
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053058 if (ret)
59 return 1;
gaurav ranac3a50422015-02-27 09:45:35 +053060
Aneesh Bansal2b379bf2015-12-08 14:14:12 +053061 printf("esbc_validate command successful\n");
62 return 0;
gaurav ranac3a50422015-02-27 09:45:35 +053063}
64
65/***************************************************/
Tom Rini4c1ca0d2024-06-19 10:09:44 -060066U_BOOT_LONGHELP(esbc_validate,
gaurav ranac3a50422015-02-27 09:45:35 +053067 "esbc_validate hdr_addr <hash_val> - Validates signature using\n"
68 " RSA verification\n"
69 " $hdr_addr Address of header of the image\n"
70 " to be validated.\n"
71 " $hash_val -Optional\n"
72 " It provides Hash of public/srk key to be\n"
Tom Rini4c1ca0d2024-06-19 10:09:44 -060073 " used to verify signature.\n");
gaurav ranac3a50422015-02-27 09:45:35 +053074
75U_BOOT_CMD(
76 esbc_validate, 3, 0, do_esbc_validate,
77 "Validates signature on a given image using RSA verification",
78 esbc_validate_help_text
79);
gaurav ranaf79323c2015-03-10 14:08:50 +053080
81U_BOOT_CMD(
82 esbc_halt, 1, 0, do_esbc_halt,
Aneesh Bansal8a47d5c2016-01-22 16:37:28 +053083 "Put the core in spin loop (Secure Boot Only)",
gaurav ranaf79323c2015-03-10 14:08:50 +053084 ""
85);
Tom Rinid5a73852018-01-03 08:57:50 -050086#endif