Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 Freescale Semiconductor, Inc. |
| 3 | * |
| 4 | * SPDX-License-Identifier: GPL-2.0+ |
| 5 | */ |
| 6 | |
| 7 | #include <common.h> |
Simon Glass | 11c89f3 | 2017-05-17 17:18:03 -0600 | [diff] [blame] | 8 | #include <dm.h> |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 9 | #include <fsl_validate.h> |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 10 | #include <fsl_secboot_err.h> |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 11 | #include <fsl_sfp.h> |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 12 | #include <dm/root.h> |
| 13 | |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 14 | #if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_FRAMEWORK) |
| 15 | #include <spl.h> |
| 16 | #endif |
| 17 | |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 18 | #ifdef CONFIG_ADDR_MAP |
| 19 | #include <asm/mmu.h> |
| 20 | #endif |
| 21 | |
| 22 | #ifdef CONFIG_FSL_CORENET |
| 23 | #include <asm/fsl_pamu.h> |
| 24 | #endif |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 25 | |
York Sun | c4f047c | 2017-03-27 11:41:03 -0700 | [diff] [blame] | 26 | #ifdef CONFIG_ARCH_LS1021A |
Aneesh Bansal | c4713ec | 2016-01-22 16:37:25 +0530 | [diff] [blame] | 27 | #include <asm/arch/immap_ls102xa.h> |
| 28 | #endif |
| 29 | |
| 30 | #if defined(CONFIG_MPC85xx) |
| 31 | #define CONFIG_DCFG_ADDR CONFIG_SYS_MPC85xx_GUTS_ADDR |
| 32 | #else |
| 33 | #define CONFIG_DCFG_ADDR CONFIG_SYS_FSL_GUTS_ADDR |
| 34 | #endif |
| 35 | |
| 36 | #ifdef CONFIG_SYS_FSL_CCSR_GUR_LE |
| 37 | #define gur_in32(a) in_le32(a) |
| 38 | #else |
| 39 | #define gur_in32(a) in_be32(a) |
| 40 | #endif |
| 41 | |
| 42 | /* Check the Boot Mode. If Secure, return 1 else return 0 */ |
| 43 | int fsl_check_boot_mode_secure(void) |
| 44 | { |
| 45 | uint32_t val; |
| 46 | struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); |
| 47 | struct ccsr_gur __iomem *gur = (void *)(CONFIG_DCFG_ADDR); |
| 48 | |
| 49 | val = sfp_in32(&sfp_regs->ospr) & ITS_MASK; |
| 50 | if (val == ITS_MASK) |
| 51 | return 1; |
| 52 | |
| 53 | #if defined(CONFIG_FSL_CORENET) || !defined(CONFIG_MPC85xx) |
| 54 | /* For PBL based platforms check the SB_EN bit in RCWSR */ |
| 55 | val = gur_in32(&gur->rcwsr[RCW_SB_EN_REG_INDEX - 1]) & RCW_SB_EN_MASK; |
| 56 | if (val == RCW_SB_EN_MASK) |
| 57 | return 1; |
| 58 | #endif |
| 59 | |
| 60 | #if defined(CONFIG_MPC85xx) && !defined(CONFIG_FSL_CORENET) |
| 61 | /* For Non-PBL Platforms, check the Device Status register 2*/ |
| 62 | val = gur_in32(&gur->pordevsr2) & MPC85xx_PORDEVSR2_SBC_MASK; |
| 63 | if (val != MPC85xx_PORDEVSR2_SBC_MASK) |
| 64 | return 1; |
| 65 | |
| 66 | #endif |
| 67 | return 0; |
| 68 | } |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 69 | |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 70 | #ifndef CONFIG_SPL_BUILD |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 71 | int fsl_setenv_chain_of_trust(void) |
| 72 | { |
| 73 | /* Check Boot Mode |
| 74 | * If Boot Mode is Non-Secure, no changes are required |
| 75 | */ |
| 76 | if (fsl_check_boot_mode_secure() == 0) |
| 77 | return 0; |
| 78 | |
| 79 | /* If Boot mode is Secure, set the environment variables |
| 80 | * bootdelay = 0 (To disable Boot Prompt) |
| 81 | * bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script) |
| 82 | */ |
| 83 | setenv("bootdelay", "0"); |
Sumit Garg | 9cbcc4d | 2017-06-05 23:51:51 +0530 | [diff] [blame] | 84 | |
| 85 | #ifdef CONFIG_ARM |
| 86 | setenv("secureboot", "y"); |
| 87 | #else |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 88 | setenv("bootcmd", CONFIG_CHAIN_BOOT_CMD); |
Sumit Garg | 9cbcc4d | 2017-06-05 23:51:51 +0530 | [diff] [blame] | 89 | #endif |
| 90 | |
Aneesh Bansal | 39d5b3b | 2016-01-22 16:37:26 +0530 | [diff] [blame] | 91 | return 0; |
| 92 | } |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 93 | #endif |
| 94 | |
| 95 | #ifdef CONFIG_SPL_BUILD |
| 96 | void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr) |
| 97 | { |
| 98 | int res; |
| 99 | |
| 100 | /* |
| 101 | * Check Boot Mode |
| 102 | * If Boot Mode is Non-Secure, skip validation |
| 103 | */ |
| 104 | if (fsl_check_boot_mode_secure() == 0) |
| 105 | return; |
| 106 | |
| 107 | printf("SPL: Validating U-Boot image\n"); |
| 108 | |
| 109 | #ifdef CONFIG_ADDR_MAP |
| 110 | init_addr_map(); |
| 111 | #endif |
| 112 | |
| 113 | #ifdef CONFIG_FSL_CORENET |
| 114 | if (pamu_init() < 0) |
| 115 | fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT); |
| 116 | #endif |
| 117 | |
| 118 | #ifdef CONFIG_FSL_CAAM |
| 119 | if (sec_init() < 0) |
| 120 | fsl_secboot_handle_error(ERROR_ESBC_SEC_INIT); |
| 121 | #endif |
| 122 | |
| 123 | /* |
| 124 | * dm_init_and_scan() is called as part of common SPL framework, so no |
| 125 | * need to call it again but in case of powerpc platforms which currently |
| 126 | * do not use common SPL framework, so need to call this function here. |
| 127 | */ |
| 128 | #if defined(CONFIG_SPL_DM) && (!defined(CONFIG_SPL_FRAMEWORK)) |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 129 | dm_init_and_scan(true); |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 130 | #endif |
| 131 | res = fsl_secboot_validate(hdr_addr, CONFIG_SPL_UBOOT_KEY_HASH, |
| 132 | &img_addr); |
| 133 | |
| 134 | if (res == 0) |
| 135 | printf("SPL: Validation of U-boot successful\n"); |
| 136 | } |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 137 | |
| 138 | #ifdef CONFIG_SPL_FRAMEWORK |
| 139 | /* Override weak funtion defined in SPL framework to enable validation |
| 140 | * of main u-boot image before jumping to u-boot image. |
| 141 | */ |
| 142 | void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) |
| 143 | { |
| 144 | typedef void __noreturn (*image_entry_noargs_t)(void); |
| 145 | uint32_t hdr_addr; |
| 146 | |
| 147 | image_entry_noargs_t image_entry = |
| 148 | (image_entry_noargs_t)(unsigned long)spl_image->entry_point; |
| 149 | |
| 150 | hdr_addr = (spl_image->entry_point + spl_image->size - |
| 151 | CONFIG_U_BOOT_HDR_SIZE); |
| 152 | spl_validate_uboot(hdr_addr, (uintptr_t)spl_image->entry_point); |
| 153 | /* |
| 154 | * In case of failure in validation, spl_validate_uboot would |
| 155 | * not return back in case of Production environment with ITS=1. |
| 156 | * Thus U-Boot will not start. |
| 157 | * In Development environment (ITS=0 and SB_EN=1), the function |
| 158 | * may return back in case of non-fatal failures. |
| 159 | */ |
| 160 | |
Tom Rini | f1c2fc0 | 2017-01-11 10:45:48 -0500 | [diff] [blame] | 161 | debug("image entry point: 0x%lX\n", spl_image->entry_point); |
Sumit Garg | bdddd6e | 2016-06-14 13:52:38 -0400 | [diff] [blame] | 162 | image_entry(); |
| 163 | } |
| 164 | #endif /* ifdef CONFIG_SPL_FRAMEWORK */ |
Sumit Garg | f6d96cb | 2016-07-14 12:27:51 -0400 | [diff] [blame] | 165 | #endif /* ifdef CONFIG_SPL_BUILD */ |