a1b6b0a9c1
The patch implements secure booting for the mvebu architecture. This includes: - The addition of secure headers and all needed signatures and keys in mkimage - Commands capable of writing the board's efuses to both write the needed cryptographic data and enable the secure booting mechanism - The creation of convenience text files containing the necessary commands to write the efuses The KAK and CSK keys are expected to reside in the files kwb_kak.key and kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory. Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc> Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de>
204 lines
5.3 KiB
C
204 lines
5.3 KiB
C
/*
|
|
* (C) Copyright 2008
|
|
* Marvell Semiconductor <www.marvell.com>
|
|
* Written-by: Prafulla Wadaskar <prafulla@marvell.com>
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
*/
|
|
|
|
#ifndef _KWBIMAGE_H_
|
|
#define _KWBIMAGE_H_
|
|
|
|
#include <compiler.h>
|
|
#include <stdint.h>
|
|
|
|
#define KWBIMAGE_MAX_CONFIG ((0x1dc - 0x20)/sizeof(struct reg_config))
|
|
#define MAX_TEMPBUF_LEN 32
|
|
|
|
/* NAND ECC Mode */
|
|
#define IBR_HDR_ECC_DEFAULT 0x00
|
|
#define IBR_HDR_ECC_FORCED_HAMMING 0x01
|
|
#define IBR_HDR_ECC_FORCED_RS 0x02
|
|
#define IBR_HDR_ECC_DISABLED 0x03
|
|
|
|
/* Boot Type - block ID */
|
|
#define IBR_HDR_I2C_ID 0x4D
|
|
#define IBR_HDR_SPI_ID 0x5A
|
|
#define IBR_HDR_NAND_ID 0x8B
|
|
#define IBR_HDR_SATA_ID 0x78
|
|
#define IBR_HDR_PEX_ID 0x9C
|
|
#define IBR_HDR_UART_ID 0x69
|
|
#define IBR_DEF_ATTRIB 0x00
|
|
|
|
#define ALIGN_SUP(x, a) (((x) + (a - 1)) & ~(a - 1))
|
|
|
|
/* Structure of the main header, version 0 (Kirkwood, Dove) */
|
|
struct main_hdr_v0 {
|
|
uint8_t blockid; /*0 */
|
|
uint8_t nandeccmode; /*1 */
|
|
uint16_t nandpagesize; /*2-3 */
|
|
uint32_t blocksize; /*4-7 */
|
|
uint32_t rsvd1; /*8-11 */
|
|
uint32_t srcaddr; /*12-15 */
|
|
uint32_t destaddr; /*16-19 */
|
|
uint32_t execaddr; /*20-23 */
|
|
uint8_t satapiomode; /*24 */
|
|
uint8_t rsvd3; /*25 */
|
|
uint16_t ddrinitdelay; /*26-27 */
|
|
uint16_t rsvd2; /*28-29 */
|
|
uint8_t ext; /*30 */
|
|
uint8_t checksum; /*31 */
|
|
};
|
|
|
|
struct ext_hdr_v0_reg {
|
|
uint32_t raddr;
|
|
uint32_t rdata;
|
|
};
|
|
|
|
#define EXT_HDR_V0_REG_COUNT ((0x1dc - 0x20) / sizeof(struct ext_hdr_v0_reg))
|
|
|
|
struct ext_hdr_v0 {
|
|
uint32_t offset;
|
|
uint8_t reserved[0x20 - sizeof(uint32_t)];
|
|
struct ext_hdr_v0_reg rcfg[EXT_HDR_V0_REG_COUNT];
|
|
uint8_t reserved2[7];
|
|
uint8_t checksum;
|
|
};
|
|
|
|
struct kwb_header {
|
|
struct main_hdr_v0 kwb_hdr;
|
|
struct ext_hdr_v0 kwb_exthdr;
|
|
};
|
|
|
|
/* Structure of the main header, version 1 (Armada 370, Armada XP) */
|
|
struct main_hdr_v1 {
|
|
uint8_t blockid; /* 0 */
|
|
uint8_t flags; /* 1 */
|
|
uint16_t reserved2; /* 2-3 */
|
|
uint32_t blocksize; /* 4-7 */
|
|
uint8_t version; /* 8 */
|
|
uint8_t headersz_msb; /* 9 */
|
|
uint16_t headersz_lsb; /* A-B */
|
|
uint32_t srcaddr; /* C-F */
|
|
uint32_t destaddr; /* 10-13 */
|
|
uint32_t execaddr; /* 14-17 */
|
|
uint8_t options; /* 18 */
|
|
uint8_t nandblocksize; /* 19 */
|
|
uint8_t nandbadblklocation; /* 1A */
|
|
uint8_t reserved4; /* 1B */
|
|
uint16_t reserved5; /* 1C-1D */
|
|
uint8_t ext; /* 1E */
|
|
uint8_t checksum; /* 1F */
|
|
};
|
|
|
|
/*
|
|
* Main header options
|
|
*/
|
|
#define MAIN_HDR_V1_OPT_BAUD_DEFAULT 0
|
|
#define MAIN_HDR_V1_OPT_BAUD_2400 0x1
|
|
#define MAIN_HDR_V1_OPT_BAUD_4800 0x2
|
|
#define MAIN_HDR_V1_OPT_BAUD_9600 0x3
|
|
#define MAIN_HDR_V1_OPT_BAUD_19200 0x4
|
|
#define MAIN_HDR_V1_OPT_BAUD_38400 0x5
|
|
#define MAIN_HDR_V1_OPT_BAUD_57600 0x6
|
|
#define MAIN_HDR_V1_OPT_BAUD_115200 0x7
|
|
|
|
/*
|
|
* Header for the optional headers, version 1 (Armada 370, Armada XP)
|
|
*/
|
|
struct opt_hdr_v1 {
|
|
uint8_t headertype;
|
|
uint8_t headersz_msb;
|
|
uint16_t headersz_lsb;
|
|
char data[0];
|
|
};
|
|
|
|
/*
|
|
* Public Key data in DER format
|
|
*/
|
|
struct pubkey_der_v1 {
|
|
uint8_t key[524];
|
|
};
|
|
|
|
/*
|
|
* Signature (RSA 2048)
|
|
*/
|
|
struct sig_v1 {
|
|
uint8_t sig[256];
|
|
};
|
|
|
|
/*
|
|
* Structure of secure header (Armada 38x)
|
|
*/
|
|
struct secure_hdr_v1 {
|
|
uint8_t headertype; /* 0x0 */
|
|
uint8_t headersz_msb; /* 0x1 */
|
|
uint16_t headersz_lsb; /* 0x2 - 0x3 */
|
|
uint32_t reserved1; /* 0x4 - 0x7 */
|
|
struct pubkey_der_v1 kak; /* 0x8 - 0x213 */
|
|
uint8_t jtag_delay; /* 0x214 */
|
|
uint8_t reserved2; /* 0x215 */
|
|
uint16_t reserved3; /* 0x216 - 0x217 */
|
|
uint32_t boxid; /* 0x218 - 0x21B */
|
|
uint32_t flashid; /* 0x21C - 0x21F */
|
|
struct sig_v1 hdrsig; /* 0x220 - 0x31F */
|
|
struct sig_v1 imgsig; /* 0x320 - 0x41F */
|
|
struct pubkey_der_v1 csk[16]; /* 0x420 - 0x24DF */
|
|
struct sig_v1 csksig; /* 0x24E0 - 0x25DF */
|
|
uint8_t next; /* 0x25E0 */
|
|
uint8_t reserved4; /* 0x25E1 */
|
|
uint16_t reserved5; /* 0x25E2 - 0x25E3 */
|
|
};
|
|
|
|
/*
|
|
* Various values for the opt_hdr_v1->headertype field, describing the
|
|
* different types of optional headers. The "secure" header contains
|
|
* informations related to secure boot (encryption keys, etc.). The
|
|
* "binary" header contains ARM binary code to be executed prior to
|
|
* executing the main payload (usually the bootloader). This is
|
|
* typically used to execute DDR3 training code. The "register" header
|
|
* allows to describe a set of (address, value) tuples that are
|
|
* generally used to configure the DRAM controller.
|
|
*/
|
|
#define OPT_HDR_V1_SECURE_TYPE 0x1
|
|
#define OPT_HDR_V1_BINARY_TYPE 0x2
|
|
#define OPT_HDR_V1_REGISTER_TYPE 0x3
|
|
|
|
#define KWBHEADER_V1_SIZE(hdr) \
|
|
(((hdr)->headersz_msb << 16) | le16_to_cpu((hdr)->headersz_lsb))
|
|
|
|
enum kwbimage_cmd {
|
|
CMD_INVALID,
|
|
CMD_BOOT_FROM,
|
|
CMD_NAND_ECC_MODE,
|
|
CMD_NAND_PAGE_SIZE,
|
|
CMD_SATA_PIO_MODE,
|
|
CMD_DDR_INIT_DELAY,
|
|
CMD_DATA
|
|
};
|
|
|
|
enum kwbimage_cmd_types {
|
|
CFG_INVALID = -1,
|
|
CFG_COMMAND,
|
|
CFG_DATA0,
|
|
CFG_DATA1
|
|
};
|
|
|
|
/*
|
|
* functions
|
|
*/
|
|
void init_kwb_image_type (void);
|
|
|
|
/*
|
|
* Byte 8 of the image header contains the version number. In the v0
|
|
* header, byte 8 was reserved, and always set to 0. In the v1 header,
|
|
* byte 8 has been changed to a proper field, set to 1.
|
|
*/
|
|
static inline unsigned int image_version(void *header)
|
|
{
|
|
unsigned char *ptr = header;
|
|
return ptr[8];
|
|
}
|
|
|
|
#endif /* _KWBIMAGE_H_ */
|