| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | /*******************************************************************************
|
| 2 | * Copyright (C) 2016, ZXIC Corporation.
|
| 3 | *
|
| 4 | * File Name:
|
| 5 | * File Mark:
|
| 6 | * Description:
|
| 7 | * Others:
|
| 8 | * Version: 1.0
|
| 9 | * Author: zxic
|
| 10 | * Date: 2016.12.15
|
| 11 | * modify
|
| 12 | ********************************************************************************/
|
| 13 |
|
| 14 | /****************************************************************************
|
| 15 | * Include files
|
| 16 | ****************************************************************************/
|
| 17 | #include <malloc.h>
|
| 18 | #include <errno.h>
|
| 19 | #include <asm/io.h>
|
| 20 | #include <linux/mtd/mtd.h>
|
| 21 | #include <asm-generic/ioctl.h>
|
| 22 | #include <config.h>
|
| 23 | #include <common.h>
|
| 24 | #include <command.h>
|
| 25 |
|
| 26 | #include <../drivers/hash/drv_hash.h>
|
| 27 | #include <../drivers/rsa/drv_rsa.h>
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 28 | #include <../drivers/hash/sha256.h>
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 29 | #include <secure_verify.h>
|
| 30 | #include <asm/arch/efuse.h>
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 31 | #include <boot_mode.h>
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 32 |
|
| 33 | /****************************************************************************
|
| 34 | * Local Macros
|
| 35 | ****************************************************************************/
|
| 36 | #define E_N_LEN 256
|
| 37 | #define HASH_LEN 128
|
| 38 | #define reg32(addr) (*(volatile unsigned long *)(addr))
|
| 39 |
|
| 40 | /****************************************************************************
|
| 41 | * Local Types
|
| 42 | ****************************************************************************/
|
| 43 |
|
| 44 |
|
| 45 | /****************************************************************************
|
| 46 | * Global Value
|
| 47 | ****************************************************************************/
|
| 48 | /* Disable Secure Verify as Default. */
|
| 49 | unsigned int guiEfuseStatus = 1;
|
| 50 | unsigned char g_ddr_size_flag = 0;
|
| 51 |
|
| 52 | static unsigned char gbEfuseReadFlag = 0;
|
| 53 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 54 | otp_struct otpInfo;
|
| 55 | unsigned int guiOtpStatus = 1;
|
| 56 | extern int rootfs_flag;
|
| 57 | extern int m0_flag;
|
| 58 | extern int zsp_flag;
|
| 59 | extern int g_iftype;
|
| 60 | extern unsigned char g_nor_flag;
|
| 61 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 62 | /****************************************************************************
|
| 63 | * Local Funcs
|
| 64 | ****************************************************************************/
|
| 65 |
|
| 66 | static void efuse_read_prepare(void)
|
| 67 | {
|
| 68 | //start read efuse all 256bit
|
| 69 | while((reg32(SYS_EFUSE_BASE + 0x4) & 1) == 1);// bit0=1 ctl is busy
|
| 70 | reg32(SYS_EFUSE_BASE + 0x4) = 1;
|
| 71 | while((reg32(SYS_EFUSE_BASE + 0x14) & 2) == 0);//bit1=0 read not over
|
| 72 | }
|
| 73 |
|
| 74 | static void efuse_program_32bit(u32 bit_offset, u32 data)
|
| 75 | {
|
| 76 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 77 | reg32(SYS_EFUSE_BASE+0x8) = bit_offset;
|
| 78 | reg32(SYS_EFUSE_BASE+0xc) = data;
|
| 79 | reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
|
| 80 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 81 | reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
|
| 82 | }
|
| 83 |
|
| 84 | void efuse_program_secure_en(u32 en)
|
| 85 | {
|
| 86 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 87 | reg32(SYS_EFUSE_BASE+0x8) = 0; //bit[7:0] secure_boot_en
|
| 88 | if(en)
|
| 89 | reg32(SYS_EFUSE_BASE+0xc) = 0xFF;
|
| 90 | reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
|
| 91 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 92 | reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
|
| 93 | }
|
| 94 |
|
| 95 | void efuse_program_chip_flag(u32 flag)
|
| 96 | {
|
| 97 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 98 | reg32(SYS_EFUSE_BASE+0x8) = 0; //bit[31:8] secure_chip_flag
|
| 99 |
|
| 100 | if(flag&0xFF != 0)
|
| 101 | reg32(SYS_EFUSE_BASE+0xc) = 0;
|
| 102 | else
|
| 103 | reg32(SYS_EFUSE_BASE+0xc) = flag;
|
| 104 |
|
| 105 | reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
|
| 106 | while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
|
| 107 | reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
|
| 108 | }
|
| 109 |
|
| 110 | void efuse_program_puk_hash(u32 *key)
|
| 111 | {
|
| 112 | efuse_program_32bit(32, key[0]);
|
| 113 | efuse_program_32bit(64, key[1]);
|
| 114 | efuse_program_32bit(96, key[2]);
|
| 115 | efuse_program_32bit(128, key[3]);
|
| 116 | }
|
| 117 | #if 0
|
| 118 | /**-------------------------------------------------------------------------------------------------------------------@n
|
| 119 | * º¯ÊýÃû³Æ: chip_is_spe
|
| 120 | * ¹¦ÄÜÃèÊö: ÓÃÓÚÅжÏоƬÊÇ·ñΪרÍøоƬ
|
| 121 | * ·µ »Ø Öµ: 0,¹«ÍøоƬ 1,רÍøоƬ
|
| 122 | *--------------------------------------------------------------------------------------------------------------------*/
|
| 123 | u32 chip_is_spe(void)
|
| 124 | {
|
| 125 | u8 tmp_chip_flag[3] = {0x53, 0x50, 0x45}; /*SPE*/
|
| 126 | u32 efuse_tmp_buf[5] = {0};
|
| 127 | efuse_struct *psEfuseInfo = NULL;
|
| 128 |
|
| 129 | psEfuseInfo = (efuse_struct *)efuse_tmp_buf;
|
| 130 | memcpy(psEfuseInfo, EFUSE_RAM_BASE, sizeof(efuse_struct));
|
| 131 |
|
| 132 | if(memcmp(psEfuseInfo->chip_flag,tmp_chip_flag,3))
|
| 133 | /*chip com*/
|
| 134 | return 0;
|
| 135 |
|
| 136 | /*chip spe*/
|
| 137 | return 1;
|
| 138 | }
|
| 139 | #endif
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 140 |
|
| 141 | /*
|
| 142 | * Convert BIGENDIAN To SMALLENDIAN.
|
| 143 | */
|
| 144 | void BIG2SMALL(u32 *pBuffer, u32 uiLen)
|
| 145 | {
|
| 146 | u32 uiLoop;
|
| 147 | u32 uiTmp = 0;
|
| 148 |
|
| 149 | for (uiLoop = 0; uiLoop < uiLen/sizeof(u32); uiLoop++)
|
| 150 | {
|
| 151 | uiTmp = pBuffer[uiLoop];
|
| 152 | pBuffer[uiLoop] = 0;
|
| 153 | pBuffer[uiLoop] += (uiTmp & 0x000000FF) << 24;
|
| 154 | pBuffer[uiLoop] += (uiTmp & 0x0000FF00) << 8;
|
| 155 | pBuffer[uiLoop] += (uiTmp & 0x00FF0000) >> 8;
|
| 156 | pBuffer[uiLoop] += (uiTmp & 0xFF000000) >> 24;
|
| 157 | }
|
| 158 | }
|
| 159 |
|
| 160 | void get_otp_secure_verify_status(void)
|
| 161 | {
|
| 162 | u32 uiLen;
|
| 163 | otp_struct *psEfuseInfo = NULL;
|
| 164 |
|
| 165 | /*
|
| 166 | * 0. Èç¹ûsecure flag²»µÈÓÚ0£¬Í˳ö°²È«boot¡£
|
| 167 | */
|
| 168 | psEfuseInfo = (otp_struct*)&otpInfo;
|
| 169 | if(psEfuseInfo->secure_flag != 0)
|
| 170 | {
|
| 171 | guiOtpStatus = 1; //Disable.
|
| 172 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag!=0xFF, SecureVerify->Disable.\n");
|
| 173 | return ;
|
| 174 | }
|
| 175 |
|
| 176 | /*
|
| 177 | * 1.´ÓefuseÖжÁ³öpuk_hash[255:0], ÅжÏÈç¹ûÈ«²¿Îª0Í˳ö°²È«boot¡£
|
| 178 | */
|
| 179 | for(uiLen = 0; uiLen < 8; uiLen++)
|
| 180 | {
|
| 181 | if(psEfuseInfo->puk_hash[uiLen] != 0)
|
| 182 | {
|
| 183 | break;
|
| 184 | }
|
| 185 | if(uiLen == 7)
|
| 186 | {
|
| 187 | guiOtpStatus = 1; //Disable.
|
| 188 | BOOT_PRINTF(UBOOT_NOTICE, "PubKey_HASH=Invalid, SecureVerify->Disable.\n");
|
| 189 | return ;
|
| 190 | }
|
| 191 | }
|
| 192 | BOOT_PRINTF(UBOOT_NOTICE, "All Flag & Param is Valid, SecureVerify->ENABLE.\n");
|
| 193 | guiOtpStatus = 0; //Enable.
|
| 194 | }
|
| 195 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 196 | static void efuse_get_data(void)
|
| 197 | {
|
| 198 | efuse_struct *psEfuseInfo = NULL;
|
| 199 | u32 uiLen = 0;
|
| 200 |
|
| 201 | /* Secure Verify. 1->Disable, 0->Enable. */
|
| 202 | if((reg32(EFUSE_BYPASS) & 1) == 1)
|
| 203 | {
|
| 204 | guiEfuseStatus = 1; //Disable.
|
| 205 | BOOT_PRINTF(UBOOT_NOTICE, "EFUSE_BYPASS=1, SecureVerify->Disable.\n");
|
| 206 | return ;
|
| 207 | }
|
| 208 |
|
| 209 | /* step 0*/
|
| 210 | psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
|
| 211 |
|
| 212 | /* get chip flag */
|
| 213 | if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_WINBD_256M_DDR)
|
| 214 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_WINBD_256M_DDR)
|
| 215 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_UNILC_256M_DDR)
|
| 216 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_UNILC_256M_DDR)
|
| 217 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_APM_256M_DDR)
|
| 218 | || ((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_APM_256M_DDR))
|
| 219 | {
|
| 220 | g_ddr_size_flag = CHIP_DDR_IS_32M;
|
| 221 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 222 | }
|
| 223 | else if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_UNILC_512M_DDR)
|
| 224 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_APM_512M_DDR)
|
| 225 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_ESMT_512M_DDR)
|
| 226 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_UNILC_512M_DDR)
|
| 227 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_AZW_UNILC_512M_DDR)
|
| 228 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_APM_512M_DDR)
|
| 229 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_ESMT_512M_DDR))
|
| 230 | {
|
| 231 | g_ddr_size_flag = CHIP_DDR_IS_64M;
|
| 232 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 233 | }
|
| lh | 758261d | 2023-07-13 05:52:04 -0700 | [diff] [blame] | 234 | else if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOSC_GW_NYC_2G_DDR)
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 235 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOGG_GW_NYC_2G_DDR)
|
| 236 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOGG_GW_NYC_NOR_2G_DDR)
|
| 237 | ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOSC_GW_NYC_NOR_2G_DDR))
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 238 | {
|
| 239 | g_ddr_size_flag = CHIP_DDR_IS_256M;
|
| 240 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 241 | }
|
| 242 | else
|
| 243 | {
|
| 244 | g_ddr_size_flag = CHIP_DDR_IS_128M;
|
| 245 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 246 | }
|
| 247 |
|
| 248 | if((psEfuseInfo->secure_flag & 0xFF) != 0xFF)
|
| 249 | {
|
| 250 | guiEfuseStatus = 1; //Disable.
|
| 251 | BOOT_PRINTF(UBOOT_NOTICE, "secure_flag!=0xFF, SecureVerify->Disable.\n");
|
| 252 | return ;
|
| 253 | }
|
| 254 |
|
| 255 | /* step 1*/
|
| 256 | for(uiLen = 0; uiLen < 4; uiLen++)
|
| 257 | {
|
| 258 | if(psEfuseInfo->puk_hash[uiLen] != 0)
|
| 259 | {
|
| 260 | break;
|
| 261 | }
|
| 262 | if(uiLen == 3)
|
| 263 | {
|
| 264 | guiEfuseStatus = 1; //Disable.
|
| 265 | BOOT_PRINTF(UBOOT_NOTICE, "PubKey_HASH=Invalid, SecureVerify->Disable.\n");
|
| 266 | return ;
|
| 267 | }
|
| 268 | }
|
| 269 | BOOT_PRINTF(UBOOT_NOTICE, "All Flag & Param is Valid, SecureVerify->ENABLE.\n");
|
| 270 | guiEfuseStatus = 0; //Enable.
|
| 271 | }
|
| 272 |
|
| 273 | static u8 efuse_cmp_word(u32* src, u32* dst, u32 cnt)
|
| 274 | {
|
| 275 | u32 i;
|
| 276 | for(i = 0; i < cnt; i++)
|
| 277 | {
|
| 278 | if(src[i] != dst[i])
|
| 279 | {
|
| 280 | return 1;
|
| 281 | }
|
| 282 | }
|
| 283 | return 0;
|
| 284 | }
|
| 285 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 286 | u8 rootfs_secure_verify(u32 addr)
|
| 287 | {
|
| 288 | if(g_nor_flag == 1)
|
| 289 | {
|
| 290 |
|
| 291 | u32 uiLen = 0;
|
| 292 | u32 uiRet = -1;
|
| 293 | u32 uiLoop = 0;
|
| 294 | image_header_t *puiLegacyRootfsAddr = NULL;
|
| 295 | sImageNewHeader *psRootfsHeader = NULL;
|
| 296 | u32 *puiDataLoadAddr = NULL;
|
| 297 | u32 *puiArrPubKeyEN = NULL;
|
| 298 | u32 *puiArrPubKey = NULL;
|
| 299 | u32 *puiArrHASH = NULL;
|
| 300 | otp_struct *psEfuseInfo = NULL;
|
| 301 | u32 uiHashResArr[8] = {0};
|
| 302 | u32 uiHashResLen = 0;
|
| 303 | u32 uiHashVerifySize = 0;
|
| 304 | u32 uiRsaResArr[64] = {0};
|
| 305 | u32 puiArrPubKeyE[64] = {0};
|
| 306 | T_Rsa_Paramter sRSAInput;
|
| 307 | u32 *puiRsaResAddr = NULL;
|
| 308 | u32 sRamKey[9] = {0x0,0x33fa3e31,0x90d8d15a,0x073cee04,0x82ac24aa,0x2262748e,0x1a3663c7,0x4b603f6f,0xd098e0d8};
|
| 309 | if(NULL == addr)
|
| 310 | {
|
| 311 | BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
|
| 312 | return -1;
|
| 313 | }
|
| 314 |
|
| 315 | psRootfsHeader = (sImageNewHeader *)addr;
|
| 316 | puiLegacyRootfsAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
|
| 317 | uiHashVerifySize = ___htonl(puiLegacyRootfsAddr->ih_size) + sizeof(image_header_t);
|
| 318 |
|
| 319 | //psEfuseInfo = (otp_struct*)sRamKey;
|
| 320 | psEfuseInfo = (otp_struct*)&otpInfo;
|
| 321 |
|
| 322 | /*
|
| 323 | * step 0
|
| 324 | */
|
| 325 | puiArrPubKeyEN = psRootfsHeader->uiPubKeyRsaE;
|
| 326 | uiLen = 380;
|
| 327 | puiArrPubKey = &(psRootfsHeader->uiPubKeyRsaELen);
|
| 328 | sha256_csum_wd((const unsigned char *)puiArrPubKey, uiLen, (unsigned char *)uiHashResArr);
|
| 329 | uiHashResLen = 8;
|
| 330 | /*´óС¶Ëת»»*/
|
| 331 | BIG2SMALL(uiHashResArr, 32);
|
| 332 |
|
| 333 | BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 334 |
|
| 335 | if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
|
| 336 | {
|
| 337 | BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
|
| 338 | return 1;
|
| 339 | }
|
| 340 | puiArrHASH = psRootfsHeader->uiHashY;
|
| 341 |
|
| 342 | /*
|
| 343 | * step 1
|
| 344 | */
|
| 345 | memcpy(puiArrPubKeyE+63, puiArrPubKeyEN, 4);
|
| 346 | sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
|
| 347 | sRSAInput.udNbitLen = 2048;
|
| 348 | sRSAInput.udEbitLen = 2048;
|
| 349 | sRSAInput.pudInputM = puiArrHASH;
|
| 350 | sRSAInput.pudInputE = puiArrPubKeyE;
|
| 351 | sRSAInput.pudInputN = psRootfsHeader->uiPubKeyRsaN;
|
| 352 | sRSAInput.pudOutputP = uiRsaResArr;
|
| 353 |
|
| 354 | uiRet = Rsa_Calculate(sRSAInput);
|
| 355 | if(uiRet != 0)
|
| 356 | {
|
| 357 | BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
|
| 358 | return 2;
|
| 359 | }
|
| 360 | puiRsaResAddr = sRSAInput.pudOutputP + (64 - uiHashResLen);
|
| 361 |
|
| 362 | /*
|
| 363 | * step 2
|
| 364 | */
|
| 365 | uiLen = uiHashVerifySize;
|
| 366 | puiDataLoadAddr = CONFIG_SYS_SDRAM_ROOTFS_BASE - sizeof(image_header_t);
|
| 367 |
|
| 368 | /* Cleanup Output Buffer. */
|
| 369 | uiHashResLen = 0;
|
| 370 | memset(uiHashResArr, 0, 8*sizeof(uiHashResArr[0]));
|
| 371 |
|
| 372 | sha256_csum_wd((const unsigned char *)puiDataLoadAddr, uiLen, (unsigned char *)uiHashResArr);
|
| 373 | uiHashResLen = 8;
|
| 374 | /*´óС¶Ëת»»*/
|
| 375 | BIG2SMALL(uiHashResArr, 32);
|
| 376 |
|
| 377 | if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
|
| 378 | {
|
| 379 | BOOT_PRINTF(UBOOT_ERR, "LegacyRootfs Verify -> Failed !\n");
|
| 380 | return 3;
|
| 381 | }
|
| 382 |
|
| 383 | }
|
| 384 | else
|
| 385 | {
|
| 386 |
|
| 387 | u32 uiLen = 0;
|
| 388 | u32 uiRet = -1;
|
| 389 | u32 uiLoop = 0;
|
| 390 | image_header_t *puiLegacyRootfsAddr = NULL;
|
| 391 | sImageNewHeader *psRootfsHeader = NULL;
|
| 392 | u32 *puiDataLoadAddr = NULL;
|
| 393 | u32 *puiArrPubKeyEN = NULL;
|
| 394 | u32 *puiArrHASH = NULL;
|
| 395 | efuse_struct *psEfuseInfo = NULL;
|
| 396 | u32 uiHashResArr[4] = {0};
|
| 397 | u32 uiHashResLen = 0;
|
| 398 | u32 uiHashVerifySize = 0;
|
| 399 | u32 uiRsaResArr[32] = {0};
|
| 400 | u32 puiArrPubKeyE[32] = {0};
|
| 401 | u32 puiArrPubKey[64] = {0};
|
| 402 | T_Rsa_Paramter sRSAInput;
|
| 403 | u32 *puiRsaResAddr = NULL;
|
| 404 | {
|
| 405 | BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
|
| 406 | return -1;
|
| 407 | }
|
| 408 |
|
| 409 | psRootfsHeader = (sImageNewHeader *)addr;
|
| 410 | puiLegacyRootfsAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
|
| 411 | uiHashVerifySize = ___htonl(puiLegacyRootfsAddr->ih_size) + sizeof(image_header_t);
|
| 412 |
|
| 413 | psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
|
| 414 |
|
| 415 | /*
|
| 416 | * step 0
|
| 417 | */
|
| 418 |
|
| 419 | uiLen = E_N_LEN;
|
| 420 | puiArrPubKeyEN = psRootfsHeader->uiPubKeyRsaE;
|
| 421 | memcpy(puiArrPubKeyE+31, puiArrPubKeyEN, 4);
|
| 422 | memcpy(puiArrPubKey+31, puiArrPubKeyEN, 4);
|
| 423 | memcpy(puiArrPubKey+32, psRootfsHeader->uiPubKeyRsaN, 128);
|
| 424 |
|
| 425 | Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiArrPubKey, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
|
| 426 |
|
| 427 | BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 428 |
|
| 429 | if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
|
| 430 | {
|
| 431 | BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
|
| 432 | return 1;
|
| 433 | }
|
| 434 | puiArrHASH = psRootfsHeader->uiHashY;
|
| 435 |
|
| 436 | /*
|
| 437 | * step 1
|
| 438 | */
|
| 439 | sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
|
| 440 | sRSAInput.udNbitLen = 1024;
|
| 441 | sRSAInput.udEbitLen = 1024;
|
| 442 | sRSAInput.pudInputM = puiArrHASH;
|
| 443 | sRSAInput.pudInputE = puiArrPubKeyE;
|
| 444 | sRSAInput.pudInputN = psRootfsHeader->uiPubKeyRsaN;
|
| 445 | sRSAInput.pudOutputP = uiRsaResArr;
|
| 446 |
|
| 447 | uiRet = Rsa_Calculate(sRSAInput);
|
| 448 | if(uiRet != 0)
|
| 449 | {
|
| 450 | BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
|
| 451 | return 2;
|
| 452 | }
|
| 453 | puiRsaResAddr = sRSAInput.pudOutputP + (32 - uiHashResLen);
|
| 454 |
|
| 455 | /*
|
| 456 | * step 2
|
| 457 | */
|
| 458 | uiLen = uiHashVerifySize;
|
| 459 | puiDataLoadAddr = CONFIG_SYS_SDRAM_ROOTFS_BASE - sizeof(image_header_t);
|
| 460 |
|
| 461 | /* Cleanup Output Buffer. */
|
| 462 | uiHashResLen = 0;
|
| 463 | memset(uiHashResArr, 0, 4*sizeof(uiHashResArr[0]));
|
| 464 |
|
| 465 | uiRet = Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiDataLoadAddr, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
|
| 466 | if(uiRet != 0)
|
| 467 | {
|
| 468 | BOOT_PRINTF(UBOOT_ERR, "Hash_Calculate ERROR(0x%x)!\n", uiRet);
|
| 469 | return -1;
|
| 470 | }
|
| 471 |
|
| 472 | if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
|
| 473 | {
|
| 474 | BOOT_PRINTF(UBOOT_ERR, "LegacyRootfs Verify -> Failed !\n");
|
| 475 | return 3;
|
| 476 | }
|
| 477 | }
|
| 478 |
|
| 479 | return 0;
|
| 480 | }
|
| 481 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 482 | u8 secure_verify(u32 addr)
|
| 483 | {
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 484 | if(g_nor_flag != 1){
|
| 485 | u32 uiLen = 0;
|
| 486 | u32 uiRet = -1;
|
| 487 | u32 uiLoop = 0;
|
| 488 | image_header_t *puiLegacyImgAddr = NULL;
|
| 489 | sImageNewHeader *psImageHeader = NULL;
|
| 490 | u32 *puiDataLoadAddr = NULL;
|
| 491 | u32 *puiArrPubKeyEN = NULL;
|
| 492 | u32 *puiArrHASH = NULL;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 493 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 494 | efuse_struct *psEfuseInfo = NULL;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 495 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 496 | u32 uiHashResArr[4] = {0};
|
| 497 | u32 uiHashResLen = 0;
|
| 498 | u32 uiHashVerifySize = 0;
|
| 499 | u32 uiRsaResArr[32] = {0};
|
| 500 | u32 puiArrPubKeyE[32] = {0};
|
| 501 | u32 puiArrPubKey[64] = {0};
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 502 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 503 | T_Rsa_Paramter sRSAInput;
|
| 504 | u32 *puiRsaResAddr = NULL;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 505 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 506 | if(NULL == addr)
|
| 507 | {
|
| 508 | BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
|
| 509 | return -1;
|
| 510 | }
|
| 511 |
|
| 512 | psImageHeader = (sImageNewHeader *)addr;
|
| 513 |
|
| 514 | if(rootfs_flag == 1)
|
| 515 | {
|
| 516 | puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader) + sizeof(sImageNewHeader) + sizeof(image_header_t));
|
| 517 | uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t) + sizeof(image_header_t) + sizeof(sImageNewHeader);
|
| 518 | }
|
| 519 | else
|
| 520 | {
|
| 521 | puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
|
| 522 | uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t);
|
| 523 | }
|
| 524 |
|
| 525 | psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
|
| 526 |
|
| 527 | BOOT_PRINTF(UBOOT_NOTICE, "uiHashVerifySize=0x%x, EFUSE_RAM_BASE=0x%x.\n", uiHashVerifySize, EFUSE_RAM_BASE);
|
| 528 |
|
| 529 | /*
|
| 530 | * step 0
|
| 531 | */
|
| 532 | uiLen = E_N_LEN;
|
| 533 | puiArrPubKeyEN = psImageHeader->uiPubKeyRsaE;
|
| 534 | memcpy(puiArrPubKeyE+31, puiArrPubKeyEN, 4);
|
| 535 | memcpy(puiArrPubKey+31, puiArrPubKeyEN, 4);
|
| 536 | memcpy(puiArrPubKey+32, psImageHeader->uiPubKeyRsaN, 128);
|
| 537 |
|
| 538 | Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiArrPubKey, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
|
| 539 |
|
| 540 | BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| 541 |
|
| 542 | if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
|
| 543 | {
|
| 544 | BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
|
| 545 | return 1;
|
| 546 | }
|
| 547 | puiArrHASH = psImageHeader->uiHashY;
|
| 548 |
|
| 549 | /*
|
| 550 | * step 1
|
| 551 | */
|
| 552 | sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
|
| 553 | sRSAInput.udNbitLen = 1024;
|
| 554 | sRSAInput.udEbitLen = 1024;
|
| 555 | sRSAInput.pudInputM = puiArrHASH;
|
| 556 | sRSAInput.pudInputE = puiArrPubKeyE;
|
| 557 | sRSAInput.pudInputN = psImageHeader->uiPubKeyRsaN;
|
| 558 | sRSAInput.pudOutputP = uiRsaResArr;
|
| 559 |
|
| 560 | uiRet = Rsa_Calculate(sRSAInput);
|
| 561 | if(uiRet != 0)
|
| 562 | {
|
| 563 | BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
|
| 564 | return 2;
|
| 565 | }
|
| 566 | puiRsaResAddr = sRSAInput.pudOutputP + (32 - uiHashResLen);
|
| 567 |
|
| 568 | /*
|
| 569 | * step 2
|
| 570 | */
|
| 571 | uiLen = uiHashVerifySize;
|
| 572 | if(rootfs_flag == 1)
|
| 573 | {
|
| 574 | puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t) - sizeof(image_header_t) - sizeof(sImageNewHeader);
|
| 575 | }
|
| 576 | else
|
| 577 | {
|
| 578 | if(1 == m0_flag || 1 == zsp_flag){
|
| 579 | puiDataLoadAddr = (uchar *)addr + sizeof(sImageNewHeader);
|
| 580 |
|
| 581 | }else{
|
| 582 | puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t);
|
| 583 | }
|
| 584 |
|
| 585 | }
|
| 586 |
|
| 587 | /* Cleanup Output Buffer. */
|
| 588 | uiHashResLen = 0;
|
| 589 | memset(uiHashResArr, 0, 4*sizeof(uiHashResArr[0]));
|
| 590 |
|
| 591 | uiRet = Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiDataLoadAddr, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
|
| 592 | if(uiRet != 0)
|
| 593 | {
|
| 594 | BOOT_PRINTF(UBOOT_ERR, "Hash_Calculate ERROR(0x%x)!\n", uiRet);
|
| 595 | return -1;
|
| 596 | }
|
| 597 |
|
| 598 | if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
|
| 599 | {
|
| 600 | BOOT_PRINTF(UBOOT_ERR, "LegacyImg Verify -> Failed !\n");
|
| 601 | return 3;
|
| 602 | }
|
| 603 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 604 | }
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 605 | else
|
| 606 | {
|
| 607 | u32 uiLen = 0;
|
| 608 | u32 uiRet = -1;
|
| 609 | u32 uiLoop = 0;
|
| 610 | image_header_t *puiLegacyImgAddr = NULL;
|
| 611 | sImageNewHeader *psImageHeader = NULL;
|
| 612 | u32 *puiDataLoadAddr = NULL;
|
| 613 | u32 *puiArrPubKeyEN = NULL;
|
| 614 | u32 *puiArrPubKey = NULL;
|
| 615 | u32 *puiArrHASH = NULL;
|
| 616 | otp_struct *psEfuseInfo = NULL;
|
| 617 | u32 uiHashResArr[8] = {0};
|
| 618 | u32 uiHashResLen = 0;
|
| 619 | u32 uiHashVerifySize = 0;
|
| 620 | u32 uiRsaResArr[64] = {0};
|
| 621 | u32 puiArrPubKeyE[64] = {0};
|
| 622 | T_Rsa_Paramter sRSAInput;
|
| 623 | u32 *puiRsaResAddr = NULL;
|
| 624 | u32 sRamKey[9] = {0x0,0x33fa3e31,0x90d8d15a,0x073cee04,0x82ac24aa,0x2262748e,0x1a3663c7,0x4b603f6f,0xd098e0d8};
|
| 625 | if(NULL == addr)
|
| 626 | {
|
| 627 | BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
|
| 628 | return -1;
|
| 629 | }
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 630 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 631 | psImageHeader = (sImageNewHeader *)addr;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 632 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 633 | if(rootfs_flag == 1)
|
| 634 | {
|
| 635 | puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader) + sizeof(sImageNewHeader) + sizeof(image_header_t));
|
| 636 | uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t) + sizeof(image_header_t) + sizeof(sImageNewHeader);
|
| 637 | }
|
| 638 | else
|
| 639 | {
|
| 640 | puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
|
| 641 | uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t);
|
| 642 | }
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 643 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 644 | psEfuseInfo = (otp_struct*)&otpInfo;
|
| 645 | //psEfuseInfo = (otp_struct*)sRamKey;
|
| 646 |
|
| 647 | /*
|
| 648 | * step 0
|
| 649 | */
|
| 650 | uiLen = 380;
|
| 651 | puiArrPubKey = &(psImageHeader->uiPubKeyRsaELen);
|
| 652 | puiArrPubKeyEN = psImageHeader->uiPubKeyRsaE;
|
| 653 | sha256_csum_wd((const unsigned char *)puiArrPubKey, uiLen, (unsigned char *)uiHashResArr);
|
| 654 | uiHashResLen = 8;
|
| 655 | /*´óС¶Ëת»»*/
|
| 656 | BIG2SMALL(uiHashResArr, 32);
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 657 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 658 | BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 659 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 660 | if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
|
| 661 | {
|
| 662 | BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
|
| 663 | return 1;
|
| 664 | }
|
| 665 | puiArrHASH = psImageHeader->uiHashY;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 666 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 667 | /*
|
| 668 | * step 1
|
| 669 | */
|
| 670 | memcpy(puiArrPubKeyE+63, puiArrPubKeyEN, 4);
|
| 671 | sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
|
| 672 | sRSAInput.udNbitLen = 2048;
|
| 673 | sRSAInput.udEbitLen = 2048;
|
| 674 | sRSAInput.pudInputM = puiArrHASH;
|
| 675 | sRSAInput.pudInputE = puiArrPubKeyE;
|
| 676 | sRSAInput.pudInputN = psImageHeader->uiPubKeyRsaN;
|
| 677 | sRSAInput.pudOutputP = uiRsaResArr;
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 678 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 679 | uiRet = Rsa_Calculate(sRSAInput);
|
| 680 | if(uiRet != 0)
|
| 681 | {
|
| 682 | BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
|
| 683 | return 2;
|
| 684 | }
|
| 685 | puiRsaResAddr = sRSAInput.pudOutputP + (64 - uiHashResLen);
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 686 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 687 | /*
|
| 688 | * step 2
|
| 689 | */
|
| 690 | uiLen = uiHashVerifySize;
|
| 691 | if(rootfs_flag == 1)
|
| 692 | {
|
| 693 | puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t) - sizeof(image_header_t) - sizeof(sImageNewHeader);
|
| 694 | }
|
| 695 | else
|
| 696 | {
|
| 697 | if(1 == m0_flag || 1 == zsp_flag){
|
| 698 | puiDataLoadAddr = (uchar *)addr + sizeof(sImageNewHeader);
|
| 699 |
|
| 700 | }else{
|
| 701 | puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t);
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 702 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 703 | }
|
| 704 | }
|
| 705 |
|
| 706 | uiHashResLen = 0;
|
| 707 | memset(uiHashResArr, 0, 8*sizeof(uiHashResArr[0]));
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 708 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 709 | sha256_csum_wd((const unsigned char *)puiDataLoadAddr, uiLen, (unsigned char *)uiHashResArr);
|
| 710 | uiHashResLen = 8;
|
| 711 | /*´óС¶Ëת»»*/
|
| 712 | BIG2SMALL(uiHashResArr, 32);
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 713 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 714 | if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
|
| 715 | {
|
| 716 | BOOT_PRINTF(UBOOT_ERR, "LegacyImg Verify -> Failed !\n");
|
| 717 | return 3;
|
| 718 | }
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 719 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 720 | }
|
| 721 |
|
| 722 | return 0;
|
| 723 | }
|
| 724 |
|
| 725 | void efuse_get_devinfo(efuse_struct *efuse_info)
|
| 726 | {
|
| 727 | u32 i;
|
| 728 | efuse_struct *s_efuse = (efuse_struct*)EFUSE_RAM_BASE;
|
| 729 |
|
| 730 | efuse_read_prepare();
|
| 731 |
|
| 732 | efuse_info->secure_flag = s_efuse->secure_flag;
|
| 733 |
|
| 734 | for(i = 0; i < 4; i ++)
|
| 735 | {
|
| 736 | efuse_info->puk_hash[i] = s_efuse->puk_hash[i];
|
| 737 | }
|
| 738 |
|
| 739 | for(i = 0; i < 3; i ++)
|
| 740 | {
|
| 741 | efuse_info->dev_id[i] = s_efuse->dev_id[i];
|
| 742 |
|
| 743 | }
|
| 744 |
|
| 745 | }
|
| 746 | /*******************************************************************************
|
| 747 | * Function: efuse_init
|
| 748 | * Description:
|
| 749 | * Parameters:
|
| 750 | * Input:
|
| 751 | *
|
| 752 | * Output:
|
| 753 | *
|
| 754 | * Returns:
|
| 755 | *
|
| 756 | * Others:
|
| 757 | ********************************************************************************/
|
| 758 | int efuse_init(void)
|
| 759 | {
|
| 760 | /* Init Once is Enough. */
|
| 761 | if(gbEfuseReadFlag == 0)
|
| 762 | {
|
| 763 | efuse_read_prepare();
|
| 764 | gbEfuseReadFlag = 1;
|
| 765 | BOOT_PRINTF(UBOOT_DBG, "gbEfuseReadFlag=1.\n");
|
| 766 | }
|
| 767 |
|
| 768 | /* Efuse Status decide ENABLE/DISABLE SecureVerify. */
|
| 769 | efuse_get_data();
|
| 770 |
|
| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 771 | /*OTP status*/
|
| 772 |
|
| 773 | if(g_nor_flag == 1)
|
| 774 | {
|
| 775 | g_iftype = IF_TYPE_NOR;
|
| 776 | nand_init();
|
| 777 | /*Çл»³õʼ»¯spi_nand*/
|
| 778 | g_iftype = IF_TYPE_SPI_NAND;
|
| 779 | nand_init();
|
| 780 |
|
| 781 | get_otp_secure_verify_status();
|
| 782 | }
|
| 783 |
|
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 784 | return 0;
|
| 785 | }
|
| 786 |
|
| 787 |
|