Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / e31de8bceaf3e9ea759e99e48b1b9d85e21cc52a / . / boot / common / src / uboot / drivers / efuse / efuse.c
blob: 9d0937ec1a63b602116edfc017df744d2977cd90 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*******************************************************************************
2 * Copyright (C) 2016, ZXIC Corporation.
3 *
4 * File Name:
5 * File Mark:
6 * Description:
7 * Others:
8 * Version: 1.0
9 * Author: zxic
10 * Date: 2016.12.15
11 * modify
12 ********************************************************************************/
13
14/****************************************************************************
15* Include files
16****************************************************************************/
17#include <malloc.h>
18#include <errno.h>
19#include <asm/io.h>
20#include <linux/mtd/mtd.h>
21#include <asm-generic/ioctl.h>
22#include <config.h>
23#include <common.h>
24#include <command.h>
25
26#include <../drivers/hash/drv_hash.h>
27#include <../drivers/rsa/drv_rsa.h>
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]28#include <../drivers/hash/sha256.h>
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]29#include <secure_verify.h>
30#include <asm/arch/efuse.h>
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]31#include <boot_mode.h>
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]32
33/****************************************************************************
34* Local Macros
35****************************************************************************/
36#define E_N_LEN 256
37#define HASH_LEN 128
38#define reg32(addr) (*(volatile unsigned long *)(addr))
39
40/****************************************************************************
41* Local Types
42****************************************************************************/
43
44
45/****************************************************************************
46* Global Value
47****************************************************************************/
48/* Disable Secure Verify as Default. */
49unsigned int guiEfuseStatus = 1;
50unsigned char g_ddr_size_flag = 0;
51
52static unsigned char gbEfuseReadFlag = 0;
53
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]54otp_struct otpInfo;
55unsigned int guiOtpStatus = 1;
56extern int rootfs_flag;
57extern int m0_flag;
58extern int zsp_flag;
59extern int g_iftype;
60extern unsigned char g_nor_flag;
61
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]62/****************************************************************************
63* Local Funcs
64****************************************************************************/
65
66static void efuse_read_prepare(void)
67{
68 //start read efuse all 256bit
69 while((reg32(SYS_EFUSE_BASE + 0x4) & 1) == 1);// bit0=1 ctl is busy
70 reg32(SYS_EFUSE_BASE + 0x4) = 1;
71 while((reg32(SYS_EFUSE_BASE + 0x14) & 2) == 0);//bit1=0 read not over
72}
73
74static void efuse_program_32bit(u32 bit_offset, u32 data)
75{
76 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
77 reg32(SYS_EFUSE_BASE+0x8) = bit_offset;
78 reg32(SYS_EFUSE_BASE+0xc) = data;
79 reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
80 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
81 reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
82}
83
84void efuse_program_secure_en(u32 en)
85{
86 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
87 reg32(SYS_EFUSE_BASE+0x8) = 0; //bit[7:0] secure_boot_en
88 if(en)
89 reg32(SYS_EFUSE_BASE+0xc) = 0xFF;
90 reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
91 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
92 reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
93}
94
95void efuse_program_chip_flag(u32 flag)
96{
97 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
98 reg32(SYS_EFUSE_BASE+0x8) = 0; //bit[31:8] secure_chip_flag
99
100 if(flag&0xFF != 0)
101 reg32(SYS_EFUSE_BASE+0xc) = 0;
102 else
103 reg32(SYS_EFUSE_BASE+0xc) = flag;
104
105 reg32(SYS_EFUSE_BASE+0x4) = (0<<4)|(2<<1)|1;//cs0 program 32bit
106 while((reg32(SYS_EFUSE_BASE+0x4)&1)==1);// bit0=1 ctl is busy
107 reg32(SYS_EFUSE_BASE+0x4) = (1<<4)|(2<<1)|1;//cs1 program 32bit
108}
109
110void efuse_program_puk_hash(u32 *key)
111{
112 efuse_program_32bit(32, key[0]);
113 efuse_program_32bit(64, key[1]);
114 efuse_program_32bit(96, key[2]);
115 efuse_program_32bit(128, key[3]);
116}
117#if 0
118/**-------------------------------------------------------------------------------------------------------------------@n
119 * º¯ÊýÃû³Æ: chip_is_spe
120 * ¹¦ÄÜÃèÊö: ÓÃÓÚÅжÏоƬÊÇ·ñΪרÍøоƬ
121 * ·µ »Ø Öµ: 0,¹«ÍøоƬ 1,רÍøоƬ
122 *--------------------------------------------------------------------------------------------------------------------*/
123u32 chip_is_spe(void)
124{
125 u8 tmp_chip_flag[3] = {0x53, 0x50, 0x45}; /*SPE*/
126 u32 efuse_tmp_buf[5] = {0};
127 efuse_struct *psEfuseInfo = NULL;
128
129 psEfuseInfo = (efuse_struct *)efuse_tmp_buf;
130 memcpy(psEfuseInfo, EFUSE_RAM_BASE, sizeof(efuse_struct));
131
132 if(memcmp(psEfuseInfo->chip_flag,tmp_chip_flag,3))
133 /*chip com*/
134 return 0;
135
136 /*chip spe*/
137 return 1;
138}
139#endif
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]140
141/*
142* Convert BIGENDIAN To SMALLENDIAN.
143*/
144void BIG2SMALL(u32 *pBuffer, u32 uiLen)
145{
146 u32 uiLoop;
147 u32 uiTmp = 0;
148
149 for (uiLoop = 0; uiLoop < uiLen/sizeof(u32); uiLoop++)
150 {
151 uiTmp = pBuffer[uiLoop];
152 pBuffer[uiLoop] = 0;
153 pBuffer[uiLoop] += (uiTmp & 0x000000FF) << 24;
154 pBuffer[uiLoop] += (uiTmp & 0x0000FF00) << 8;
155 pBuffer[uiLoop] += (uiTmp & 0x00FF0000) >> 8;
156 pBuffer[uiLoop] += (uiTmp & 0xFF000000) >> 24;
157 }
158}
159
160void get_otp_secure_verify_status(void)
161{
162 u32 uiLen;
163 otp_struct *psEfuseInfo = NULL;
164
165 /*
166 * 0. Èç¹ûsecure flag²»µÈÓÚ0£¬Í˳ö°²È«boot¡£
167 */
168 psEfuseInfo = (otp_struct*)&otpInfo;
169 if(psEfuseInfo->secure_flag != 0)
170 {
171 guiOtpStatus = 1; //Disable.
172 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag!=0xFF, SecureVerify->Disable.\n");
173 return ;
174 }
175
176 /*
177 * 1.´ÓefuseÖжÁ³öpuk_hash[255:0], ÅжÏÈç¹ûÈ«²¿Îª0Í˳ö°²È«boot¡£
178 */
179 for(uiLen = 0; uiLen < 8; uiLen++)
180 {
181 if(psEfuseInfo->puk_hash[uiLen] != 0)
182 {
183 break;
184 }
185 if(uiLen == 7)
186 {
187 guiOtpStatus = 1; //Disable.
188 BOOT_PRINTF(UBOOT_NOTICE, "PubKey_HASH=Invalid, SecureVerify->Disable.\n");
189 return ;
190 }
191 }
192 BOOT_PRINTF(UBOOT_NOTICE, "All Flag & Param is Valid, SecureVerify->ENABLE.\n");
193 guiOtpStatus = 0; //Enable.
194}
195
xf.li9d1a0e12023-09-20 01:43:20 -0700[diff] [blame]196void efuse_get_data(void)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]197{
198 efuse_struct *psEfuseInfo = NULL;
199 u32 uiLen = 0;
200
201 /* Secure Verify. 1->Disable, 0->Enable. */
202 if((reg32(EFUSE_BYPASS) & 1) == 1)
203 {
204 guiEfuseStatus = 1; //Disable.
205 BOOT_PRINTF(UBOOT_NOTICE, "EFUSE_BYPASS=1, SecureVerify->Disable.\n");
206 return ;
207 }
208
209 /* step 0*/
210 psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
211
212 /* get chip flag */
213 if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_WINBD_256M_DDR)
214 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_WINBD_256M_DDR)
215 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_UNILC_256M_DDR)
216 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_UNILC_256M_DDR)
217 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_APM_256M_DDR)
218 || ((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_APM_256M_DDR))
219 {
220 g_ddr_size_flag = CHIP_DDR_IS_32M;
221 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
222 }
223 else if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_UNILC_512M_DDR)
224 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_APM_512M_DDR)
225 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_GW_ESMT_512M_DDR)
226 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_UNILC_512M_DDR)
227 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_AZW_UNILC_512M_DDR)
228 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_APM_512M_DDR)
229 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECO_ZW_ESMT_512M_DDR))
230 {
231 g_ddr_size_flag = CHIP_DDR_IS_64M;
232 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
233 }
lh758261d2023-07-13 05:52:04 -0700[diff] [blame]234 else if(((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOSC_GW_NYC_2G_DDR)
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]235 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOGG_GW_NYC_2G_DDR)
236 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOGG_GW_NYC_NOR_2G_DDR)
237 ||((psEfuseInfo->secure_flag >> 8) == ZX297520V3ECOSC_GW_NYC_NOR_2G_DDR))
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]238 {
239 g_ddr_size_flag = CHIP_DDR_IS_256M;
240 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
241 }
242 else
243 {
244 g_ddr_size_flag = CHIP_DDR_IS_128M;
245 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
246 }
247
248 if((psEfuseInfo->secure_flag & 0xFF) != 0xFF)
249 {
250 guiEfuseStatus = 1; //Disable.
251 BOOT_PRINTF(UBOOT_NOTICE, "secure_flag!=0xFF, SecureVerify->Disable.\n");
252 return ;
253 }
254
255 /* step 1*/
256 for(uiLen = 0; uiLen < 4; uiLen++)
257 {
258 if(psEfuseInfo->puk_hash[uiLen] != 0)
259 {
260 break;
261 }
262 if(uiLen == 3)
263 {
264 guiEfuseStatus = 1; //Disable.
265 BOOT_PRINTF(UBOOT_NOTICE, "PubKey_HASH=Invalid, SecureVerify->Disable.\n");
266 return ;
267 }
268 }
269 BOOT_PRINTF(UBOOT_NOTICE, "All Flag & Param is Valid, SecureVerify->ENABLE.\n");
270 guiEfuseStatus = 0; //Enable.
271}
272
273static u8 efuse_cmp_word(u32* src, u32* dst, u32 cnt)
274{
275 u32 i;
276 for(i = 0; i < cnt; i++)
277 {
278 if(src[i] != dst[i])
279 {
280 return 1;
281 }
282 }
283 return 0;
284}
285
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]286u8 rootfs_secure_verify(u32 addr)
287{
288 if(g_nor_flag == 1)
289 {
290
291 u32 uiLen = 0;
292 u32 uiRet = -1;
293 u32 uiLoop = 0;
294 image_header_t *puiLegacyRootfsAddr = NULL;
295 sImageNewHeader *psRootfsHeader = NULL;
296 u32 *puiDataLoadAddr = NULL;
297 u32 *puiArrPubKeyEN = NULL;
298 u32 *puiArrPubKey = NULL;
299 u32 *puiArrHASH = NULL;
300 otp_struct *psEfuseInfo = NULL;
301 u32 uiHashResArr[8] = {0};
302 u32 uiHashResLen = 0;
303 u32 uiHashVerifySize = 0;
304 u32 uiRsaResArr[64] = {0};
305 u32 puiArrPubKeyE[64] = {0};
306 T_Rsa_Paramter sRSAInput;
307 u32 *puiRsaResAddr = NULL;
308 u32 sRamKey[9] = {0x0,0x33fa3e31,0x90d8d15a,0x073cee04,0x82ac24aa,0x2262748e,0x1a3663c7,0x4b603f6f,0xd098e0d8};
309 if(NULL == addr)
310 {
311 BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
312 return -1;
313 }
314
315 psRootfsHeader = (sImageNewHeader *)addr;
316 puiLegacyRootfsAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
317 uiHashVerifySize = ___htonl(puiLegacyRootfsAddr->ih_size) + sizeof(image_header_t);
318
319 //psEfuseInfo = (otp_struct*)sRamKey;
320 psEfuseInfo = (otp_struct*)&otpInfo;
321
322 /*
323 * step 0
324 */
325 puiArrPubKeyEN = psRootfsHeader->uiPubKeyRsaE;
326 uiLen = 380;
327 puiArrPubKey = &(psRootfsHeader->uiPubKeyRsaELen);
328 sha256_csum_wd((const unsigned char *)puiArrPubKey, uiLen, (unsigned char *)uiHashResArr);
329 uiHashResLen = 8;
330 /*´óС¶Ëת»»*/
331 BIG2SMALL(uiHashResArr, 32);
332
333 BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
334
335 if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
336 {
337 BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
338 return 1;
339 }
340 puiArrHASH = psRootfsHeader->uiHashY;
341
342 /*
343 * step 1
344 */
345 memcpy(puiArrPubKeyE+63, puiArrPubKeyEN, 4);
346 sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
347 sRSAInput.udNbitLen = 2048;
348 sRSAInput.udEbitLen = 2048;
349 sRSAInput.pudInputM = puiArrHASH;
350 sRSAInput.pudInputE = puiArrPubKeyE;
351 sRSAInput.pudInputN = psRootfsHeader->uiPubKeyRsaN;
352 sRSAInput.pudOutputP = uiRsaResArr;
353
354 uiRet = Rsa_Calculate(sRSAInput);
355 if(uiRet != 0)
356 {
357 BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
358 return 2;
359 }
360 puiRsaResAddr = sRSAInput.pudOutputP + (64 - uiHashResLen);
361
362 /*
363 * step 2
364 */
365 uiLen = uiHashVerifySize;
366 puiDataLoadAddr = CONFIG_SYS_SDRAM_ROOTFS_BASE - sizeof(image_header_t);
367
368 /* Cleanup Output Buffer. */
369 uiHashResLen = 0;
370 memset(uiHashResArr, 0, 8*sizeof(uiHashResArr[0]));
371
372 sha256_csum_wd((const unsigned char *)puiDataLoadAddr, uiLen, (unsigned char *)uiHashResArr);
373 uiHashResLen = 8;
374 /*´óС¶Ëת»»*/
375 BIG2SMALL(uiHashResArr, 32);
376
377 if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
378 {
379 BOOT_PRINTF(UBOOT_ERR, "LegacyRootfs Verify -> Failed !\n");
380 return 3;
381 }
382
383 }
384 else
385 {
386
387 u32 uiLen = 0;
388 u32 uiRet = -1;
389 u32 uiLoop = 0;
390 image_header_t *puiLegacyRootfsAddr = NULL;
391 sImageNewHeader *psRootfsHeader = NULL;
392 u32 *puiDataLoadAddr = NULL;
393 u32 *puiArrPubKeyEN = NULL;
394 u32 *puiArrHASH = NULL;
395 efuse_struct *psEfuseInfo = NULL;
396 u32 uiHashResArr[4] = {0};
397 u32 uiHashResLen = 0;
398 u32 uiHashVerifySize = 0;
399 u32 uiRsaResArr[32] = {0};
400 u32 puiArrPubKeyE[32] = {0};
401 u32 puiArrPubKey[64] = {0};
402 T_Rsa_Paramter sRSAInput;
403 u32 *puiRsaResAddr = NULL;
xf.li9d1a0e12023-09-20 01:43:20 -0700[diff] [blame]404
405 if(NULL == addr)
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]406 {
407 BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
408 return -1;
409 }
410
411 psRootfsHeader = (sImageNewHeader *)addr;
412 puiLegacyRootfsAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
413 uiHashVerifySize = ___htonl(puiLegacyRootfsAddr->ih_size) + sizeof(image_header_t);
414
415 psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
416
417 /*
418 * step 0
419 */
420
421 uiLen = E_N_LEN;
422 puiArrPubKeyEN = psRootfsHeader->uiPubKeyRsaE;
423 memcpy(puiArrPubKeyE+31, puiArrPubKeyEN, 4);
424 memcpy(puiArrPubKey+31, puiArrPubKeyEN, 4);
425 memcpy(puiArrPubKey+32, psRootfsHeader->uiPubKeyRsaN, 128);
426
427 Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiArrPubKey, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
428
429 BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
430
431 if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
432 {
433 BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
434 return 1;
435 }
436 puiArrHASH = psRootfsHeader->uiHashY;
437
438 /*
439 * step 1
440 */
441 sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
442 sRSAInput.udNbitLen = 1024;
443 sRSAInput.udEbitLen = 1024;
444 sRSAInput.pudInputM = puiArrHASH;
445 sRSAInput.pudInputE = puiArrPubKeyE;
446 sRSAInput.pudInputN = psRootfsHeader->uiPubKeyRsaN;
447 sRSAInput.pudOutputP = uiRsaResArr;
448
449 uiRet = Rsa_Calculate(sRSAInput);
450 if(uiRet != 0)
451 {
452 BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
453 return 2;
454 }
455 puiRsaResAddr = sRSAInput.pudOutputP + (32 - uiHashResLen);
456
457 /*
458 * step 2
459 */
460 uiLen = uiHashVerifySize;
461 puiDataLoadAddr = CONFIG_SYS_SDRAM_ROOTFS_BASE - sizeof(image_header_t);
462
463 /* Cleanup Output Buffer. */
464 uiHashResLen = 0;
465 memset(uiHashResArr, 0, 4*sizeof(uiHashResArr[0]));
466
467 uiRet = Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiDataLoadAddr, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
468 if(uiRet != 0)
469 {
470 BOOT_PRINTF(UBOOT_ERR, "Hash_Calculate ERROR(0x%x)!\n", uiRet);
471 return -1;
472 }
473
474 if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
475 {
476 BOOT_PRINTF(UBOOT_ERR, "LegacyRootfs Verify -> Failed !\n");
477 return 3;
478 }
479 }
480
481 return 0;
482}
483
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]484u8 secure_verify(u32 addr)
485{
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]486 if(g_nor_flag != 1){
487 u32 uiLen = 0;
488 u32 uiRet = -1;
489 u32 uiLoop = 0;
490 image_header_t *puiLegacyImgAddr = NULL;
491 sImageNewHeader *psImageHeader = NULL;
492 u32 *puiDataLoadAddr = NULL;
493 u32 *puiArrPubKeyEN = NULL;
494 u32 *puiArrHASH = NULL;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]495
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]496 efuse_struct *psEfuseInfo = NULL;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]497
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]498 u32 uiHashResArr[4] = {0};
499 u32 uiHashResLen = 0;
500 u32 uiHashVerifySize = 0;
501 u32 uiRsaResArr[32] = {0};
502 u32 puiArrPubKeyE[32] = {0};
503 u32 puiArrPubKey[64] = {0};
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]504
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]505 T_Rsa_Paramter sRSAInput;
506 u32 *puiRsaResAddr = NULL;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]507
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]508 if(NULL == addr)
509 {
510 BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
511 return -1;
512 }
513
514 psImageHeader = (sImageNewHeader *)addr;
515
516 if(rootfs_flag == 1)
517 {
518 puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader) + sizeof(sImageNewHeader) + sizeof(image_header_t));
519 uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t) + sizeof(image_header_t) + sizeof(sImageNewHeader);
520 }
521 else
522 {
523 puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
524 uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t);
525 }
526
527 psEfuseInfo = (efuse_struct*)EFUSE_RAM_BASE;
528
529 BOOT_PRINTF(UBOOT_NOTICE, "uiHashVerifySize=0x%x, EFUSE_RAM_BASE=0x%x.\n", uiHashVerifySize, EFUSE_RAM_BASE);
530
531 /*
532 * step 0
533 */
534 uiLen = E_N_LEN;
535 puiArrPubKeyEN = psImageHeader->uiPubKeyRsaE;
536 memcpy(puiArrPubKeyE+31, puiArrPubKeyEN, 4);
537 memcpy(puiArrPubKey+31, puiArrPubKeyEN, 4);
538 memcpy(puiArrPubKey+32, psImageHeader->uiPubKeyRsaN, 128);
539
540 Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiArrPubKey, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
541
542 BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
543
544 if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
545 {
546 BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
547 return 1;
548 }
549 puiArrHASH = psImageHeader->uiHashY;
550
551 /*
552 * step 1
553 */
554 sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
555 sRSAInput.udNbitLen = 1024;
556 sRSAInput.udEbitLen = 1024;
557 sRSAInput.pudInputM = puiArrHASH;
558 sRSAInput.pudInputE = puiArrPubKeyE;
559 sRSAInput.pudInputN = psImageHeader->uiPubKeyRsaN;
560 sRSAInput.pudOutputP = uiRsaResArr;
561
562 uiRet = Rsa_Calculate(sRSAInput);
563 if(uiRet != 0)
564 {
565 BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
566 return 2;
567 }
568 puiRsaResAddr = sRSAInput.pudOutputP + (32 - uiHashResLen);
569
570 /*
571 * step 2
572 */
573 uiLen = uiHashVerifySize;
574 if(rootfs_flag == 1)
575 {
576 puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t) - sizeof(image_header_t) - sizeof(sImageNewHeader);
577 }
578 else
579 {
580 if(1 == m0_flag || 1 == zsp_flag){
581 puiDataLoadAddr = (uchar *)addr + sizeof(sImageNewHeader);
582
583 }else{
584 puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t);
585 }
586
587 }
588
589 /* Cleanup Output Buffer. */
590 uiHashResLen = 0;
591 memset(uiHashResArr, 0, 4*sizeof(uiHashResArr[0]));
592
593 uiRet = Hash_Calculate(HASH_MODE_MD5, HASH_SMALL_ENDIAN, puiDataLoadAddr, uiLen, NULL, 0, uiHashResArr, &uiHashResLen);
594 if(uiRet != 0)
595 {
596 BOOT_PRINTF(UBOOT_ERR, "Hash_Calculate ERROR(0x%x)!\n", uiRet);
597 return -1;
598 }
599
600 if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
601 {
602 BOOT_PRINTF(UBOOT_ERR, "LegacyImg Verify -> Failed !\n");
603 return 3;
604 }
605
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]606 }
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]607 else
608 {
609 u32 uiLen = 0;
610 u32 uiRet = -1;
611 u32 uiLoop = 0;
612 image_header_t *puiLegacyImgAddr = NULL;
613 sImageNewHeader *psImageHeader = NULL;
614 u32 *puiDataLoadAddr = NULL;
615 u32 *puiArrPubKeyEN = NULL;
616 u32 *puiArrPubKey = NULL;
617 u32 *puiArrHASH = NULL;
618 otp_struct *psEfuseInfo = NULL;
619 u32 uiHashResArr[8] = {0};
620 u32 uiHashResLen = 0;
621 u32 uiHashVerifySize = 0;
622 u32 uiRsaResArr[64] = {0};
623 u32 puiArrPubKeyE[64] = {0};
624 T_Rsa_Paramter sRSAInput;
625 u32 *puiRsaResAddr = NULL;
626 u32 sRamKey[9] = {0x0,0x33fa3e31,0x90d8d15a,0x073cee04,0x82ac24aa,0x2262748e,0x1a3663c7,0x4b603f6f,0xd098e0d8};
627 if(NULL == addr)
628 {
629 BOOT_PRINTF(UBOOT_ERR, "Bad Parameter(Empty Pointer)!\n");
630 return -1;
631 }
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]632
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]633 psImageHeader = (sImageNewHeader *)addr;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]634
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]635 if(rootfs_flag == 1)
636 {
637 puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader) + sizeof(sImageNewHeader) + sizeof(image_header_t));
638 uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t) + sizeof(image_header_t) + sizeof(sImageNewHeader);
639 }
640 else
641 {
642 puiLegacyImgAddr = (image_header_t *)(addr + sizeof(sImageNewHeader));
643 uiHashVerifySize = ___htonl(puiLegacyImgAddr->ih_size) + sizeof(image_header_t);
644 }
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]645
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]646 psEfuseInfo = (otp_struct*)&otpInfo;
647 //psEfuseInfo = (otp_struct*)sRamKey;
648
649 /*
650 * step 0
651 */
652 uiLen = 380;
653 puiArrPubKey = &(psImageHeader->uiPubKeyRsaELen);
654 puiArrPubKeyEN = psImageHeader->uiPubKeyRsaE;
655 sha256_csum_wd((const unsigned char *)puiArrPubKey, uiLen, (unsigned char *)uiHashResArr);
656 uiHashResLen = 8;
657 /*´óС¶Ëת»»*/
658 BIG2SMALL(uiHashResArr, 32);
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]659
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]660 BOOT_PRINTF(UBOOT_DBG, "secure_flag=0x%x.\n", psEfuseInfo->secure_flag);
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]661
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]662 if(efuse_cmp_word(psEfuseInfo->puk_hash, uiHashResArr, uiHashResLen))
663 {
664 BOOT_PRINTF(UBOOT_ERR, "PubKey Hash Verify -> Failed !\n");
665 return 1;
666 }
667 puiArrHASH = psImageHeader->uiHashY;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]668
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]669 /*
670 * step 1
671 */
672 memcpy(puiArrPubKeyE+63, puiArrPubKeyEN, 4);
673 sRSAInput.udCalMode = RSA_MOD_EXPO_WITH_INIT;
674 sRSAInput.udNbitLen = 2048;
675 sRSAInput.udEbitLen = 2048;
676 sRSAInput.pudInputM = puiArrHASH;
677 sRSAInput.pudInputE = puiArrPubKeyE;
678 sRSAInput.pudInputN = psImageHeader->uiPubKeyRsaN;
679 sRSAInput.pudOutputP = uiRsaResArr;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]680
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]681 uiRet = Rsa_Calculate(sRSAInput);
682 if(uiRet != 0)
683 {
684 BOOT_PRINTF(UBOOT_ERR, "Rsa_Calculate ERROR(0x%x)!\n", uiRet);
685 return 2;
686 }
687 puiRsaResAddr = sRSAInput.pudOutputP + (64 - uiHashResLen);
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]688
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]689 /*
690 * step 2
691 */
692 uiLen = uiHashVerifySize;
693 if(rootfs_flag == 1)
694 {
695 puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t) - sizeof(image_header_t) - sizeof(sImageNewHeader);
696 }
697 else
698 {
699 if(1 == m0_flag || 1 == zsp_flag){
700 puiDataLoadAddr = (uchar *)addr + sizeof(sImageNewHeader);
701
702 }else{
703 puiDataLoadAddr = ___htonl(puiLegacyImgAddr->ih_load) - sizeof(image_header_t);
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]704
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]705 }
706 }
707
708 uiHashResLen = 0;
709 memset(uiHashResArr, 0, 8*sizeof(uiHashResArr[0]));
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]710
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]711 sha256_csum_wd((const unsigned char *)puiDataLoadAddr, uiLen, (unsigned char *)uiHashResArr);
712 uiHashResLen = 8;
713 /*´óС¶Ëת»»*/
714 BIG2SMALL(uiHashResArr, 32);
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]715
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]716 if(efuse_cmp_word(puiRsaResAddr, uiHashResArr, uiHashResLen))
717 {
718 BOOT_PRINTF(UBOOT_ERR, "LegacyImg Verify -> Failed !\n");
719 return 3;
720 }
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]721
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]722 }
723
724 return 0;
725}
726
727void efuse_get_devinfo(efuse_struct *efuse_info)
728{
729 u32 i;
730 efuse_struct *s_efuse = (efuse_struct*)EFUSE_RAM_BASE;
731
732 efuse_read_prepare();
733
734 efuse_info->secure_flag = s_efuse->secure_flag;
735
736 for(i = 0; i < 4; i ++)
737 {
738 efuse_info->puk_hash[i] = s_efuse->puk_hash[i];
739 }
740
741 for(i = 0; i < 3; i ++)
742 {
743 efuse_info->dev_id[i] = s_efuse->dev_id[i];
744
745 }
746
747}
748/*******************************************************************************
749* Function: efuse_init
750* Description:
751* Parameters:
752* Input:
753*
754* Output:
755*
756* Returns:
757*
758* Others:
759********************************************************************************/
760int efuse_init(void)
761{
762 /* Init Once is Enough. */
763 if(gbEfuseReadFlag == 0)
764 {
765 efuse_read_prepare();
766 gbEfuseReadFlag = 1;
767 BOOT_PRINTF(UBOOT_DBG, "gbEfuseReadFlag=1.\n");
768 }
769
770 /* Efuse Status decide ENABLE/DISABLE SecureVerify. */
771 efuse_get_data();
772
xf.liaa4d92f2023-09-13 00:18:58 -0700[diff] [blame]773 /*OTP status*/
774
775 if(g_nor_flag == 1)
776 {
777 g_iftype = IF_TYPE_NOR;
778 nand_init();
779 /*Çл»³õʼ»¯spi_nand*/
780 g_iftype = IF_TYPE_SPI_NAND;
781 nand_init();
782
783 get_otp_secure_verify_status();
784 }
785
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]786 return 0;
787}
788
789