gaurav rana | 47151e4 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 Freescale Semiconductor, Inc. |
| 3 | * |
| 4 | * SPDX-License-Identifier: GPL-2.0+ |
| 5 | */ |
| 6 | |
| 7 | #include <common.h> |
| 8 | #include <command.h> |
| 9 | #include <fsl_validate.h> |
| 10 | |
Saksham Jain | c4666cf | 2016-03-23 16:24:44 +0530 | [diff] [blame] | 11 | int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc, |
gaurav rana | 98cb0ef | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 12 | char * const argv[]) |
| 13 | { |
Aneesh Bansal | 856b284 | 2016-01-22 16:37:28 +0530 | [diff] [blame] | 14 | if (fsl_check_boot_mode_secure() == 0) { |
| 15 | printf("Boot Mode is Non-Secure. Not entering spin loop.\n"); |
| 16 | return 0; |
| 17 | } |
| 18 | |
gaurav rana | 98cb0ef | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 19 | printf("Core is entering spin loop.\n"); |
| 20 | loop: |
| 21 | goto loop; |
| 22 | |
| 23 | return 0; |
| 24 | } |
| 25 | |
gaurav rana | 47151e4 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 26 | static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, |
| 27 | char * const argv[]) |
| 28 | { |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 29 | char *hash_str = NULL; |
Aneesh Bansal | b055a0f | 2015-12-08 14:14:15 +0530 | [diff] [blame] | 30 | uintptr_t haddr; |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 31 | int ret; |
Saksham Jain | 85bb389 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 32 | uintptr_t img_addr = 0; |
| 33 | char buf[20]; |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 34 | |
gaurav rana | 47151e4 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 35 | if (argc < 2) |
| 36 | return cmd_usage(cmdtp); |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 37 | else if (argc > 2) |
| 38 | /* Second arg - Optional - Hash Str*/ |
| 39 | hash_str = argv[2]; |
gaurav rana | 47151e4 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 40 | |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 41 | /* First argument - header address -32/64bit */ |
Aneesh Bansal | b055a0f | 2015-12-08 14:14:15 +0530 | [diff] [blame] | 42 | haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 43 | |
Aneesh Bansal | b055a0f | 2015-12-08 14:14:15 +0530 | [diff] [blame] | 44 | /* With esbc_validate command, Image address must be |
| 45 | * part of header. So, the function is called |
| 46 | * by passing this argument as 0. |
| 47 | */ |
Saksham Jain | 85bb389 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 48 | ret = fsl_secboot_validate(haddr, hash_str, &img_addr); |
| 49 | |
| 50 | /* Need to set "img_addr" even if validation failure. |
| 51 | * Required when SB_EN in RCW set and non-fatal error |
| 52 | * to continue U-Boot |
| 53 | */ |
| 54 | sprintf(buf, "%lx", img_addr); |
Simon Glass | 382bee5 | 2017-08-03 12:22:09 -0600 | [diff] [blame] | 55 | env_set("img_addr", buf); |
Saksham Jain | 85bb389 | 2016-03-23 16:24:45 +0530 | [diff] [blame] | 56 | |
Aneesh Bansal | bc71f92 | 2015-12-08 14:14:12 +0530 | [diff] [blame] | 57 | if (ret) |
| 58 | return 1; |
| 59 | |
| 60 | printf("esbc_validate command successful\n"); |
| 61 | return 0; |
gaurav rana | 47151e4 | 2015-02-27 09:45:35 +0530 | [diff] [blame] | 62 | } |
| 63 | |
| 64 | /***************************************************/ |
| 65 | static char esbc_validate_help_text[] = |
| 66 | "esbc_validate hdr_addr <hash_val> - Validates signature using\n" |
| 67 | " RSA verification\n" |
| 68 | " $hdr_addr Address of header of the image\n" |
| 69 | " to be validated.\n" |
| 70 | " $hash_val -Optional\n" |
| 71 | " It provides Hash of public/srk key to be\n" |
| 72 | " used to verify signature.\n"; |
| 73 | |
| 74 | U_BOOT_CMD( |
| 75 | esbc_validate, 3, 0, do_esbc_validate, |
| 76 | "Validates signature on a given image using RSA verification", |
| 77 | esbc_validate_help_text |
| 78 | ); |
gaurav rana | 98cb0ef | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 79 | |
| 80 | U_BOOT_CMD( |
| 81 | esbc_halt, 1, 0, do_esbc_halt, |
Aneesh Bansal | 856b284 | 2016-01-22 16:37:28 +0530 | [diff] [blame] | 82 | "Put the core in spin loop (Secure Boot Only)", |
gaurav rana | 98cb0ef | 2015-03-10 14:08:50 +0530 | [diff] [blame] | 83 | "" |
| 84 | ); |