Commit da082779 authored by ji.luo's avatar ji.luo Committed by Jason Liu
Browse files

MA-10337-1 Support ATX in u-boot



This patch did:
1.Hard code the permanent attribute into u-boot.
2.Store first 112 bits of sha256(permanent attribute) hash into fuse.
(CONFIG_AVB_FUSE was removed because it's an irreversible operation)
3.Implement platform-specific operations defined in avb_atx_ops.h.

Change-Id: I65de9860e7c5ca1f7ebfbd87300faee0ccacaac3
Signed-off-by: default avatarji.luo <ji.luo@nxp.com>
parent 503f7c89
...@@ -914,7 +914,7 @@ static lbaint_t mmc_sparse_write(struct sparse_storage *info, ...@@ -914,7 +914,7 @@ static lbaint_t mmc_sparse_write(struct sparse_storage *info,
fill_buf_num_blks = SPARSE_FILL_BUF_SIZE / info->blksz; fill_buf_num_blks = SPARSE_FILL_BUF_SIZE / info->blksz;
data = memalign(CONFIG_SYS_CACHELINE_SIZE, fill_buf_num_blks * info->blksz); data = memalign(CONFIG_SYS_CACHELINE_SIZE, fill_buf_num_blks * info->blksz);
while (blkcnt) { while (blkcnt) {
if (blkcnt > fill_buf_num_blks) if (blkcnt > fill_buf_num_blks)
...@@ -929,14 +929,14 @@ static lbaint_t mmc_sparse_write(struct sparse_storage *info, ...@@ -929,14 +929,14 @@ static lbaint_t mmc_sparse_write(struct sparse_storage *info,
blk += cnt; blk += cnt;
blkcnt -= cnt; blkcnt -= cnt;
buffer = (void *)((unsigned long)buffer + cnt * info->blksz); buffer = (void *)((unsigned long)buffer + cnt * info->blksz);
} }
free(data); free(data);
} else { } else {
ret = blk_dwrite(dev_desc, blk, blkcnt, buffer); ret = blk_dwrite(dev_desc, blk, blkcnt, buffer);
} }
return ret; return ret;
} }
...@@ -1039,7 +1039,7 @@ static void process_flash_mmc(const char *cmdbuf) ...@@ -1039,7 +1039,7 @@ static void process_flash_mmc(const char *cmdbuf)
struct blk_desc *dev_desc; struct blk_desc *dev_desc;
disk_partition_t info; disk_partition_t info;
struct sparse_storage sparse; struct sparse_storage sparse;
mmc_no = fastboot_devinfo.dev_id; mmc_no = fastboot_devinfo.dev_id;
printf("sparse flash target is MMC:%d\n", mmc_no); printf("sparse flash target is MMC:%d\n", mmc_no);
...@@ -1861,12 +1861,25 @@ static AvbABOps fsl_avb_ab_ops = { ...@@ -1861,12 +1861,25 @@ static AvbABOps fsl_avb_ab_ops = {
.write_ab_metadata = fsl_write_ab_metadata, .write_ab_metadata = fsl_write_ab_metadata,
.ops = NULL .ops = NULL
}; };
#ifdef CONFIG_AVB_ATX
static AvbAtxOps fsl_avb_atx_ops = {
.ops = NULL,
.read_permanent_attributes = fsl_read_permanent_attributes,
.read_permanent_attributes_hash = fsl_read_permanent_attributes_hash
};
#endif
static AvbOps fsl_avb_ops = { static AvbOps fsl_avb_ops = {
.ab_ops = &fsl_avb_ab_ops, .ab_ops = &fsl_avb_ab_ops,
#ifdef CONFIG_AVB_ATX
.atx_ops = &fsl_avb_atx_ops,
#endif
.read_from_partition = fsl_read_from_partition_multi, .read_from_partition = fsl_read_from_partition_multi,
.write_to_partition = fsl_write_to_partition, .write_to_partition = fsl_write_to_partition,
#ifdef CONFIG_AVB_ATX
.validate_vbmeta_public_key = avb_atx_validate_vbmeta_public_key,
#else
.validate_vbmeta_public_key = fsl_validate_vbmeta_public_key_rpmb, .validate_vbmeta_public_key = fsl_validate_vbmeta_public_key_rpmb,
#endif
.read_rollback_index = fsl_read_rollback_index_rpmb, .read_rollback_index = fsl_read_rollback_index_rpmb,
.write_rollback_index = fsl_write_rollback_index_rpmb, .write_rollback_index = fsl_write_rollback_index_rpmb,
.read_is_device_unlocked = fsl_read_is_device_unlocked, .read_is_device_unlocked = fsl_read_is_device_unlocked,
...@@ -1948,6 +1961,9 @@ void fastboot_setup(void) ...@@ -1948,6 +1961,9 @@ void fastboot_setup(void)
parameters_setup(); parameters_setup();
#ifdef CONFIG_AVB_SUPPORT #ifdef CONFIG_AVB_SUPPORT
fsl_avb_ab_ops.ops = &fsl_avb_ops; fsl_avb_ab_ops.ops = &fsl_avb_ops;
#ifdef CONFIG_AVB_ATX
fsl_avb_atx_ops.ops = &fsl_avb_ops;
#endif
#endif #endif
} }
......
/* /*
* Copyright (C) 2015-2016 Freescale Semiconductor, Inc. * Copyright (C) 2015-2016 Freescale Semiconductor, Inc.
* Copyright 2017 NXP
* *
* SPDX-License-Identifier: GPL-2.0+ * SPDX-License-Identifier: GPL-2.0+
*/ */
...@@ -19,6 +20,10 @@ ...@@ -19,6 +20,10 @@
#define KEYSLOT_HWPARTITION_ID 2 #define KEYSLOT_HWPARTITION_ID 2
#endif #endif
#ifdef CONFIG_AVB_ATX
#define PERMANENT_ATTRIBUTE_HASH_OFFSET 32
#endif
#ifdef CONFIG_IMX_TRUSTY_OS #ifdef CONFIG_IMX_TRUSTY_OS
#define NON_SECURE_FASTBOOT #define NON_SECURE_FASTBOOT
#define TRUSTY_KEYSLOT_PACKAGE #define TRUSTY_KEYSLOT_PACKAGE
...@@ -39,7 +44,6 @@ ...@@ -39,7 +44,6 @@
#define CONFIG_SHA256 #define CONFIG_SHA256
#define CONFIG_AVB_SUPPORT #define CONFIG_AVB_SUPPORT
#define CONFIG_AVB_FUSE
#ifdef CONFIG_AVB_SUPPORT #ifdef CONFIG_AVB_SUPPORT
#ifdef CONFIG_SYS_MALLOC_LEN #ifdef CONFIG_SYS_MALLOC_LEN
#undef CONFIG_SYS_MALLOC_LEN #undef CONFIG_SYS_MALLOC_LEN
...@@ -53,3 +57,4 @@ ...@@ -53,3 +57,4 @@
#endif #endif
#endif #endif
/* __MX6UL_NXPU_IOPB_ANDROID_THINGS_H */
/* /*
* Copyright (C) 2015-2016 Freescale Semiconductor, Inc. * Copyright (C) 2015-2016 Freescale Semiconductor, Inc.
* Copyright 2017 NXP
* *
* SPDX-License-Identifier: GPL-2.0+ * SPDX-License-Identifier: GPL-2.0+
*/ */
#ifndef __PICOSOM_IMX6UL_ANDROID_THINGS_H #ifndef __MX6UL_SPRIOT_ANDROID_THINGS_H
#define __PICOSOM_IMX6UL_ANDROID_THINGS_H #define __MX6UL_SPRIOT_ANDROID_THINGS_H
#include "mx_android_common.h" #include "mx_android_common.h"
#ifdef CONFIG_AVB_ATX
#define PERMANENT_ATTRIBUTE_HASH_OFFSET 32
#endif
#define AVB_RPMB #define AVB_RPMB
#ifdef AVB_RPMB #ifdef AVB_RPMB
#define KEYSLOT_BLKS 0xFFF #define KEYSLOT_BLKS 0xFFF
...@@ -30,7 +35,6 @@ ...@@ -30,7 +35,6 @@
#define CONFIG_AVB_SUPPORT #define CONFIG_AVB_SUPPORT
#define CONFIG_SYSTEM_RAMDISK_SUPPORT #define CONFIG_SYSTEM_RAMDISK_SUPPORT
#define CONFIG_AVB_FUSE
#ifdef CONFIG_AVB_SUPPORT #ifdef CONFIG_AVB_SUPPORT
#ifdef CONFIG_SYS_MALLOC_LEN #ifdef CONFIG_SYS_MALLOC_LEN
...@@ -46,3 +50,4 @@ ...@@ -46,3 +50,4 @@
#endif #endif
#endif #endif
/* __MX6UL_SPRIOT_ANDROID_THINGS_H */
...@@ -23,7 +23,6 @@ ...@@ -23,7 +23,6 @@
#define CONFIG_AVB_SUPPORT #define CONFIG_AVB_SUPPORT
#define CONFIG_SYSTEM_RAMDISK_SUPPORT #define CONFIG_SYSTEM_RAMDISK_SUPPORT
#define CONFIG_AVB_FUSE
#ifdef CONFIG_AVB_SUPPORT #ifdef CONFIG_AVB_SUPPORT
#ifdef CONFIG_SYS_MALLOC_LEN #ifdef CONFIG_SYS_MALLOC_LEN
...@@ -39,3 +38,4 @@ ...@@ -39,3 +38,4 @@
#endif #endif
#endif #endif
/* __PICO_IMX6DL_ANDROID_THINGS_H */
/* /*
* Copyright (C) 2016 Freescale Semiconductor, Inc. * Copyright (C) 2016 Freescale Semiconductor, Inc.
* Copyright 2017 NXP
* *
* SPDX-License-Identifier: GPL-2.0+ * SPDX-License-Identifier: GPL-2.0+
*/ */
...@@ -12,6 +13,10 @@ ...@@ -12,6 +13,10 @@
#define TEE_HWPARTITION_ID 2 #define TEE_HWPARTITION_ID 2
#define TRUSTY_OS_MMC_BLKS 0xFFF #define TRUSTY_OS_MMC_BLKS 0xFFF
#ifdef CONFIG_AVB_ATX
#define PERMANENT_ATTRIBUTE_HASH_OFFSET 0
#endif
#define AVB_RPMB #define AVB_RPMB
#ifdef AVB_RPMB #ifdef AVB_RPMB
#define KEYSLOT_BLKS 0xFFF #define KEYSLOT_BLKS 0xFFF
...@@ -63,10 +68,10 @@ ...@@ -63,10 +68,10 @@
/* infact 7D have no enough bits /* infact 7D have no enough bits
* set this size to 0 will disable * set this size to 0 will disable
* program/read FUSE */ * program/read FUSE */
#define CONFIG_AVB_FUSE_BANK_SIZEW 0 #define CONFIG_AVB_FUSE_BANK_SIZEW 4
#define CONFIG_AVB_FUSE_BANK_START 0 #define CONFIG_AVB_FUSE_BANK_START 14
#define CONFIG_AVB_FUSE_BANK_END 0 #define CONFIG_AVB_FUSE_BANK_END 14
#endif #endif
#endif #endif
/* __PICO_IMX7DANDROIDTHINGS_H */
/* /*
* Copyright (C) 2015-2016 Freescale Semiconductor, Inc. * Copyright (C) 2015-2016 Freescale Semiconductor, Inc.
* Copyright 2017 NXP
* *
* SPDX-License-Identifier: GPL-2.0+ * SPDX-License-Identifier: GPL-2.0+
*/ */
...@@ -8,6 +9,10 @@ ...@@ -8,6 +9,10 @@
#ifndef __PICOSOM_IMX6UL_ANDROID_THINGS_H #ifndef __PICOSOM_IMX6UL_ANDROID_THINGS_H
#define __PICOSOM_IMX6UL_ANDROID_THINGS_H #define __PICOSOM_IMX6UL_ANDROID_THINGS_H
#ifdef CONFIG_AVB_ATX
#define PERMANENT_ATTRIBUTE_HASH_OFFSET 32
#endif
#define AVB_RPMB #define AVB_RPMB
#ifdef AVB_RPMB #ifdef AVB_RPMB
#define KEYSLOT_BLKS 0xFFF #define KEYSLOT_BLKS 0xFFF
...@@ -38,7 +43,6 @@ ...@@ -38,7 +43,6 @@
#define CONFIG_AVB_SUPPORT #define CONFIG_AVB_SUPPORT
#define CONFIG_SYSTEM_RAMDISK_SUPPORT #define CONFIG_SYSTEM_RAMDISK_SUPPORT
#define CONFIG_AVB_FUSE
#ifdef CONFIG_AVB_SUPPORT #ifdef CONFIG_AVB_SUPPORT
#ifdef CONFIG_SYS_MALLOC_LEN #ifdef CONFIG_SYS_MALLOC_LEN
...@@ -55,3 +59,4 @@ ...@@ -55,3 +59,4 @@
#endif #endif
/* __PICOSOM_IMX6UL_ANDROID_THINGS_H */
/*
* Copyright 2017 NXP
*
* SPDX-License-Identifier: GPL-2.0+
*/
#ifndef __FSL_ATX_ATTRIBUTES_H__
#define __FSL_ATX_ATTRIBUTES_H__
#define fsl_version 1
/* This product_id is generated from
* extern/avb/test/data/atx_product_id.bin */
unsigned char fsl_atx_product_id[] = {
0x3f,0x38,0x9c,0xcb,0xbe,0x56,0xcc,0x3d,
0x0b,0xd0,0xbb,0x35,0x01,0x85,0xa7,0xd2
};
/* This product_root_public_key is generated form
* extern/avb/test/data/testkey_atx_prk.pem */
unsigned char fsl_product_root_public_key[] = {
0x00,0x00,0x10,0x00,0x9f,0x35,0xef,0x65,
0xc3,0x29,0x4c,0x23,0x16,0x10,0xac,0x32,
0xc1,0x3c,0xd5,0xc5,0xab,0xa1,0xd9,0xe7,
0x13,0x3f,0x7e,0xd1,0xe6,0x61,0x5d,0xa3,
0xa1,0x60,0xda,0x57,0x4b,0xb2,0xe6,0x0f,
0xe1,0x50,0xbf,0x47,0xff,0x09,0xaf,0xcd,
0x49,0x2d,0x82,0x33,0x76,0xa1,0xfe,0x28,
0x5f,0x89,0x62,0xb3,0xc0,0xf1,0x11,0xaf,
0x15,0x09,0x27,0xdb,0xeb,0x06,0x01,0xa2,
0xf8,0xb7,0xd7,0x9c,0xe4,0x88,0x3a,0x86,
0x05,0x02,0x20,0x69,0xb2,0x36,0x4c,0x3e,
0x25,0x03,0xed,0xfc,0x0c,0x6b,0x1b,0x0a,
0x04,0x9c,0xce,0x7f,0x83,0x82,0x60,0xd9,
0x52,0x7e,0xc4,0x35,0x7b,0x1c,0xe6,0x64,
0x9c,0x17,0xec,0x81,0xe7,0x9c,0x0c,0x8b,
0x4b,0x7e,0x48,0xbe,0x00,0x98,0xa8,0x20,
0x10,0x4c,0x9b,0xd1,0x16,0x5b,0x25,0xe9,
0x4e,0x61,0xda,0x7c,0x63,0x80,0x8f,0xa4,
0xac,0x74,0xee,0xa8,0x06,0xac,0x26,0xd5,
0x71,0x6f,0xaa,0x73,0x20,0x9c,0x7f,0xcd,
0x73,0xd4,0xa9,0xa0,0x7e,0x5a,0xb5,0x61,
0xb0,0x88,0xb0,0xdd,0xdb,0x6b,0x79,0xd1,
0x5a,0x9e,0x54,0x49,0x55,0xc6,0x89,0x76,
0x7a,0xc6,0x78,0x99,0xdc,0xc9,0x00,0x5d,
0x20,0xf5,0xfc,0x8f,0x39,0x46,0xf3,0x02,
0x96,0x0d,0x9b,0xfb,0xbc,0xd5,0xcf,0x5a,
0x4f,0xc4,0xb8,0x0b,0xd0,0xf3,0x19,0x3c,
0x74,0x04,0xd5,0x94,0x2c,0x19,0x15,0x64,
0xbf,0x53,0x67,0x97,0x7b,0x9e,0xc6,0xe0,
0xfb,0x29,0x5b,0x90,0xad,0x04,0x8a,0xd8,
0x5b,0xdf,0x69,0x09,0xe4,0xa5,0xe9,0xd9,
0x0f,0xc4,0xff,0xae,0xb7,0x44,0x12,0xae,
0xad,0x03,0x97,0xb8,0xda,0xd7,0x60,0x37,
0x15,0xf2,0xb9,0xdb,0x10,0xf6,0xe2,0x26,
0x48,0x7e,0x3e,0x3e,0xc3,0x67,0xd3,0xa6,
0x02,0xf7,0xbc,0x60,0xed,0x45,0xdf,0x37,
0xef,0xf9,0xea,0x97,0x5f,0x37,0xb4,0xeb,
0xb4,0x91,0x6c,0x39,0x4d,0xed,0x52,0x15,
0x39,0x47,0x59,0x62,0xde,0x32,0x55,0xe1,
0xd4,0x15,0x58,0x7d,0x52,0x41,0x12,0x78,
0xee,0x9f,0x0d,0xc8,0x5e,0x34,0x91,0xf9,
0xe7,0x4c,0x1e,0xe7,0x2f,0x90,0x7f,0xbb,
0xf8,0x99,0x3e,0xc9,0x79,0xab,0x01,0xdb,
0x24,0x39,0xe3,0xb4,0xc9,0x52,0x73,0xdb,
0x65,0x42,0xa5,0x2e,0x43,0x56,0xa0,0x33,
0x8c,0x1a,0xb7,0xa1,0xed,0x5c,0xd0,0x14,
0x93,0x8d,0x23,0x78,0x93,0xcb,0x3a,0x03,
0x1f,0xbb,0xc6,0x7b,0xcd,0x51,0x4e,0xaa,
0x14,0x01,0xe9,0x03,0x27,0x13,0xe2,0xb2,
0xf8,0x36,0xc6,0xe3,0xc3,0x7f,0xb5,0x74,
0x20,0x5e,0x17,0xaa,0x25,0x07,0x9b,0x60,
0xda,0x83,0x98,0xb5,0x55,0xae,0x1b,0x7a,
0xc1,0x1f,0x49,0x72,0xe2,0xcb,0x6a,0x11,
0x77,0xdf,0x3f,0xc0,0x9f,0x8f,0x33,0xc7,
0x10,0x17,0x8c,0xfc,0xd5,0xb7,0x5f,0x5e,
0xb2,0xe3,0x7b,0x2e,0xdc,0xc7,0x34,0xdb,
0x31,0xb0,0xdc,0x5d,0x14,0x98,0xb6,0x1a,
0x2a,0xd4,0xb4,0x04,0x2c,0xf0,0x68,0x1c,
0x91,0x60,0x28,0xa5,0x3b,0x01,0x98,0xb6,
0x1e,0x6e,0xaa,0x35,0x89,0xc7,0x94,0xaa,
0x9e,0xf0,0x11,0x52,0x0f,0x28,0xa1,0x3d,
0xd3,0x17,0xb5,0x08,0xd8,0x7a,0x41,0xf9,
0x07,0xe2,0x87,0x36,0xcd,0x86,0x3e,0x79,
0x99,0x73,0x50,0x21,0x30,0x00,0xd2,0xf3,
0x88,0x60,0x32,0x59,0x58,0x2f,0x55,0x93,
0x86,0x56,0x9a,0x96,0xb9,0xf8,0xbf,0x24,
0xc4,0xba,0xea,0xa4,0x73,0xb0,0x0c,0xa6,
0xdb,0x09,0x2d,0x0a,0x36,0x3f,0x80,0xe6,
0x85,0x7a,0xf3,0x01,0x90,0x3a,0xc6,0xee,
0x2d,0xa8,0xce,0xb4,0x3f,0x3a,0xa6,0xa3,
0xaf,0xb9,0x21,0xef,0x40,0x6f,0xf4,0x7f,
0x78,0x25,0x55,0x39,0x53,0x67,0x53,0x56,
0x8d,0x81,0xaf,0x63,0x97,0x68,0x86,0x75,
0x66,0x14,0x1e,0xa6,0x63,0x1e,0x02,0xd0,
0x41,0xd8,0x78,0x75,0x0d,0x76,0x77,0xfa,
0x9c,0xc5,0xcc,0x54,0x06,0x25,0x53,0x95,
0xeb,0x4b,0x7c,0xb4,0xc8,0xbb,0x5d,0x6b,
0x6e,0xf0,0xd7,0x8d,0x3f,0xdf,0x93,0x4c,
0x30,0x5b,0x02,0xf5,0x0e,0x49,0x87,0x60,
0x5f,0x19,0x06,0x24,0x3d,0x5d,0x97,0x37,
0x61,0xef,0x3e,0x0b,0x9e,0x85,0x1c,0x1a,
0xa6,0x53,0x91,0xd2,0x2c,0x18,0x7c,0x8f,
0x5b,0x4a,0xd5,0xdd,0xd9,0x8a,0xc3,0x92,
0x19,0x54,0x39,0xde,0x33,0xa1,0xe1,0x37,
0x60,0x3c,0x3b,0x3b,0xc5,0xed,0x1b,0xef,
0x28,0xf5,0xdf,0x44,0x91,0xa3,0x1e,0x69,
0x6a,0x35,0x85,0x6e,0x26,0x46,0x22,0x4d,
0x87,0x92,0x44,0x6b,0x96,0xdb,0x75,0xfe,
0x76,0x03,0x60,0xf7,0xfd,0x90,0x55,0x7d,
0x6e,0xd7,0xaa,0x44,0x05,0xc7,0x23,0x37,
0x12,0xa8,0xd4,0xb2,0x2b,0xed,0x41,0x5f,
0x23,0x38,0x7c,0x16,0xe6,0x16,0xd3,0x10,
0x19,0x12,0xcc,0x8b,0x6e,0xcd,0xd6,0xa6,
0x39,0x8a,0x1b,0x24,0x3f,0x4d,0x6f,0xa6,
0x00,0x7c,0xa0,0xa1,0x4a,0xfd,0xcd,0x68,
0x50,0x76,0xc8,0x68,0x9d,0xeb,0xdf,0x24,
0x39,0xaf,0x77,0xb2,0xb6,0xaf,0xb6,0x34,
0x61,0x37,0x6a,0xfd,0xc7,0x6d,0x02,0x9f,
0x29,0xd5,0x45,0xf4,0x89,0xd8,0x8c,0x5c,
0xd3,0x31,0xa0,0x58,0x19,0x54,0x33,0x46,
0x92,0xbc,0x1e,0x4b,0x14,0xac,0x73,0xa5,
0x09,0x9f,0xb6,0x2b,0x2b,0x73,0x6b,0x83,
0x86,0x13,0x6e,0x03,0xf7,0xe0,0x7d,0x81,
0x47,0x18,0x08,0xea,0x09,0x10,0x24,0x61,
0x6d,0x09,0x1d,0xb8,0x8e,0xba,0x04,0x4d,
0xcc,0xe6,0xff,0x28,0x27,0x86,0x38,0x01,
0x86,0xbe,0xf0,0x5b,0xf8,0x1a,0xd6,0xde,
0xbe,0xf9,0x3b,0x76,0x3f,0x85,0x82,0x22,
0x92,0x4b,0xe0,0x76,0x15,0xb2,0x57,0x5a,
0xb0,0x64,0xde,0xce,0x93,0xb8,0x9f,0x25,
0x53,0x8c,0x5e,0xdf,0x29,0x4e,0x50,0x69,
0xfb,0x7e,0x33,0xcb,0x0e,0x28,0x01,0x6c,
0xab,0xfa,0xd8,0x88,0x02,0xbc,0xf2,0xb1,
0x0e,0x2f,0x6d,0x1c,0x8d,0xe4,0x11,0x23,
0xcc,0x67,0x94,0x7b,0xf7,0x8a,0xf3,0x68,
0x52,0xe4,0x82,0x25,0x86,0xc6,0x72,0x19,
0x77,0x80,0x28,0xe3,0x86,0xc8,0x8a,0xea,
0x3d,0x54,0x2f,0x0b,0x64,0x0a,0xc5,0x12,
0x8c,0xb2,0x07,0x72,0x1b,0x09,0x9f,0x32,
0xbd,0xa3,0xb0,0x0c,0x95,0xc8,0x4d,0xe5,
0xd7,0x20,0xdb,0xf8,0x34,0x2a,0x9d,0x91,
0x58,0x38,0x7a,0x9c,0xe0,0xa3,0x0f,0x40,
0x9d,0xff,0xeb,0x4b,0xe2,0x16,0x94,0x32,
0xce,0xe8,0x52,0x75,0x49,0xf4,0x71,0x13,
0xbc,0x59,0x7d,0x9a,0xe8,0x60,0x29,0x58,
0x1a,0x14,0x94,0xe6,0x37,0x23,0xad,0xfe,
0x0b,0xf0,0x63,0x60,0x4f,0x5d,0x10,0x91,
0xf2,0x50,0x8e,0x0b,0x4a,0x47,0xc9,0x0c,
0x1f,0xdc,0x94,0x75,0x25,0x52,0x99,0xfc
};
#endif
/* __FSL_ATX_ATTRIBUTES_H__ */
/* /*
* Copyright (C) 2016 Freescale Semiconductor, Inc. * Copyright (C) 2016 Freescale Semiconductor, Inc.
* * Copyright 2017 NXP
* SPDX-License-Identifier: GPL-2.0+ * SPDX-License-Identifier: GPL-2.0+
*
*/ */
#include <common.h> #include <common.h>
...@@ -9,10 +10,13 @@ ...@@ -9,10 +10,13 @@
#include <fsl_caam.h> #include <fsl_caam.h>
#include <fuse.h> #include <fuse.h>
#include <mmc.h> #include <mmc.h>
#include <hash.h>
#include <mapmem.h>
#include <fsl_avb.h> #include <fsl_avb.h>
#include "fsl_avbkey.h" #include "fsl_avbkey.h"
#include "fsl_public_key.h" #include "fsl_public_key.h"
#include "fsl_atx_attributes.h"
#include "utils.h" #include "utils.h"
#include "debug.h" #include "debug.h"
...@@ -27,6 +31,15 @@ ...@@ -27,6 +31,15 @@
#define RPMBKEY_FUSE_LENW (RPMBKEY_FUSE_LEN / 4) #define RPMBKEY_FUSE_LENW (RPMBKEY_FUSE_LEN / 4)
#define RPMBKEY_BLOB_LEN ((RPMBKEY_LENGTH) + (CAAM_PAD)) #define RPMBKEY_BLOB_LEN ((RPMBKEY_LENGTH) + (CAAM_PAD))
#ifdef CONFIG_AVB_ATX
#define ATX_FUSE_BANK_NUM 4
#define ATX_FUSE_BANK_MASK 0xFFFF
#define ATX_HASH_LENGTH 14
#endif
#define RESULT_ERROR -1
#define RESULT_OK 0
static int mmc_dev_no = -1; static int mmc_dev_no = -1;
static struct mmc *get_mmc(void) { static struct mmc *get_mmc(void) {
...@@ -63,11 +76,7 @@ static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset, ...@@ -63,11 +76,7 @@ static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset,
for (i = 0; i < cnt; i++) { for (i = 0; i < cnt; i++) {
VDEBUG("cur: bank=%d, word=%d\n",bs, ws); VDEBUG("cur: bank=%d, word=%d\n",bs, ws);
if (read) { if (read) {
#ifdef CONFIG_AVB_FUSE
if (fuse_sense(bs, ws, buffer)) { if (fuse_sense(bs, ws, buffer)) {
#else
if (fuse_read(bs, ws, buffer)) {
#endif
ERR("read fuse bank %d, word %d error\n", bs, ws); ERR("read fuse bank %d, word %d error\n", bs, ws);
return -1; return -1;
} }
...@@ -111,6 +120,77 @@ static int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offs ...@@ -111,6 +120,77 @@ static int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offs
); );
} }
#if defined(AVB_RPMB) && defined(CONFIG_AVB_ATX)
static int sha256(unsigned char* data, int len, unsigned char* output) {
struct hash_algo *algo;
void *buf;
if (hash_lookup_algo("sha256", &algo)) {
printf("error in lookup sha256 algo!\n");
return RESULT_ERROR;
}
buf = map_sysmem((ulong)data, len);
algo->hash_func_ws(buf, len, output, algo->chunk_size);
unmap_sysmem(buf);
return algo->digest_size;
}
static int permanent_attributes_sha256_hash(unsigned char* output) {
AvbAtxPermanentAttributes attributes;
/* get permanent attributes */
attributes.version = fsl_version;
memcpy(attributes.product_root_public_key, fsl_product_root_public_key,
sizeof(fsl_product_root_public_key));
memcpy(attributes.product_id, fsl_atx_product_id,
sizeof(fsl_atx_product_id));
/* calculate sha256(permanent attributes) hash */
if (sha256((unsigned char *)&attributes, sizeof(AvbAtxPermanentAttributes),
output) == RESULT_ERROR) {
printf("ERROR - calculate permanent attributes hash error");
return RESULT_ERROR;
}
return RESULT_OK;
}
static int init_permanent_attributes_fuse(void) {
uint8_t sha256_hash[AVB_SHA256_DIGEST_SIZE];
uint32_t buffer[ATX_FUSE_BANK_NUM];
int num = 0;
/* read first 112 bits of sha256(permanent attributes) from fuse */
if (fsl_fuse_read(buffer, ATX_FUSE_BANK_NUM, PERMANENT_ATTRIBUTE_HASH_OFFSET)) {
printf("ERROR - read permanent attributes hash from fuse error\n");
return RESULT_ERROR;
}
/* only take the lower 2 bytes of the last bank */
buffer[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK;
/* return RESULT_OK if fuse has been initialized before */
for (num = 0; num < ATX_FUSE_BANK_NUM; num++) {
if (buffer[num])
return RESULT_OK;
}
/* calculate sha256(permanent attributes) */
if (permanent_attributes_sha256_hash(sha256_hash) != RESULT_OK) {
return RESULT_ERROR;
}
/* write first 112 bits of sha256(permanent attributes) into fuse */
memset(buffer, 0, sizeof(buffer));
memcpy(buffer, sha256_hash, ATX_HASH_LENGTH);