xref: /openbmc/u-boot/tools/kwbimage.c (revision cbd2fba1)
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Image manipulator for Marvell SoCs
4  *  supports Kirkwood, Dove, Armada 370, Armada XP, and Armada 38x
5  *
6  * (C) Copyright 2013 Thomas Petazzoni
7  * <thomas.petazzoni@free-electrons.com>
8  *
9  * Not implemented: support for the register headers in v1 images
10  */
11 
12 #include "imagetool.h"
13 #include <limits.h>
14 #include <image.h>
15 #include <stdarg.h>
16 #include <stdint.h>
17 #include "kwbimage.h"
18 
19 #ifdef CONFIG_KWB_SECURE
20 #include <openssl/bn.h>
21 #include <openssl/rsa.h>
22 #include <openssl/pem.h>
23 #include <openssl/err.h>
24 #include <openssl/evp.h>
25 
26 #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
27     (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
28 static void RSA_get0_key(const RSA *r,
29                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
30 {
31    if (n != NULL)
32        *n = r->n;
33    if (e != NULL)
34        *e = r->e;
35    if (d != NULL)
36        *d = r->d;
37 }
38 
39 #elif !defined(LIBRESSL_VERSION_NUMBER)
40 void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
41 {
42 	EVP_MD_CTX_reset(ctx);
43 }
44 #endif
45 #endif
46 
47 static struct image_cfg_element *image_cfg;
48 static int cfgn;
49 #ifdef CONFIG_KWB_SECURE
50 static int verbose_mode;
51 #endif
52 
53 struct boot_mode {
54 	unsigned int id;
55 	const char *name;
56 };
57 
58 /*
59  * SHA2-256 hash
60  */
61 struct hash_v1 {
62 	uint8_t hash[32];
63 };
64 
65 struct boot_mode boot_modes[] = {
66 	{ 0x4D, "i2c"  },
67 	{ 0x5A, "spi"  },
68 	{ 0x8B, "nand" },
69 	{ 0x78, "sata" },
70 	{ 0x9C, "pex"  },
71 	{ 0x69, "uart" },
72 	{ 0xAE, "sdio" },
73 	{},
74 };
75 
76 struct nand_ecc_mode {
77 	unsigned int id;
78 	const char *name;
79 };
80 
81 struct nand_ecc_mode nand_ecc_modes[] = {
82 	{ 0x00, "default" },
83 	{ 0x01, "hamming" },
84 	{ 0x02, "rs" },
85 	{ 0x03, "disabled" },
86 	{},
87 };
88 
89 /* Used to identify an undefined execution or destination address */
90 #define ADDR_INVALID ((uint32_t)-1)
91 
92 #define BINARY_MAX_ARGS 8
93 
94 /* In-memory representation of a line of the configuration file */
95 
96 enum image_cfg_type {
97 	IMAGE_CFG_VERSION = 0x1,
98 	IMAGE_CFG_BOOT_FROM,
99 	IMAGE_CFG_DEST_ADDR,
100 	IMAGE_CFG_EXEC_ADDR,
101 	IMAGE_CFG_NAND_BLKSZ,
102 	IMAGE_CFG_NAND_BADBLK_LOCATION,
103 	IMAGE_CFG_NAND_ECC_MODE,
104 	IMAGE_CFG_NAND_PAGESZ,
105 	IMAGE_CFG_BINARY,
106 	IMAGE_CFG_PAYLOAD,
107 	IMAGE_CFG_DATA,
108 	IMAGE_CFG_BAUDRATE,
109 	IMAGE_CFG_DEBUG,
110 	IMAGE_CFG_KAK,
111 	IMAGE_CFG_CSK,
112 	IMAGE_CFG_CSK_INDEX,
113 	IMAGE_CFG_JTAG_DELAY,
114 	IMAGE_CFG_BOX_ID,
115 	IMAGE_CFG_FLASH_ID,
116 	IMAGE_CFG_SEC_COMMON_IMG,
117 	IMAGE_CFG_SEC_SPECIALIZED_IMG,
118 	IMAGE_CFG_SEC_BOOT_DEV,
119 	IMAGE_CFG_SEC_FUSE_DUMP,
120 
121 	IMAGE_CFG_COUNT
122 } type;
123 
124 static const char * const id_strs[] = {
125 	[IMAGE_CFG_VERSION] = "VERSION",
126 	[IMAGE_CFG_BOOT_FROM] = "BOOT_FROM",
127 	[IMAGE_CFG_DEST_ADDR] = "DEST_ADDR",
128 	[IMAGE_CFG_EXEC_ADDR] = "EXEC_ADDR",
129 	[IMAGE_CFG_NAND_BLKSZ] = "NAND_BLKSZ",
130 	[IMAGE_CFG_NAND_BADBLK_LOCATION] = "NAND_BADBLK_LOCATION",
131 	[IMAGE_CFG_NAND_ECC_MODE] = "NAND_ECC_MODE",
132 	[IMAGE_CFG_NAND_PAGESZ] = "NAND_PAGE_SIZE",
133 	[IMAGE_CFG_BINARY] = "BINARY",
134 	[IMAGE_CFG_PAYLOAD] = "PAYLOAD",
135 	[IMAGE_CFG_DATA] = "DATA",
136 	[IMAGE_CFG_BAUDRATE] = "BAUDRATE",
137 	[IMAGE_CFG_DEBUG] = "DEBUG",
138 	[IMAGE_CFG_KAK] = "KAK",
139 	[IMAGE_CFG_CSK] = "CSK",
140 	[IMAGE_CFG_CSK_INDEX] = "CSK_INDEX",
141 	[IMAGE_CFG_JTAG_DELAY] = "JTAG_DELAY",
142 	[IMAGE_CFG_BOX_ID] = "BOX_ID",
143 	[IMAGE_CFG_FLASH_ID] = "FLASH_ID",
144 	[IMAGE_CFG_SEC_COMMON_IMG] = "SEC_COMMON_IMG",
145 	[IMAGE_CFG_SEC_SPECIALIZED_IMG] = "SEC_SPECIALIZED_IMG",
146 	[IMAGE_CFG_SEC_BOOT_DEV] = "SEC_BOOT_DEV",
147 	[IMAGE_CFG_SEC_FUSE_DUMP] = "SEC_FUSE_DUMP"
148 };
149 
150 struct image_cfg_element {
151 	enum image_cfg_type type;
152 	union {
153 		unsigned int version;
154 		unsigned int bootfrom;
155 		struct {
156 			const char *file;
157 			unsigned int args[BINARY_MAX_ARGS];
158 			unsigned int nargs;
159 		} binary;
160 		const char *payload;
161 		unsigned int dstaddr;
162 		unsigned int execaddr;
163 		unsigned int nandblksz;
164 		unsigned int nandbadblklocation;
165 		unsigned int nandeccmode;
166 		unsigned int nandpagesz;
167 		struct ext_hdr_v0_reg regdata;
168 		unsigned int baudrate;
169 		unsigned int debug;
170 		const char *key_name;
171 		int csk_idx;
172 		uint8_t jtag_delay;
173 		uint32_t boxid;
174 		uint32_t flashid;
175 		bool sec_specialized_img;
176 		unsigned int sec_boot_dev;
177 		const char *name;
178 	};
179 };
180 
181 #define IMAGE_CFG_ELEMENT_MAX 256
182 
183 /*
184  * Utility functions to manipulate boot mode and ecc modes (convert
185  * them back and forth between description strings and the
186  * corresponding numerical identifiers).
187  */
188 
189 static const char *image_boot_mode_name(unsigned int id)
190 {
191 	int i;
192 
193 	for (i = 0; boot_modes[i].name; i++)
194 		if (boot_modes[i].id == id)
195 			return boot_modes[i].name;
196 	return NULL;
197 }
198 
199 int image_boot_mode_id(const char *boot_mode_name)
200 {
201 	int i;
202 
203 	for (i = 0; boot_modes[i].name; i++)
204 		if (!strcmp(boot_modes[i].name, boot_mode_name))
205 			return boot_modes[i].id;
206 
207 	return -1;
208 }
209 
210 int image_nand_ecc_mode_id(const char *nand_ecc_mode_name)
211 {
212 	int i;
213 
214 	for (i = 0; nand_ecc_modes[i].name; i++)
215 		if (!strcmp(nand_ecc_modes[i].name, nand_ecc_mode_name))
216 			return nand_ecc_modes[i].id;
217 	return -1;
218 }
219 
220 static struct image_cfg_element *
221 image_find_option(unsigned int optiontype)
222 {
223 	int i;
224 
225 	for (i = 0; i < cfgn; i++) {
226 		if (image_cfg[i].type == optiontype)
227 			return &image_cfg[i];
228 	}
229 
230 	return NULL;
231 }
232 
233 static unsigned int
234 image_count_options(unsigned int optiontype)
235 {
236 	int i;
237 	unsigned int count = 0;
238 
239 	for (i = 0; i < cfgn; i++)
240 		if (image_cfg[i].type == optiontype)
241 			count++;
242 
243 	return count;
244 }
245 
246 #if defined(CONFIG_KWB_SECURE)
247 
248 static int image_get_csk_index(void)
249 {
250 	struct image_cfg_element *e;
251 
252 	e = image_find_option(IMAGE_CFG_CSK_INDEX);
253 	if (!e)
254 		return -1;
255 
256 	return e->csk_idx;
257 }
258 
259 static bool image_get_spezialized_img(void)
260 {
261 	struct image_cfg_element *e;
262 
263 	e = image_find_option(IMAGE_CFG_SEC_SPECIALIZED_IMG);
264 	if (!e)
265 		return false;
266 
267 	return e->sec_specialized_img;
268 }
269 
270 #endif
271 
272 /*
273  * Compute a 8-bit checksum of a memory area. This algorithm follows
274  * the requirements of the Marvell SoC BootROM specifications.
275  */
276 static uint8_t image_checksum8(void *start, uint32_t len)
277 {
278 	uint8_t csum = 0;
279 	uint8_t *p = start;
280 
281 	/* check len and return zero checksum if invalid */
282 	if (!len)
283 		return 0;
284 
285 	do {
286 		csum += *p;
287 		p++;
288 	} while (--len);
289 
290 	return csum;
291 }
292 
293 size_t kwbimage_header_size(unsigned char *ptr)
294 {
295 	if (image_version((void *)ptr) == 0)
296 		return sizeof(struct main_hdr_v0);
297 	else
298 		return KWBHEADER_V1_SIZE((struct main_hdr_v1 *)ptr);
299 }
300 
301 /*
302  * Verify checksum over a complete header that includes the checksum field.
303  * Return 1 when OK, otherwise 0.
304  */
305 static int main_hdr_checksum_ok(void *hdr)
306 {
307 	/* Offsets of checksum in v0 and v1 headers are the same */
308 	struct main_hdr_v0 *main_hdr = (struct main_hdr_v0 *)hdr;
309 	uint8_t checksum;
310 
311 	checksum = image_checksum8(hdr, kwbimage_header_size(hdr));
312 	/* Calculated checksum includes the header checksum field. Compensate
313 	 * for that.
314 	 */
315 	checksum -= main_hdr->checksum;
316 
317 	return checksum == main_hdr->checksum;
318 }
319 
320 static uint32_t image_checksum32(void *start, uint32_t len)
321 {
322 	uint32_t csum = 0;
323 	uint32_t *p = start;
324 
325 	/* check len and return zero checksum if invalid */
326 	if (!len)
327 		return 0;
328 
329 	if (len % sizeof(uint32_t)) {
330 		fprintf(stderr, "Length %d is not in multiple of %zu\n",
331 			len, sizeof(uint32_t));
332 		return 0;
333 	}
334 
335 	do {
336 		csum += *p;
337 		p++;
338 		len -= sizeof(uint32_t);
339 	} while (len > 0);
340 
341 	return csum;
342 }
343 
344 static uint8_t baudrate_to_option(unsigned int baudrate)
345 {
346 	switch (baudrate) {
347 	case 2400:
348 		return MAIN_HDR_V1_OPT_BAUD_2400;
349 	case 4800:
350 		return MAIN_HDR_V1_OPT_BAUD_4800;
351 	case 9600:
352 		return MAIN_HDR_V1_OPT_BAUD_9600;
353 	case 19200:
354 		return MAIN_HDR_V1_OPT_BAUD_19200;
355 	case 38400:
356 		return MAIN_HDR_V1_OPT_BAUD_38400;
357 	case 57600:
358 		return MAIN_HDR_V1_OPT_BAUD_57600;
359 	case 115200:
360 		return MAIN_HDR_V1_OPT_BAUD_115200;
361 	default:
362 		return MAIN_HDR_V1_OPT_BAUD_DEFAULT;
363 	}
364 }
365 
366 #if defined(CONFIG_KWB_SECURE)
367 static void kwb_msg(const char *fmt, ...)
368 {
369 	if (verbose_mode) {
370 		va_list ap;
371 
372 		va_start(ap, fmt);
373 		vfprintf(stdout, fmt, ap);
374 		va_end(ap);
375 	}
376 }
377 
378 static int openssl_err(const char *msg)
379 {
380 	unsigned long ssl_err = ERR_get_error();
381 
382 	fprintf(stderr, "%s", msg);
383 	fprintf(stderr, ": %s\n",
384 		ERR_error_string(ssl_err, 0));
385 
386 	return -1;
387 }
388 
389 static int kwb_load_rsa_key(const char *keydir, const char *name, RSA **p_rsa)
390 {
391 	char path[PATH_MAX];
392 	RSA *rsa;
393 	FILE *f;
394 
395 	if (!keydir)
396 		keydir = ".";
397 
398 	snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
399 	f = fopen(path, "r");
400 	if (!f) {
401 		fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",
402 			path, strerror(errno));
403 		return -ENOENT;
404 	}
405 
406 	rsa = PEM_read_RSAPrivateKey(f, 0, NULL, "");
407 	if (!rsa) {
408 		openssl_err("Failure reading private key");
409 		fclose(f);
410 		return -EPROTO;
411 	}
412 	fclose(f);
413 	*p_rsa = rsa;
414 
415 	return 0;
416 }
417 
418 static int kwb_load_cfg_key(struct image_tool_params *params,
419 			    unsigned int cfg_option, const char *key_name,
420 			    RSA **p_key)
421 {
422 	struct image_cfg_element *e_key;
423 	RSA *key;
424 	int res;
425 
426 	*p_key = NULL;
427 
428 	e_key = image_find_option(cfg_option);
429 	if (!e_key) {
430 		fprintf(stderr, "%s not configured\n", key_name);
431 		return -ENOENT;
432 	}
433 
434 	res = kwb_load_rsa_key(params->keydir, e_key->key_name, &key);
435 	if (res < 0) {
436 		fprintf(stderr, "Failed to load %s\n", key_name);
437 		return -ENOENT;
438 	}
439 
440 	*p_key = key;
441 
442 	return 0;
443 }
444 
445 static int kwb_load_kak(struct image_tool_params *params, RSA **p_kak)
446 {
447 	return kwb_load_cfg_key(params, IMAGE_CFG_KAK, "KAK", p_kak);
448 }
449 
450 static int kwb_load_csk(struct image_tool_params *params, RSA **p_csk)
451 {
452 	return kwb_load_cfg_key(params, IMAGE_CFG_CSK, "CSK", p_csk);
453 }
454 
455 static int kwb_compute_pubkey_hash(struct pubkey_der_v1 *pk,
456 				   struct hash_v1 *hash)
457 {
458 	EVP_MD_CTX *ctx;
459 	unsigned int key_size;
460 	unsigned int hash_size;
461 	int ret = 0;
462 
463 	if (!pk || !hash || pk->key[0] != 0x30 || pk->key[1] != 0x82)
464 		return -EINVAL;
465 
466 	key_size = (pk->key[2] << 8) + pk->key[3] + 4;
467 
468 	ctx = EVP_MD_CTX_create();
469 	if (!ctx)
470 		return openssl_err("EVP context creation failed");
471 
472 	EVP_MD_CTX_init(ctx);
473 	if (!EVP_DigestInit(ctx, EVP_sha256())) {
474 		ret = openssl_err("Digest setup failed");
475 		goto hash_err_ctx;
476 	}
477 
478 	if (!EVP_DigestUpdate(ctx, pk->key, key_size)) {
479 		ret = openssl_err("Hashing data failed");
480 		goto hash_err_ctx;
481 	}
482 
483 	if (!EVP_DigestFinal(ctx, hash->hash, &hash_size)) {
484 		ret = openssl_err("Could not obtain hash");
485 		goto hash_err_ctx;
486 	}
487 
488 	EVP_MD_CTX_cleanup(ctx);
489 
490 hash_err_ctx:
491 	EVP_MD_CTX_destroy(ctx);
492 	return ret;
493 }
494 
495 static int kwb_import_pubkey(RSA **key, struct pubkey_der_v1 *src, char *keyname)
496 {
497 	RSA *rsa;
498 	const unsigned char *ptr;
499 
500 	if (!key || !src)
501 		goto fail;
502 
503 	ptr = src->key;
504 	rsa = d2i_RSAPublicKey(key, &ptr, sizeof(src->key));
505 	if (!rsa) {
506 		openssl_err("error decoding public key");
507 		goto fail;
508 	}
509 
510 	return 0;
511 fail:
512 	fprintf(stderr, "Failed to decode %s pubkey\n", keyname);
513 	return -EINVAL;
514 }
515 
516 static int kwb_export_pubkey(RSA *key, struct pubkey_der_v1 *dst, FILE *hashf,
517 			     char *keyname)
518 {
519 	int size_exp, size_mod, size_seq;
520 	const BIGNUM *key_e, *key_n;
521 	uint8_t *cur;
522 	char *errmsg = "Failed to encode %s\n";
523 
524 	RSA_get0_key(key, NULL, &key_e, NULL);
525 	RSA_get0_key(key, &key_n, NULL, NULL);
526 
527 	if (!key || !key_e || !key_n || !dst) {
528 		fprintf(stderr, "export pk failed: (%p, %p, %p, %p)",
529 			key, key_e, key_n, dst);
530 		fprintf(stderr, errmsg, keyname);
531 		return -EINVAL;
532 	}
533 
534 	/*
535 	 * According to the specs, the key should be PKCS#1 DER encoded.
536 	 * But unfortunately the really required encoding seems to be different;
537 	 * it violates DER...! (But it still conformes to BER.)
538 	 * (Length always in long form w/ 2 byte length code; no leading zero
539 	 * when MSB of first byte is set...)
540 	 * So we cannot use the encoding func provided by OpenSSL and have to
541 	 * do the encoding manually.
542 	 */
543 
544 	size_exp = BN_num_bytes(key_e);
545 	size_mod = BN_num_bytes(key_n);
546 	size_seq = 4 + size_mod + 4 + size_exp;
547 
548 	if (size_mod > 256) {
549 		fprintf(stderr, "export pk failed: wrong mod size: %d\n",
550 			size_mod);
551 		fprintf(stderr, errmsg, keyname);
552 		return -EINVAL;
553 	}
554 
555 	if (4 + size_seq > sizeof(dst->key)) {
556 		fprintf(stderr, "export pk failed: seq too large (%d, %lu)\n",
557 			4 + size_seq, sizeof(dst->key));
558 		fprintf(stderr, errmsg, keyname);
559 		return -ENOBUFS;
560 	}
561 
562 	cur = dst->key;
563 
564 	/* PKCS#1 (RFC3447) RSAPublicKey structure */
565 	*cur++ = 0x30;		/* SEQUENCE */
566 	*cur++ = 0x82;
567 	*cur++ = (size_seq >> 8) & 0xFF;
568 	*cur++ = size_seq & 0xFF;
569 	/* Modulus */
570 	*cur++ = 0x02;		/* INTEGER */
571 	*cur++ = 0x82;
572 	*cur++ = (size_mod >> 8) & 0xFF;
573 	*cur++ = size_mod & 0xFF;
574 	BN_bn2bin(key_n, cur);
575 	cur += size_mod;
576 	/* Exponent */
577 	*cur++ = 0x02;		/* INTEGER */
578 	*cur++ = 0x82;
579 	*cur++ = (size_exp >> 8) & 0xFF;
580 	*cur++ = size_exp & 0xFF;
581 	BN_bn2bin(key_e, cur);
582 
583 	if (hashf) {
584 		struct hash_v1 pk_hash;
585 		int i;
586 		int ret = 0;
587 
588 		ret = kwb_compute_pubkey_hash(dst, &pk_hash);
589 		if (ret < 0) {
590 			fprintf(stderr, errmsg, keyname);
591 			return ret;
592 		}
593 
594 		fprintf(hashf, "SHA256 = ");
595 		for (i = 0 ; i < sizeof(pk_hash.hash); ++i)
596 			fprintf(hashf, "%02X", pk_hash.hash[i]);
597 		fprintf(hashf, "\n");
598 	}
599 
600 	return 0;
601 }
602 
603 int kwb_sign(RSA *key, void *data, int datasz, struct sig_v1 *sig, char *signame)
604 {
605 	EVP_PKEY *evp_key;
606 	EVP_MD_CTX *ctx;
607 	unsigned int sig_size;
608 	int size;
609 	int ret = 0;
610 
611 	evp_key = EVP_PKEY_new();
612 	if (!evp_key)
613 		return openssl_err("EVP_PKEY object creation failed");
614 
615 	if (!EVP_PKEY_set1_RSA(evp_key, key)) {
616 		ret = openssl_err("EVP key setup failed");
617 		goto err_key;
618 	}
619 
620 	size = EVP_PKEY_size(evp_key);
621 	if (size > sizeof(sig->sig)) {
622 		fprintf(stderr, "Buffer to small for signature (%d bytes)\n",
623 			size);
624 		ret = -ENOBUFS;
625 		goto err_key;
626 	}
627 
628 	ctx = EVP_MD_CTX_create();
629 	if (!ctx) {
630 		ret = openssl_err("EVP context creation failed");
631 		goto err_key;
632 	}
633 	EVP_MD_CTX_init(ctx);
634 	if (!EVP_SignInit(ctx, EVP_sha256())) {
635 		ret = openssl_err("Signer setup failed");
636 		goto err_ctx;
637 	}
638 
639 	if (!EVP_SignUpdate(ctx, data, datasz)) {
640 		ret = openssl_err("Signing data failed");
641 		goto err_ctx;
642 	}
643 
644 	if (!EVP_SignFinal(ctx, sig->sig, &sig_size, evp_key)) {
645 		ret = openssl_err("Could not obtain signature");
646 		goto err_ctx;
647 	}
648 
649 	EVP_MD_CTX_cleanup(ctx);
650 	EVP_MD_CTX_destroy(ctx);
651 	EVP_PKEY_free(evp_key);
652 
653 	return 0;
654 
655 err_ctx:
656 	EVP_MD_CTX_destroy(ctx);
657 err_key:
658 	EVP_PKEY_free(evp_key);
659 	fprintf(stderr, "Failed to create %s signature\n", signame);
660 	return ret;
661 }
662 
663 int kwb_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
664 	       char *signame)
665 {
666 	EVP_PKEY *evp_key;
667 	EVP_MD_CTX *ctx;
668 	int size;
669 	int ret = 0;
670 
671 	evp_key = EVP_PKEY_new();
672 	if (!evp_key)
673 		return openssl_err("EVP_PKEY object creation failed");
674 
675 	if (!EVP_PKEY_set1_RSA(evp_key, key)) {
676 		ret = openssl_err("EVP key setup failed");
677 		goto err_key;
678 	}
679 
680 	size = EVP_PKEY_size(evp_key);
681 	if (size > sizeof(sig->sig)) {
682 		fprintf(stderr, "Invalid signature size (%d bytes)\n",
683 			size);
684 		ret = -EINVAL;
685 		goto err_key;
686 	}
687 
688 	ctx = EVP_MD_CTX_create();
689 	if (!ctx) {
690 		ret = openssl_err("EVP context creation failed");
691 		goto err_key;
692 	}
693 	EVP_MD_CTX_init(ctx);
694 	if (!EVP_VerifyInit(ctx, EVP_sha256())) {
695 		ret = openssl_err("Verifier setup failed");
696 		goto err_ctx;
697 	}
698 
699 	if (!EVP_VerifyUpdate(ctx, data, datasz)) {
700 		ret = openssl_err("Hashing data failed");
701 		goto err_ctx;
702 	}
703 
704 	if (!EVP_VerifyFinal(ctx, sig->sig, sizeof(sig->sig), evp_key)) {
705 		ret = openssl_err("Could not verify signature");
706 		goto err_ctx;
707 	}
708 
709 	EVP_MD_CTX_cleanup(ctx);
710 	EVP_MD_CTX_destroy(ctx);
711 	EVP_PKEY_free(evp_key);
712 
713 	return 0;
714 
715 err_ctx:
716 	EVP_MD_CTX_destroy(ctx);
717 err_key:
718 	EVP_PKEY_free(evp_key);
719 	fprintf(stderr, "Failed to verify %s signature\n", signame);
720 	return ret;
721 }
722 
723 int kwb_sign_and_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
724 			char *signame)
725 {
726 	if (kwb_sign(key, data, datasz, sig, signame) < 0)
727 		return -1;
728 
729 	if (kwb_verify(key, data, datasz, sig, signame) < 0)
730 		return -1;
731 
732 	return 0;
733 }
734 
735 
736 int kwb_dump_fuse_cmds_38x(FILE *out, struct secure_hdr_v1 *sec_hdr)
737 {
738 	struct hash_v1 kak_pub_hash;
739 	struct image_cfg_element *e;
740 	unsigned int fuse_line;
741 	int i, idx;
742 	uint8_t *ptr;
743 	uint32_t val;
744 	int ret = 0;
745 
746 	if (!out || !sec_hdr)
747 		return -EINVAL;
748 
749 	ret = kwb_compute_pubkey_hash(&sec_hdr->kak, &kak_pub_hash);
750 	if (ret < 0)
751 		goto done;
752 
753 	fprintf(out, "# burn KAK pub key hash\n");
754 	ptr = kak_pub_hash.hash;
755 	for (fuse_line = 26; fuse_line <= 30; ++fuse_line) {
756 		fprintf(out, "fuse prog -y %u 0 ", fuse_line);
757 
758 		for (i = 4; i-- > 0;)
759 			fprintf(out, "%02hx", (ushort)ptr[i]);
760 		ptr += 4;
761 		fprintf(out, " 00");
762 
763 		if (fuse_line < 30) {
764 			for (i = 3; i-- > 0;)
765 				fprintf(out, "%02hx", (ushort)ptr[i]);
766 			ptr += 3;
767 		} else {
768 			fprintf(out, "000000");
769 		}
770 
771 		fprintf(out, " 1\n");
772 	}
773 
774 	fprintf(out, "# burn CSK selection\n");
775 
776 	idx = image_get_csk_index();
777 	if (idx < 0 || idx > 15) {
778 		ret = -EINVAL;
779 		goto done;
780 	}
781 	if (idx > 0) {
782 		for (fuse_line = 31; fuse_line < 31 + idx; ++fuse_line)
783 			fprintf(out, "fuse prog -y %u 0 00000001 00000000 1\n",
784 				fuse_line);
785 	} else {
786 		fprintf(out, "# CSK index is 0; no mods needed\n");
787 	}
788 
789 	e = image_find_option(IMAGE_CFG_BOX_ID);
790 	if (e) {
791 		fprintf(out, "# set box ID\n");
792 		fprintf(out, "fuse prog -y 48 0 %08x 00000000 1\n", e->boxid);
793 	}
794 
795 	e = image_find_option(IMAGE_CFG_FLASH_ID);
796 	if (e) {
797 		fprintf(out, "# set flash ID\n");
798 		fprintf(out, "fuse prog -y 47 0 %08x 00000000 1\n", e->flashid);
799 	}
800 
801 	fprintf(out, "# enable secure mode ");
802 	fprintf(out, "(must be the last fuse line written)\n");
803 
804 	val = 1;
805 	e = image_find_option(IMAGE_CFG_SEC_BOOT_DEV);
806 	if (!e) {
807 		fprintf(stderr, "ERROR: secured mode boot device not given\n");
808 		ret = -EINVAL;
809 		goto done;
810 	}
811 
812 	if (e->sec_boot_dev > 0xff) {
813 		fprintf(stderr, "ERROR: secured mode boot device invalid\n");
814 		ret = -EINVAL;
815 		goto done;
816 	}
817 
818 	val |= (e->sec_boot_dev << 8);
819 
820 	fprintf(out, "fuse prog -y 24 0 %08x 0103e0a9 1\n", val);
821 
822 	fprintf(out, "# lock (unused) fuse lines (0-23)s\n");
823 	for (fuse_line = 0; fuse_line < 24; ++fuse_line)
824 		fprintf(out, "fuse prog -y %u 2 1\n", fuse_line);
825 
826 	fprintf(out, "# OK, that's all :-)\n");
827 
828 done:
829 	return ret;
830 }
831 
832 static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
833 {
834 	int ret = 0;
835 	struct image_cfg_element *e;
836 
837 	e = image_find_option(IMAGE_CFG_SEC_FUSE_DUMP);
838 	if (!e)
839 		return 0;
840 
841 	if (!strcmp(e->name, "a38x")) {
842 		FILE *out = fopen("kwb_fuses_a38x.txt", "w+");
843 
844 		kwb_dump_fuse_cmds_38x(out, sec_hdr);
845 		fclose(out);
846 		goto done;
847 	}
848 
849 	ret = -ENOSYS;
850 
851 done:
852 	return ret;
853 }
854 
855 #endif
856 
857 static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
858 			     int payloadsz)
859 {
860 	struct image_cfg_element *e;
861 	size_t headersz;
862 	struct main_hdr_v0 *main_hdr;
863 	uint8_t *image;
864 	int has_ext = 0;
865 
866 	/*
867 	 * Calculate the size of the header and the size of the
868 	 * payload
869 	 */
870 	headersz  = sizeof(struct main_hdr_v0);
871 
872 	if (image_count_options(IMAGE_CFG_DATA) > 0) {
873 		has_ext = 1;
874 		headersz += sizeof(struct ext_hdr_v0);
875 	}
876 
877 	if (image_count_options(IMAGE_CFG_PAYLOAD) > 1) {
878 		fprintf(stderr, "More than one payload, not possible\n");
879 		return NULL;
880 	}
881 
882 	image = malloc(headersz);
883 	if (!image) {
884 		fprintf(stderr, "Cannot allocate memory for image\n");
885 		return NULL;
886 	}
887 
888 	memset(image, 0, headersz);
889 
890 	main_hdr = (struct main_hdr_v0 *)image;
891 
892 	/* Fill in the main header */
893 	main_hdr->blocksize =
894 		cpu_to_le32(payloadsz + sizeof(uint32_t) - headersz);
895 	main_hdr->srcaddr   = cpu_to_le32(headersz);
896 	main_hdr->ext       = has_ext;
897 	main_hdr->destaddr  = cpu_to_le32(params->addr);
898 	main_hdr->execaddr  = cpu_to_le32(params->ep);
899 
900 	e = image_find_option(IMAGE_CFG_BOOT_FROM);
901 	if (e)
902 		main_hdr->blockid = e->bootfrom;
903 	e = image_find_option(IMAGE_CFG_NAND_ECC_MODE);
904 	if (e)
905 		main_hdr->nandeccmode = e->nandeccmode;
906 	e = image_find_option(IMAGE_CFG_NAND_PAGESZ);
907 	if (e)
908 		main_hdr->nandpagesize = cpu_to_le16(e->nandpagesz);
909 	main_hdr->checksum = image_checksum8(image,
910 					     sizeof(struct main_hdr_v0));
911 
912 	/* Generate the ext header */
913 	if (has_ext) {
914 		struct ext_hdr_v0 *ext_hdr;
915 		int cfgi, datai;
916 
917 		ext_hdr = (struct ext_hdr_v0 *)
918 				(image + sizeof(struct main_hdr_v0));
919 		ext_hdr->offset = cpu_to_le32(0x40);
920 
921 		for (cfgi = 0, datai = 0; cfgi < cfgn; cfgi++) {
922 			e = &image_cfg[cfgi];
923 			if (e->type != IMAGE_CFG_DATA)
924 				continue;
925 
926 			ext_hdr->rcfg[datai].raddr =
927 				cpu_to_le32(e->regdata.raddr);
928 			ext_hdr->rcfg[datai].rdata =
929 				cpu_to_le32(e->regdata.rdata);
930 			datai++;
931 		}
932 
933 		ext_hdr->checksum = image_checksum8(ext_hdr,
934 						    sizeof(struct ext_hdr_v0));
935 	}
936 
937 	*imagesz = headersz;
938 	return image;
939 }
940 
941 static size_t image_headersz_v1(int *hasext)
942 {
943 	struct image_cfg_element *binarye;
944 	size_t headersz;
945 
946 	/*
947 	 * Calculate the size of the header and the size of the
948 	 * payload
949 	 */
950 	headersz = sizeof(struct main_hdr_v1);
951 
952 	if (image_count_options(IMAGE_CFG_BINARY) > 1) {
953 		fprintf(stderr, "More than one binary blob, not supported\n");
954 		return 0;
955 	}
956 
957 	if (image_count_options(IMAGE_CFG_PAYLOAD) > 1) {
958 		fprintf(stderr, "More than one payload, not possible\n");
959 		return 0;
960 	}
961 
962 	binarye = image_find_option(IMAGE_CFG_BINARY);
963 	if (binarye) {
964 		int ret;
965 		struct stat s;
966 
967 		ret = stat(binarye->binary.file, &s);
968 		if (ret < 0) {
969 			char cwd[PATH_MAX];
970 			char *dir = cwd;
971 
972 			memset(cwd, 0, sizeof(cwd));
973 			if (!getcwd(cwd, sizeof(cwd))) {
974 				dir = "current working directory";
975 				perror("getcwd() failed");
976 			}
977 
978 			fprintf(stderr,
979 				"Didn't find the file '%s' in '%s' which is mandatory to generate the image\n"
980 				"This file generally contains the DDR3 training code, and should be extracted from an existing bootable\n"
981 				"image for your board. See 'kwbimage -x' to extract it from an existing image.\n",
982 				binarye->binary.file, dir);
983 			return 0;
984 		}
985 
986 		headersz += sizeof(struct opt_hdr_v1) +
987 			s.st_size +
988 			(binarye->binary.nargs + 2) * sizeof(uint32_t);
989 		if (hasext)
990 			*hasext = 1;
991 	}
992 
993 #if defined(CONFIG_KWB_SECURE)
994 	if (image_get_csk_index() >= 0) {
995 		headersz += sizeof(struct secure_hdr_v1);
996 		if (hasext)
997 			*hasext = 1;
998 	}
999 #endif
1000 
1001 #if defined(CONFIG_SYS_U_BOOT_OFFS)
1002 	if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
1003 		fprintf(stderr,
1004 			"Error: Image header (incl. SPL image) too big!\n");
1005 		fprintf(stderr, "header=0x%x CONFIG_SYS_U_BOOT_OFFS=0x%x!\n",
1006 			(int)headersz, CONFIG_SYS_U_BOOT_OFFS);
1007 		fprintf(stderr, "Increase CONFIG_SYS_U_BOOT_OFFS!\n");
1008 		return 0;
1009 	}
1010 
1011 	headersz = CONFIG_SYS_U_BOOT_OFFS;
1012 #endif
1013 
1014 	/*
1015 	 * The payload should be aligned on some reasonable
1016 	 * boundary
1017 	 */
1018 	return ALIGN_SUP(headersz, 4096);
1019 }
1020 
1021 int add_binary_header_v1(uint8_t *cur)
1022 {
1023 	struct image_cfg_element *binarye;
1024 	struct opt_hdr_v1 *hdr = (struct opt_hdr_v1 *)cur;
1025 	uint32_t *args;
1026 	size_t binhdrsz;
1027 	struct stat s;
1028 	int argi;
1029 	FILE *bin;
1030 	int ret;
1031 
1032 	binarye = image_find_option(IMAGE_CFG_BINARY);
1033 
1034 	if (!binarye)
1035 		return 0;
1036 
1037 	hdr->headertype = OPT_HDR_V1_BINARY_TYPE;
1038 
1039 	bin = fopen(binarye->binary.file, "r");
1040 	if (!bin) {
1041 		fprintf(stderr, "Cannot open binary file %s\n",
1042 			binarye->binary.file);
1043 		return -1;
1044 	}
1045 
1046 	if (fstat(fileno(bin), &s)) {
1047 		fprintf(stderr, "Cannot stat binary file %s\n",
1048 			binarye->binary.file);
1049 		goto err_close;
1050 	}
1051 
1052 	binhdrsz = sizeof(struct opt_hdr_v1) +
1053 		(binarye->binary.nargs + 2) * sizeof(uint32_t) +
1054 		s.st_size;
1055 
1056 	/*
1057 	 * The size includes the binary image size, rounded
1058 	 * up to a 4-byte boundary. Plus 4 bytes for the
1059 	 * next-header byte and 3-byte alignment at the end.
1060 	 */
1061 	binhdrsz = ALIGN_SUP(binhdrsz, 4) + 4;
1062 	hdr->headersz_lsb = cpu_to_le16(binhdrsz & 0xFFFF);
1063 	hdr->headersz_msb = (binhdrsz & 0xFFFF0000) >> 16;
1064 
1065 	cur += sizeof(struct opt_hdr_v1);
1066 
1067 	args = (uint32_t *)cur;
1068 	*args = cpu_to_le32(binarye->binary.nargs);
1069 	args++;
1070 	for (argi = 0; argi < binarye->binary.nargs; argi++)
1071 		args[argi] = cpu_to_le32(binarye->binary.args[argi]);
1072 
1073 	cur += (binarye->binary.nargs + 1) * sizeof(uint32_t);
1074 
1075 	ret = fread(cur, s.st_size, 1, bin);
1076 	if (ret != 1) {
1077 		fprintf(stderr,
1078 			"Could not read binary image %s\n",
1079 			binarye->binary.file);
1080 		goto err_close;
1081 	}
1082 
1083 	fclose(bin);
1084 
1085 	cur += ALIGN_SUP(s.st_size, 4);
1086 
1087 	/*
1088 	 * For now, we don't support more than one binary
1089 	 * header, and no other header types are
1090 	 * supported. So, the binary header is necessarily the
1091 	 * last one
1092 	 */
1093 	*((uint32_t *)cur) = 0x00000000;
1094 
1095 	cur += sizeof(uint32_t);
1096 
1097 	return 0;
1098 
1099 err_close:
1100 	fclose(bin);
1101 
1102 	return -1;
1103 }
1104 
1105 #if defined(CONFIG_KWB_SECURE)
1106 
1107 int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
1108 {
1109 	FILE *hashf;
1110 	int res;
1111 
1112 	hashf = fopen("pub_kak_hash.txt", "w");
1113 
1114 	res = kwb_export_pubkey(kak, &secure_hdr->kak, hashf, "KAK");
1115 
1116 	fclose(hashf);
1117 
1118 	return res < 0 ? 1 : 0;
1119 }
1120 
1121 int kwb_sign_csk_with_kak(struct image_tool_params *params,
1122 			  struct secure_hdr_v1 *secure_hdr, RSA *csk)
1123 {
1124 	RSA *kak = NULL;
1125 	RSA *kak_pub = NULL;
1126 	int csk_idx = image_get_csk_index();
1127 	struct sig_v1 tmp_sig;
1128 
1129 	if (csk_idx >= 16) {
1130 		fprintf(stderr, "Invalid CSK index %d\n", csk_idx);
1131 		return 1;
1132 	}
1133 
1134 	if (kwb_load_kak(params, &kak) < 0)
1135 		return 1;
1136 
1137 	if (export_pub_kak_hash(kak, secure_hdr))
1138 		return 1;
1139 
1140 	if (kwb_import_pubkey(&kak_pub, &secure_hdr->kak, "KAK") < 0)
1141 		return 1;
1142 
1143 	if (kwb_export_pubkey(csk, &secure_hdr->csk[csk_idx], NULL, "CSK") < 0)
1144 		return 1;
1145 
1146 	if (kwb_sign_and_verify(kak, &secure_hdr->csk,
1147 				sizeof(secure_hdr->csk) +
1148 				sizeof(secure_hdr->csksig),
1149 				&tmp_sig, "CSK") < 0)
1150 		return 1;
1151 
1152 	if (kwb_verify(kak_pub, &secure_hdr->csk,
1153 		       sizeof(secure_hdr->csk) +
1154 		       sizeof(secure_hdr->csksig),
1155 		       &tmp_sig, "CSK (2)") < 0)
1156 		return 1;
1157 
1158 	secure_hdr->csksig = tmp_sig;
1159 
1160 	return 0;
1161 }
1162 
1163 int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
1164 			 int payloadsz, size_t headersz, uint8_t *image,
1165 			 struct secure_hdr_v1 *secure_hdr)
1166 {
1167 	struct image_cfg_element *e_jtagdelay;
1168 	struct image_cfg_element *e_boxid;
1169 	struct image_cfg_element *e_flashid;
1170 	RSA *csk = NULL;
1171 	unsigned char *image_ptr;
1172 	size_t image_size;
1173 	struct sig_v1 tmp_sig;
1174 	bool specialized_img = image_get_spezialized_img();
1175 
1176 	kwb_msg("Create secure header content\n");
1177 
1178 	e_jtagdelay = image_find_option(IMAGE_CFG_JTAG_DELAY);
1179 	e_boxid = image_find_option(IMAGE_CFG_BOX_ID);
1180 	e_flashid = image_find_option(IMAGE_CFG_FLASH_ID);
1181 
1182 	if (kwb_load_csk(params, &csk) < 0)
1183 		return 1;
1184 
1185 	secure_hdr->headertype = OPT_HDR_V1_SECURE_TYPE;
1186 	secure_hdr->headersz_msb = 0;
1187 	secure_hdr->headersz_lsb = cpu_to_le16(sizeof(struct secure_hdr_v1));
1188 	if (e_jtagdelay)
1189 		secure_hdr->jtag_delay = e_jtagdelay->jtag_delay;
1190 	if (e_boxid && specialized_img)
1191 		secure_hdr->boxid = cpu_to_le32(e_boxid->boxid);
1192 	if (e_flashid && specialized_img)
1193 		secure_hdr->flashid = cpu_to_le32(e_flashid->flashid);
1194 
1195 	if (kwb_sign_csk_with_kak(params, secure_hdr, csk))
1196 		return 1;
1197 
1198 	image_ptr = ptr + headersz;
1199 	image_size = payloadsz - headersz;
1200 
1201 	if (kwb_sign_and_verify(csk, image_ptr, image_size,
1202 				&secure_hdr->imgsig, "image") < 0)
1203 		return 1;
1204 
1205 	if (kwb_sign_and_verify(csk, image, headersz, &tmp_sig, "header") < 0)
1206 		return 1;
1207 
1208 	secure_hdr->hdrsig = tmp_sig;
1209 
1210 	kwb_dump_fuse_cmds(secure_hdr);
1211 
1212 	return 0;
1213 }
1214 #endif
1215 
1216 static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
1217 			     uint8_t *ptr, int payloadsz)
1218 {
1219 	struct image_cfg_element *e;
1220 	struct main_hdr_v1 *main_hdr;
1221 #if defined(CONFIG_KWB_SECURE)
1222 	struct secure_hdr_v1 *secure_hdr = NULL;
1223 #endif
1224 	size_t headersz;
1225 	uint8_t *image, *cur;
1226 	int hasext = 0;
1227 	uint8_t *next_ext = NULL;
1228 
1229 	/*
1230 	 * Calculate the size of the header and the size of the
1231 	 * payload
1232 	 */
1233 	headersz = image_headersz_v1(&hasext);
1234 	if (headersz == 0)
1235 		return NULL;
1236 
1237 	image = malloc(headersz);
1238 	if (!image) {
1239 		fprintf(stderr, "Cannot allocate memory for image\n");
1240 		return NULL;
1241 	}
1242 
1243 	memset(image, 0, headersz);
1244 
1245 	main_hdr = (struct main_hdr_v1 *)image;
1246 	cur = image;
1247 	cur += sizeof(struct main_hdr_v1);
1248 	next_ext = &main_hdr->ext;
1249 
1250 	/* Fill the main header */
1251 	main_hdr->blocksize    =
1252 		cpu_to_le32(payloadsz - headersz + sizeof(uint32_t));
1253 	main_hdr->headersz_lsb = cpu_to_le16(headersz & 0xFFFF);
1254 	main_hdr->headersz_msb = (headersz & 0xFFFF0000) >> 16;
1255 	main_hdr->destaddr     = cpu_to_le32(params->addr)
1256 				 - sizeof(image_header_t);
1257 	main_hdr->execaddr     = cpu_to_le32(params->ep);
1258 	main_hdr->srcaddr      = cpu_to_le32(headersz);
1259 	main_hdr->ext          = hasext;
1260 	main_hdr->version      = 1;
1261 	e = image_find_option(IMAGE_CFG_BOOT_FROM);
1262 	if (e)
1263 		main_hdr->blockid = e->bootfrom;
1264 	e = image_find_option(IMAGE_CFG_NAND_BLKSZ);
1265 	if (e)
1266 		main_hdr->nandblocksize = e->nandblksz / (64 * 1024);
1267 	e = image_find_option(IMAGE_CFG_NAND_BADBLK_LOCATION);
1268 	if (e)
1269 		main_hdr->nandbadblklocation = e->nandbadblklocation;
1270 	e = image_find_option(IMAGE_CFG_BAUDRATE);
1271 	if (e)
1272 		main_hdr->options = baudrate_to_option(e->baudrate);
1273 	e = image_find_option(IMAGE_CFG_DEBUG);
1274 	if (e)
1275 		main_hdr->flags = e->debug ? 0x1 : 0;
1276 
1277 #if defined(CONFIG_KWB_SECURE)
1278 	if (image_get_csk_index() >= 0) {
1279 		/*
1280 		 * only reserve the space here; we fill the header later since
1281 		 * we need the header to be complete to compute the signatures
1282 		 */
1283 		secure_hdr = (struct secure_hdr_v1 *)cur;
1284 		cur += sizeof(struct secure_hdr_v1);
1285 		next_ext = &secure_hdr->next;
1286 	}
1287 #endif
1288 	*next_ext = 1;
1289 
1290 	if (add_binary_header_v1(cur))
1291 		return NULL;
1292 
1293 #if defined(CONFIG_KWB_SECURE)
1294 	if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
1295 					       headersz, image, secure_hdr))
1296 		return NULL;
1297 #endif
1298 
1299 	/* Calculate and set the header checksum */
1300 	main_hdr->checksum = image_checksum8(main_hdr, headersz);
1301 
1302 	*imagesz = headersz;
1303 	return image;
1304 }
1305 
1306 int recognize_keyword(char *keyword)
1307 {
1308 	int kw_id;
1309 
1310 	for (kw_id = 1; kw_id < IMAGE_CFG_COUNT; ++kw_id)
1311 		if (!strcmp(keyword, id_strs[kw_id]))
1312 			return kw_id;
1313 
1314 	return 0;
1315 }
1316 
1317 static int image_create_config_parse_oneline(char *line,
1318 					     struct image_cfg_element *el)
1319 {
1320 	char *keyword, *saveptr, *value1, *value2;
1321 	char delimiters[] = " \t";
1322 	int keyword_id, ret, argi;
1323 	char *unknown_msg = "Ignoring unknown line '%s'\n";
1324 
1325 	keyword = strtok_r(line, delimiters, &saveptr);
1326 	keyword_id = recognize_keyword(keyword);
1327 
1328 	if (!keyword_id) {
1329 		fprintf(stderr, unknown_msg, line);
1330 		return 0;
1331 	}
1332 
1333 	el->type = keyword_id;
1334 
1335 	value1 = strtok_r(NULL, delimiters, &saveptr);
1336 
1337 	if (!value1) {
1338 		fprintf(stderr, "Parameter missing in line '%s'\n", line);
1339 		return -1;
1340 	}
1341 
1342 	switch (keyword_id) {
1343 	case IMAGE_CFG_VERSION:
1344 		el->version = atoi(value1);
1345 		break;
1346 	case IMAGE_CFG_BOOT_FROM:
1347 		ret = image_boot_mode_id(value1);
1348 
1349 		if (ret < 0) {
1350 			fprintf(stderr, "Invalid boot media '%s'\n", value1);
1351 			return -1;
1352 		}
1353 		el->bootfrom = ret;
1354 		break;
1355 	case IMAGE_CFG_NAND_BLKSZ:
1356 		el->nandblksz = strtoul(value1, NULL, 16);
1357 		break;
1358 	case IMAGE_CFG_NAND_BADBLK_LOCATION:
1359 		el->nandbadblklocation = strtoul(value1, NULL, 16);
1360 		break;
1361 	case IMAGE_CFG_NAND_ECC_MODE:
1362 		ret = image_nand_ecc_mode_id(value1);
1363 
1364 		if (ret < 0) {
1365 			fprintf(stderr, "Invalid NAND ECC mode '%s'\n", value1);
1366 			return -1;
1367 		}
1368 		el->nandeccmode = ret;
1369 		break;
1370 	case IMAGE_CFG_NAND_PAGESZ:
1371 		el->nandpagesz = strtoul(value1, NULL, 16);
1372 		break;
1373 	case IMAGE_CFG_BINARY:
1374 		argi = 0;
1375 
1376 		el->binary.file = strdup(value1);
1377 		while (1) {
1378 			char *value = strtok_r(NULL, delimiters, &saveptr);
1379 
1380 			if (!value)
1381 				break;
1382 			el->binary.args[argi] = strtoul(value, NULL, 16);
1383 			argi++;
1384 			if (argi >= BINARY_MAX_ARGS) {
1385 				fprintf(stderr,
1386 					"Too many arguments for BINARY\n");
1387 				return -1;
1388 			}
1389 		}
1390 		el->binary.nargs = argi;
1391 		break;
1392 	case IMAGE_CFG_DATA:
1393 		value2 = strtok_r(NULL, delimiters, &saveptr);
1394 
1395 		if (!value1 || !value2) {
1396 			fprintf(stderr,
1397 				"Invalid number of arguments for DATA\n");
1398 			return -1;
1399 		}
1400 
1401 		el->regdata.raddr = strtoul(value1, NULL, 16);
1402 		el->regdata.rdata = strtoul(value2, NULL, 16);
1403 		break;
1404 	case IMAGE_CFG_BAUDRATE:
1405 		el->baudrate = strtoul(value1, NULL, 10);
1406 		break;
1407 	case IMAGE_CFG_DEBUG:
1408 		el->debug = strtoul(value1, NULL, 10);
1409 		break;
1410 	case IMAGE_CFG_KAK:
1411 		el->key_name = strdup(value1);
1412 		break;
1413 	case IMAGE_CFG_CSK:
1414 		el->key_name = strdup(value1);
1415 		break;
1416 	case IMAGE_CFG_CSK_INDEX:
1417 		el->csk_idx = strtol(value1, NULL, 0);
1418 		break;
1419 	case IMAGE_CFG_JTAG_DELAY:
1420 		el->jtag_delay = strtoul(value1, NULL, 0);
1421 		break;
1422 	case IMAGE_CFG_BOX_ID:
1423 		el->boxid = strtoul(value1, NULL, 0);
1424 		break;
1425 	case IMAGE_CFG_FLASH_ID:
1426 		el->flashid = strtoul(value1, NULL, 0);
1427 		break;
1428 	case IMAGE_CFG_SEC_SPECIALIZED_IMG:
1429 		el->sec_specialized_img = true;
1430 		break;
1431 	case IMAGE_CFG_SEC_COMMON_IMG:
1432 		el->sec_specialized_img = false;
1433 		break;
1434 	case IMAGE_CFG_SEC_BOOT_DEV:
1435 		el->sec_boot_dev = strtoul(value1, NULL, 0);
1436 		break;
1437 	case IMAGE_CFG_SEC_FUSE_DUMP:
1438 		el->name = strdup(value1);
1439 		break;
1440 	default:
1441 		fprintf(stderr, unknown_msg, line);
1442 	}
1443 
1444 	return 0;
1445 }
1446 
1447 /*
1448  * Parse the configuration file 'fcfg' into the array of configuration
1449  * elements 'image_cfg', and return the number of configuration
1450  * elements in 'cfgn'.
1451  */
1452 static int image_create_config_parse(FILE *fcfg)
1453 {
1454 	int ret;
1455 	int cfgi = 0;
1456 
1457 	/* Parse the configuration file */
1458 	while (!feof(fcfg)) {
1459 		char *line;
1460 		char buf[256];
1461 
1462 		/* Read the current line */
1463 		memset(buf, 0, sizeof(buf));
1464 		line = fgets(buf, sizeof(buf), fcfg);
1465 		if (!line)
1466 			break;
1467 
1468 		/* Ignore useless lines */
1469 		if (line[0] == '\n' || line[0] == '#')
1470 			continue;
1471 
1472 		/* Strip final newline */
1473 		if (line[strlen(line) - 1] == '\n')
1474 			line[strlen(line) - 1] = 0;
1475 
1476 		/* Parse the current line */
1477 		ret = image_create_config_parse_oneline(line,
1478 							&image_cfg[cfgi]);
1479 		if (ret)
1480 			return ret;
1481 
1482 		cfgi++;
1483 
1484 		if (cfgi >= IMAGE_CFG_ELEMENT_MAX) {
1485 			fprintf(stderr,
1486 				"Too many configuration elements in .cfg file\n");
1487 			return -1;
1488 		}
1489 	}
1490 
1491 	cfgn = cfgi;
1492 	return 0;
1493 }
1494 
1495 static int image_get_version(void)
1496 {
1497 	struct image_cfg_element *e;
1498 
1499 	e = image_find_option(IMAGE_CFG_VERSION);
1500 	if (!e)
1501 		return -1;
1502 
1503 	return e->version;
1504 }
1505 
1506 static void kwbimage_set_header(void *ptr, struct stat *sbuf, int ifd,
1507 				struct image_tool_params *params)
1508 {
1509 	FILE *fcfg;
1510 	void *image = NULL;
1511 	int version;
1512 	size_t headersz = 0;
1513 	uint32_t checksum;
1514 	int ret;
1515 	int size;
1516 
1517 	fcfg = fopen(params->imagename, "r");
1518 	if (!fcfg) {
1519 		fprintf(stderr, "Could not open input file %s\n",
1520 			params->imagename);
1521 		exit(EXIT_FAILURE);
1522 	}
1523 
1524 	image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
1525 			   sizeof(struct image_cfg_element));
1526 	if (!image_cfg) {
1527 		fprintf(stderr, "Cannot allocate memory\n");
1528 		fclose(fcfg);
1529 		exit(EXIT_FAILURE);
1530 	}
1531 
1532 	memset(image_cfg, 0,
1533 	       IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
1534 	rewind(fcfg);
1535 
1536 	ret = image_create_config_parse(fcfg);
1537 	fclose(fcfg);
1538 	if (ret) {
1539 		free(image_cfg);
1540 		exit(EXIT_FAILURE);
1541 	}
1542 
1543 	/* The MVEBU BootROM does not allow non word aligned payloads */
1544 	sbuf->st_size = ALIGN_SUP(sbuf->st_size, 4);
1545 
1546 	version = image_get_version();
1547 	switch (version) {
1548 		/*
1549 		 * Fallback to version 0 if no version is provided in the
1550 		 * cfg file
1551 		 */
1552 	case -1:
1553 	case 0:
1554 		image = image_create_v0(&headersz, params, sbuf->st_size);
1555 		break;
1556 
1557 	case 1:
1558 		image = image_create_v1(&headersz, params, ptr, sbuf->st_size);
1559 		break;
1560 
1561 	default:
1562 		fprintf(stderr, "Unsupported version %d\n", version);
1563 		free(image_cfg);
1564 		exit(EXIT_FAILURE);
1565 	}
1566 
1567 	if (!image) {
1568 		fprintf(stderr, "Could not create image\n");
1569 		free(image_cfg);
1570 		exit(EXIT_FAILURE);
1571 	}
1572 
1573 	free(image_cfg);
1574 
1575 	/* Build and add image checksum header */
1576 	checksum =
1577 		cpu_to_le32(image_checksum32((uint32_t *)ptr, sbuf->st_size));
1578 	size = write(ifd, &checksum, sizeof(uint32_t));
1579 	if (size != sizeof(uint32_t)) {
1580 		fprintf(stderr, "Error:%s - Checksum write %d bytes %s\n",
1581 			params->cmdname, size, params->imagefile);
1582 		exit(EXIT_FAILURE);
1583 	}
1584 
1585 	sbuf->st_size += sizeof(uint32_t);
1586 
1587 	/* Finally copy the header into the image area */
1588 	memcpy(ptr, image, headersz);
1589 
1590 	free(image);
1591 }
1592 
1593 static void kwbimage_print_header(const void *ptr)
1594 {
1595 	struct main_hdr_v0 *mhdr = (struct main_hdr_v0 *)ptr;
1596 
1597 	printf("Image Type:   MVEBU Boot from %s Image\n",
1598 	       image_boot_mode_name(mhdr->blockid));
1599 	printf("Image version:%d\n", image_version((void *)ptr));
1600 	printf("Data Size:    ");
1601 	genimg_print_size(mhdr->blocksize - sizeof(uint32_t));
1602 	printf("Load Address: %08x\n", mhdr->destaddr);
1603 	printf("Entry Point:  %08x\n", mhdr->execaddr);
1604 }
1605 
1606 static int kwbimage_check_image_types(uint8_t type)
1607 {
1608 	if (type == IH_TYPE_KWBIMAGE)
1609 		return EXIT_SUCCESS;
1610 
1611 	return EXIT_FAILURE;
1612 }
1613 
1614 static int kwbimage_verify_header(unsigned char *ptr, int image_size,
1615 				  struct image_tool_params *params)
1616 {
1617 	uint8_t checksum;
1618 	size_t header_size = kwbimage_header_size(ptr);
1619 
1620 	if (header_size > image_size)
1621 		return -FDT_ERR_BADSTRUCTURE;
1622 
1623 	if (!main_hdr_checksum_ok(ptr))
1624 		return -FDT_ERR_BADSTRUCTURE;
1625 
1626 	/* Only version 0 extended header has checksum */
1627 	if (image_version((void *)ptr) == 0) {
1628 		struct ext_hdr_v0 *ext_hdr;
1629 
1630 		ext_hdr = (struct ext_hdr_v0 *)
1631 				(ptr + sizeof(struct main_hdr_v0));
1632 		checksum = image_checksum8(ext_hdr,
1633 					   sizeof(struct ext_hdr_v0)
1634 					   - sizeof(uint8_t));
1635 		if (checksum != ext_hdr->checksum)
1636 			return -FDT_ERR_BADSTRUCTURE;
1637 	}
1638 
1639 	return 0;
1640 }
1641 
1642 static int kwbimage_generate(struct image_tool_params *params,
1643 			     struct image_type_params *tparams)
1644 {
1645 	FILE *fcfg;
1646 	int alloc_len;
1647 	int version;
1648 	void *hdr;
1649 	int ret;
1650 
1651 	fcfg = fopen(params->imagename, "r");
1652 	if (!fcfg) {
1653 		fprintf(stderr, "Could not open input file %s\n",
1654 			params->imagename);
1655 		exit(EXIT_FAILURE);
1656 	}
1657 
1658 	image_cfg = malloc(IMAGE_CFG_ELEMENT_MAX *
1659 			   sizeof(struct image_cfg_element));
1660 	if (!image_cfg) {
1661 		fprintf(stderr, "Cannot allocate memory\n");
1662 		fclose(fcfg);
1663 		exit(EXIT_FAILURE);
1664 	}
1665 
1666 	memset(image_cfg, 0,
1667 	       IMAGE_CFG_ELEMENT_MAX * sizeof(struct image_cfg_element));
1668 	rewind(fcfg);
1669 
1670 	ret = image_create_config_parse(fcfg);
1671 	fclose(fcfg);
1672 	if (ret) {
1673 		free(image_cfg);
1674 		exit(EXIT_FAILURE);
1675 	}
1676 
1677 	version = image_get_version();
1678 	switch (version) {
1679 		/*
1680 		 * Fallback to version 0 if no version is provided in the
1681 		 * cfg file
1682 		 */
1683 	case -1:
1684 	case 0:
1685 		alloc_len = sizeof(struct main_hdr_v0) +
1686 			sizeof(struct ext_hdr_v0);
1687 		break;
1688 
1689 	case 1:
1690 		alloc_len = image_headersz_v1(NULL);
1691 		break;
1692 
1693 	default:
1694 		fprintf(stderr, "Unsupported version %d\n", version);
1695 		free(image_cfg);
1696 		exit(EXIT_FAILURE);
1697 	}
1698 
1699 	free(image_cfg);
1700 
1701 	hdr = malloc(alloc_len);
1702 	if (!hdr) {
1703 		fprintf(stderr, "%s: malloc return failure: %s\n",
1704 			params->cmdname, strerror(errno));
1705 		exit(EXIT_FAILURE);
1706 	}
1707 
1708 	memset(hdr, 0, alloc_len);
1709 	tparams->header_size = alloc_len;
1710 	tparams->hdr = hdr;
1711 
1712 	/*
1713 	 * The resulting image needs to be 4-byte aligned. At least
1714 	 * the Marvell hdrparser tool complains if its unaligned.
1715 	 * By returning 1 here in this function, called via
1716 	 * tparams->vrec_header() in mkimage.c, mkimage will
1717 	 * automatically pad the the resulting image to a 4-byte
1718 	 * size if necessary.
1719 	 */
1720 	return 1;
1721 }
1722 
1723 /*
1724  * Report Error if xflag is set in addition to default
1725  */
1726 static int kwbimage_check_params(struct image_tool_params *params)
1727 {
1728 	if (!strlen(params->imagename)) {
1729 		char *msg = "Configuration file for kwbimage creation omitted";
1730 
1731 		fprintf(stderr, "Error:%s - %s\n", params->cmdname, msg);
1732 		return CFG_INVALID;
1733 	}
1734 
1735 	return (params->dflag && (params->fflag || params->lflag)) ||
1736 		(params->fflag && (params->dflag || params->lflag)) ||
1737 		(params->lflag && (params->dflag || params->fflag)) ||
1738 		(params->xflag) || !(strlen(params->imagename));
1739 }
1740 
1741 /*
1742  * kwbimage type parameters definition
1743  */
1744 U_BOOT_IMAGE_TYPE(
1745 	kwbimage,
1746 	"Marvell MVEBU Boot Image support",
1747 	0,
1748 	NULL,
1749 	kwbimage_check_params,
1750 	kwbimage_verify_header,
1751 	kwbimage_print_header,
1752 	kwbimage_set_header,
1753 	NULL,
1754 	kwbimage_check_image_types,
1755 	NULL,
1756 	kwbimage_generate
1757 );
1758