xref: /openbmc/u-boot/tools/rkcommon.c (revision c2012cb4)
1 /*
2  * (C) Copyright 2015 Google,  Inc
3  * Written by Simon Glass <sjg@chromium.org>
4  *
5  * (C) 2017 Theobroma Systems Design und Consulting GmbH
6  *
7  * SPDX-License-Identifier:	GPL-2.0+
8  *
9  * Helper functions for Rockchip images
10  */
11 
12 #include "imagetool.h"
13 #include <image.h>
14 #include <rc4.h>
15 #include "mkimage.h"
16 #include "rkcommon.h"
17 
18 #define DIV_ROUND_UP(n, d)	(((n) + (d) - 1) / (d))
19 
20 enum {
21 	RK_SIGNATURE		= 0x0ff0aa55,
22 };
23 
24 /**
25  * struct header0_info - header block for boot ROM
26  *
27  * This is stored at SD card block 64 (where each block is 512 bytes, or at
28  * the start of SPI flash. It is encoded with RC4.
29  *
30  * @signature:		Signature (must be RKSD_SIGNATURE)
31  * @disable_rc4:	0 to use rc4 for boot image,  1 to use plain binary
32  * @init_offset:	Offset in blocks of the SPL code from this header
33  *			block. E.g. 4 means 2KB after the start of this header.
34  * Other fields are not used by U-Boot
35  */
36 struct header0_info {
37 	uint32_t signature;
38 	uint8_t reserved[4];
39 	uint32_t disable_rc4;
40 	uint16_t init_offset;
41 	uint8_t reserved1[492];
42 	uint16_t init_size;
43 	uint16_t init_boot_size;
44 	uint8_t reserved2[2];
45 };
46 
47 /**
48  * struct header1_info
49  */
50 struct header1_info {
51 	uint32_t magic;
52 };
53 
54 /**
55  * struct spl_info - spl info for each chip
56  *
57  * @imagename:		Image name(passed by "mkimage -n")
58  * @spl_hdr:		Boot ROM requires a 4-bytes spl header
59  * @spl_size:		Spl size(include extra 4-bytes spl header)
60  * @spl_rc4:		RC4 encode the SPL binary (same key as header)
61  * @spl_boot0:          A new-style (ARM_SOC_BOOT0_HOOK) image that should
62  *                      have the boot magic (e.g. 'RK33') written to its first
63  *                      word.
64  */
65 
66 struct spl_info {
67 	const char *imagename;
68 	const char *spl_hdr;
69 	const uint32_t spl_size;
70 	const bool spl_rc4;
71 	const bool spl_boot0;
72 };
73 
74 static struct spl_info spl_infos[] = {
75 	{ "rk3036", "RK30", 0x1000, false, false },
76 	{ "rk3188", "RK31", 0x8000 - 0x800, true, false },
77 	{ "rk322x", "RK32", 0x8000 - 0x1000, false, false },
78 	{ "rk3288", "RK32", 0x8000, false, false },
79 	{ "rk3328", "RK32", 0x8000 - 0x1000, false, false },
80 	{ "rk3399", "RK33", 0x30000 - 0x2000, false, true },
81 	{ "rv1108", "RK11", 0x1800, false, false},
82 };
83 
84 static unsigned char rc4_key[16] = {
85 	124, 78, 3, 4, 85, 5, 9, 7,
86 	45, 44, 123, 56, 23, 13, 23, 17
87 };
88 
89 static struct spl_info *rkcommon_get_spl_info(char *imagename)
90 {
91 	int i;
92 
93 	if (!imagename)
94 		return NULL;
95 
96 	for (i = 0; i < ARRAY_SIZE(spl_infos); i++)
97 		if (!strncmp(imagename, spl_infos[i].imagename, 6))
98 			return spl_infos + i;
99 
100 	return NULL;
101 }
102 
103 int rkcommon_check_params(struct image_tool_params *params)
104 {
105 	int i;
106 
107 	if (rkcommon_get_spl_info(params->imagename) != NULL)
108 		return EXIT_SUCCESS;
109 
110 	/*
111 	 * If this is a operation (list or extract), the don't require
112 	 * imagename to be set.
113 	 */
114 	if (params->lflag || params->iflag)
115 		return EXIT_SUCCESS;
116 
117 	fprintf(stderr, "ERROR: imagename (%s) is not supported!\n",
118 		params->imagename ? params->imagename : "NULL");
119 
120 	fprintf(stderr, "Available imagename:");
121 	for (i = 0; i < ARRAY_SIZE(spl_infos); i++)
122 		fprintf(stderr, "\t%s", spl_infos[i].imagename);
123 	fprintf(stderr, "\n");
124 
125 	return EXIT_FAILURE;
126 }
127 
128 const char *rkcommon_get_spl_hdr(struct image_tool_params *params)
129 {
130 	struct spl_info *info = rkcommon_get_spl_info(params->imagename);
131 
132 	/*
133 	 * info would not be NULL, because of we checked params before.
134 	 */
135 	return info->spl_hdr;
136 }
137 
138 
139 int rkcommon_get_spl_size(struct image_tool_params *params)
140 {
141 	struct spl_info *info = rkcommon_get_spl_info(params->imagename);
142 
143 	/*
144 	 * info would not be NULL, because of we checked params before.
145 	 */
146 	return info->spl_size;
147 }
148 
149 bool rkcommon_need_rc4_spl(struct image_tool_params *params)
150 {
151 	struct spl_info *info = rkcommon_get_spl_info(params->imagename);
152 
153 	/*
154 	 * info would not be NULL, because of we checked params before.
155 	 */
156 	return info->spl_rc4;
157 }
158 
159 bool rkcommon_spl_is_boot0(struct image_tool_params *params)
160 {
161 	struct spl_info *info = rkcommon_get_spl_info(params->imagename);
162 
163 	/*
164 	 * info would not be NULL, because of we checked params before.
165 	 */
166 	return info->spl_boot0;
167 }
168 
169 static void rkcommon_set_header0(void *buf, uint file_size,
170 				 struct image_tool_params *params)
171 {
172 	struct header0_info *hdr = buf;
173 
174 	memset(buf, '\0', RK_INIT_OFFSET * RK_BLK_SIZE);
175 	hdr->signature = RK_SIGNATURE;
176 	hdr->disable_rc4 = !rkcommon_need_rc4_spl(params);
177 	hdr->init_offset = RK_INIT_OFFSET;
178 
179 	hdr->init_size = DIV_ROUND_UP(file_size, RK_BLK_SIZE);
180 	/*
181 	 * The init_size has to be a multiple of 4 blocks (i.e. of 2K)
182 	 * or the BootROM will not boot the image.
183 	 *
184 	 * Note: To verify that this is not a legacy constraint, we
185 	 *       rechecked this against the RK3399 BootROM.
186 	 */
187 	hdr->init_size = ROUND(hdr->init_size, 4);
188 	/*
189 	 * init_boot_size needs to be set, as it is read by the BootROM
190 	 * to determine the size of the next-stage bootloader (e.g. U-Boot
191 	 * proper), when used with the back-to-bootrom functionality.
192 	 *
193 	 * see https://lists.denx.de/pipermail/u-boot/2017-May/293267.html
194 	 * for a more detailed explanation by Andy Yan
195 	 */
196 	hdr->init_boot_size = hdr->init_size + RK_MAX_BOOT_SIZE / RK_BLK_SIZE;
197 
198 	rc4_encode(buf, RK_BLK_SIZE, rc4_key);
199 }
200 
201 int rkcommon_set_header(void *buf, uint file_size,
202 			struct image_tool_params *params)
203 {
204 	struct header1_info *hdr = buf + RK_SPL_HDR_START;
205 
206 	if (file_size > rkcommon_get_spl_size(params))
207 		return -ENOSPC;
208 
209 	rkcommon_set_header0(buf, file_size, params);
210 
211 	/* Set up the SPL name (i.e. copy spl_hdr over) */
212 	memcpy(&hdr->magic, rkcommon_get_spl_hdr(params), RK_SPL_HDR_SIZE);
213 
214 	if (rkcommon_need_rc4_spl(params))
215 		rkcommon_rc4_encode_spl(buf, RK_SPL_HDR_START,
216 					params->file_size - RK_SPL_HDR_START);
217 
218 	return 0;
219 }
220 
221 static inline unsigned rkcommon_offset_to_spi(unsigned offset)
222 {
223 	/*
224 	 * While SD/MMC images use a flat addressing, SPI images are padded
225 	 * to use the first 2K of every 4K sector only.
226 	 */
227 	return ((offset & ~0x7ff) << 1) + (offset & 0x7ff);
228 }
229 
230 static int rkcommon_parse_header(const void *buf, struct header0_info *header0,
231 				 struct spl_info **spl_info)
232 {
233 	unsigned hdr1_offset;
234 	struct header1_info *hdr1_sdmmc, *hdr1_spi;
235 	int i;
236 
237 	if (spl_info)
238 		*spl_info = NULL;
239 
240 	/*
241 	 * The first header (hdr0) is always RC4 encoded, so try to decrypt
242 	 * with the well-known key.
243 	 */
244 	memcpy((void *)header0, buf, sizeof(struct header0_info));
245 	rc4_encode((void *)header0, sizeof(struct header0_info), rc4_key);
246 
247 	if (header0->signature != RK_SIGNATURE)
248 		return -EPROTO;
249 
250 	/* We don't support RC4 encoded image payloads here, yet... */
251 	if (header0->disable_rc4 == 0)
252 		return -ENOSYS;
253 
254 	hdr1_offset = header0->init_offset * RK_BLK_SIZE;
255 	hdr1_sdmmc = (struct header1_info *)(buf + hdr1_offset);
256 	hdr1_spi = (struct header1_info *)(buf +
257 					   rkcommon_offset_to_spi(hdr1_offset));
258 
259 	for (i = 0; i < ARRAY_SIZE(spl_infos); i++) {
260 		if (!memcmp(&hdr1_sdmmc->magic, spl_infos[i].spl_hdr, 4)) {
261 			if (spl_info)
262 				*spl_info = &spl_infos[i];
263 			return IH_TYPE_RKSD;
264 		} else if (!memcmp(&hdr1_spi->magic, spl_infos[i].spl_hdr, 4)) {
265 			if (spl_info)
266 				*spl_info = &spl_infos[i];
267 			return IH_TYPE_RKSPI;
268 		}
269 	}
270 
271 	return -1;
272 }
273 
274 int rkcommon_verify_header(unsigned char *buf, int size,
275 			   struct image_tool_params *params)
276 {
277 	struct header0_info header0;
278 	struct spl_info *img_spl_info, *spl_info;
279 	int ret;
280 
281 	ret = rkcommon_parse_header(buf, &header0, &img_spl_info);
282 
283 	/* If this is the (unimplemented) RC4 case, then rewrite the result */
284 	if (ret == -ENOSYS)
285 		return 0;
286 
287 	if (ret < 0)
288 		return ret;
289 
290 	/*
291 	 * If no 'imagename' is specified via the commandline (e.g. if this is
292 	 * 'dumpimage -l' w/o any further constraints), we accept any spl_info.
293 	 */
294 	if (params->imagename == NULL)
295 		return 0;
296 
297 	/* Match the 'imagename' against the 'spl_hdr' found */
298 	spl_info = rkcommon_get_spl_info(params->imagename);
299 	if (spl_info && img_spl_info)
300 		return strcmp(spl_info->spl_hdr, img_spl_info->spl_hdr);
301 
302 	return -ENOENT;
303 }
304 
305 void rkcommon_print_header(const void *buf)
306 {
307 	struct header0_info header0;
308 	struct spl_info *spl_info;
309 	uint8_t image_type;
310 	int ret;
311 
312 	ret = rkcommon_parse_header(buf, &header0, &spl_info);
313 
314 	/* If this is the (unimplemented) RC4 case, then fail silently */
315 	if (ret == -ENOSYS)
316 		return;
317 
318 	if (ret < 0) {
319 		fprintf(stderr, "Error: image verification failed\n");
320 		return;
321 	}
322 
323 	image_type = ret;
324 
325 	printf("Image Type:   Rockchip %s (%s) boot image\n",
326 	       spl_info->spl_hdr,
327 	       (image_type == IH_TYPE_RKSD) ? "SD/MMC" : "SPI");
328 	printf("Data Size:    %d bytes\n", header0.init_size * RK_BLK_SIZE);
329 }
330 
331 void rkcommon_rc4_encode_spl(void *buf, unsigned int offset, unsigned int size)
332 {
333 	unsigned int remaining = size;
334 
335 	while (remaining > 0) {
336 		int step = (remaining > RK_BLK_SIZE) ? RK_BLK_SIZE : remaining;
337 
338 		rc4_encode(buf + offset, step, rc4_key);
339 		offset += RK_BLK_SIZE;
340 		remaining -= step;
341 	}
342 }
343 
344 int rkcommon_vrec_header(struct image_tool_params *params,
345 			 struct image_type_params *tparams,
346 			 unsigned int alignment)
347 {
348 	unsigned int  unpadded_size;
349 	unsigned int  padded_size;
350 
351 	/*
352 	 * The SPL image looks as follows:
353 	 *
354 	 * 0x0    header0 (see rkcommon.c)
355 	 * 0x800  spl_name ('RK30', ..., 'RK33')
356 	 *        (start of the payload for AArch64 payloads: we expect the
357 	 *        first 4 bytes to be available for overwriting with our
358 	 *        spl_name)
359 	 * 0x804  first instruction to be executed
360 	 *        (start of the image/payload for 32bit payloads)
361 	 *
362 	 * For AArch64 (ARMv8) payloads, natural alignment (8-bytes) is
363 	 * required for its sections (so the image we receive needs to
364 	 * have the first 4 bytes reserved for the spl_name).  Reserving
365 	 * these 4 bytes is done using the BOOT0_HOOK infrastructure.
366 	 *
367 	 * Depending on this, the header is either 0x800 (if this is a
368 	 * 'boot0'-style payload, which has reserved 4 bytes at the
369 	 * beginning for the 'spl_name' and expects us to overwrite
370 	 * its first 4 bytes) or 0x804 bytes in length.
371 	 */
372 	if (rkcommon_spl_is_boot0(params))
373 		tparams->header_size = RK_SPL_HDR_START;
374 	else
375 		tparams->header_size = RK_SPL_HDR_START + 4;
376 
377 	/* Allocate, clear and install the header */
378 	tparams->hdr = malloc(tparams->header_size);
379 	if (!tparams->hdr)
380 		return -ENOMEM;
381 	memset(tparams->hdr, 0, tparams->header_size);
382 
383 	/*
384 	 * If someone passed in 0 for the alignment, we'd better handle
385 	 * it correctly...
386 	 */
387 	if (!alignment)
388 		alignment = 1;
389 
390 	unpadded_size = tparams->header_size + params->file_size;
391 	padded_size = ROUND(unpadded_size, alignment);
392 
393 	return padded_size - unpadded_size;
394 }
395