cros/exynos/verify.c - mirrors/cros/chromiumos/third_party/u-boot - Git at Google

 /*
  * Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Alternatively, this software may be distributed under the terms of the
  * GNU General Public License ("GPL") version 2 as published by the Free
  * Software Foundation.
  */

 #include <common.h>
 #include <sha256.h>
 #include <asm/arch/ace.h>
 #include <asm/arch/spl.h>
 #include <cros/power_management.h>
 #include <cros/vboot.h>

 static void verified_failed(struct vboot_persist *persist, uint firmware_num,
 			    bool enable_debug)
 {
 	/*
 	 * If we don't find the persist information, then there is no need to
 	 * do anything here. The information is set up by a previous RO
 	 * U-Boot and updated by a previous RW SPL. If neither of those wrote
 	 * anything then we have nothing to do. It indicates that verification
 	 * is not required (e.g. we are booting the recovery SPL which is in
 	 * RO SPI flash).
 	 */
 	if (persist->magic != VBOOT_PERSIST_MAGIC)
 		return;

 	/*
 	 * Mark this firmware as bad and reboot. This information is stored in
 	 * internal SRAM so will persist across the reboot (the call to
 	 * cold_reboot())
 	 */
 	persist->flags |= 1 << firmware_num;
 	if (enable_debug)
 		printf("Marking firmware %u bad, rebooting\n", firmware_num);
 	cold_reboot();
 }

 static void dump_bytes(const char *name, unsigned char data[], int size)
 {
 	int i;

 	printf("%s: ", name);
 	for (i = 0; i < size; i++)
 		printf("%02x", data[i]);
 	printf("\n");
 }

 int board_image_verify(int firmware_num, ulong start, ulong size,
 		       int enable_debug)
 {
 	unsigned char digest[SHA256_SUM_LEN];
 	struct spl_machine_param *param;
 	struct vboot_persist *persist;
 	struct spl_hash *hash;
 	int ret;

 	param = spl_get_machine_params();
 	if (!param->vboot_persist_start) {
 		if (enable_debug)
 			puts(", no persist");
 		return -1;
 	}
 	persist = map_sysmem(param->vboot_persist_start, sizeof(*persist));

 	hash = spl_get_hash();
 	if (!hash) {
 		if (enable_debug)
 			puts(", no hash");
 		return -1;
 	}

 	ret = ace_sha_hash_digest((void *)start, size, digest,
 				  ACE_SHA_TYPE_SHA256);
 	if (ret) {
 		puts(", ACE failed\n");
 		verified_failed(persist, firmware_num, enable_debug);
 	}

 	if (memcmp(digest, hash->digest, SHA256_SUM_LEN)) {
 		puts(", hash failed\n");
 		if (enable_debug) {
 			printf("start=%lx, size=%lx\n", start, size);
 			dump_bytes("calced", digest, SHA256_SUM_LEN);
 			dump_bytes("stored", hash->digest, SHA256_SUM_LEN);
 		}
 		verified_failed(persist, firmware_num, enable_debug);
 	}

 	return 0;
 }
	/*
	* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
	* Use of this source code is governed by a BSD-style license that can be
	* found in the LICENSE file.
	*
	* Alternatively, this software may be distributed under the terms of the
	* GNU General Public License ("GPL") version 2 as published by the Free
	* Software Foundation.
	*/

	#include <common.h>
	#include <sha256.h>
	#include <asm/arch/ace.h>
	#include <asm/arch/spl.h>
	#include <cros/power_management.h>
	#include <cros/vboot.h>

	static void verified_failed(struct vboot_persist *persist, uint firmware_num,
	bool enable_debug)
	{
	/*
	* If we don't find the persist information, then there is no need to
	* do anything here. The information is set up by a previous RO
	* U-Boot and updated by a previous RW SPL. If neither of those wrote
	* anything then we have nothing to do. It indicates that verification
	* is not required (e.g. we are booting the recovery SPL which is in
	* RO SPI flash).
	*/
	if (persist->magic != VBOOT_PERSIST_MAGIC)
	return;

	/*
	* Mark this firmware as bad and reboot. This information is stored in
	* internal SRAM so will persist across the reboot (the call to
	* cold_reboot())
	*/
	persist->flags \|= 1 << firmware_num;
	if (enable_debug)
	printf("Marking firmware %u bad, rebooting\n", firmware_num);
	cold_reboot();
	}

	static void dump_bytes(const char *name, unsigned char data[], int size)
	{
	int i;

	printf("%s: ", name);
	for (i = 0; i < size; i++)
	printf("%02x", data[i]);
	printf("\n");
	}

	int board_image_verify(int firmware_num, ulong start, ulong size,
	int enable_debug)
	{
	unsigned char digest[SHA256_SUM_LEN];
	struct spl_machine_param *param;
	struct vboot_persist *persist;
	struct spl_hash *hash;
	int ret;

	param = spl_get_machine_params();
	if (!param->vboot_persist_start) {
	if (enable_debug)
	puts(", no persist");
	return -1;
	}
	persist = map_sysmem(param->vboot_persist_start, sizeof(*persist));

	hash = spl_get_hash();
	if (!hash) {
	if (enable_debug)
	puts(", no hash");
	return -1;
	}

	ret = ace_sha_hash_digest((void *)start, size, digest,
	ACE_SHA_TYPE_SHA256);
	if (ret) {
	puts(", ACE failed\n");
	verified_failed(persist, firmware_num, enable_debug);
	}

	if (memcmp(digest, hash->digest, SHA256_SUM_LEN)) {
	puts(", hash failed\n");
	if (enable_debug) {
	printf("start=%lx, size=%lx\n", start, size);
	dump_bytes("calced", digest, SHA256_SUM_LEN);
	dump_bytes("stored", hash->digest, SHA256_SUM_LEN);
	}
	verified_failed(persist, firmware_num, enable_debug);
	}

	return 0;
	}