1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * (C) Copyright 2018 Xilinx, Inc.
4  * Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
5  */
6 
7 #include <common.h>
8 #include <malloc.h>
9 #include <asm/arch/sys_proto.h>
10 #include <asm/io.h>
11 
zynqmp_verify_secure(u8 * key_ptr,u8 * src_ptr,u32 len)12 static int zynqmp_verify_secure(u8 *key_ptr, u8 *src_ptr, u32 len)
13 {
14 	int ret;
15 	u32 src_lo, src_hi;
16 	u32 key_lo = 0;
17 	u32 key_hi = 0;
18 	u32 ret_payload[PAYLOAD_ARG_CNT];
19 	u64 addr;
20 
21 	if ((ulong)src_ptr != ALIGN((ulong)src_ptr,
22 				    CONFIG_SYS_CACHELINE_SIZE)) {
23 		printf("Failed: source address not aligned:%p\n", src_ptr);
24 		return -EINVAL;
25 	}
26 
27 	src_lo = lower_32_bits((ulong)src_ptr);
28 	src_hi = upper_32_bits((ulong)src_ptr);
29 	flush_dcache_range((ulong)src_ptr, (ulong)(src_ptr + len));
30 
31 	if (key_ptr) {
32 		key_lo = lower_32_bits((ulong)key_ptr);
33 		key_hi = upper_32_bits((ulong)key_ptr);
34 		flush_dcache_range((ulong)key_ptr,
35 				   (ulong)(key_ptr + KEY_PTR_LEN));
36 	}
37 
38 	ret = invoke_smc(ZYNQMP_SIP_SVC_PM_SECURE_IMG_LOAD, src_lo, src_hi,
39 			 key_lo, key_hi, ret_payload);
40 	if (ret) {
41 		printf("Failed: secure op status:0x%x\n", ret);
42 	} else {
43 		addr = (u64)ret_payload[1] << 32 | ret_payload[2];
44 		printf("Verified image at 0x%llx\n", addr);
45 		env_set_hex("zynqmp_verified_img_addr", addr);
46 	}
47 
48 	return ret;
49 }
50 
51 /**
52  * do_zynqmp - Handle the "zynqmp" command-line command
53  * @cmdtp:	Command data struct pointer
54  * @flag:	Command flag
55  * @argc:	Command-line argument count
56  * @argv:	Array of command-line arguments
57  *
58  * Processes the zynqmp specific commands
59  *
60  * Return: return 0 on success and CMD_RET_USAGE incase of misuse and error
61  */
do_zynqmp(cmd_tbl_t * cmdtp,int flag,int argc,char * const argv[])62 static int do_zynqmp(cmd_tbl_t *cmdtp, int flag, int argc,
63 		     char *const argv[])
64 {
65 	u64 src_addr;
66 	u32 len;
67 	u8 *key_ptr = NULL;
68 	u8 *src_ptr;
69 	int ret;
70 
71 	if (argc > 5 || argc < 4 || strncmp(argv[1], "secure", 6))
72 		return CMD_RET_USAGE;
73 
74 	src_addr = simple_strtoull(argv[2], NULL, 16);
75 
76 	len = simple_strtoul(argv[3], NULL, 16);
77 
78 	if (argc > 4)
79 		key_ptr = (uint8_t *)(uintptr_t)simple_strtoull(argv[4],
80 								NULL, 16);
81 
82 	src_ptr = (uint8_t *)(uintptr_t)src_addr;
83 
84 	ret = zynqmp_verify_secure(key_ptr, src_ptr, len);
85 	if (ret)
86 		return CMD_RET_FAILURE;
87 
88 	return CMD_RET_SUCCESS;
89 }
90 
91 /***************************************************/
92 #ifdef CONFIG_SYS_LONGHELP
93 static char zynqmp_help_text[] =
94 	"secure src len [key_addr] - verifies secure images of $len bytes\n"
95 	"                            long at address $src. Optional key_addr\n"
96 	"                            can be specified if user key needs to\n"
97 	"                            be used for decryption\n";
98 #endif
99 
100 U_BOOT_CMD(
101 	zynqmp, 5, 1, do_zynqmp,
102 	"Verify and load secure images",
103 	zynqmp_help_text
104 )
105