1 /* 2 * Copyright (c) 2021-2022, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 9 #include <common/debug.h> 10 #include <common/tf_crc32.h> 11 #include <common/tbbr/tbbr_img_def.h> 12 #include <drivers/fwu/fwu.h> 13 #include <drivers/fwu/fwu_metadata.h> 14 #include <drivers/io/io_storage.h> 15 16 #include <plat/common/platform.h> 17 18 /* 19 * Assert that crc_32 is the first member of fwu_metadata structure. 20 * It avoids accessing data outside of the metadata structure during 21 * CRC32 computation if the crc_32 field gets moved due the structure 22 * member(s) addition in the future. 23 */ 24 CASSERT((offsetof(struct fwu_metadata, crc_32) == 0), 25 crc_32_must_be_first_member_of_structure); 26 27 static struct fwu_metadata metadata; 28 static bool is_metadata_initialized __unused; 29 30 /******************************************************************************* 31 * Compute CRC32 of the FWU metadata, and check it against the CRC32 value 32 * present in the FWU metadata. 33 * 34 * return -1 on error, otherwise 0 35 ******************************************************************************/ 36 static int fwu_metadata_crc_check(void) 37 { 38 unsigned char *data = (unsigned char *)&metadata; 39 40 uint32_t calc_crc = tf_crc32(0U, data + sizeof(metadata.crc_32), 41 (sizeof(metadata) - 42 sizeof(metadata.crc_32))); 43 44 if (metadata.crc_32 != calc_crc) { 45 return -1; 46 } 47 48 return 0; 49 } 50 51 /******************************************************************************* 52 * Check the sanity of FWU metadata. 53 * 54 * return -1 on error, otherwise 0 55 ******************************************************************************/ 56 static int fwu_metadata_sanity_check(void) 57 { 58 /* ToDo: add more conditions for sanity check */ 59 if ((metadata.active_index >= NR_OF_FW_BANKS) || 60 (metadata.previous_active_index >= NR_OF_FW_BANKS)) { 61 return -1; 62 } 63 64 return 0; 65 } 66 67 /******************************************************************************* 68 * Verify and load specified FWU metadata image to local FWU metadata structure. 69 * 70 * @image_id: FWU metadata image id (either FWU_METADATA_IMAGE_ID or 71 * BKUP_FWU_METADATA_IMAGE_ID) 72 * 73 * return a negative value on error, otherwise 0 74 ******************************************************************************/ 75 static int fwu_metadata_load(unsigned int image_id) 76 { 77 int result; 78 uintptr_t dev_handle, image_handle, image_spec; 79 size_t bytes_read; 80 81 assert((image_id == FWU_METADATA_IMAGE_ID) || 82 (image_id == BKUP_FWU_METADATA_IMAGE_ID)); 83 84 result = plat_fwu_set_metadata_image_source(image_id, 85 &dev_handle, 86 &image_spec); 87 if (result != 0) { 88 WARN("Failed to set reference to image id=%u (%i)\n", 89 image_id, result); 90 return result; 91 } 92 93 result = io_open(dev_handle, image_spec, &image_handle); 94 if (result != 0) { 95 WARN("Failed to load image id id=%u (%i)\n", 96 image_id, result); 97 return result; 98 } 99 100 result = io_read(image_handle, (uintptr_t)&metadata, 101 sizeof(struct fwu_metadata), &bytes_read); 102 103 if (result != 0) { 104 WARN("Failed to read image id=%u (%i)\n", image_id, result); 105 goto exit; 106 } 107 108 if (sizeof(struct fwu_metadata) != bytes_read) { 109 /* return -1 in case of partial/no read */ 110 result = -1; 111 WARN("Read bytes (%zu) instead of expected (%zu) bytes\n", 112 bytes_read, sizeof(struct fwu_metadata)); 113 goto exit; 114 } 115 116 /* sanity check on loaded parameters */ 117 result = fwu_metadata_sanity_check(); 118 if (result != 0) { 119 WARN("Sanity %s\n", "check failed on FWU metadata"); 120 goto exit; 121 } 122 123 /* CRC check on loaded parameters */ 124 result = fwu_metadata_crc_check(); 125 if (result != 0) { 126 WARN("CRC %s\n", "check failed on FWU metadata"); 127 } 128 129 exit: 130 (void)io_close(image_handle); 131 132 return result; 133 } 134 135 /******************************************************************************* 136 * The system runs in the trial run state if any of the images in the active 137 * firmware bank has not been accepted yet. 138 * 139 * Returns true if the system is running in the trial state. 140 ******************************************************************************/ 141 bool fwu_is_trial_run_state(void) 142 { 143 bool trial_run = false; 144 145 assert(is_metadata_initialized); 146 147 for (unsigned int i = 0U; i < NR_OF_IMAGES_IN_FW_BANK; i++) { 148 struct fwu_image_entry *entry = &metadata.img_entry[i]; 149 struct fwu_image_properties *img_props = 150 &entry->img_props[metadata.active_index]; 151 if (img_props->accepted == 0) { 152 trial_run = true; 153 break; 154 } 155 } 156 157 return trial_run; 158 } 159 160 const struct fwu_metadata *fwu_get_metadata(void) 161 { 162 assert(is_metadata_initialized); 163 164 return &metadata; 165 } 166 167 /******************************************************************************* 168 * Load verified copy of FWU metadata image kept in the platform NV storage 169 * into local FWU metadata structure. 170 * Also, update platform I/O policies with the offset address and length of 171 * firmware-updated images kept in the platform NV storage. 172 ******************************************************************************/ 173 void fwu_init(void) 174 { 175 /* Load FWU metadata which will be used to load the images in the 176 * active bank as per PSA FWU specification 177 */ 178 int result = fwu_metadata_load(FWU_METADATA_IMAGE_ID); 179 180 if (result != 0) { 181 WARN("loading of FWU-Metadata failed, " 182 "using Bkup-FWU-Metadata\n"); 183 184 result = fwu_metadata_load(BKUP_FWU_METADATA_IMAGE_ID); 185 if (result != 0) { 186 ERROR("loading of Bkup-FWU-Metadata failed\n"); 187 panic(); 188 } 189 } 190 191 is_metadata_initialized = true; 192 193 plat_fwu_set_images_source(&metadata); 194 } 195