1 /* 2 * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <image.h> 9 #include <android_image.h> 10 #include <malloc.h> 11 #include <mapmem.h> 12 #include <errno.h> 13 #include <command.h> 14 #include <mmc.h> 15 #include <blk.h> 16 #include <part.h> 17 #include <android_avb/avb_ops_user.h> 18 #include <android_avb/libavb_ab.h> 19 #include <android_avb/avb_atx_validate.h> 20 #include <android_avb/avb_atx_types.h> 21 #include <optee_include/OpteeClientInterface.h> 22 #include <optee_include/tee_api_defines.h> 23 #include <android_avb/avb_vbmeta_image.h> 24 #include <android_avb/avb_atx_validate.h> 25 #include <android_avb/rk_avb_ops_user.h> 26 #include <boot_rkimg.h> 27 #include <asm/arch/rk_atags.h> 28 29 /* rk used */ 30 int rk_avb_get_pub_key(struct rk_pub_key *pub_key) 31 { 32 struct tag *t = NULL; 33 34 t = atags_get_tag(ATAG_PUB_KEY); 35 if (!t) 36 return -1; 37 38 memcpy(pub_key, t->u.pub_key.data, sizeof(struct rk_pub_key)); 39 40 return 0; 41 } 42 43 int rk_avb_get_perm_attr_cer(uint8_t *cer, uint32_t size) 44 { 45 #ifdef CONFIG_OPTEE_CLIENT 46 if (trusty_read_permanent_attributes_cer((uint8_t *)cer, size)) { 47 printf("AVB: perm attr cer is not exist.\n"); 48 return -EIO; 49 } 50 51 return 0; 52 #else 53 return -1; 54 #endif 55 } 56 57 int rk_avb_set_perm_attr_cer(uint8_t *cer, uint32_t size) 58 { 59 #ifdef CONFIG_OPTEE_CLIENT 60 if (trusty_write_permanent_attributes_cer((uint8_t *)cer, size)) 61 return -EIO; 62 63 return 0; 64 #else 65 return -1; 66 #endif 67 } 68 69 int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size) 70 { 71 #ifdef CONFIG_OPTEE_CLIENT 72 if(trusty_read_permanent_attributes(attributes, size) != 0) { 73 printf("trusty_read_permanent_attributes failed!\n"); 74 return -1; 75 } 76 77 return 0; 78 #else 79 return -1; 80 #endif 81 } 82 83 int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size) 84 { 85 #ifdef CONFIG_OPTEE_CLIENT 86 if(trusty_write_permanent_attributes(attributes, size) != 0) { 87 printf("trusty_write_permanent_attributes failed!\n"); 88 return -1; 89 } 90 91 return 0; 92 #else 93 return -1; 94 #endif 95 } 96 97 int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state) 98 { 99 #ifdef CONFIG_OPTEE_CLIENT 100 int ret; 101 102 ret = trusty_read_flash_lock_state(flash_lock_state); 103 switch (ret) { 104 case TEE_SUCCESS: 105 break; 106 case TEE_ERROR_GENERIC: 107 case TEE_ERROR_NO_DATA: 108 case TEE_ERROR_ITEM_NOT_FOUND: 109 *flash_lock_state = 1; 110 if (trusty_write_flash_lock_state(*flash_lock_state)) { 111 avb_error("trusty_write_flash_lock_state error!"); 112 ret = -1; 113 } else { 114 ret = trusty_read_flash_lock_state(flash_lock_state); 115 } 116 break; 117 default: 118 printf("%s: trusty_read_flash_lock_state failed\n", __FILE__); 119 } 120 121 return ret; 122 #else 123 return -1; 124 #endif 125 } 126 127 int rk_avb_write_flash_lock_state(uint8_t flash_lock_state) 128 { 129 #ifdef CONFIG_OPTEE_CLIENT 130 if (trusty_write_flash_lock_state(flash_lock_state)) { 131 printf("trusty_write_flash_lock_state error!\n"); 132 return -1; 133 } 134 135 return 0; 136 #else 137 return -1; 138 #endif 139 } 140 141 int rk_avb_write_lock_state(uint8_t lock_state) 142 { 143 #ifdef CONFIG_OPTEE_CLIENT 144 if (trusty_write_lock_state(lock_state)) { 145 printf("trusty_write_lock_state error!\n"); 146 return -1; 147 } 148 149 return 0; 150 #else 151 return -1; 152 #endif 153 } 154 155 int rk_avb_read_lock_state(uint8_t *lock_state) 156 { 157 #ifdef CONFIG_OPTEE_CLIENT 158 int ret; 159 160 ret = trusty_read_lock_state(lock_state); 161 switch (ret) { 162 case TEE_SUCCESS: 163 break; 164 case TEE_ERROR_GENERIC: 165 case TEE_ERROR_NO_DATA: 166 case TEE_ERROR_ITEM_NOT_FOUND: 167 *lock_state = 1; 168 if (rk_avb_write_lock_state(*lock_state)) { 169 avb_error("avb_write_lock_state error!"); 170 ret = -1; 171 } else { 172 ret = trusty_read_lock_state(lock_state); 173 } 174 break; 175 default: 176 printf("%s: trusty_read_lock_state failed\n", __FILE__); 177 } 178 179 return ret; 180 #else 181 return -1; 182 #endif 183 } 184 185 int rk_avb_write_perm_attr_flag(uint8_t flag) 186 { 187 #ifdef CONFIG_OPTEE_CLIENT 188 if (trusty_write_permanent_attributes_flag(flag)) { 189 printf("trusty_write_permanent_attributes_flag error!\n"); 190 return -1; 191 } 192 193 return 0; 194 #else 195 return -1; 196 #endif 197 } 198 199 int rk_avb_read_perm_attr_flag(uint8_t *flag) 200 { 201 #ifdef CONFIG_OPTEE_CLIENT 202 int ret; 203 204 ret = trusty_read_permanent_attributes_flag(flag); 205 switch (ret) { 206 case TEE_SUCCESS: 207 break; 208 case TEE_ERROR_GENERIC: 209 case TEE_ERROR_NO_DATA: 210 case TEE_ERROR_ITEM_NOT_FOUND: 211 *flag = 0; 212 if (rk_avb_write_perm_attr_flag(*flag)) { 213 avb_error("avb_write_perm_attr_flag error!"); 214 ret = -1; 215 } else { 216 ret = trusty_read_permanent_attributes_flag(flag); 217 } 218 break; 219 default: 220 printf("%s: trusty_read_permanent_attributes_flag failed", 221 __FILE__); 222 } 223 224 return ret; 225 #else 226 return -1; 227 #endif 228 } 229 230 int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length) 231 { 232 #ifdef CONFIG_OPTEE_CLIENT 233 if (trusty_read_vbootkey_hash((uint32_t *)buf, 234 (uint32_t)length / sizeof(uint32_t))) { 235 printf("trusty_read_vbootkey_hash error!\n"); 236 return -1; 237 } 238 239 return 0; 240 #else 241 return -1; 242 #endif 243 } 244 245 int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length) 246 { 247 #ifdef CONFIG_OPTEE_CLIENT 248 if (trusty_write_vbootkey_hash((uint32_t *)buf, 249 (uint32_t)length / sizeof(uint32_t))) { 250 printf("trusty_write_vbootkey_hash error!\n"); 251 return -1; 252 } 253 254 return 0; 255 #else 256 return -1; 257 #endif 258 } 259 260 int rk_avb_close_optee_client(void) 261 { 262 #ifdef CONFIG_OPTEE_CLIENT 263 if(trusty_notify_optee_uboot_end()) { 264 printf("trusty_notify_optee_uboot_end error!\n"); 265 return -1; 266 } 267 268 return 0; 269 #else 270 return -1; 271 #endif 272 } 273 274 int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length) 275 { 276 #ifdef CONFIG_OPTEE_CLIENT 277 if (trusty_read_attribute_hash((uint32_t *)buf, 278 (uint32_t)(length/sizeof(uint32_t)))) { 279 printf("trusty_read_attribute_hash error!\n"); 280 return -1; 281 } 282 283 return 0; 284 #else 285 return -1; 286 #endif 287 } 288 289 int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length) 290 { 291 #ifdef CONFIG_OPTEE_CLIENT 292 if (trusty_write_attribute_hash((uint32_t *)buf, 293 (uint32_t)(length/sizeof(uint32_t)))) { 294 printf("trusty_write_attribute_hash error!\n"); 295 return -1; 296 } 297 298 return 0; 299 #else 300 return -1; 301 #endif 302 } 303 304 int rk_avb_read_all_rollback_index(char *buffer) 305 { 306 AvbOps* ops; 307 uint64_t stored_rollback_index = 0; 308 AvbIOResult io_ret; 309 char temp[ROLLBACK_MAX_SIZE] = {0}; 310 int n; 311 312 ops = avb_ops_user_new(); 313 if (ops == NULL) { 314 printf("avb_ops_user_new() failed!\n"); 315 return -1; 316 } 317 318 for (n = 0; n < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; n++) { 319 io_ret = ops->read_rollback_index( 320 ops, n, &stored_rollback_index); 321 if (io_ret != AVB_IO_RESULT_OK) 322 goto out; 323 snprintf(temp, sizeof(int) + 1, "%d", n); 324 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 325 strncat(buffer, ":", 1); 326 snprintf(temp, sizeof(uint64_t) + 1, "%lld", 327 stored_rollback_index); 328 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 329 strncat(buffer, ",", 1); 330 } 331 332 io_ret = 333 ops->read_rollback_index(ops, 334 AVB_ATX_PIK_VERSION_LOCATION, 335 &stored_rollback_index); 336 if (io_ret != AVB_IO_RESULT_OK) { 337 avb_error("Failed to read PIK minimum version.\n"); 338 goto out; 339 } 340 /* PIK rollback index */ 341 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PIK_VERSION_LOCATION); 342 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 343 strncat(buffer, ":", 1); 344 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 345 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 346 strncat(buffer, ",", 1); 347 io_ret = ops->read_rollback_index(ops, 348 AVB_ATX_PSK_VERSION_LOCATION, 349 &stored_rollback_index); 350 if (io_ret != AVB_IO_RESULT_OK) { 351 avb_error("Failed to read PSK minimum version.\n"); 352 goto out; 353 } 354 /* PSK rollback index */ 355 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PSK_VERSION_LOCATION); 356 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 357 strncat(buffer, ":", 1); 358 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 359 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 360 debug("%s\n", buffer); 361 avb_ops_user_free(ops); 362 363 return 0; 364 out: 365 avb_ops_user_free(ops); 366 367 return -1; 368 } 369 370 int rk_avb_read_bootloader_locked_flag(uint8_t *flag) 371 { 372 #ifdef CONFIG_OPTEE_CLIENT 373 if (trusty_read_vbootkey_enable_flag(flag)) 374 return -1; 375 #endif 376 return 0; 377 } 378 379 #ifdef CONFIG_SUPPORT_EMMC_RPMB 380 static int curr_device = -1; 381 382 int rk_bootloader_rollback_index_read(uint32_t offset, uint32_t bytes, 383 void *rb_index) 384 { 385 386 struct mmc *mmc; 387 uint8_t rpmb_buf[256] = {0}; 388 uint32_t n; 389 char original_part; 390 391 if ((offset + bytes) > 256) 392 return -1; 393 394 if (curr_device < 0) { 395 if (get_mmc_num() > 0) 396 curr_device = 0; 397 else { 398 avb_error("No MMC device available"); 399 return -1; 400 } 401 } 402 403 mmc = find_mmc_device(curr_device); 404 /* Switch to the RPMB partition */ 405 #ifndef CONFIG_BLK 406 original_part = mmc->block_dev.hwpart; 407 #else 408 original_part = mmc_get_blk_desc(mmc)->hwpart; 409 #endif 410 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, MMC_PART_RPMB) != 411 0) 412 return -1; 413 414 n = mmc_rpmb_read(mmc, rpmb_buf, RPMB_BASE_ADDR, 1, NULL); 415 if (n != 1) 416 return -1; 417 418 /* Return to original partition */ 419 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, original_part) != 420 0) 421 return -1; 422 423 memcpy(rb_index, (void*)&rpmb_buf[offset], bytes); 424 425 return 0; 426 } 427 428 int rk_avb_get_bootloader_min_version(char *buffer) 429 { 430 uint32_t rb_index; 431 char temp[ROLLBACK_MAX_SIZE] = {0}; 432 433 if (rk_bootloader_rollback_index_read(UBOOT_RB_INDEX_OFFSET, 434 sizeof(uint32_t), &rb_index)) { 435 avb_error("Can not read uboot rollback index"); 436 return -1; 437 } 438 snprintf(temp, sizeof(int) + 1, "%d", 0); 439 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 440 strncat(buffer, ":", 1); 441 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 442 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 443 strncat(buffer, ",", 1); 444 445 if (rk_bootloader_rollback_index_read(TRUST_RB_INDEX_OFFSET, 446 sizeof(uint32_t), &rb_index)) { 447 avb_error("Can not read trust rollback index"); 448 return -1; 449 } 450 451 snprintf(temp, sizeof(int) + 1, "%d", 1); 452 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 453 strncat(buffer, ":", 1); 454 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 455 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 456 457 return 0; 458 } 459 #endif 460 461 void rk_avb_get_at_vboot_state(char *buf) 462 { 463 char temp_flag = 0; 464 char *lock_val = NULL; 465 char *unlock_dis_val = NULL; 466 char *perm_attr_flag = NULL; 467 char *bootloader_locked_flag = NULL; 468 char *rollback_indices; 469 char min_versions[ROLLBACK_MAX_SIZE + 1] = {0}; 470 int n; 471 472 if (rk_avb_read_perm_attr_flag((uint8_t *)&temp_flag)) { 473 avb_error("Can not read perm_attr_flag!"); 474 perm_attr_flag = ""; 475 } else { 476 perm_attr_flag = temp_flag ? "1" : "0"; 477 } 478 479 temp_flag = 0; 480 if (rk_avb_read_lock_state((uint8_t *)&temp_flag)) { 481 avb_error("Can not read lock state!"); 482 lock_val = ""; 483 unlock_dis_val = ""; 484 } else { 485 lock_val = (temp_flag & LOCK_MASK) ? "0" : "1"; 486 unlock_dis_val = (temp_flag & UNLOCK_DISABLE_MASK) ? "1" : "0"; 487 } 488 489 temp_flag = 0; 490 if (rk_avb_read_bootloader_locked_flag((uint8_t *)&temp_flag)) { 491 avb_error("Can not read bootloader locked flag!"); 492 bootloader_locked_flag = ""; 493 } else { 494 bootloader_locked_flag = temp_flag ? "1" : "0"; 495 } 496 497 rollback_indices = malloc(VBOOT_STATE_SIZE); 498 if (!rollback_indices) { 499 avb_error("No buff to malloc!"); 500 return; 501 } 502 503 memset(rollback_indices, 0, VBOOT_STATE_SIZE); 504 if (rk_avb_read_all_rollback_index(rollback_indices)) 505 avb_error("Can not read avb_min_ver!"); 506 507 /* bootloader-min-versions */ 508 if (rk_avb_get_bootloader_min_version(min_versions)) 509 avb_error("Call rk_avb_get_bootloader_min_version error!"); 510 511 n = snprintf(buf, VBOOT_STATE_SIZE - 1, 512 "avb-perm-attr-set=%s\n" 513 "avb-locked=%s\n" 514 "avb-unlock-disabled=%s\n" 515 "bootloader-locked=%s\n" 516 "avb-min-versions=%s\n" 517 "bootloader-min-versions=%s\n", 518 perm_attr_flag, 519 lock_val, 520 unlock_dis_val, 521 bootloader_locked_flag, 522 rollback_indices, 523 min_versions); 524 if (n >= VBOOT_STATE_SIZE) { 525 avb_error("The VBOOT_STATE buf is truncated\n"); 526 buf[VBOOT_STATE_SIZE - 1] = 0; 527 } 528 debug("The vboot state buf is %s\n", buf); 529 free(rollback_indices); 530 } 531 532 int rk_avb_get_ab_info(AvbABData* ab_data) 533 { 534 AvbOps* ops; 535 AvbIOResult io_ret = AVB_IO_RESULT_OK; 536 int ret = 0; 537 538 ops = avb_ops_user_new(); 539 if (ops == NULL) { 540 printf("%s: avb_ops_user_new() failed!\n", __FILE__); 541 return -1; 542 } 543 544 io_ret = ops->ab_ops->read_ab_metadata(ops->ab_ops, ab_data); 545 if (io_ret != AVB_IO_RESULT_OK) { 546 avb_error("I/O error while loading A/B metadata.\n"); 547 ret = -1; 548 } 549 550 avb_ops_user_free(ops); 551 552 return ret; 553 } 554 555 int rk_avb_get_part_has_slot_info(const char *base_name) 556 { 557 char *part_name; 558 int part_num; 559 size_t part_name_len; 560 disk_partition_t part_info; 561 struct blk_desc *dev_desc; 562 const char *slot_suffix = "_a"; 563 564 dev_desc = rockchip_get_bootdev(); 565 if (!dev_desc) { 566 printf("%s: Could not find device!\n", __func__); 567 return -1; 568 } 569 570 if (base_name == NULL) { 571 printf("The base_name is NULL!\n"); 572 return -1; 573 } 574 575 part_name_len = strlen(base_name) + 1; 576 part_name_len += strlen(slot_suffix); 577 part_name = malloc(part_name_len); 578 if (!part_name) { 579 printf("%s can not malloc a buffer!\n", __FILE__); 580 return -1; 581 } 582 583 memset(part_name, 0, part_name_len); 584 snprintf(part_name, part_name_len, "%s%s", base_name, slot_suffix); 585 part_num = part_get_info_by_name(dev_desc, part_name, &part_info); 586 if (part_num < 0) { 587 printf("Could not find partition \"%s\"\n", part_name); 588 part_num = -1; 589 } 590 591 free(part_name); 592 return part_num; 593 } 594 595 int rk_auth_unlock(void *buffer, char *out_is_trusted) 596 { 597 AvbOps* ops; 598 599 ops = avb_ops_user_new(); 600 if (ops == NULL) { 601 avb_error("avb_ops_user_new() failed!"); 602 return -1; 603 } 604 605 if (avb_atx_validate_unlock_credential(ops->atx_ops, 606 (AvbAtxUnlockCredential*)buffer, 607 (bool*)out_is_trusted)) { 608 avb_ops_user_free(ops); 609 return -1; 610 } 611 avb_ops_user_free(ops); 612 if (*out_is_trusted == true) 613 return 0; 614 else 615 return -1; 616 } 617 618 int rk_generate_unlock_challenge(void *buffer, uint32_t *challenge_len) 619 { 620 AvbOps* ops; 621 AvbIOResult result = AVB_IO_RESULT_OK; 622 623 ops = avb_ops_user_new(); 624 if (ops == NULL) { 625 avb_error("avb_ops_user_new() failed!"); 626 return -1; 627 } 628 629 result = avb_atx_generate_unlock_challenge(ops->atx_ops, 630 (AvbAtxUnlockChallenge *)buffer); 631 avb_ops_user_free(ops); 632 *challenge_len = sizeof(AvbAtxUnlockChallenge); 633 if (result == AVB_IO_RESULT_OK) 634 return 0; 635 else 636 return -1; 637 } 638 639 int rk_avb_init_ab_metadata(void) 640 { 641 AvbOps *ops; 642 AvbABData ab_data; 643 644 memset(&ab_data, 0, sizeof(AvbABData)); 645 debug("sizeof(AvbABData) = %d\n", (int)(size_t)sizeof(AvbABData)); 646 647 ops = avb_ops_user_new(); 648 if (ops == NULL) { 649 printf("avb_ops_user_new() failed!\n"); 650 return -1; 651 } 652 653 avb_ab_data_init(&ab_data); 654 if (ops->ab_ops->write_ab_metadata(ops->ab_ops, &ab_data) != 0) { 655 printf("do_avb_init_ab_metadata error!\n"); 656 avb_ops_user_free(ops); 657 return -1; 658 } 659 660 printf("Initialize ab data to misc partition success.\n"); 661 avb_ops_user_free(ops); 662 663 return 0; 664 } 665