1 /* 2 * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <image.h> 9 #include <android_image.h> 10 #include <malloc.h> 11 #include <mapmem.h> 12 #include <errno.h> 13 #include <command.h> 14 #include <mmc.h> 15 #include <blk.h> 16 #include <part.h> 17 #include <android_avb/avb_ops_user.h> 18 #include <android_avb/libavb_ab.h> 19 #include <android_avb/avb_atx_validate.h> 20 #include <android_avb/avb_atx_types.h> 21 #include <optee_include/OpteeClientInterface.h> 22 #include <optee_include/tee_api_defines.h> 23 #include <android_avb/avb_vbmeta_image.h> 24 #include <android_avb/avb_atx_validate.h> 25 #include <android_avb/rk_avb_ops_user.h> 26 #include <boot_rkimg.h> 27 #include <asm/arch/rk_atags.h> 28 29 /* rk used */ 30 int rk_avb_get_pub_key(struct rk_pub_key *pub_key) 31 { 32 struct tag *t = NULL; 33 34 t = atags_get_tag(ATAG_PUB_KEY); 35 if (!t) 36 return -1; 37 38 memcpy(pub_key, t->u.pub_key.data, sizeof(struct rk_pub_key)); 39 40 return 0; 41 } 42 43 int rk_avb_get_perm_attr_cer(uint8_t *cer, uint32_t size) 44 { 45 #ifdef CONFIG_OPTEE_CLIENT 46 if (trusty_read_permanent_attributes_cer((uint8_t *)cer, size)) { 47 printf("AVB: perm attr cer is not exist.\n"); 48 return -EIO; 49 } 50 51 return 0; 52 #else 53 return -1; 54 #endif 55 } 56 57 int rk_avb_set_perm_attr_cer(uint8_t *cer, uint32_t size) 58 { 59 #ifdef CONFIG_OPTEE_CLIENT 60 if (trusty_write_permanent_attributes_cer((uint8_t *)cer, size)) 61 return -EIO; 62 63 return 0; 64 #else 65 return -1; 66 #endif 67 } 68 69 int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size) 70 { 71 #ifdef CONFIG_OPTEE_CLIENT 72 if(trusty_read_permanent_attributes(attributes, size) != 0) { 73 printf("trusty_read_permanent_attributes failed!\n"); 74 return -1; 75 } 76 77 return 0; 78 #else 79 return -1; 80 #endif 81 } 82 83 int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size) 84 { 85 #ifdef CONFIG_OPTEE_CLIENT 86 if(trusty_write_permanent_attributes(attributes, size) != 0) { 87 printf("trusty_write_permanent_attributes failed!\n"); 88 return -1; 89 } 90 91 return 0; 92 #else 93 return -1; 94 #endif 95 } 96 97 int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state) 98 { 99 #ifdef CONFIG_OPTEE_CLIENT 100 int ret; 101 102 ret = trusty_read_flash_lock_state(flash_lock_state); 103 switch (ret) { 104 case TEE_SUCCESS: 105 break; 106 case TEE_ERROR_GENERIC: 107 case TEE_ERROR_NO_DATA: 108 case TEE_ERROR_ITEM_NOT_FOUND: 109 *flash_lock_state = 1; 110 if (trusty_write_flash_lock_state(*flash_lock_state)) { 111 avb_error("trusty_write_flash_lock_state error!"); 112 ret = -1; 113 } else { 114 ret = trusty_read_flash_lock_state(flash_lock_state); 115 } 116 break; 117 default: 118 printf("%s: trusty_read_flash_lock_state failed\n", __FILE__); 119 } 120 121 return ret; 122 #else 123 return -1; 124 #endif 125 } 126 127 int rk_avb_write_flash_lock_state(uint8_t flash_lock_state) 128 { 129 #ifdef CONFIG_OPTEE_CLIENT 130 if (trusty_write_flash_lock_state(flash_lock_state)) { 131 printf("trusty_write_flash_lock_state error!\n"); 132 return -1; 133 } 134 135 return 0; 136 #else 137 return -1; 138 #endif 139 } 140 141 int rk_avb_write_lock_state(uint8_t lock_state) 142 { 143 #ifdef CONFIG_OPTEE_CLIENT 144 if (trusty_write_lock_state(lock_state)) { 145 printf("trusty_write_lock_state error!\n"); 146 return -1; 147 } 148 149 return 0; 150 #else 151 return -1; 152 #endif 153 } 154 155 int rk_avb_read_lock_state(uint8_t *lock_state) 156 { 157 #ifdef CONFIG_OPTEE_CLIENT 158 int ret; 159 160 ret = trusty_read_lock_state(lock_state); 161 switch (ret) { 162 case TEE_SUCCESS: 163 break; 164 case TEE_ERROR_GENERIC: 165 case TEE_ERROR_NO_DATA: 166 case TEE_ERROR_ITEM_NOT_FOUND: 167 *lock_state = 1; 168 if (rk_avb_write_lock_state(*lock_state)) { 169 avb_error("avb_write_lock_state error!"); 170 ret = -1; 171 } else { 172 ret = trusty_read_lock_state(lock_state); 173 } 174 break; 175 default: 176 printf("%s: trusty_read_lock_state failed\n", __FILE__); 177 } 178 179 return ret; 180 #else 181 return -1; 182 #endif 183 } 184 185 int rk_avb_write_perm_attr_flag(uint8_t flag) 186 { 187 #ifdef CONFIG_OPTEE_CLIENT 188 if (trusty_write_permanent_attributes_flag(flag)) { 189 printf("trusty_write_permanent_attributes_flag error!\n"); 190 return -1; 191 } 192 193 return 0; 194 #else 195 return -1; 196 #endif 197 } 198 199 int rk_avb_read_perm_attr_flag(uint8_t *flag) 200 { 201 #ifdef CONFIG_OPTEE_CLIENT 202 int ret; 203 204 ret = trusty_read_permanent_attributes_flag(flag); 205 switch (ret) { 206 case TEE_SUCCESS: 207 break; 208 case TEE_ERROR_GENERIC: 209 case TEE_ERROR_NO_DATA: 210 case TEE_ERROR_ITEM_NOT_FOUND: 211 *flag = 0; 212 if (rk_avb_write_perm_attr_flag(*flag)) { 213 avb_error("avb_write_perm_attr_flag error!"); 214 ret = -1; 215 } else { 216 ret = trusty_read_permanent_attributes_flag(flag); 217 } 218 break; 219 default: 220 printf("%s: trusty_read_permanent_attributes_flag failed", 221 __FILE__); 222 } 223 224 return ret; 225 #else 226 return -1; 227 #endif 228 } 229 230 int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length) 231 { 232 #ifdef CONFIG_OPTEE_CLIENT 233 if (trusty_read_vbootkey_hash((uint32_t *)buf, 234 (uint32_t)length / sizeof(uint32_t))) { 235 printf("trusty_read_vbootkey_hash error!\n"); 236 return -1; 237 } 238 239 return 0; 240 #else 241 return -1; 242 #endif 243 } 244 245 int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length) 246 { 247 #ifdef CONFIG_OPTEE_CLIENT 248 if (trusty_write_vbootkey_hash((uint32_t *)buf, 249 (uint32_t)length / sizeof(uint32_t))) { 250 printf("trusty_write_vbootkey_hash error!\n"); 251 return -1; 252 } 253 254 return 0; 255 #else 256 return -1; 257 #endif 258 } 259 260 int rk_avb_close_optee_client(void) 261 { 262 #ifdef CONFIG_OPTEE_CLIENT 263 if(trusty_notify_optee_uboot_end()) { 264 printf("trusty_notify_optee_uboot_end error!\n"); 265 return -1; 266 } 267 268 return 0; 269 #else 270 return -1; 271 #endif 272 } 273 274 int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length) 275 { 276 #ifdef CONFIG_OPTEE_CLIENT 277 if (trusty_read_attribute_hash((uint32_t *)buf, 278 (uint32_t)(length/sizeof(uint32_t)))) { 279 printf("trusty_read_attribute_hash error!\n"); 280 return -1; 281 } 282 283 return 0; 284 #else 285 return -1; 286 #endif 287 } 288 289 int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length) 290 { 291 #ifdef CONFIG_OPTEE_CLIENT 292 if (trusty_write_attribute_hash((uint32_t *)buf, 293 (uint32_t)(length/sizeof(uint32_t)))) { 294 printf("trusty_write_attribute_hash error!\n"); 295 return -1; 296 } 297 298 return 0; 299 #else 300 return -1; 301 #endif 302 } 303 304 int rk_avb_read_all_rollback_index(char *buffer) 305 { 306 AvbOps* ops; 307 uint64_t stored_rollback_index = 0; 308 AvbIOResult io_ret; 309 char temp[ROLLBACK_MAX_SIZE] = {0}; 310 int n; 311 312 ops = avb_ops_user_new(); 313 if (ops == NULL) { 314 printf("avb_ops_user_new() failed!\n"); 315 return -1; 316 } 317 318 for (n = 0; n < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; n++) { 319 io_ret = ops->read_rollback_index( 320 ops, n, &stored_rollback_index); 321 if (io_ret != AVB_IO_RESULT_OK) 322 goto out; 323 snprintf(temp, sizeof(int) + 1, "%d", n); 324 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 325 strncat(buffer, ":", 1); 326 snprintf(temp, sizeof(uint64_t) + 1, "%lld", 327 stored_rollback_index); 328 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 329 strncat(buffer, ",", 1); 330 } 331 332 io_ret = 333 ops->read_rollback_index(ops, 334 AVB_ATX_PIK_VERSION_LOCATION, 335 &stored_rollback_index); 336 if (io_ret != AVB_IO_RESULT_OK) { 337 avb_error("Failed to read PIK minimum version.\n"); 338 goto out; 339 } 340 /* PIK rollback index */ 341 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PIK_VERSION_LOCATION); 342 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 343 strncat(buffer, ":", 1); 344 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 345 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 346 strncat(buffer, ",", 1); 347 io_ret = ops->read_rollback_index(ops, 348 AVB_ATX_PSK_VERSION_LOCATION, 349 &stored_rollback_index); 350 if (io_ret != AVB_IO_RESULT_OK) { 351 avb_error("Failed to read PSK minimum version.\n"); 352 goto out; 353 } 354 /* PSK rollback index */ 355 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PSK_VERSION_LOCATION); 356 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 357 strncat(buffer, ":", 1); 358 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 359 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 360 debug("%s\n", buffer); 361 avb_ops_user_free(ops); 362 363 return 0; 364 out: 365 avb_ops_user_free(ops); 366 367 return -1; 368 } 369 370 int rk_avb_read_bootloader_locked_flag(uint8_t *flag) 371 { 372 #ifdef CONFIG_OPTEE_CLIENT 373 if (trusty_read_vbootkey_enable_flag(flag)) { 374 return -1; 375 } 376 return 0; 377 #else 378 return -1; 379 #endif 380 } 381 382 #ifdef CONFIG_SUPPORT_EMMC_RPMB 383 static int curr_device = -1; 384 385 int rk_bootloader_rollback_index_read(uint32_t offset, uint32_t bytes, 386 void *rb_index) 387 { 388 389 struct mmc *mmc; 390 uint8_t rpmb_buf[256] = {0}; 391 uint32_t n; 392 char original_part; 393 394 if ((offset + bytes) > 256) 395 return -1; 396 397 if (curr_device < 0) { 398 if (get_mmc_num() > 0) 399 curr_device = 0; 400 else { 401 avb_error("No MMC device available"); 402 return -1; 403 } 404 } 405 406 mmc = find_mmc_device(curr_device); 407 /* Switch to the RPMB partition */ 408 #ifndef CONFIG_BLK 409 original_part = mmc->block_dev.hwpart; 410 #else 411 original_part = mmc_get_blk_desc(mmc)->hwpart; 412 #endif 413 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, MMC_PART_RPMB) != 414 0) 415 return -1; 416 417 n = mmc_rpmb_read(mmc, rpmb_buf, RPMB_BASE_ADDR, 1, NULL); 418 if (n != 1) 419 return -1; 420 421 /* Return to original partition */ 422 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, original_part) != 423 0) 424 return -1; 425 426 memcpy(rb_index, (void*)&rpmb_buf[offset], bytes); 427 428 return 0; 429 } 430 431 int rk_avb_get_bootloader_min_version(char *buffer) 432 { 433 uint32_t rb_index; 434 char temp[ROLLBACK_MAX_SIZE] = {0}; 435 436 if (rk_bootloader_rollback_index_read(UBOOT_RB_INDEX_OFFSET, 437 sizeof(uint32_t), &rb_index)) { 438 avb_error("Can not read uboot rollback index"); 439 return -1; 440 } 441 snprintf(temp, sizeof(int) + 1, "%d", 0); 442 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 443 strncat(buffer, ":", 1); 444 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 445 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 446 strncat(buffer, ",", 1); 447 448 if (rk_bootloader_rollback_index_read(TRUST_RB_INDEX_OFFSET, 449 sizeof(uint32_t), &rb_index)) { 450 avb_error("Can not read trust rollback index"); 451 return -1; 452 } 453 454 snprintf(temp, sizeof(int) + 1, "%d", 1); 455 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 456 strncat(buffer, ":", 1); 457 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 458 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 459 460 return 0; 461 } 462 #endif 463 464 void rk_avb_get_at_vboot_state(char *buf) 465 { 466 char temp_flag = 0; 467 char *lock_val = NULL; 468 char *unlock_dis_val = NULL; 469 char *perm_attr_flag = NULL; 470 char *bootloader_locked_flag = NULL; 471 char *rollback_indices; 472 char min_versions[ROLLBACK_MAX_SIZE + 1] = {0}; 473 int n; 474 475 if (rk_avb_read_perm_attr_flag((uint8_t *)&temp_flag)) { 476 avb_error("Can not read perm_attr_flag!"); 477 perm_attr_flag = ""; 478 } else { 479 perm_attr_flag = temp_flag ? "1" : "0"; 480 } 481 482 temp_flag = 0; 483 if (rk_avb_read_lock_state((uint8_t *)&temp_flag)) { 484 avb_error("Can not read lock state!"); 485 lock_val = ""; 486 unlock_dis_val = ""; 487 } else { 488 lock_val = (temp_flag & LOCK_MASK) ? "0" : "1"; 489 unlock_dis_val = (temp_flag & UNLOCK_DISABLE_MASK) ? "1" : "0"; 490 } 491 492 temp_flag = 0; 493 if (rk_avb_read_bootloader_locked_flag((uint8_t *)&temp_flag)) { 494 avb_error("Can not read bootloader locked flag!"); 495 bootloader_locked_flag = ""; 496 } else { 497 bootloader_locked_flag = temp_flag ? "1" : "0"; 498 } 499 500 rollback_indices = malloc(VBOOT_STATE_SIZE); 501 if (!rollback_indices) { 502 avb_error("No buff to malloc!"); 503 return; 504 } 505 506 memset(rollback_indices, 0, VBOOT_STATE_SIZE); 507 if (rk_avb_read_all_rollback_index(rollback_indices)) 508 avb_error("Can not read avb_min_ver!"); 509 510 /* bootloader-min-versions */ 511 if (rk_avb_get_bootloader_min_version(min_versions)) 512 avb_error("Call rk_avb_get_bootloader_min_version error!"); 513 514 n = snprintf(buf, VBOOT_STATE_SIZE - 1, 515 "avb-perm-attr-set=%s\n" 516 "avb-locked=%s\n" 517 "avb-unlock-disabled=%s\n" 518 "bootloader-locked=%s\n" 519 "avb-min-versions=%s\n" 520 "bootloader-min-versions=%s\n", 521 perm_attr_flag, 522 lock_val, 523 unlock_dis_val, 524 bootloader_locked_flag, 525 rollback_indices, 526 min_versions); 527 if (n >= VBOOT_STATE_SIZE) { 528 avb_error("The VBOOT_STATE buf is truncated\n"); 529 buf[VBOOT_STATE_SIZE - 1] = 0; 530 } 531 debug("The vboot state buf is %s\n", buf); 532 free(rollback_indices); 533 } 534 535 int rk_avb_get_ab_info(AvbABData* ab_data) 536 { 537 AvbOps* ops; 538 AvbIOResult io_ret = AVB_IO_RESULT_OK; 539 int ret = 0; 540 541 ops = avb_ops_user_new(); 542 if (ops == NULL) { 543 printf("%s: avb_ops_user_new() failed!\n", __FILE__); 544 return -1; 545 } 546 547 io_ret = ops->ab_ops->read_ab_metadata(ops->ab_ops, ab_data); 548 if (io_ret != AVB_IO_RESULT_OK) { 549 avb_error("I/O error while loading A/B metadata.\n"); 550 ret = -1; 551 } 552 553 avb_ops_user_free(ops); 554 555 return ret; 556 } 557 558 int rk_avb_get_part_has_slot_info(const char *base_name) 559 { 560 char *part_name; 561 int part_num; 562 size_t part_name_len; 563 disk_partition_t part_info; 564 struct blk_desc *dev_desc; 565 const char *slot_suffix = "_a"; 566 567 dev_desc = rockchip_get_bootdev(); 568 if (!dev_desc) { 569 printf("%s: Could not find device!\n", __func__); 570 return -1; 571 } 572 573 if (base_name == NULL) { 574 printf("The base_name is NULL!\n"); 575 return -1; 576 } 577 578 part_name_len = strlen(base_name) + 1; 579 part_name_len += strlen(slot_suffix); 580 part_name = malloc(part_name_len); 581 if (!part_name) { 582 printf("%s can not malloc a buffer!\n", __FILE__); 583 return -1; 584 } 585 586 memset(part_name, 0, part_name_len); 587 snprintf(part_name, part_name_len, "%s%s", base_name, slot_suffix); 588 part_num = part_get_info_by_name(dev_desc, part_name, &part_info); 589 if (part_num < 0) { 590 printf("Could not find partition \"%s\"\n", part_name); 591 part_num = -1; 592 } 593 594 free(part_name); 595 return part_num; 596 } 597 598 int rk_auth_unlock(void *buffer, char *out_is_trusted) 599 { 600 AvbOps* ops; 601 602 ops = avb_ops_user_new(); 603 if (ops == NULL) { 604 avb_error("avb_ops_user_new() failed!"); 605 return -1; 606 } 607 608 if (avb_atx_validate_unlock_credential(ops->atx_ops, 609 (AvbAtxUnlockCredential*)buffer, 610 (bool*)out_is_trusted)) { 611 avb_ops_user_free(ops); 612 return -1; 613 } 614 avb_ops_user_free(ops); 615 if (*out_is_trusted == true) 616 return 0; 617 else 618 return -1; 619 } 620 621 int rk_generate_unlock_challenge(void *buffer, uint32_t *challenge_len) 622 { 623 AvbOps* ops; 624 AvbIOResult result = AVB_IO_RESULT_OK; 625 626 ops = avb_ops_user_new(); 627 if (ops == NULL) { 628 avb_error("avb_ops_user_new() failed!"); 629 return -1; 630 } 631 632 result = avb_atx_generate_unlock_challenge(ops->atx_ops, 633 (AvbAtxUnlockChallenge *)buffer); 634 avb_ops_user_free(ops); 635 *challenge_len = sizeof(AvbAtxUnlockChallenge); 636 if (result == AVB_IO_RESULT_OK) 637 return 0; 638 else 639 return -1; 640 } 641 642 int rk_avb_init_ab_metadata(void) 643 { 644 AvbOps *ops; 645 AvbABData ab_data; 646 647 memset(&ab_data, 0, sizeof(AvbABData)); 648 debug("sizeof(AvbABData) = %d\n", (int)(size_t)sizeof(AvbABData)); 649 650 ops = avb_ops_user_new(); 651 if (ops == NULL) { 652 printf("avb_ops_user_new() failed!\n"); 653 return -1; 654 } 655 656 avb_ab_data_init(&ab_data); 657 if (ops->ab_ops->write_ab_metadata(ops->ab_ops, &ab_data) != 0) { 658 printf("do_avb_init_ab_metadata error!\n"); 659 avb_ops_user_free(ops); 660 return -1; 661 } 662 663 printf("Initialize ab data to misc partition success.\n"); 664 avb_ops_user_free(ops); 665 666 return 0; 667 } 668