1 /* 2 * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <image.h> 9 #include <android_image.h> 10 #include <malloc.h> 11 #include <mapmem.h> 12 #include <errno.h> 13 #include <command.h> 14 #include <mmc.h> 15 #include <blk.h> 16 #include <part.h> 17 #include <android_avb/avb_ops_user.h> 18 #include <android_avb/libavb_ab.h> 19 #include <android_avb/avb_atx_validate.h> 20 #include <android_avb/avb_atx_types.h> 21 #include <optee_include/OpteeClientInterface.h> 22 #include <optee_include/tee_api_defines.h> 23 #include <android_avb/avb_vbmeta_image.h> 24 #include <android_avb/avb_atx_validate.h> 25 #include <android_avb/rk_avb_ops_user.h> 26 #include <boot_rkimg.h> 27 #include <asm/arch/rk_atags.h> 28 29 /* rk used */ 30 int rk_avb_get_pub_key(struct rk_pub_key *pub_key) 31 { 32 struct tag *t = NULL; 33 34 t = atags_get_tag(ATAG_PUB_KEY); 35 if (!t) 36 return -1; 37 38 memcpy(pub_key, t->u.pub_key.data, sizeof(struct rk_pub_key)); 39 40 return 0; 41 } 42 43 int rk_avb_get_perm_attr_cer(uint8_t *cer, uint32_t size) 44 { 45 #ifdef CONFIG_OPTEE_CLIENT 46 if (trusty_read_permanent_attributes_cer((uint8_t *)cer, size)) { 47 printf("AVB: perm attr cer is not exist.\n"); 48 return -EIO; 49 } 50 51 return 0; 52 #else 53 return -1; 54 #endif 55 } 56 57 int rk_avb_set_perm_attr_cer(uint8_t *cer, uint32_t size) 58 { 59 #ifdef CONFIG_OPTEE_CLIENT 60 if (trusty_write_permanent_attributes_cer((uint8_t *)cer, size)) 61 return -EIO; 62 63 return 0; 64 #else 65 return -1; 66 #endif 67 } 68 69 int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size) 70 { 71 #ifdef CONFIG_OPTEE_CLIENT 72 if(trusty_read_permanent_attributes(attributes, size) != 0) { 73 printf("trusty_read_permanent_attributes failed!\n"); 74 return -1; 75 } 76 77 return 0; 78 #else 79 return -1; 80 #endif 81 } 82 83 int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size) 84 { 85 #ifdef CONFIG_OPTEE_CLIENT 86 if(trusty_write_permanent_attributes(attributes, size) != 0) { 87 printf("trusty_write_permanent_attributes failed!\n"); 88 return -1; 89 } 90 91 return 0; 92 #else 93 return -1; 94 #endif 95 } 96 97 int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state) 98 { 99 #ifdef CONFIG_OPTEE_CLIENT 100 int ret; 101 102 ret = trusty_read_flash_lock_state(flash_lock_state); 103 switch (ret) { 104 case TEE_SUCCESS: 105 break; 106 case TEE_ERROR_GENERIC: 107 case TEE_ERROR_NO_DATA: 108 case TEE_ERROR_ITEM_NOT_FOUND: 109 *flash_lock_state = 1; 110 if (trusty_write_flash_lock_state(*flash_lock_state)) { 111 avb_error("trusty_write_flash_lock_state error!"); 112 ret = -1; 113 } else { 114 ret = trusty_read_flash_lock_state(flash_lock_state); 115 } 116 break; 117 default: 118 printf("%s: trusty_read_flash_lock_state failed\n", __FILE__); 119 } 120 121 return ret; 122 #else 123 *flash_lock_state = 1; 124 125 return 0; 126 #endif 127 } 128 129 int rk_avb_write_flash_lock_state(uint8_t flash_lock_state) 130 { 131 #ifdef CONFIG_OPTEE_CLIENT 132 if (trusty_write_flash_lock_state(flash_lock_state)) { 133 printf("trusty_write_flash_lock_state error!\n"); 134 return -1; 135 } 136 137 return 0; 138 #else 139 return -1; 140 #endif 141 } 142 143 int rk_avb_write_lock_state(uint8_t lock_state) 144 { 145 #ifdef CONFIG_OPTEE_CLIENT 146 if (trusty_write_lock_state(lock_state)) { 147 printf("trusty_write_lock_state error!\n"); 148 return -1; 149 } 150 151 return 0; 152 #else 153 return -1; 154 #endif 155 } 156 157 int rk_avb_read_lock_state(uint8_t *lock_state) 158 { 159 #ifdef CONFIG_OPTEE_CLIENT 160 int ret; 161 162 ret = trusty_read_lock_state(lock_state); 163 switch (ret) { 164 case TEE_SUCCESS: 165 break; 166 case TEE_ERROR_GENERIC: 167 case TEE_ERROR_NO_DATA: 168 case TEE_ERROR_ITEM_NOT_FOUND: 169 *lock_state = 1; 170 if (rk_avb_write_lock_state(*lock_state)) { 171 avb_error("avb_write_lock_state error!"); 172 ret = -1; 173 } else { 174 ret = trusty_read_lock_state(lock_state); 175 } 176 break; 177 default: 178 printf("%s: trusty_read_lock_state failed\n", __FILE__); 179 } 180 181 return ret; 182 #else 183 return -1; 184 #endif 185 } 186 187 int rk_avb_write_perm_attr_flag(uint8_t flag) 188 { 189 #ifdef CONFIG_OPTEE_CLIENT 190 if (trusty_write_permanent_attributes_flag(flag)) { 191 printf("trusty_write_permanent_attributes_flag error!\n"); 192 return -1; 193 } 194 195 return 0; 196 #else 197 return -1; 198 #endif 199 } 200 201 int rk_avb_read_perm_attr_flag(uint8_t *flag) 202 { 203 #ifdef CONFIG_OPTEE_CLIENT 204 int ret; 205 206 ret = trusty_read_permanent_attributes_flag(flag); 207 switch (ret) { 208 case TEE_SUCCESS: 209 break; 210 case TEE_ERROR_GENERIC: 211 case TEE_ERROR_NO_DATA: 212 case TEE_ERROR_ITEM_NOT_FOUND: 213 *flag = 0; 214 if (rk_avb_write_perm_attr_flag(*flag)) { 215 avb_error("avb_write_perm_attr_flag error!"); 216 ret = -1; 217 } else { 218 ret = trusty_read_permanent_attributes_flag(flag); 219 } 220 break; 221 default: 222 printf("%s: trusty_read_permanent_attributes_flag failed", 223 __FILE__); 224 } 225 226 return ret; 227 #else 228 return -1; 229 #endif 230 } 231 232 int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length) 233 { 234 #ifdef CONFIG_OPTEE_CLIENT 235 if (trusty_read_vbootkey_hash((uint32_t *)buf, 236 (uint32_t)length / sizeof(uint32_t))) { 237 printf("trusty_read_vbootkey_hash error!\n"); 238 return -1; 239 } 240 241 return 0; 242 #else 243 return -1; 244 #endif 245 } 246 247 int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length) 248 { 249 #ifdef CONFIG_OPTEE_CLIENT 250 if (trusty_write_vbootkey_hash((uint32_t *)buf, 251 (uint32_t)length / sizeof(uint32_t))) { 252 printf("trusty_write_vbootkey_hash error!\n"); 253 return -1; 254 } 255 256 return 0; 257 #else 258 return -1; 259 #endif 260 } 261 262 int rk_avb_close_optee_client(void) 263 { 264 #ifdef CONFIG_OPTEE_CLIENT 265 if(trusty_notify_optee_uboot_end()) { 266 printf("trusty_notify_optee_uboot_end error!\n"); 267 return -1; 268 } 269 270 return 0; 271 #else 272 return -1; 273 #endif 274 } 275 276 int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length) 277 { 278 #ifdef CONFIG_OPTEE_CLIENT 279 if (trusty_read_attribute_hash((uint32_t *)buf, 280 (uint32_t)(length/sizeof(uint32_t)))) { 281 printf("trusty_read_attribute_hash error!\n"); 282 return -1; 283 } 284 285 return 0; 286 #else 287 return -1; 288 #endif 289 } 290 291 int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length) 292 { 293 #ifdef CONFIG_OPTEE_CLIENT 294 if (trusty_write_attribute_hash((uint32_t *)buf, 295 (uint32_t)(length/sizeof(uint32_t)))) { 296 printf("trusty_write_attribute_hash error!\n"); 297 return -1; 298 } 299 300 return 0; 301 #else 302 return -1; 303 #endif 304 } 305 306 int rk_avb_read_all_rollback_index(char *buffer) 307 { 308 AvbOps* ops; 309 uint64_t stored_rollback_index = 0; 310 AvbIOResult io_ret; 311 char temp[ROLLBACK_MAX_SIZE] = {0}; 312 313 ops = avb_ops_user_new(); 314 if (ops == NULL) { 315 printf("avb_ops_user_new() failed!\n"); 316 return -1; 317 } 318 319 /* Actually the rollback_index_location 0 is used. */ 320 io_ret = ops->read_rollback_index(ops, 0, &stored_rollback_index); 321 if (io_ret != AVB_IO_RESULT_OK) 322 goto out; 323 snprintf(temp, sizeof(int) + 1, "%d", 0); 324 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 325 strncat(buffer, ":", 1); 326 snprintf(temp, sizeof(uint64_t) + 1, "%lld", 327 stored_rollback_index); 328 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 329 strncat(buffer, ",", 1); 330 331 io_ret = 332 ops->read_rollback_index(ops, 333 AVB_ATX_PIK_VERSION_LOCATION, 334 &stored_rollback_index); 335 if (io_ret != AVB_IO_RESULT_OK) { 336 avb_error("Failed to read PIK minimum version.\n"); 337 goto out; 338 } 339 /* PIK rollback index */ 340 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PIK_VERSION_LOCATION); 341 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 342 strncat(buffer, ":", 1); 343 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 344 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 345 strncat(buffer, ",", 1); 346 io_ret = ops->read_rollback_index(ops, 347 AVB_ATX_PSK_VERSION_LOCATION, 348 &stored_rollback_index); 349 if (io_ret != AVB_IO_RESULT_OK) { 350 avb_error("Failed to read PSK minimum version.\n"); 351 goto out; 352 } 353 /* PSK rollback index */ 354 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PSK_VERSION_LOCATION); 355 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 356 strncat(buffer, ":", 1); 357 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 358 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 359 debug("%s\n", buffer); 360 avb_ops_user_free(ops); 361 362 return 0; 363 out: 364 avb_ops_user_free(ops); 365 366 return -1; 367 } 368 369 int rk_avb_read_bootloader_locked_flag(uint8_t *flag) 370 { 371 #ifdef CONFIG_OPTEE_CLIENT 372 if (trusty_read_vbootkey_enable_flag(flag)) 373 return -1; 374 #endif 375 return 0; 376 } 377 378 #ifdef CONFIG_SUPPORT_EMMC_RPMB 379 static int curr_device = -1; 380 381 int rk_bootloader_rollback_index_read(uint32_t offset, uint32_t bytes, 382 void *rb_index) 383 { 384 385 struct mmc *mmc; 386 uint8_t rpmb_buf[256] = {0}; 387 uint32_t n; 388 char original_part; 389 390 if ((offset + bytes) > 256) 391 return -1; 392 393 if (curr_device < 0) { 394 if (get_mmc_num() > 0) 395 curr_device = 0; 396 else { 397 avb_error("No MMC device available"); 398 return -1; 399 } 400 } 401 402 mmc = find_mmc_device(curr_device); 403 /* Switch to the RPMB partition */ 404 #ifndef CONFIG_BLK 405 original_part = mmc->block_dev.hwpart; 406 #else 407 original_part = mmc_get_blk_desc(mmc)->hwpart; 408 #endif 409 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, MMC_PART_RPMB) != 410 0) 411 return -1; 412 413 n = mmc_rpmb_read(mmc, rpmb_buf, RPMB_BASE_ADDR, 1, NULL); 414 if (n != 1) 415 return -1; 416 417 /* Return to original partition */ 418 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, original_part) != 419 0) 420 return -1; 421 422 memcpy(rb_index, (void*)&rpmb_buf[offset], bytes); 423 424 return 0; 425 } 426 427 int rk_avb_get_bootloader_min_version(char *buffer) 428 { 429 uint32_t rb_index; 430 char temp[ROLLBACK_MAX_SIZE] = {0}; 431 432 if (rk_bootloader_rollback_index_read(UBOOT_RB_INDEX_OFFSET, 433 sizeof(uint32_t), &rb_index)) { 434 avb_error("Can not read uboot rollback index"); 435 return -1; 436 } 437 snprintf(temp, sizeof(int) + 1, "%d", 0); 438 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 439 strncat(buffer, ":", 1); 440 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 441 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 442 strncat(buffer, ",", 1); 443 444 if (rk_bootloader_rollback_index_read(TRUST_RB_INDEX_OFFSET, 445 sizeof(uint32_t), &rb_index)) { 446 avb_error("Can not read trust rollback index"); 447 return -1; 448 } 449 450 snprintf(temp, sizeof(int) + 1, "%d", 1); 451 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 452 strncat(buffer, ":", 1); 453 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 454 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 455 456 return 0; 457 } 458 #endif 459 460 void rk_avb_get_at_vboot_state(char *buf) 461 { 462 char temp_flag = 0; 463 char *lock_val = NULL; 464 char *unlock_dis_val = NULL; 465 char *perm_attr_flag = NULL; 466 char *bootloader_locked_flag = NULL; 467 char *rollback_indices; 468 char min_versions[ROLLBACK_MAX_SIZE + 1] = {0}; 469 int n; 470 471 if (rk_avb_read_perm_attr_flag((uint8_t *)&temp_flag)) { 472 avb_error("Can not read perm_attr_flag!"); 473 perm_attr_flag = ""; 474 } else { 475 perm_attr_flag = temp_flag ? "1" : "0"; 476 } 477 478 temp_flag = 0; 479 if (rk_avb_read_lock_state((uint8_t *)&temp_flag)) { 480 avb_error("Can not read lock state!"); 481 lock_val = ""; 482 unlock_dis_val = ""; 483 } else { 484 lock_val = (temp_flag & LOCK_MASK) ? "0" : "1"; 485 unlock_dis_val = (temp_flag & UNLOCK_DISABLE_MASK) ? "1" : "0"; 486 } 487 488 temp_flag = 0; 489 if (rk_avb_read_bootloader_locked_flag((uint8_t *)&temp_flag)) { 490 avb_error("Can not read bootloader locked flag!"); 491 bootloader_locked_flag = ""; 492 } else { 493 bootloader_locked_flag = temp_flag ? "1" : "0"; 494 } 495 496 rollback_indices = malloc(VBOOT_STATE_SIZE); 497 if (!rollback_indices) { 498 avb_error("No buff to malloc!"); 499 return; 500 } 501 502 memset(rollback_indices, 0, VBOOT_STATE_SIZE); 503 if (rk_avb_read_all_rollback_index(rollback_indices)) 504 avb_error("Can not read avb_min_ver!"); 505 506 /* bootloader-min-versions */ 507 if (rk_avb_get_bootloader_min_version(min_versions)) 508 avb_error("Call rk_avb_get_bootloader_min_version error!"); 509 510 n = snprintf(buf, VBOOT_STATE_SIZE - 1, 511 "avb-perm-attr-set=%s\n" 512 "avb-locked=%s\n" 513 "avb-unlock-disabled=%s\n" 514 "bootloader-locked=%s\n" 515 "avb-min-versions=%s\n" 516 "bootloader-min-versions=%s\n", 517 perm_attr_flag, 518 lock_val, 519 unlock_dis_val, 520 bootloader_locked_flag, 521 rollback_indices, 522 min_versions); 523 if (n >= VBOOT_STATE_SIZE) { 524 avb_error("The VBOOT_STATE buf is truncated\n"); 525 buf[VBOOT_STATE_SIZE - 1] = 0; 526 } 527 debug("The vboot state buf is %s\n", buf); 528 free(rollback_indices); 529 } 530 531 int rk_avb_get_ab_info(AvbABData* ab_data) 532 { 533 AvbOps* ops; 534 AvbIOResult io_ret = AVB_IO_RESULT_OK; 535 int ret = 0; 536 537 ops = avb_ops_user_new(); 538 if (ops == NULL) { 539 printf("%s: avb_ops_user_new() failed!\n", __FILE__); 540 return -1; 541 } 542 543 io_ret = ops->ab_ops->read_ab_metadata(ops->ab_ops, ab_data); 544 if (io_ret != AVB_IO_RESULT_OK) { 545 avb_error("I/O error while loading A/B metadata.\n"); 546 ret = -1; 547 } 548 549 avb_ops_user_free(ops); 550 551 return ret; 552 } 553 554 int rk_avb_get_part_has_slot_info(const char *base_name) 555 { 556 char *part_name; 557 int part_num; 558 size_t part_name_len; 559 disk_partition_t part_info; 560 struct blk_desc *dev_desc; 561 const char *slot_suffix = "_a"; 562 563 dev_desc = rockchip_get_bootdev(); 564 if (!dev_desc) { 565 printf("%s: Could not find device!\n", __func__); 566 return -1; 567 } 568 569 if (base_name == NULL) { 570 printf("The base_name is NULL!\n"); 571 return -1; 572 } 573 574 part_name_len = strlen(base_name) + 1; 575 part_name_len += strlen(slot_suffix); 576 part_name = malloc(part_name_len); 577 if (!part_name) { 578 printf("%s can not malloc a buffer!\n", __FILE__); 579 return -1; 580 } 581 582 memset(part_name, 0, part_name_len); 583 snprintf(part_name, part_name_len, "%s%s", base_name, slot_suffix); 584 part_num = part_get_info_by_name(dev_desc, part_name, &part_info); 585 if (part_num < 0) { 586 printf("Could not find partition \"%s\"\n", part_name); 587 part_num = -1; 588 } 589 590 free(part_name); 591 return part_num; 592 } 593 594 int rk_auth_unlock(void *buffer, char *out_is_trusted) 595 { 596 AvbOps* ops; 597 598 ops = avb_ops_user_new(); 599 if (ops == NULL) { 600 avb_error("avb_ops_user_new() failed!"); 601 return -1; 602 } 603 604 if (avb_atx_validate_unlock_credential(ops->atx_ops, 605 (AvbAtxUnlockCredential*)buffer, 606 (bool*)out_is_trusted)) { 607 avb_ops_user_free(ops); 608 return -1; 609 } 610 avb_ops_user_free(ops); 611 if (*out_is_trusted == true) 612 return 0; 613 else 614 return -1; 615 } 616 617 int rk_generate_unlock_challenge(void *buffer, uint32_t *challenge_len) 618 { 619 AvbOps* ops; 620 AvbIOResult result = AVB_IO_RESULT_OK; 621 622 ops = avb_ops_user_new(); 623 if (ops == NULL) { 624 avb_error("avb_ops_user_new() failed!"); 625 return -1; 626 } 627 628 result = avb_atx_generate_unlock_challenge(ops->atx_ops, 629 (AvbAtxUnlockChallenge *)buffer); 630 avb_ops_user_free(ops); 631 *challenge_len = sizeof(AvbAtxUnlockChallenge); 632 if (result == AVB_IO_RESULT_OK) 633 return 0; 634 else 635 return -1; 636 } 637 638 int rk_avb_init_ab_metadata(void) 639 { 640 AvbOps *ops; 641 AvbABData ab_data; 642 643 memset(&ab_data, 0, sizeof(AvbABData)); 644 debug("sizeof(AvbABData) = %d\n", (int)(size_t)sizeof(AvbABData)); 645 646 ops = avb_ops_user_new(); 647 if (ops == NULL) { 648 printf("avb_ops_user_new() failed!\n"); 649 return -1; 650 } 651 652 avb_ab_data_init(&ab_data); 653 if (ops->ab_ops->write_ab_metadata(ops->ab_ops, &ab_data) != 0) { 654 printf("do_avb_init_ab_metadata error!\n"); 655 avb_ops_user_free(ops); 656 return -1; 657 } 658 659 printf("Initialize ab data to misc partition success.\n"); 660 avb_ops_user_free(ops); 661 662 return 0; 663 } 664