1 /* 2 * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <image.h> 9 #include <android_image.h> 10 #include <malloc.h> 11 #include <mapmem.h> 12 #include <errno.h> 13 #include <command.h> 14 #include <mmc.h> 15 #include <blk.h> 16 #include <part.h> 17 #include <android_avb/avb_ops_user.h> 18 #include <android_avb/libavb_ab.h> 19 #include <android_avb/avb_atx_validate.h> 20 #include <android_avb/avb_atx_types.h> 21 #include <optee_include/OpteeClientInterface.h> 22 #include <optee_include/tee_api_defines.h> 23 #include <android_avb/avb_vbmeta_image.h> 24 #include <android_avb/avb_atx_validate.h> 25 #include <android_avb/rk_avb_ops_user.h> 26 #include <boot_rkimg.h> 27 #include <asm/arch/rk_atags.h> 28 29 /* rk used */ 30 int rk_avb_get_pub_key(struct rk_pub_key *pub_key) 31 { 32 struct tag *t = NULL; 33 34 t = atags_get_tag(ATAG_PUB_KEY); 35 if (!t) 36 return -1; 37 38 memcpy(pub_key, t->u.pub_key.data, sizeof(struct rk_pub_key)); 39 40 return 0; 41 } 42 43 int rk_avb_get_perm_attr_cer(uint8_t *cer, uint32_t size) 44 { 45 #ifdef CONFIG_OPTEE_CLIENT 46 if (trusty_read_permanent_attributes_cer((uint8_t *)cer, size)) { 47 printf("AVB: perm attr cer is not exist.\n"); 48 return -EIO; 49 } 50 51 return 0; 52 #else 53 return -1; 54 #endif 55 } 56 57 int rk_avb_set_perm_attr_cer(uint8_t *cer, uint32_t size) 58 { 59 #ifdef CONFIG_OPTEE_CLIENT 60 if (trusty_write_permanent_attributes_cer((uint8_t *)cer, size)) 61 return -EIO; 62 63 return 0; 64 #else 65 return -1; 66 #endif 67 } 68 69 int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size) 70 { 71 #ifdef CONFIG_OPTEE_CLIENT 72 if(trusty_read_permanent_attributes(attributes, size) != 0) { 73 printf("trusty_read_permanent_attributes failed!\n"); 74 return -1; 75 } 76 77 return 0; 78 #else 79 return -1; 80 #endif 81 } 82 83 int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size) 84 { 85 #ifdef CONFIG_OPTEE_CLIENT 86 if(trusty_write_permanent_attributes(attributes, size) != 0) { 87 printf("trusty_write_permanent_attributes failed!\n"); 88 return -1; 89 } 90 91 return 0; 92 #else 93 return -1; 94 #endif 95 } 96 97 int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state) 98 { 99 #ifdef CONFIG_OPTEE_CLIENT 100 int ret; 101 102 ret = trusty_read_flash_lock_state(flash_lock_state); 103 switch (ret) { 104 case TEE_SUCCESS: 105 break; 106 case TEE_ERROR_GENERIC: 107 case TEE_ERROR_NO_DATA: 108 case TEE_ERROR_ITEM_NOT_FOUND: 109 *flash_lock_state = 1; 110 if (trusty_write_flash_lock_state(*flash_lock_state)) { 111 avb_error("trusty_write_flash_lock_state error!"); 112 ret = -1; 113 } else { 114 ret = trusty_read_flash_lock_state(flash_lock_state); 115 } 116 break; 117 default: 118 printf("%s: trusty_read_flash_lock_state failed\n", __FILE__); 119 } 120 121 return ret; 122 #else 123 *flash_lock_state = 1; 124 125 return 0; 126 #endif 127 } 128 129 int rk_avb_write_flash_lock_state(uint8_t flash_lock_state) 130 { 131 #ifdef CONFIG_OPTEE_CLIENT 132 if (trusty_write_flash_lock_state(flash_lock_state)) { 133 printf("trusty_write_flash_lock_state error!\n"); 134 return -1; 135 } 136 137 return 0; 138 #else 139 return -1; 140 #endif 141 } 142 143 int rk_avb_write_lock_state(uint8_t lock_state) 144 { 145 #ifdef CONFIG_OPTEE_CLIENT 146 if (trusty_write_lock_state(lock_state)) { 147 printf("trusty_write_lock_state error!\n"); 148 return -1; 149 } 150 151 return 0; 152 #else 153 return -1; 154 #endif 155 } 156 157 int rk_avb_read_lock_state(uint8_t *lock_state) 158 { 159 #ifdef CONFIG_OPTEE_CLIENT 160 int ret; 161 162 ret = trusty_read_lock_state(lock_state); 163 switch (ret) { 164 case TEE_SUCCESS: 165 break; 166 case TEE_ERROR_GENERIC: 167 case TEE_ERROR_NO_DATA: 168 case TEE_ERROR_ITEM_NOT_FOUND: 169 *lock_state = 1; 170 if (rk_avb_write_lock_state(*lock_state)) { 171 avb_error("avb_write_lock_state error!"); 172 ret = -1; 173 } else { 174 ret = trusty_read_lock_state(lock_state); 175 } 176 break; 177 default: 178 printf("%s: trusty_read_lock_state failed\n", __FILE__); 179 } 180 181 return ret; 182 #else 183 return -1; 184 #endif 185 } 186 187 int rk_avb_write_perm_attr_flag(uint8_t flag) 188 { 189 #ifdef CONFIG_OPTEE_CLIENT 190 if (trusty_write_permanent_attributes_flag(flag)) { 191 printf("trusty_write_permanent_attributes_flag error!\n"); 192 return -1; 193 } 194 195 return 0; 196 #else 197 return -1; 198 #endif 199 } 200 201 int rk_avb_read_perm_attr_flag(uint8_t *flag) 202 { 203 #ifdef CONFIG_OPTEE_CLIENT 204 int ret; 205 206 ret = trusty_read_permanent_attributes_flag(flag); 207 switch (ret) { 208 case TEE_SUCCESS: 209 break; 210 case TEE_ERROR_GENERIC: 211 case TEE_ERROR_NO_DATA: 212 case TEE_ERROR_ITEM_NOT_FOUND: 213 *flag = 0; 214 if (rk_avb_write_perm_attr_flag(*flag)) { 215 avb_error("avb_write_perm_attr_flag error!"); 216 ret = -1; 217 } else { 218 ret = trusty_read_permanent_attributes_flag(flag); 219 } 220 break; 221 default: 222 printf("%s: trusty_read_permanent_attributes_flag failed", 223 __FILE__); 224 } 225 226 return ret; 227 #else 228 return -1; 229 #endif 230 } 231 232 int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length) 233 { 234 #ifdef CONFIG_OPTEE_CLIENT 235 if (trusty_read_vbootkey_hash((uint32_t *)buf, 236 (uint32_t)length / sizeof(uint32_t))) { 237 printf("trusty_read_vbootkey_hash error!\n"); 238 return -1; 239 } 240 241 return 0; 242 #else 243 return -1; 244 #endif 245 } 246 247 int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length) 248 { 249 #ifdef CONFIG_OPTEE_CLIENT 250 if (trusty_write_vbootkey_hash((uint32_t *)buf, 251 (uint32_t)length / sizeof(uint32_t))) { 252 printf("trusty_write_vbootkey_hash error!\n"); 253 return -1; 254 } 255 256 return 0; 257 #else 258 return -1; 259 #endif 260 } 261 262 int rk_avb_close_optee_client(void) 263 { 264 #ifdef CONFIG_OPTEE_CLIENT 265 if(trusty_notify_optee_uboot_end()) { 266 printf("trusty_notify_optee_uboot_end error!\n"); 267 return -1; 268 } 269 270 return 0; 271 #else 272 return -1; 273 #endif 274 } 275 276 int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length) 277 { 278 #ifdef CONFIG_OPTEE_CLIENT 279 if (trusty_read_attribute_hash((uint32_t *)buf, 280 (uint32_t)(length/sizeof(uint32_t)))) { 281 printf("trusty_read_attribute_hash error!\n"); 282 return -1; 283 } 284 285 return 0; 286 #else 287 return -1; 288 #endif 289 } 290 291 int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length) 292 { 293 #ifdef CONFIG_OPTEE_CLIENT 294 if (trusty_write_attribute_hash((uint32_t *)buf, 295 (uint32_t)(length/sizeof(uint32_t)))) { 296 printf("trusty_write_attribute_hash error!\n"); 297 return -1; 298 } 299 300 return 0; 301 #else 302 return -1; 303 #endif 304 } 305 306 int rk_avb_read_all_rollback_index(char *buffer) 307 { 308 AvbOps* ops; 309 uint64_t stored_rollback_index = 0; 310 AvbIOResult io_ret; 311 char temp[ROLLBACK_MAX_SIZE] = {0}; 312 int n; 313 314 ops = avb_ops_user_new(); 315 if (ops == NULL) { 316 printf("avb_ops_user_new() failed!\n"); 317 return -1; 318 } 319 320 for (n = 0; n < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; n++) { 321 io_ret = ops->read_rollback_index( 322 ops, n, &stored_rollback_index); 323 if (io_ret != AVB_IO_RESULT_OK) 324 goto out; 325 snprintf(temp, sizeof(int) + 1, "%d", n); 326 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 327 strncat(buffer, ":", 1); 328 snprintf(temp, sizeof(uint64_t) + 1, "%lld", 329 stored_rollback_index); 330 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 331 strncat(buffer, ",", 1); 332 } 333 334 io_ret = 335 ops->read_rollback_index(ops, 336 AVB_ATX_PIK_VERSION_LOCATION, 337 &stored_rollback_index); 338 if (io_ret != AVB_IO_RESULT_OK) { 339 avb_error("Failed to read PIK minimum version.\n"); 340 goto out; 341 } 342 /* PIK rollback index */ 343 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PIK_VERSION_LOCATION); 344 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 345 strncat(buffer, ":", 1); 346 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 347 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 348 strncat(buffer, ",", 1); 349 io_ret = ops->read_rollback_index(ops, 350 AVB_ATX_PSK_VERSION_LOCATION, 351 &stored_rollback_index); 352 if (io_ret != AVB_IO_RESULT_OK) { 353 avb_error("Failed to read PSK minimum version.\n"); 354 goto out; 355 } 356 /* PSK rollback index */ 357 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PSK_VERSION_LOCATION); 358 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 359 strncat(buffer, ":", 1); 360 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 361 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 362 debug("%s\n", buffer); 363 avb_ops_user_free(ops); 364 365 return 0; 366 out: 367 avb_ops_user_free(ops); 368 369 return -1; 370 } 371 372 int rk_avb_read_bootloader_locked_flag(uint8_t *flag) 373 { 374 #ifdef CONFIG_OPTEE_CLIENT 375 if (trusty_read_vbootkey_enable_flag(flag)) 376 return -1; 377 #endif 378 return 0; 379 } 380 381 #ifdef CONFIG_SUPPORT_EMMC_RPMB 382 static int curr_device = -1; 383 384 int rk_bootloader_rollback_index_read(uint32_t offset, uint32_t bytes, 385 void *rb_index) 386 { 387 388 struct mmc *mmc; 389 uint8_t rpmb_buf[256] = {0}; 390 uint32_t n; 391 char original_part; 392 393 if ((offset + bytes) > 256) 394 return -1; 395 396 if (curr_device < 0) { 397 if (get_mmc_num() > 0) 398 curr_device = 0; 399 else { 400 avb_error("No MMC device available"); 401 return -1; 402 } 403 } 404 405 mmc = find_mmc_device(curr_device); 406 /* Switch to the RPMB partition */ 407 #ifndef CONFIG_BLK 408 original_part = mmc->block_dev.hwpart; 409 #else 410 original_part = mmc_get_blk_desc(mmc)->hwpart; 411 #endif 412 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, MMC_PART_RPMB) != 413 0) 414 return -1; 415 416 n = mmc_rpmb_read(mmc, rpmb_buf, RPMB_BASE_ADDR, 1, NULL); 417 if (n != 1) 418 return -1; 419 420 /* Return to original partition */ 421 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, original_part) != 422 0) 423 return -1; 424 425 memcpy(rb_index, (void*)&rpmb_buf[offset], bytes); 426 427 return 0; 428 } 429 430 int rk_avb_get_bootloader_min_version(char *buffer) 431 { 432 uint32_t rb_index; 433 char temp[ROLLBACK_MAX_SIZE] = {0}; 434 435 if (rk_bootloader_rollback_index_read(UBOOT_RB_INDEX_OFFSET, 436 sizeof(uint32_t), &rb_index)) { 437 avb_error("Can not read uboot rollback index"); 438 return -1; 439 } 440 snprintf(temp, sizeof(int) + 1, "%d", 0); 441 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 442 strncat(buffer, ":", 1); 443 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 444 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 445 strncat(buffer, ",", 1); 446 447 if (rk_bootloader_rollback_index_read(TRUST_RB_INDEX_OFFSET, 448 sizeof(uint32_t), &rb_index)) { 449 avb_error("Can not read trust rollback index"); 450 return -1; 451 } 452 453 snprintf(temp, sizeof(int) + 1, "%d", 1); 454 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 455 strncat(buffer, ":", 1); 456 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 457 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 458 459 return 0; 460 } 461 #endif 462 463 void rk_avb_get_at_vboot_state(char *buf) 464 { 465 char temp_flag = 0; 466 char *lock_val = NULL; 467 char *unlock_dis_val = NULL; 468 char *perm_attr_flag = NULL; 469 char *bootloader_locked_flag = NULL; 470 char *rollback_indices; 471 char min_versions[ROLLBACK_MAX_SIZE + 1] = {0}; 472 int n; 473 474 if (rk_avb_read_perm_attr_flag((uint8_t *)&temp_flag)) { 475 avb_error("Can not read perm_attr_flag!"); 476 perm_attr_flag = ""; 477 } else { 478 perm_attr_flag = temp_flag ? "1" : "0"; 479 } 480 481 temp_flag = 0; 482 if (rk_avb_read_lock_state((uint8_t *)&temp_flag)) { 483 avb_error("Can not read lock state!"); 484 lock_val = ""; 485 unlock_dis_val = ""; 486 } else { 487 lock_val = (temp_flag & LOCK_MASK) ? "0" : "1"; 488 unlock_dis_val = (temp_flag & UNLOCK_DISABLE_MASK) ? "1" : "0"; 489 } 490 491 temp_flag = 0; 492 if (rk_avb_read_bootloader_locked_flag((uint8_t *)&temp_flag)) { 493 avb_error("Can not read bootloader locked flag!"); 494 bootloader_locked_flag = ""; 495 } else { 496 bootloader_locked_flag = temp_flag ? "1" : "0"; 497 } 498 499 rollback_indices = malloc(VBOOT_STATE_SIZE); 500 if (!rollback_indices) { 501 avb_error("No buff to malloc!"); 502 return; 503 } 504 505 memset(rollback_indices, 0, VBOOT_STATE_SIZE); 506 if (rk_avb_read_all_rollback_index(rollback_indices)) 507 avb_error("Can not read avb_min_ver!"); 508 509 /* bootloader-min-versions */ 510 if (rk_avb_get_bootloader_min_version(min_versions)) 511 avb_error("Call rk_avb_get_bootloader_min_version error!"); 512 513 n = snprintf(buf, VBOOT_STATE_SIZE - 1, 514 "avb-perm-attr-set=%s\n" 515 "avb-locked=%s\n" 516 "avb-unlock-disabled=%s\n" 517 "bootloader-locked=%s\n" 518 "avb-min-versions=%s\n" 519 "bootloader-min-versions=%s\n", 520 perm_attr_flag, 521 lock_val, 522 unlock_dis_val, 523 bootloader_locked_flag, 524 rollback_indices, 525 min_versions); 526 if (n >= VBOOT_STATE_SIZE) { 527 avb_error("The VBOOT_STATE buf is truncated\n"); 528 buf[VBOOT_STATE_SIZE - 1] = 0; 529 } 530 debug("The vboot state buf is %s\n", buf); 531 free(rollback_indices); 532 } 533 534 int rk_avb_get_ab_info(AvbABData* ab_data) 535 { 536 AvbOps* ops; 537 AvbIOResult io_ret = AVB_IO_RESULT_OK; 538 int ret = 0; 539 540 ops = avb_ops_user_new(); 541 if (ops == NULL) { 542 printf("%s: avb_ops_user_new() failed!\n", __FILE__); 543 return -1; 544 } 545 546 io_ret = ops->ab_ops->read_ab_metadata(ops->ab_ops, ab_data); 547 if (io_ret != AVB_IO_RESULT_OK) { 548 avb_error("I/O error while loading A/B metadata.\n"); 549 ret = -1; 550 } 551 552 avb_ops_user_free(ops); 553 554 return ret; 555 } 556 557 int rk_avb_get_part_has_slot_info(const char *base_name) 558 { 559 char *part_name; 560 int part_num; 561 size_t part_name_len; 562 disk_partition_t part_info; 563 struct blk_desc *dev_desc; 564 const char *slot_suffix = "_a"; 565 566 dev_desc = rockchip_get_bootdev(); 567 if (!dev_desc) { 568 printf("%s: Could not find device!\n", __func__); 569 return -1; 570 } 571 572 if (base_name == NULL) { 573 printf("The base_name is NULL!\n"); 574 return -1; 575 } 576 577 part_name_len = strlen(base_name) + 1; 578 part_name_len += strlen(slot_suffix); 579 part_name = malloc(part_name_len); 580 if (!part_name) { 581 printf("%s can not malloc a buffer!\n", __FILE__); 582 return -1; 583 } 584 585 memset(part_name, 0, part_name_len); 586 snprintf(part_name, part_name_len, "%s%s", base_name, slot_suffix); 587 part_num = part_get_info_by_name(dev_desc, part_name, &part_info); 588 if (part_num < 0) { 589 printf("Could not find partition \"%s\"\n", part_name); 590 part_num = -1; 591 } 592 593 free(part_name); 594 return part_num; 595 } 596 597 int rk_auth_unlock(void *buffer, char *out_is_trusted) 598 { 599 AvbOps* ops; 600 601 ops = avb_ops_user_new(); 602 if (ops == NULL) { 603 avb_error("avb_ops_user_new() failed!"); 604 return -1; 605 } 606 607 if (avb_atx_validate_unlock_credential(ops->atx_ops, 608 (AvbAtxUnlockCredential*)buffer, 609 (bool*)out_is_trusted)) { 610 avb_ops_user_free(ops); 611 return -1; 612 } 613 avb_ops_user_free(ops); 614 if (*out_is_trusted == true) 615 return 0; 616 else 617 return -1; 618 } 619 620 int rk_generate_unlock_challenge(void *buffer, uint32_t *challenge_len) 621 { 622 AvbOps* ops; 623 AvbIOResult result = AVB_IO_RESULT_OK; 624 625 ops = avb_ops_user_new(); 626 if (ops == NULL) { 627 avb_error("avb_ops_user_new() failed!"); 628 return -1; 629 } 630 631 result = avb_atx_generate_unlock_challenge(ops->atx_ops, 632 (AvbAtxUnlockChallenge *)buffer); 633 avb_ops_user_free(ops); 634 *challenge_len = sizeof(AvbAtxUnlockChallenge); 635 if (result == AVB_IO_RESULT_OK) 636 return 0; 637 else 638 return -1; 639 } 640 641 int rk_avb_init_ab_metadata(void) 642 { 643 AvbOps *ops; 644 AvbABData ab_data; 645 646 memset(&ab_data, 0, sizeof(AvbABData)); 647 debug("sizeof(AvbABData) = %d\n", (int)(size_t)sizeof(AvbABData)); 648 649 ops = avb_ops_user_new(); 650 if (ops == NULL) { 651 printf("avb_ops_user_new() failed!\n"); 652 return -1; 653 } 654 655 avb_ab_data_init(&ab_data); 656 if (ops->ab_ops->write_ab_metadata(ops->ab_ops, &ab_data) != 0) { 657 printf("do_avb_init_ab_metadata error!\n"); 658 avb_ops_user_free(ops); 659 return -1; 660 } 661 662 printf("Initialize ab data to misc partition success.\n"); 663 avb_ops_user_free(ops); 664 665 return 0; 666 } 667