1 /* 2 * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <image.h> 9 #include <android_image.h> 10 #include <malloc.h> 11 #include <mapmem.h> 12 #include <errno.h> 13 #include <command.h> 14 #include <mmc.h> 15 #include <blk.h> 16 #include <part.h> 17 #include <android_avb/avb_ops_user.h> 18 #include <android_avb/libavb_ab.h> 19 #include <android_avb/avb_atx_validate.h> 20 #include <android_avb/avb_atx_types.h> 21 #include <optee_include/OpteeClientInterface.h> 22 #include <optee_include/tee_api_defines.h> 23 #include <android_avb/avb_vbmeta_image.h> 24 #include <android_avb/avb_atx_validate.h> 25 #include <android_avb/rk_avb_ops_user.h> 26 #include <boot_rkimg.h> 27 28 /* rk used */ 29 int rk_avb_read_slot_count(char *slot_count) 30 { 31 *slot_count = SLOT_NUM; 32 33 return 0; 34 } 35 36 int rk_avb_read_slot_suffixes(char *slot_suffixes) 37 { 38 memcpy(slot_suffixes, CURR_SYSTEM_SLOT_SUFFIX, 39 strlen(CURR_SYSTEM_SLOT_SUFFIX)); 40 41 return 0; 42 } 43 44 int rk_avb_set_slot_active(unsigned int *slot_number) 45 { 46 AvbOps* ops; 47 ops = avb_ops_user_new(); 48 int ret = 0; 49 50 if (ops == NULL) { 51 printf("avb_ops_user_new() failed!\n"); 52 return -1; 53 } 54 55 debug("set_slot_active\n"); 56 if (avb_ab_mark_slot_active(ops->ab_ops, *slot_number) != 0) { 57 printf("set_slot_active error!\n"); 58 ret = -1; 59 } 60 61 avb_ops_user_free(ops); 62 return ret; 63 } 64 65 static bool slot_is_bootable(AvbABSlotData* slot) { 66 return (slot->priority > 0) && 67 (slot->successful_boot || (slot->tries_remaining > 0)); 68 } 69 70 AvbABFlowResult rk_avb_ab_slot_select(AvbABOps* ab_ops,char* select_slot) 71 { 72 AvbABFlowResult ret = AVB_AB_FLOW_RESULT_OK; 73 AvbIOResult io_ret = AVB_IO_RESULT_OK; 74 AvbABData ab_data; 75 size_t slot_index_to_boot; 76 77 io_ret = ab_ops->read_ab_metadata(ab_ops, &ab_data); 78 if (io_ret != AVB_IO_RESULT_OK) { 79 avb_error("I/O error while loading A/B metadata.\n"); 80 ret = AVB_AB_FLOW_RESULT_ERROR_IO; 81 goto out; 82 } 83 if (slot_is_bootable(&ab_data.slots[0]) && slot_is_bootable(&ab_data.slots[1])) { 84 if (ab_data.slots[1].priority > ab_data.slots[0].priority) { 85 slot_index_to_boot = 1; 86 } else { 87 slot_index_to_boot = 0; 88 } 89 } else if(slot_is_bootable(&ab_data.slots[0])) { 90 slot_index_to_boot = 0; 91 } else if(slot_is_bootable(&ab_data.slots[1])) { 92 slot_index_to_boot = 1; 93 } else { 94 avb_error("No bootable slots found.\n"); 95 ret = AVB_AB_FLOW_RESULT_ERROR_NO_BOOTABLE_SLOTS; 96 goto out; 97 } 98 99 if (slot_index_to_boot == 0) { 100 strcpy(select_slot, "_a"); 101 } else if(slot_index_to_boot == 1) { 102 strcpy(select_slot, "_b"); 103 } 104 out: 105 return ret; 106 } 107 108 int rk_avb_get_current_slot(char *select_slot) 109 { 110 AvbOps* ops; 111 int ret = 0; 112 113 ops = avb_ops_user_new(); 114 if (ops == NULL) { 115 printf("avb_ops_user_new() failed!\n"); 116 return -1; 117 } 118 119 if (rk_avb_ab_slot_select(ops->ab_ops, select_slot) != 0) { 120 printf("get_current_slot error!\n"); 121 ret = -1; 122 } 123 124 avb_ops_user_free(ops); 125 return ret; 126 } 127 128 int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size) 129 { 130 #ifdef CONFIG_OPTEE_CLIENT 131 if(trusty_read_permanent_attributes(attributes, size) != 0) { 132 printf("trusty_read_permanent_attributes failed!\n"); 133 return -1; 134 } 135 136 return 0; 137 #else 138 return -1; 139 #endif 140 } 141 142 int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size) 143 { 144 #ifdef CONFIG_OPTEE_CLIENT 145 if(trusty_write_permanent_attributes(attributes, size) != 0) { 146 printf("trusty_write_permanent_attributes failed!\n"); 147 return -1; 148 } 149 150 return 0; 151 #else 152 return -1; 153 #endif 154 } 155 156 int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state) 157 { 158 #ifdef CONFIG_OPTEE_CLIENT 159 int ret; 160 161 ret = trusty_read_flash_lock_state(flash_lock_state); 162 if (ret == TEE_ERROR_ITEM_NOT_FOUND) { 163 *flash_lock_state = 1; 164 if (trusty_write_flash_lock_state(*flash_lock_state)) { 165 printf("trusty_write_flash_lock_state error!\n"); 166 return -1; 167 } 168 169 ret = trusty_read_flash_lock_state(flash_lock_state); 170 171 return ret; 172 } else if (ret == 0) { 173 return 0; 174 } else { 175 printf("avb_read_flash_lock_state ret = %x\n", ret); 176 return -1; 177 } 178 #else 179 return -1; 180 #endif 181 } 182 183 int rk_avb_write_flash_lock_state(uint8_t flash_lock_state) 184 { 185 #ifdef CONFIG_OPTEE_CLIENT 186 if (trusty_write_flash_lock_state(flash_lock_state)) { 187 printf("trusty_write_flash_lock_state error!\n"); 188 return -1; 189 } 190 191 return 0; 192 #else 193 return -1; 194 #endif 195 } 196 197 int rk_avb_write_lock_state(uint8_t lock_state) 198 { 199 #ifdef CONFIG_OPTEE_CLIENT 200 if (trusty_write_lock_state(lock_state)) { 201 printf("trusty_write_lock_state error!\n"); 202 return -1; 203 } 204 205 return 0; 206 #else 207 return -1; 208 #endif 209 } 210 211 int rk_avb_read_lock_state(uint8_t *lock_state) 212 { 213 #ifdef CONFIG_OPTEE_CLIENT 214 int ret; 215 216 ret = trusty_read_lock_state(lock_state); 217 if (ret == TEE_ERROR_ITEM_NOT_FOUND) { 218 *lock_state = 1; 219 if (rk_avb_write_lock_state(*lock_state)) { 220 printf("avb_write_lock_state error!\n"); 221 return -1; 222 } 223 224 ret = trusty_read_lock_state(lock_state); 225 226 return ret; 227 } else if (ret == 0) { 228 return 0; 229 } else { 230 printf("avb_read_lock_state ret = %x\n", ret); 231 return -1; 232 } 233 #else 234 return -1; 235 #endif 236 } 237 238 int rk_avb_write_perm_attr_flag(uint8_t flag) 239 { 240 #ifdef CONFIG_OPTEE_CLIENT 241 if (trusty_write_permanent_attributes_flag(flag)) { 242 printf("trusty_write_permanent_attributes_flag error!\n"); 243 return -1; 244 } 245 246 return 0; 247 #else 248 return -1; 249 #endif 250 } 251 252 int rk_avb_read_perm_attr_flag(uint8_t *flag) 253 { 254 #ifdef CONFIG_OPTEE_CLIENT 255 int ret; 256 257 ret = trusty_read_permanent_attributes_flag(flag); 258 if (ret != TEE_SUCCESS) { 259 *flag = 0; 260 if (rk_avb_write_perm_attr_flag(*flag)) { 261 printf("avb_write_perm_attr_flag error!\n"); 262 return -1; 263 } 264 265 ret = trusty_read_permanent_attributes_flag(flag); 266 267 return ret; 268 } else if (ret == 0) { 269 return 0; 270 } else { 271 printf("avb_read_perm_attr_flag ret = %x\n", ret); 272 return -1; 273 } 274 #else 275 return -1; 276 #endif 277 } 278 279 int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length) 280 { 281 #ifdef CONFIG_OPTEE_CLIENT 282 if (trusty_read_vbootkey_hash((uint32_t *)buf, 283 (uint32_t)length / sizeof(uint32_t))) { 284 printf("trusty_read_vbootkey_hash error!\n"); 285 return -1; 286 } 287 288 return 0; 289 #else 290 return -1; 291 #endif 292 } 293 294 int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length) 295 { 296 #ifdef CONFIG_OPTEE_CLIENT 297 if (trusty_write_vbootkey_hash((uint32_t *)buf, 298 (uint32_t)length / sizeof(uint32_t))) { 299 printf("trusty_write_vbootkey_hash error!\n"); 300 return -1; 301 } 302 303 return 0; 304 #else 305 return -1; 306 #endif 307 } 308 309 int rk_avb_close_optee_client(void) 310 { 311 #ifdef CONFIG_OPTEE_CLIENT 312 if(trusty_notify_optee_uboot_end()) { 313 printf("trusty_notify_optee_uboot_end error!\n"); 314 return -1; 315 } 316 317 return 0; 318 #else 319 return -1; 320 #endif 321 } 322 323 int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length) 324 { 325 #ifdef CONFIG_OPTEE_CLIENT 326 if (trusty_read_attribute_hash((uint32_t *)buf, 327 (uint32_t)(length/sizeof(uint32_t)))) { 328 printf("trusty_read_attribute_hash error!\n"); 329 return -1; 330 } 331 332 return 0; 333 #else 334 return -1; 335 #endif 336 } 337 338 int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length) 339 { 340 #ifdef CONFIG_OPTEE_CLIENT 341 if (trusty_write_attribute_hash((uint32_t *)buf, 342 (uint32_t)(length/sizeof(uint32_t)))) { 343 printf("trusty_write_attribute_hash error!\n"); 344 return -1; 345 } 346 347 return 0; 348 #else 349 return -1; 350 #endif 351 } 352 353 int rk_avb_read_all_rollback_index(char *buffer) 354 { 355 AvbOps* ops; 356 uint64_t stored_rollback_index = 0; 357 AvbIOResult io_ret; 358 char temp[ROLLBACK_MAX_SIZE] = {0}; 359 int n; 360 361 ops = avb_ops_user_new(); 362 if (ops == NULL) { 363 printf("avb_ops_user_new() failed!\n"); 364 return -1; 365 } 366 367 for (n = 0; n < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; n++) { 368 io_ret = ops->read_rollback_index( 369 ops, n, &stored_rollback_index); 370 if (io_ret != AVB_IO_RESULT_OK) 371 goto out; 372 snprintf(temp, sizeof(int) + 1, "%d", n); 373 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 374 strncat(buffer, ":", 1); 375 snprintf(temp, sizeof(uint64_t) + 1, "%lld", 376 stored_rollback_index); 377 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 378 strncat(buffer, ",", 1); 379 } 380 381 io_ret = 382 ops->read_rollback_index(ops, 383 AVB_ATX_PIK_VERSION_LOCATION, 384 &stored_rollback_index); 385 if (io_ret != AVB_IO_RESULT_OK) { 386 avb_error("Failed to read PIK minimum version.\n"); 387 goto out; 388 } 389 /* PIK rollback index */ 390 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PIK_VERSION_LOCATION); 391 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 392 strncat(buffer, ":", 1); 393 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 394 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 395 strncat(buffer, ",", 1); 396 io_ret = ops->read_rollback_index(ops, 397 AVB_ATX_PSK_VERSION_LOCATION, 398 &stored_rollback_index); 399 if (io_ret != AVB_IO_RESULT_OK) { 400 avb_error("Failed to read PSK minimum version.\n"); 401 goto out; 402 } 403 /* PSK rollback index */ 404 snprintf(temp, sizeof(int) + 1, "%d", AVB_ATX_PSK_VERSION_LOCATION); 405 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 406 strncat(buffer, ":", 1); 407 snprintf(temp, sizeof(uint64_t) + 1, "%lld", stored_rollback_index); 408 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 409 debug("%s\n", buffer); 410 avb_ops_user_free(ops); 411 412 return 0; 413 out: 414 avb_ops_user_free(ops); 415 416 return -1; 417 } 418 419 int rk_avb_read_bootloader_locked_flag(uint8_t *flag) 420 { 421 #ifdef CONFIG_OPTEE_CLIENT 422 if (trusty_read_vbootkey_enable_flag(flag)) { 423 return -1; 424 } 425 return 0; 426 #else 427 return -1; 428 #endif 429 } 430 431 #ifdef CONFIG_SUPPORT_EMMC_RPMB 432 static int curr_device = -1; 433 434 int rk_bootloader_rollback_index_read(uint32_t offset, uint32_t bytes, 435 void *rb_index) 436 { 437 438 struct mmc *mmc; 439 uint8_t rpmb_buf[256] = {0}; 440 uint32_t n; 441 char original_part; 442 443 if ((offset + bytes) > 256) 444 return -1; 445 446 if (curr_device < 0) { 447 if (get_mmc_num() > 0) 448 curr_device = 0; 449 else { 450 avb_error("No MMC device available"); 451 return -1; 452 } 453 } 454 455 mmc = find_mmc_device(curr_device); 456 /* Switch to the RPMB partition */ 457 #ifndef CONFIG_BLK 458 original_part = mmc->block_dev.hwpart; 459 #else 460 original_part = mmc_get_blk_desc(mmc)->hwpart; 461 #endif 462 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, MMC_PART_RPMB) != 463 0) 464 return -1; 465 466 n = mmc_rpmb_read(mmc, rpmb_buf, RPMB_BASE_ADDR, 1, NULL); 467 if (n != 1) 468 return -1; 469 470 /* Return to original partition */ 471 if (blk_select_hwpart_devnum(IF_TYPE_MMC, curr_device, original_part) != 472 0) 473 return -1; 474 475 memcpy(rb_index, (void*)&rpmb_buf[offset], bytes); 476 477 return 0; 478 } 479 480 int rk_avb_get_bootloader_min_version(char *buffer) 481 { 482 uint32_t rb_index; 483 char temp[ROLLBACK_MAX_SIZE] = {0}; 484 485 if (rk_bootloader_rollback_index_read(UBOOT_RB_INDEX_OFFSET, 486 sizeof(uint32_t), &rb_index)) { 487 avb_error("Can not read uboot rollback index"); 488 return -1; 489 } 490 snprintf(temp, sizeof(int) + 1, "%d", 0); 491 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 492 strncat(buffer, ":", 1); 493 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 494 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 495 strncat(buffer, ",", 1); 496 497 if (rk_bootloader_rollback_index_read(TRUST_RB_INDEX_OFFSET, 498 sizeof(uint32_t), &rb_index)) { 499 avb_error("Can not read trust rollback index"); 500 return -1; 501 } 502 503 snprintf(temp, sizeof(int) + 1, "%d", 1); 504 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 505 strncat(buffer, ":", 1); 506 snprintf(temp, sizeof(uint32_t) + 1, "%d", rb_index); 507 strncat(buffer, temp, ROLLBACK_MAX_SIZE); 508 509 return 0; 510 } 511 #endif 512 513 void rk_avb_get_at_vboot_state(char *buf) 514 { 515 char temp_buffer[200] = {0}; 516 char temp_flag = 0; 517 char crlf[2] = {'\n', 0}; 518 char *lock_val = NULL; 519 char *unlocK_dis_val = NULL; 520 char *perm_attr_flag = NULL; 521 char *bootloader_locked_flag = NULL; 522 char *lock_state = "bootloader-locked="; 523 char *btld_min_ver = "bootloader-min-versions="; 524 char *avb_perm_attr_set = "avb-perm-attr-set="; 525 char *avb_lock = "avb-locked="; 526 char *avb_unlock_dis = "avb-unlock-disabled="; 527 char *avb_min_ver = "avb-min-versions="; 528 529 if (rk_avb_read_perm_attr_flag((uint8_t *)&temp_flag)) { 530 printf("Can not read perm_attr_flag!\n"); 531 perm_attr_flag = ""; 532 } else { 533 perm_attr_flag = temp_flag ? "1" : "0"; 534 } 535 sprintf(buf, "%s%s%s%s", buf, avb_perm_attr_set, perm_attr_flag, crlf); 536 537 temp_flag = 0; 538 if (rk_avb_read_lock_state((uint8_t *)&temp_flag)) { 539 printf("Can not read lock state!\n"); 540 lock_val = ""; 541 unlocK_dis_val = ""; 542 } else { 543 lock_val = (temp_flag & LOCK_MASK) ? "0" : "1"; 544 unlocK_dis_val = (temp_flag & UNLOCK_DISABLE_MASK) ? "1" : "0"; 545 } 546 sprintf(buf, "%s%s%s%s%s%s%s", buf, avb_lock, lock_val, crlf, 547 avb_unlock_dis, unlocK_dis_val, crlf); 548 549 temp_flag = 0; 550 if (rk_avb_read_bootloader_locked_flag((uint8_t *)&temp_flag)) { 551 printf("Can not read bootloader locked flag!\n"); 552 bootloader_locked_flag = ""; 553 } else { 554 bootloader_locked_flag = temp_flag ? "1" : "0"; 555 } 556 sprintf(buf, "%s%s%s%s", buf, lock_state, bootloader_locked_flag, crlf); 557 558 if (rk_avb_read_all_rollback_index(temp_buffer)) 559 printf("Can not avb_min_ver!\n"); 560 sprintf(buf, "%s%s%s%s", buf, avb_min_ver, temp_buffer, crlf); 561 562 /* bootloader-min-versions */ 563 memset(temp_buffer, 0, 200); 564 #ifdef CONFIG_SUPPORT_EMMC_RPMB 565 if (rk_avb_get_bootloader_min_version(temp_buffer)) 566 avb_error("Call rk_avb_get_bootloader_min_version error!"); 567 #else 568 memcpy(temp_buffer, "-1", strlen("-1")); 569 #endif 570 sprintf(buf, "%s%s%s%s", buf, btld_min_ver, temp_buffer, crlf); 571 } 572 573 int rk_avb_get_ab_info(AvbABData* ab_data) 574 { 575 AvbOps* ops; 576 AvbIOResult io_ret = AVB_IO_RESULT_OK; 577 int ret = 0; 578 579 ops = avb_ops_user_new(); 580 if (ops == NULL) { 581 printf("%s: avb_ops_user_new() failed!\n", __FILE__); 582 return -1; 583 } 584 585 io_ret = ops->ab_ops->read_ab_metadata(ops->ab_ops, ab_data); 586 if (io_ret != AVB_IO_RESULT_OK) { 587 avb_error("I/O error while loading A/B metadata.\n"); 588 ret = -1; 589 } 590 591 avb_ops_user_free(ops); 592 593 return ret; 594 } 595 596 int rk_avb_get_part_has_slot_info(const char *base_name) 597 { 598 char *part_name; 599 int part_num; 600 size_t part_name_len; 601 disk_partition_t part_info; 602 struct blk_desc *dev_desc; 603 const char *slot_suffix = "_a"; 604 605 dev_desc = rockchip_get_bootdev(); 606 if (!dev_desc) { 607 printf("%s: Could not find device!\n", __func__); 608 return -1; 609 } 610 611 if (base_name == NULL) { 612 printf("The base_name is NULL!\n"); 613 return -1; 614 } 615 616 part_name_len = strlen(base_name) + 1; 617 part_name_len += strlen(slot_suffix); 618 part_name = malloc(part_name_len); 619 if (!part_name) { 620 printf("%s can not malloc a buffer!\n", __FILE__); 621 return -1; 622 } 623 624 memset(part_name, 0, part_name_len); 625 snprintf(part_name, part_name_len, "%s%s", base_name, slot_suffix); 626 part_num = part_get_info_by_name(dev_desc, part_name, &part_info); 627 if (part_num < 0) { 628 printf("Could not find partition \"%s\"\n", part_name); 629 part_num = -1; 630 } 631 632 free(part_name); 633 return part_num; 634 } 635