1 /* 2 * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * Redistributions of source code must retain the above copyright notice, this 8 * list of conditions and the following disclaimer. 9 * 10 * Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 14 * Neither the name of ARM nor the names of its contributors may be used 15 * to endorse or promote products derived from this software without specific 16 * prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include <assert.h> 32 #include <bl_common.h> 33 #include <debug.h> 34 #include <errno.h> 35 #include <firmware_image_package.h> 36 #include <io_driver.h> 37 #include <io_fip.h> 38 #include <io_storage.h> 39 #include <platform.h> 40 #include <platform_def.h> 41 #include <stdint.h> 42 #include <string.h> 43 #include <uuid.h> 44 45 /* Useful for printing UUIDs when debugging.*/ 46 #define PRINT_UUID2(x) \ 47 "%08x-%04hx-%04hx-%02hhx%02hhx-%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx", \ 48 x.time_low, x.time_mid, x.time_hi_and_version, \ 49 x.clock_seq_hi_and_reserved, x.clock_seq_low, \ 50 x.node[0], x.node[1], x.node[2], x.node[3], \ 51 x.node[4], x.node[5] 52 53 typedef struct { 54 const char *name; 55 const uuid_t uuid; 56 } plat_fip_name_uuid_t; 57 58 typedef struct { 59 /* Put file_pos above the struct to allow {0} on static init. 60 * It is a workaround for a known bug in GCC 61 * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53119 62 */ 63 unsigned int file_pos; 64 fip_toc_entry_t entry; 65 } file_state_t; 66 67 static const plat_fip_name_uuid_t name_uuid[] = { 68 {BL2_IMAGE_NAME, UUID_TRUSTED_BOOT_FIRMWARE_BL2}, 69 #ifdef BL30_IMAGE_NAME 70 /* BL3-0 is optional in the platform */ 71 {BL30_IMAGE_NAME, UUID_SCP_FIRMWARE_BL30}, 72 #endif /* BL30_IMAGE_NAME */ 73 {BL31_IMAGE_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31}, 74 #ifdef BL32_IMAGE_NAME 75 /* BL3-2 is optional in the platform */ 76 {BL32_IMAGE_NAME, UUID_SECURE_PAYLOAD_BL32}, 77 #endif /* BL32_IMAGE_NAME */ 78 {BL33_IMAGE_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33}, 79 #if TRUSTED_BOARD_BOOT 80 /* Certificates */ 81 {BL2_CERT_NAME, UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT}, 82 {TRUSTED_KEY_CERT_NAME, UUID_TRUSTED_KEY_CERT}, 83 #ifdef BL30_KEY_CERT_NAME 84 {BL30_KEY_CERT_NAME, UUID_SCP_FIRMWARE_BL30_KEY_CERT}, 85 #endif 86 {BL31_KEY_CERT_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT}, 87 {BL32_KEY_CERT_NAME, UUID_SECURE_PAYLOAD_BL32_KEY_CERT}, 88 {BL33_KEY_CERT_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT}, 89 #ifdef BL30_CERT_NAME 90 {BL30_CERT_NAME, UUID_SCP_FIRMWARE_BL30_CERT}, 91 #endif 92 {BL31_CERT_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT}, 93 {BL32_CERT_NAME, UUID_SECURE_PAYLOAD_BL32_CERT}, 94 {BL33_CERT_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33_CERT}, 95 #endif /* TRUSTED_BOARD_BOOT */ 96 }; 97 98 static const uuid_t uuid_null = {0}; 99 static file_state_t current_file = {0}; 100 static uintptr_t backend_dev_handle; 101 static uintptr_t backend_image_spec; 102 103 104 /* Firmware Image Package driver functions */ 105 static int fip_dev_open(const uintptr_t dev_spec, io_dev_info_t **dev_info); 106 static int fip_file_open(io_dev_info_t *dev_info, const uintptr_t spec, 107 io_entity_t *entity); 108 static int fip_file_len(io_entity_t *entity, size_t *length); 109 static int fip_file_read(io_entity_t *entity, uintptr_t buffer, size_t length, 110 size_t *length_read); 111 static int fip_file_close(io_entity_t *entity); 112 static int fip_dev_init(io_dev_info_t *dev_info, const uintptr_t init_params); 113 static int fip_dev_close(io_dev_info_t *dev_info); 114 115 116 static inline int copy_uuid(uuid_t *dst, const uuid_t *src) 117 { 118 memcpy(dst, src, sizeof(uuid_t)); 119 return 0; 120 } 121 122 123 /* Return 0 for equal uuids. */ 124 static inline int compare_uuids(const uuid_t *uuid1, const uuid_t *uuid2) 125 { 126 return memcmp(uuid1, uuid2, sizeof(uuid_t)); 127 } 128 129 130 /* TODO: We could check version numbers or do a package checksum? */ 131 static inline int is_valid_header(fip_toc_header_t *header) 132 { 133 if ((header->name == TOC_HEADER_NAME) && (header->serial_number != 0)) { 134 return 1; 135 } else { 136 return 0; 137 } 138 } 139 140 141 static int file_to_uuid(const char *filename, uuid_t *uuid) 142 { 143 int i; 144 int status = -EINVAL; 145 146 for (i = 0; i < (sizeof(name_uuid) / sizeof(name_uuid[0])); i++) { 147 if (strcmp(filename, name_uuid[i].name) == 0) { 148 copy_uuid(uuid, &name_uuid[i].uuid); 149 status = 0; 150 break; 151 } 152 } 153 return status; 154 } 155 156 157 /* Identify the device type as a virtual driver */ 158 io_type_t device_type_fip(void) 159 { 160 return IO_TYPE_FIRMWARE_IMAGE_PACKAGE; 161 } 162 163 164 static const io_dev_connector_t fip_dev_connector = { 165 .dev_open = fip_dev_open 166 }; 167 168 169 static const io_dev_funcs_t fip_dev_funcs = { 170 .type = device_type_fip, 171 .open = fip_file_open, 172 .seek = NULL, 173 .size = fip_file_len, 174 .read = fip_file_read, 175 .write = NULL, 176 .close = fip_file_close, 177 .dev_init = fip_dev_init, 178 .dev_close = fip_dev_close, 179 }; 180 181 182 /* No state associated with this device so structure can be const */ 183 static const io_dev_info_t fip_dev_info = { 184 .funcs = &fip_dev_funcs, 185 .info = (uintptr_t)NULL 186 }; 187 188 189 /* Open a connection to the FIP device */ 190 static int fip_dev_open(const uintptr_t dev_spec __attribute__((unused)), 191 io_dev_info_t **dev_info) 192 { 193 assert(dev_info != NULL); 194 *dev_info = (io_dev_info_t *)&fip_dev_info; /* cast away const */ 195 196 return IO_SUCCESS; 197 } 198 199 200 /* Do some basic package checks. */ 201 static int fip_dev_init(io_dev_info_t *dev_info, const uintptr_t init_params) 202 { 203 int result = IO_FAIL; 204 char *image_name = (char *)init_params; 205 uintptr_t backend_handle; 206 fip_toc_header_t header; 207 size_t bytes_read; 208 209 /* Obtain a reference to the image by querying the platform layer */ 210 result = plat_get_image_source(image_name, &backend_dev_handle, 211 &backend_image_spec); 212 if (result != IO_SUCCESS) { 213 WARN("Failed to obtain reference to image '%s' (%i)\n", 214 image_name, result); 215 result = IO_FAIL; 216 goto fip_dev_init_exit; 217 } 218 219 /* Attempt to access the FIP image */ 220 result = io_open(backend_dev_handle, backend_image_spec, 221 &backend_handle); 222 if (result != IO_SUCCESS) { 223 WARN("Failed to access image '%s' (%i)\n", image_name, result); 224 result = IO_FAIL; 225 goto fip_dev_init_exit; 226 } 227 228 result = io_read(backend_handle, (uintptr_t)&header, sizeof(header), 229 &bytes_read); 230 if (result == IO_SUCCESS) { 231 if (!is_valid_header(&header)) { 232 WARN("Firmware Image Package header check failed.\n"); 233 result = IO_FAIL; 234 } else { 235 VERBOSE("FIP header looks OK.\n"); 236 } 237 } 238 239 io_close(backend_handle); 240 241 fip_dev_init_exit: 242 return result; 243 } 244 245 /* Close a connection to the FIP device */ 246 static int fip_dev_close(io_dev_info_t *dev_info) 247 { 248 /* TODO: Consider tracking open files and cleaning them up here */ 249 250 /* Clear the backend. */ 251 backend_dev_handle = (uintptr_t)NULL; 252 backend_image_spec = (uintptr_t)NULL; 253 254 return IO_SUCCESS; 255 } 256 257 258 /* Open a file for access from package. */ 259 static int fip_file_open(io_dev_info_t *dev_info, const uintptr_t spec, 260 io_entity_t *entity) 261 { 262 int result = IO_FAIL; 263 uintptr_t backend_handle; 264 uuid_t file_uuid; 265 const io_file_spec_t *file_spec = (io_file_spec_t *)spec; 266 size_t bytes_read; 267 int found_file = 0; 268 269 assert(file_spec != NULL); 270 assert(entity != NULL); 271 272 /* Can only have one file open at a time for the moment. We need to 273 * track state like file cursor position. We know the header lives at 274 * offset zero, so this entry should never be zero for an active file. 275 * When the system supports dynamic memory allocation we can allow more 276 * than one open file at a time if needed. 277 */ 278 if (current_file.entry.offset_address != 0) { 279 WARN("fip_file_open : Only one open file at a time.\n"); 280 return IO_RESOURCES_EXHAUSTED; 281 } 282 283 /* Attempt to access the FIP image */ 284 result = io_open(backend_dev_handle, backend_image_spec, 285 &backend_handle); 286 if (result != IO_SUCCESS) { 287 WARN("Failed to open Firmware Image Package (%i)\n", result); 288 result = IO_FAIL; 289 goto fip_file_open_exit; 290 } 291 292 /* Seek past the FIP header into the Table of Contents */ 293 result = io_seek(backend_handle, IO_SEEK_SET, sizeof(fip_toc_header_t)); 294 if (result != IO_SUCCESS) { 295 WARN("fip_file_open: failed to seek\n"); 296 result = IO_FAIL; 297 goto fip_file_open_close; 298 } 299 300 file_to_uuid(file_spec->path, &file_uuid); 301 302 found_file = 0; 303 do { 304 result = io_read(backend_handle, 305 (uintptr_t)¤t_file.entry, 306 sizeof(current_file.entry), 307 &bytes_read); 308 if (result == IO_SUCCESS) { 309 if (compare_uuids(¤t_file.entry.uuid, 310 &file_uuid) == 0) { 311 found_file = 1; 312 break; 313 } 314 } else { 315 WARN("Failed to read FIP (%i)\n", result); 316 goto fip_file_open_close; 317 } 318 } while (compare_uuids(¤t_file.entry.uuid, &uuid_null) != 0); 319 320 if (found_file == 1) { 321 /* All fine. Update entity info with file state and return. Set 322 * the file position to 0. The 'current_file.entry' holds the 323 * base and size of the file. 324 */ 325 current_file.file_pos = 0; 326 entity->info = (uintptr_t)¤t_file; 327 } else { 328 /* Did not find the file in the FIP. */ 329 current_file.entry.offset_address = 0; 330 result = IO_FAIL; 331 } 332 333 fip_file_open_close: 334 io_close(backend_handle); 335 336 fip_file_open_exit: 337 return result; 338 } 339 340 341 /* Return the size of a file in package */ 342 static int fip_file_len(io_entity_t *entity, size_t *length) 343 { 344 assert(entity != NULL); 345 assert(length != NULL); 346 347 *length = ((file_state_t *)entity->info)->entry.size; 348 349 return IO_SUCCESS; 350 } 351 352 353 /* Read data from a file in package */ 354 static int fip_file_read(io_entity_t *entity, uintptr_t buffer, size_t length, 355 size_t *length_read) 356 { 357 int result = IO_FAIL; 358 file_state_t *fp; 359 size_t file_offset; 360 size_t bytes_read; 361 uintptr_t backend_handle; 362 363 assert(entity != NULL); 364 assert(buffer != (uintptr_t)NULL); 365 assert(length_read != NULL); 366 assert(entity->info != (uintptr_t)NULL); 367 368 /* Open the backend, attempt to access the blob image */ 369 result = io_open(backend_dev_handle, backend_image_spec, 370 &backend_handle); 371 if (result != IO_SUCCESS) { 372 WARN("Failed to open FIP (%i)\n", result); 373 result = IO_FAIL; 374 goto fip_file_read_exit; 375 } 376 377 fp = (file_state_t *)entity->info; 378 379 /* Seek to the position in the FIP where the payload lives */ 380 file_offset = fp->entry.offset_address + fp->file_pos; 381 result = io_seek(backend_handle, IO_SEEK_SET, file_offset); 382 if (result != IO_SUCCESS) { 383 WARN("fip_file_read: failed to seek\n"); 384 result = IO_FAIL; 385 goto fip_file_read_close; 386 } 387 388 result = io_read(backend_handle, buffer, length, &bytes_read); 389 if (result != IO_SUCCESS) { 390 /* We cannot read our data. Fail. */ 391 WARN("Failed to read payload (%i)\n", result); 392 result = IO_FAIL; 393 goto fip_file_read_close; 394 } else { 395 /* Set caller length and new file position. */ 396 *length_read = bytes_read; 397 fp->file_pos += bytes_read; 398 } 399 400 /* Close the backend. */ 401 fip_file_read_close: 402 io_close(backend_handle); 403 404 fip_file_read_exit: 405 return result; 406 } 407 408 409 /* Close a file in package */ 410 static int fip_file_close(io_entity_t *entity) 411 { 412 /* Clear our current file pointer. 413 * If we had malloc() we would free() here. 414 */ 415 if (current_file.entry.offset_address != 0) { 416 memset(¤t_file, 0, sizeof(current_file)); 417 } 418 419 /* Clear the Entity info. */ 420 entity->info = 0; 421 422 return IO_SUCCESS; 423 } 424 425 /* Exported functions */ 426 427 /* Register the Firmware Image Package driver with the IO abstraction */ 428 int register_io_dev_fip(const io_dev_connector_t **dev_con) 429 { 430 int result = IO_FAIL; 431 assert(dev_con != NULL); 432 433 result = io_register_device(&fip_dev_info); 434 if (result == IO_SUCCESS) 435 *dev_con = &fip_dev_connector; 436 437 return result; 438 } 439
