1 /*
2  * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <lib/debugfs.h>
9 #include <limits.h>
10 #include <plat/arm/common/plat_arm.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <tools_share/firmware_image_package.h>
14 
15 #include "dev.h"
16 
17 #define NR_FIPS		1
18 #define STOC_HEADER	(sizeof(fip_toc_header_t))
19 #define STOC_ENTRY	(sizeof(fip_toc_entry_t))
20 
21 struct fipfile {
22 	chan_t	*c;
23 	long	offset[NR_FILES];
24 	long	size[NR_FILES];
25 };
26 
27 struct fip_entry {
28 	uuid_t		uuid;
29 	long long	offset_address;
30 	long long	size;
31 	long long	flags;
32 };
33 
34 struct uuidnames {
35 	const char   name[NAMELEN];
36 	const uuid_t uuid;
37 };
38 
39 /*******************************************************************************
40  * This array links the FIP file names to their UUID.
41  * The elements are ordered according to the image number stored in
42  * tbbr_img_def.h, starting at index 1.
43  *
44  * TODO: this name to uuid binding will preferably be done using
45  * the coming Property Access Layer / Firmware CONFiguration feature.
46  ******************************************************************************/
47 static const struct uuidnames uuidnames[] = {
48 	{"",			{ {0}, {0}, {0}, 0, 0, {0} } },
49 	{"bl2.bin",		UUID_TRUSTED_BOOT_FIRMWARE_BL2},
50 	{"scp-bl2.bin",		UUID_SCP_FIRMWARE_SCP_BL2},
51 	{"bl31.bin",		UUID_EL3_RUNTIME_FIRMWARE_BL31},
52 	{"bl32.bin",		UUID_SECURE_PAYLOAD_BL32},
53 	{"bl33.bin",		UUID_NON_TRUSTED_FIRMWARE_BL33},
54 	{"tb-fw.crt",		UUID_TRUSTED_BOOT_FW_CERT},
55 	{"trstd-k.crt",		UUID_TRUSTED_KEY_CERT},
56 	{"scp-fw-k.crt",	UUID_SCP_FW_KEY_CERT},
57 	{"soc-fw-k.crt",	UUID_SOC_FW_KEY_CERT},
58 	{"tos-fw-k.crt",	UUID_TRUSTED_OS_FW_KEY_CERT},
59 	{"nt-fw-k.crt",		UUID_NON_TRUSTED_FW_KEY_CERT},
60 	{"scp-fw-c.crt",	UUID_SCP_FW_CONTENT_CERT},
61 	{"soc-fw-c.crt",	UUID_SOC_FW_CONTENT_CERT},
62 	{"tos-fw-c.crt",	UUID_TRUSTED_OS_FW_CONTENT_CERT},
63 	{"nt-fw-c.crt",		UUID_NON_TRUSTED_FW_CONTENT_CERT},
64 	{ },
65 	{"fwu.crt",		UUID_TRUSTED_FWU_CERT},
66 	{"scp-bl2u.bin",	UUID_TRUSTED_UPDATE_FIRMWARE_SCP_BL2U},
67 	{"bl2u.bin",		UUID_TRUSTED_UPDATE_FIRMWARE_BL2U},
68 	{"ns-bl2u.bin",		UUID_TRUSTED_UPDATE_FIRMWARE_NS_BL2U},
69 	{"bl32-xtr1.bin",	UUID_SECURE_PAYLOAD_BL32_EXTRA1},
70 	{"bl32-xtr2.bin",	UUID_SECURE_PAYLOAD_BL32_EXTRA2},
71 	{"hw.cfg",		UUID_HW_CONFIG},
72 	{"tb-fw.cfg",		UUID_TB_FW_CONFIG},
73 	{"soc-fw.cfg",		UUID_SOC_FW_CONFIG},
74 	{"tos-fw.cfg",		UUID_TOS_FW_CONFIG},
75 	{"nt-fw.cfg",		UUID_NT_FW_CONFIG},
76 	{"fw.cfg",		UUID_FW_CONFIG},
77 	{"rot-k.crt",		UUID_ROT_KEY_CERT},
78 	{"nt-k.crt",		UUID_NON_TRUSTED_WORLD_KEY_CERT},
79 	{"sip-sp.crt",		UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
80 	{"plat-sp.crt",		UUID_PLAT_SECURE_PARTITION_CONTENT_CERT}
81 };
82 
83 /*******************************************************************************
84  * This array contains all the available FIP files.
85  ******************************************************************************/
86 static struct fipfile archives[NR_FIPS];
87 
88 /*******************************************************************************
89  * This variable stores the current number of registered FIP files.
90  ******************************************************************************/
91 static int nfips;
92 
93 /*******************************************************************************
94  * This function parses the ToC of the FIP.
95  ******************************************************************************/
get_entry(chan_t * c,struct fip_entry * entry)96 static int get_entry(chan_t *c, struct fip_entry *entry)
97 {
98 	int n;
99 
100 	n = devtab[c->index]->read(c, entry, sizeof(struct fip_entry));
101 	if (n <= 0) {
102 		return n;
103 	}
104 
105 	if (n != sizeof(struct fip_entry)) {
106 		return -1;
107 	}
108 
109 	if (entry->size == 0) {
110 		return 0;
111 	}
112 
113 	return 1;
114 }
115 
116 /*******************************************************************************
117  * This function exposes the FIP images as files.
118  ******************************************************************************/
fipgen(chan_t * c,const dirtab_t * tab,int ntab,int n,dir_t * dir)119 static int fipgen(chan_t *c, const dirtab_t *tab, int ntab, int n, dir_t *dir)
120 {
121 	int i, r;
122 	long off;
123 	chan_t nc;
124 	struct fip_entry entry;
125 	struct fipfile *fip;
126 	static const char unk[] = "unknown";
127 
128 	if (c->dev >= nfips) {
129 		panic();
130 	}
131 
132 	if (clone(archives[c->dev].c, &nc) == NULL) {
133 		panic();
134 	}
135 
136 	fip = &archives[nc.dev];
137 
138 	off = STOC_HEADER;
139 	for (i = 0; i <= n; i++) {
140 		if (fip->offset[i] == -1) {
141 			return 0;
142 		}
143 
144 		if (devtab[nc.index]->seek(&nc, off, KSEEK_SET) < 0) {
145 			return -1;
146 		}
147 
148 		r = get_entry(&nc, &entry);
149 		if (r <= 0) {
150 			return r;
151 		}
152 
153 		off += sizeof(entry);
154 	}
155 
156 	for (i = 1; i < NELEM(uuidnames); i++) {
157 		if (memcmp(&uuidnames[i].uuid,
158 			   &entry.uuid, sizeof(uuid_t)) == 0) {
159 			break;
160 		}
161 	}
162 
163 	if (i < NELEM(uuidnames)) {
164 		make_dir_entry(c, dir, uuidnames[i].name,
165 			       entry.size, n, O_READ);
166 	} else {
167 		// TODO: set name depending on uuid node value
168 		make_dir_entry(c, dir, unk, entry.size, n, O_READ);
169 	}
170 
171 	return 1;
172 }
173 
fipwalk(chan_t * c,const char * name)174 static int fipwalk(chan_t *c, const char *name)
175 {
176 	return devwalk(c, name, NULL, 0, fipgen);
177 }
178 
fipstat(chan_t * c,const char * file,dir_t * dir)179 static int fipstat(chan_t *c, const char *file, dir_t *dir)
180 {
181 	return devstat(c, file, dir, NULL, 0, fipgen);
182 }
183 
184 /*******************************************************************************
185  * This function copies at most n bytes of the FIP image referred by c into
186  * buf.
187  ******************************************************************************/
fipread(chan_t * c,void * buf,int n)188 static int fipread(chan_t *c, void *buf, int n)
189 {
190 	long off;
191 	chan_t cs;
192 	struct fipfile *fip;
193 	long size;
194 
195 	/* Only makes sense when using debug language */
196 	assert(c->qid != CHDIR);
197 
198 	if ((c->dev >= nfips) || ((c->qid & CHDIR) != 0)) {
199 		panic();
200 	}
201 
202 	fip = &archives[c->dev];
203 
204 	if ((c->qid >= NR_FILES) || (fip->offset[c->qid] < 0)) {
205 		panic();
206 	}
207 
208 	if (clone(fip->c, &cs) == NULL) {
209 		panic();
210 	}
211 
212 	size = fip->size[c->qid];
213 	if (c->offset >= size) {
214 		return 0;
215 	}
216 
217 	if (n < 0) {
218 		return -1;
219 	}
220 
221 	if (n > (size - c->offset)) {
222 		n = size - c->offset;
223 	}
224 
225 	off = fip->offset[c->qid] + c->offset;
226 	if (devtab[cs.index]->seek(&cs, off, KSEEK_SET) < 0) {
227 		return -1;
228 	}
229 
230 	n = devtab[cs.index]->read(&cs, buf, n);
231 	if (n > 0) {
232 		c->offset += n;
233 	}
234 
235 	return n;
236 }
237 
238 /*******************************************************************************
239  * This function parses the FIP spec and registers its images in order to
240  * expose them as files in the driver namespace.
241  * It acts as an initialization function for the FIP driver.
242  * It returns a pointer to the newly created channel.
243  ******************************************************************************/
fipmount(chan_t * c,const char * spec)244 static chan_t *fipmount(chan_t *c, const char *spec)
245 {
246 	int r, n, t;
247 	chan_t *cspec;
248 	uint32_t hname;
249 	struct fip_entry entry;
250 	struct fipfile *fip;
251 	dir_t dir;
252 
253 	if (nfips == NR_FIPS) {
254 		return NULL;
255 	}
256 
257 	fip = &archives[nfips];
258 
259 	for (n = 0; n < NR_FILES; n++) {
260 		fip->offset[n] = -1;
261 	}
262 
263 	cspec = path_to_channel(spec, O_READ);
264 	if (cspec == NULL) {
265 		return NULL;
266 	}
267 
268 	fip->c = cspec;
269 
270 	r = devtab[cspec->index]->read(cspec, &hname, sizeof(hname));
271 	if (r < 0) {
272 		goto err;
273 	}
274 
275 	if ((r != sizeof(hname)) || (hname != TOC_HEADER_NAME)) {
276 		goto err;
277 	}
278 
279 	if (stat(spec, &dir) < 0) {
280 		goto err;
281 	}
282 
283 	t = cspec->index;
284 	if (devtab[t]->seek(cspec, STOC_HEADER, KSEEK_SET) < 0) {
285 		goto err;
286 	}
287 
288 	for (n = 0; n < NR_FILES; n++) {
289 		switch (get_entry(cspec, &entry)) {
290 		case 0:
291 			return attach('F', nfips++);
292 		case -1:
293 			goto err;
294 		default:
295 			if ((entry.offset_address + entry.size) > dir.length) {
296 				goto err;
297 			}
298 
299 			fip->offset[n] = entry.offset_address;
300 			fip->size[n] = entry.size;
301 			break;
302 		}
303 	}
304 
305 err:
306 	channel_close(cspec);
307 	return NULL;
308 }
309 
310 const dev_t fipdevtab = {
311 	.id = 'F',
312 	.stat = fipstat,
313 	.clone = devclone,
314 	.attach = devattach,
315 	.walk = fipwalk,
316 	.read = fipread,
317 	.write = deverrwrite,
318 	.mount = fipmount,
319 	.seek = devseek
320 };
321 
322