1// SPDX-License-Identifier: GPL-2.0+ 2/* 3 * (C) Copyright 2000-2009 4 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. 5 */ 6 7#ifndef USE_HOSTCC 8#include <common.h> 9#include <bootm.h> 10#include <bootstage.h> 11#include <cli.h> 12#include <command.h> 13#include <cpu_func.h> 14#include <env.h> 15#include <errno.h> 16#include <fdt_support.h> 17#include <irq_func.h> 18#include <lmb.h> 19#include <log.h> 20#include <malloc.h> 21#include <mapmem.h> 22#include <net.h> 23#include <asm/cache.h> 24#include <asm/global_data.h> 25#include <asm/io.h> 26#include <linux/sizes.h> 27#include <tpm-v2.h> 28#if defined(CONFIG_CMD_USB) 29#include <usb.h> 30#endif 31#else 32#include "mkimage.h" 33#endif 34 35#include <bootm.h> 36#include <image.h> 37 38#define MAX_CMDLINE_SIZE SZ_4K 39 40#define IH_INITRD_ARCH IH_ARCH_DEFAULT 41 42#ifndef USE_HOSTCC 43 44DECLARE_GLOBAL_DATA_PTR; 45 46struct bootm_headers images; /* pointers to os/initrd/fdt images */ 47 48__weak void board_quiesce_devices(void) 49{ 50} 51 52#if CONFIG_IS_ENABLED(LEGACY_IMAGE_FORMAT) 53/** 54 * image_get_kernel - verify legacy format kernel image 55 * @img_addr: in RAM address of the legacy format image to be verified 56 * @verify: data CRC verification flag 57 * 58 * image_get_kernel() verifies legacy image integrity and returns pointer to 59 * legacy image header if image verification was completed successfully. 60 * 61 * returns: 62 * pointer to a legacy image header if valid image was found 63 * otherwise return NULL 64 */ 65static struct legacy_img_hdr *image_get_kernel(ulong img_addr, int verify) 66{ 67 struct legacy_img_hdr *hdr = (struct legacy_img_hdr *)img_addr; 68 69 if (!image_check_magic(hdr)) { 70 puts("Bad Magic Number\n"); 71 bootstage_error(BOOTSTAGE_ID_CHECK_MAGIC); 72 return NULL; 73 } 74 bootstage_mark(BOOTSTAGE_ID_CHECK_HEADER); 75 76 if (!image_check_hcrc(hdr)) { 77 puts("Bad Header Checksum\n"); 78 bootstage_error(BOOTSTAGE_ID_CHECK_HEADER); 79 return NULL; 80 } 81 82 bootstage_mark(BOOTSTAGE_ID_CHECK_CHECKSUM); 83 image_print_contents(hdr); 84 85 if (verify) { 86 puts(" Verifying Checksum ... "); 87 if (!image_check_dcrc(hdr)) { 88 printf("Bad Data CRC\n"); 89 bootstage_error(BOOTSTAGE_ID_CHECK_CHECKSUM); 90 return NULL; 91 } 92 puts("OK\n"); 93 } 94 bootstage_mark(BOOTSTAGE_ID_CHECK_ARCH); 95 96 if (!image_check_target_arch(hdr)) { 97 printf("Unsupported Architecture 0x%x\n", image_get_arch(hdr)); 98 bootstage_error(BOOTSTAGE_ID_CHECK_ARCH); 99 return NULL; 100 } 101 return hdr; 102} 103#endif 104 105/** 106 * boot_get_kernel() - find kernel image 107 * 108 * @addr_fit: first argument to bootm: address, fit configuration, etc. 109 * @os_data: pointer to a ulong variable, will hold os data start address 110 * @os_len: pointer to a ulong variable, will hold os data length 111 * address and length, otherwise NULL 112 * pointer to image header if valid image was found, plus kernel start 113 * @kernp: image header if valid image was found, otherwise NULL 114 * 115 * boot_get_kernel() tries to find a kernel image, verifies its integrity 116 * and locates kernel data. 117 * 118 * Return: 0 on success, -ve on error. -EPROTOTYPE means that the image is in 119 * a wrong or unsupported format 120 */ 121static int boot_get_kernel(const char *addr_fit, struct bootm_headers *images, 122 ulong *os_data, ulong *os_len, const void **kernp) 123{ 124#if CONFIG_IS_ENABLED(LEGACY_IMAGE_FORMAT) 125 struct legacy_img_hdr *hdr; 126#endif 127 ulong img_addr; 128 const void *buf; 129 const char *fit_uname_config = NULL, *fit_uname_kernel = NULL; 130#if CONFIG_IS_ENABLED(FIT) 131 int os_noffset; 132#endif 133 134#ifdef CONFIG_ANDROID_BOOT_IMAGE 135 const void *boot_img; 136 const void *vendor_boot_img; 137#endif 138 img_addr = genimg_get_kernel_addr_fit(addr_fit, &fit_uname_config, 139 &fit_uname_kernel); 140 141 if (IS_ENABLED(CONFIG_CMD_BOOTM_PRE_LOAD)) 142 img_addr += image_load_offset; 143 144 bootstage_mark(BOOTSTAGE_ID_CHECK_MAGIC); 145 146 /* check image type, for FIT images get FIT kernel node */ 147 *os_data = *os_len = 0; 148 buf = map_sysmem(img_addr, 0); 149 switch (genimg_get_format(buf)) { 150#if CONFIG_IS_ENABLED(LEGACY_IMAGE_FORMAT) 151 case IMAGE_FORMAT_LEGACY: 152 printf("## Booting kernel from Legacy Image at %08lx ...\n", 153 img_addr); 154 hdr = image_get_kernel(img_addr, images->verify); 155 if (!hdr) 156 return -EINVAL; 157 bootstage_mark(BOOTSTAGE_ID_CHECK_IMAGETYPE); 158 159 /* get os_data and os_len */ 160 switch (image_get_type(hdr)) { 161 case IH_TYPE_KERNEL: 162 case IH_TYPE_KERNEL_NOLOAD: 163 *os_data = image_get_data(hdr); 164 *os_len = image_get_data_size(hdr); 165 break; 166 case IH_TYPE_MULTI: 167 image_multi_getimg(hdr, 0, os_data, os_len); 168 break; 169 case IH_TYPE_STANDALONE: 170 *os_data = image_get_data(hdr); 171 *os_len = image_get_data_size(hdr); 172 break; 173 default: 174 bootstage_error(BOOTSTAGE_ID_CHECK_IMAGETYPE); 175 return -EPROTOTYPE; 176 } 177 178 /* 179 * copy image header to allow for image overwrites during 180 * kernel decompression. 181 */ 182 memmove(&images->legacy_hdr_os_copy, hdr, 183 sizeof(struct legacy_img_hdr)); 184 185 /* save pointer to image header */ 186 images->legacy_hdr_os = hdr; 187 188 images->legacy_hdr_valid = 1; 189 bootstage_mark(BOOTSTAGE_ID_DECOMP_IMAGE); 190 break; 191#endif 192#if CONFIG_IS_ENABLED(FIT) 193 case IMAGE_FORMAT_FIT: 194 os_noffset = fit_image_load(images, img_addr, 195 &fit_uname_kernel, &fit_uname_config, 196 IH_ARCH_DEFAULT, IH_TYPE_KERNEL, 197 BOOTSTAGE_ID_FIT_KERNEL_START, 198 FIT_LOAD_IGNORED, os_data, os_len); 199 if (os_noffset < 0) 200 return -ENOENT; 201 202 images->fit_hdr_os = map_sysmem(img_addr, 0); 203 images->fit_uname_os = fit_uname_kernel; 204 images->fit_uname_cfg = fit_uname_config; 205 images->fit_noffset_os = os_noffset; 206 break; 207#endif 208#ifdef CONFIG_ANDROID_BOOT_IMAGE 209 case IMAGE_FORMAT_ANDROID: { 210 int ret; 211 212 boot_img = buf; 213 vendor_boot_img = NULL; 214 if (IS_ENABLED(CONFIG_CMD_ABOOTIMG)) { 215 boot_img = map_sysmem(get_abootimg_addr(), 0); 216 vendor_boot_img = map_sysmem(get_avendor_bootimg_addr(), 0); 217 } 218 printf("## Booting Android Image at 0x%08lx ...\n", img_addr); 219 ret = android_image_get_kernel(boot_img, vendor_boot_img, 220 images->verify, os_data, os_len); 221 if (IS_ENABLED(CONFIG_CMD_ABOOTIMG)) { 222 unmap_sysmem(vendor_boot_img); 223 unmap_sysmem(boot_img); 224 } 225 if (ret) 226 return ret; 227 break; 228 } 229#endif 230 default: 231 bootstage_error(BOOTSTAGE_ID_CHECK_IMAGETYPE); 232 return -EPROTOTYPE; 233 } 234 235 debug(" kernel data at 0x%08lx, len = 0x%08lx (%ld)\n", 236 *os_data, *os_len, *os_len); 237 *kernp = buf; 238 239 return 0; 240} 241 242#ifdef CONFIG_LMB 243static void boot_start_lmb(struct bootm_headers *images) 244{ 245 phys_addr_t mem_start; 246 phys_size_t mem_size; 247 248 mem_start = env_get_bootm_low(); 249 mem_size = env_get_bootm_size(); 250 251 lmb_init_and_reserve_range(&images->lmb, mem_start, 252 mem_size, NULL); 253} 254#else 255#define lmb_reserve(lmb, base, size) 256static inline void boot_start_lmb(struct bootm_headers *images) { } 257#endif 258 259static int bootm_start(void) 260{ 261 memset((void *)&images, 0, sizeof(images)); 262 images.verify = env_get_yesno("verify"); 263 264 boot_start_lmb(&images); 265 266 bootstage_mark_name(BOOTSTAGE_ID_BOOTM_START, "bootm_start"); 267 images.state = BOOTM_STATE_START; 268 269 return 0; 270} 271 272static ulong bootm_data_addr(const char *addr_str) 273{ 274 ulong addr; 275 276 if (addr_str) 277 addr = hextoul(addr_str, NULL); 278 else 279 addr = image_load_addr; 280 281 return addr; 282} 283 284/** 285 * bootm_pre_load() - Handle the pre-load processing 286 * 287 * This can be used to do a full signature check of the image, for example. 288 * It calls image_pre_load() with the data address of the image to check. 289 * 290 * @addr_str: String containing load address in hex, or NULL to use 291 * image_load_addr 292 * Return: 0 if OK, CMD_RET_FAILURE on failure 293 */ 294static int bootm_pre_load(const char *addr_str) 295{ 296 ulong data_addr = bootm_data_addr(addr_str); 297 int ret = 0; 298 299 if (IS_ENABLED(CONFIG_CMD_BOOTM_PRE_LOAD)) 300 ret = image_pre_load(data_addr); 301 302 if (ret) 303 ret = CMD_RET_FAILURE; 304 305 return ret; 306} 307 308/** 309 * bootm_find_os(): Find the OS to boot 310 * 311 * @cmd_name: Command name that started this boot, e.g. "bootm" 312 * @addr_fit: Address and/or FIT specifier (first arg of bootm command) 313 * Return: 0 on success, -ve on error 314 */ 315static int bootm_find_os(const char *cmd_name, const char *addr_fit) 316{ 317 const void *os_hdr; 318#ifdef CONFIG_ANDROID_BOOT_IMAGE 319 const void *vendor_boot_img; 320 const void *boot_img; 321#endif 322 bool ep_found = false; 323 int ret; 324 325 /* get kernel image header, start address and length */ 326 ret = boot_get_kernel(addr_fit, &images, &images.os.image_start, 327 &images.os.image_len, &os_hdr); 328 if (ret) { 329 if (ret == -EPROTOTYPE) 330 printf("Wrong Image Type for %s command\n", cmd_name); 331 332 printf("ERROR %dE: can't get kernel image!\n", ret); 333 return 1; 334 } 335 336 /* get image parameters */ 337 switch (genimg_get_format(os_hdr)) { 338#if CONFIG_IS_ENABLED(LEGACY_IMAGE_FORMAT) 339 case IMAGE_FORMAT_LEGACY: 340 images.os.type = image_get_type(os_hdr); 341 images.os.comp = image_get_comp(os_hdr); 342 images.os.os = image_get_os(os_hdr); 343 344 images.os.end = image_get_image_end(os_hdr); 345 images.os.load = image_get_load(os_hdr); 346 images.os.arch = image_get_arch(os_hdr); 347 break; 348#endif 349#if CONFIG_IS_ENABLED(FIT) 350 case IMAGE_FORMAT_FIT: 351 if (fit_image_get_type(images.fit_hdr_os, 352 images.fit_noffset_os, 353 &images.os.type)) { 354 puts("Can't get image type!\n"); 355 bootstage_error(BOOTSTAGE_ID_FIT_TYPE); 356 return 1; 357 } 358 359 if (fit_image_get_comp(images.fit_hdr_os, 360 images.fit_noffset_os, 361 &images.os.comp)) { 362 puts("Can't get image compression!\n"); 363 bootstage_error(BOOTSTAGE_ID_FIT_COMPRESSION); 364 return 1; 365 } 366 367 if (fit_image_get_os(images.fit_hdr_os, images.fit_noffset_os, 368 &images.os.os)) { 369 puts("Can't get image OS!\n"); 370 bootstage_error(BOOTSTAGE_ID_FIT_OS); 371 return 1; 372 } 373 374 if (fit_image_get_arch(images.fit_hdr_os, 375 images.fit_noffset_os, 376 &images.os.arch)) { 377 puts("Can't get image ARCH!\n"); 378 return 1; 379 } 380 381 images.os.end = fit_get_end(images.fit_hdr_os); 382 383 if (fit_image_get_load(images.fit_hdr_os, images.fit_noffset_os, 384 &images.os.load)) { 385 puts("Can't get image load address!\n"); 386 bootstage_error(BOOTSTAGE_ID_FIT_LOADADDR); 387 return 1; 388 } 389 break; 390#endif 391#ifdef CONFIG_ANDROID_BOOT_IMAGE 392 case IMAGE_FORMAT_ANDROID: 393 boot_img = os_hdr; 394 vendor_boot_img = NULL; 395 if (IS_ENABLED(CONFIG_CMD_ABOOTIMG)) { 396 boot_img = map_sysmem(get_abootimg_addr(), 0); 397 vendor_boot_img = map_sysmem(get_avendor_bootimg_addr(), 0); 398 } 399 images.os.type = IH_TYPE_KERNEL; 400 images.os.comp = android_image_get_kcomp(boot_img, vendor_boot_img); 401 images.os.os = IH_OS_LINUX; 402 images.os.end = android_image_get_end(boot_img, vendor_boot_img); 403 images.os.load = android_image_get_kload(boot_img, vendor_boot_img); 404 images.ep = images.os.load; 405 ep_found = true; 406 if (IS_ENABLED(CONFIG_CMD_ABOOTIMG)) { 407 unmap_sysmem(vendor_boot_img); 408 unmap_sysmem(boot_img); 409 } 410 break; 411#endif 412 default: 413 puts("ERROR: unknown image format type!\n"); 414 return 1; 415 } 416 417 /* If we have a valid setup.bin, we will use that for entry (x86) */ 418 if (images.os.arch == IH_ARCH_I386 || 419 images.os.arch == IH_ARCH_X86_64) { 420 ulong len; 421 422 ret = boot_get_setup(&images, IH_ARCH_I386, &images.ep, &len); 423 if (ret < 0 && ret != -ENOENT) { 424 puts("Could not find a valid setup.bin for x86\n"); 425 return 1; 426 } 427 /* Kernel entry point is the setup.bin */ 428 } else if (images.legacy_hdr_valid) { 429 images.ep = image_get_ep(&images.legacy_hdr_os_copy); 430#if CONFIG_IS_ENABLED(FIT) 431 } else if (images.fit_uname_os) { 432 int ret; 433 434 ret = fit_image_get_entry(images.fit_hdr_os, 435 images.fit_noffset_os, &images.ep); 436 if (ret) { 437 puts("Can't get entry point property!\n"); 438 return 1; 439 } 440#endif 441 } else if (!ep_found) { 442 puts("Could not find kernel entry point!\n"); 443 return 1; 444 } 445 446 if (images.os.type == IH_TYPE_KERNEL_NOLOAD) { 447 images.os.load = images.os.image_start; 448 images.ep += images.os.image_start; 449 } 450 451 images.os.start = map_to_sysmem(os_hdr); 452 453 return 0; 454} 455 456/** 457 * check_overlap() - Check if an image overlaps the OS 458 * 459 * @name: Name of image to check (used to print error) 460 * @base: Base address of image 461 * @end: End address of image (+1) 462 * @os_start: Start of OS 463 * @os_size: Size of OS in bytes 464 * Return: 0 if OK, -EXDEV if the image overlaps the OS 465 */ 466static int check_overlap(const char *name, ulong base, ulong end, 467 ulong os_start, ulong os_size) 468{ 469 ulong os_end; 470 471 if (!base) 472 return 0; 473 os_end = os_start + os_size; 474 475 if ((base >= os_start && base < os_end) || 476 (end > os_start && end <= os_end) || 477 (base < os_start && end >= os_end)) { 478 printf("ERROR: %s image overlaps OS image (OS=%lx..%lx)\n", 479 name, os_start, os_end); 480 481 return -EXDEV; 482 } 483 484 return 0; 485} 486 487int bootm_find_images(ulong img_addr, const char *conf_ramdisk, 488 const char *conf_fdt, ulong start, ulong size) 489{ 490 const char *select = conf_ramdisk; 491 char addr_str[17]; 492 void *buf; 493 int ret; 494 495 if (IS_ENABLED(CONFIG_ANDROID_BOOT_IMAGE)) { 496 /* Look for an Android boot image */ 497 buf = map_sysmem(images.os.start, 0); 498 if (buf && genimg_get_format(buf) == IMAGE_FORMAT_ANDROID) { 499 strcpy(addr_str, simple_xtoa(img_addr)); 500 select = addr_str; 501 } 502 } 503 504 if (conf_ramdisk) 505 select = conf_ramdisk; 506 507 /* find ramdisk */ 508 ret = boot_get_ramdisk(select, &images, IH_INITRD_ARCH, 509 &images.rd_start, &images.rd_end); 510 if (ret) { 511 puts("Ramdisk image is corrupt or invalid\n"); 512 return 1; 513 } 514 515 /* check if ramdisk overlaps OS image */ 516 if (check_overlap("RD", images.rd_start, images.rd_end, start, size)) 517 return 1; 518 519 if (CONFIG_IS_ENABLED(OF_LIBFDT)) { 520 buf = map_sysmem(img_addr, 0); 521 522 /* find flattened device tree */ 523 ret = boot_get_fdt(buf, conf_fdt, IH_ARCH_DEFAULT, &images, 524 &images.ft_addr, &images.ft_len); 525 if (ret) { 526 puts("Could not find a valid device tree\n"); 527 return 1; 528 } 529 530 /* check if FDT overlaps OS image */ 531 if (check_overlap("FDT", map_to_sysmem(images.ft_addr), 532 images.ft_len, start, size)) 533 return 1; 534 535 if (IS_ENABLED(CONFIG_CMD_FDT)) 536 set_working_fdt_addr(map_to_sysmem(images.ft_addr)); 537 } 538 539#if CONFIG_IS_ENABLED(FIT) 540 if (IS_ENABLED(CONFIG_FPGA)) { 541 /* find bitstreams */ 542 ret = boot_get_fpga(&images); 543 if (ret) { 544 printf("FPGA image is corrupted or invalid\n"); 545 return 1; 546 } 547 } 548 549 /* find all of the loadables */ 550 ret = boot_get_loadable(&images); 551 if (ret) { 552 printf("Loadable(s) is corrupt or invalid\n"); 553 return 1; 554 } 555#endif 556 557 return 0; 558} 559 560static int bootm_find_other(ulong img_addr, const char *conf_ramdisk, 561 const char *conf_fdt) 562{ 563 if ((images.os.type == IH_TYPE_KERNEL || 564 images.os.type == IH_TYPE_KERNEL_NOLOAD || 565 images.os.type == IH_TYPE_MULTI) && 566 (images.os.os == IH_OS_LINUX || images.os.os == IH_OS_VXWORKS || 567 images.os.os == IH_OS_EFI || images.os.os == IH_OS_TEE)) { 568 return bootm_find_images(img_addr, conf_ramdisk, conf_fdt, 0, 569 0); 570 } 571 572 return 0; 573} 574#endif /* USE_HOSTC */ 575 576#if !defined(USE_HOSTCC) || defined(CONFIG_FIT_SIGNATURE) 577/** 578 * handle_decomp_error() - display a decompression error 579 * 580 * This function tries to produce a useful message. In the case where the 581 * uncompressed size is the same as the available space, we can assume that 582 * the image is too large for the buffer. 583 * 584 * @comp_type: Compression type being used (IH_COMP_...) 585 * @uncomp_size: Number of bytes uncompressed 586 * @buf_size: Number of bytes the decompresion buffer was 587 * @ret: errno error code received from compression library 588 * Return: Appropriate BOOTM_ERR_ error code 589 */ 590static int handle_decomp_error(int comp_type, size_t uncomp_size, 591 size_t buf_size, int ret) 592{ 593 const char *name = genimg_get_comp_name(comp_type); 594 595 /* ENOSYS means unimplemented compression type, don't reset. */ 596 if (ret == -ENOSYS) 597 return BOOTM_ERR_UNIMPLEMENTED; 598 599 if (uncomp_size >= buf_size) 600 printf("Image too large: increase CONFIG_SYS_BOOTM_LEN\n"); 601 else 602 printf("%s: uncompress error %d\n", name, ret); 603 604 /* 605 * The decompression routines are now safe, so will not write beyond 606 * their bounds. Probably it is not necessary to reset, but maintain 607 * the current behaviour for now. 608 */ 609 printf("Must RESET board to recover\n"); 610#ifndef USE_HOSTCC 611 bootstage_error(BOOTSTAGE_ID_DECOMP_IMAGE); 612#endif 613 614 return BOOTM_ERR_RESET; 615} 616#endif 617 618#ifndef USE_HOSTCC 619static int bootm_load_os(struct bootm_headers *images, int boot_progress) 620{ 621 struct image_info os = images->os; 622 ulong load = os.load; 623 ulong load_end; 624 ulong blob_start = os.start; 625 ulong blob_end = os.end; 626 ulong image_start = os.image_start; 627 ulong image_len = os.image_len; 628 ulong flush_start = ALIGN_DOWN(load, ARCH_DMA_MINALIGN); 629 bool no_overlap; 630 void *load_buf, *image_buf; 631 int err; 632 633 /* 634 * For a "noload" compressed kernel we need to allocate a buffer large 635 * enough to decompress in to and use that as the load address now. 636 * Assume that the kernel compression is at most a factor of 4 since 637 * zstd almost achieves that. 638 * Use an alignment of 2MB since this might help arm64 639 */ 640 if (os.type == IH_TYPE_KERNEL_NOLOAD && os.comp != IH_COMP_NONE) { 641 ulong req_size = ALIGN(image_len * 4, SZ_1M); 642 643 load = lmb_alloc(&images->lmb, req_size, SZ_2M); 644 if (!load) 645 return 1; 646 os.load = load; 647 images->ep = load; 648 debug("Allocated %lx bytes at %lx for kernel (size %lx) decompression\n", 649 req_size, load, image_len); 650 } 651 652 load_buf = map_sysmem(load, 0); 653 image_buf = map_sysmem(os.image_start, image_len); 654 err = image_decomp(os.comp, load, os.image_start, os.type, 655 load_buf, image_buf, image_len, 656 CONFIG_SYS_BOOTM_LEN, &load_end); 657 if (err) { 658 err = handle_decomp_error(os.comp, load_end - load, 659 CONFIG_SYS_BOOTM_LEN, err); 660 bootstage_error(BOOTSTAGE_ID_DECOMP_IMAGE); 661 return err; 662 } 663 /* We need the decompressed image size in the next steps */ 664 images->os.image_len = load_end - load; 665 666 flush_cache(flush_start, ALIGN(load_end, ARCH_DMA_MINALIGN) - flush_start); 667 668 debug(" kernel loaded at 0x%08lx, end = 0x%08lx\n", load, load_end); 669 bootstage_mark(BOOTSTAGE_ID_KERNEL_LOADED); 670 671 no_overlap = (os.comp == IH_COMP_NONE && load == image_start); 672 673 if (!no_overlap && load < blob_end && load_end > blob_start) { 674 debug("images.os.start = 0x%lX, images.os.end = 0x%lx\n", 675 blob_start, blob_end); 676 debug("images.os.load = 0x%lx, load_end = 0x%lx\n", load, 677 load_end); 678 679 /* Check what type of image this is. */ 680 if (images->legacy_hdr_valid) { 681 if (image_get_type(&images->legacy_hdr_os_copy) 682 == IH_TYPE_MULTI) 683 puts("WARNING: legacy format multi component image overwritten\n"); 684 return BOOTM_ERR_OVERLAP; 685 } else { 686 puts("ERROR: new format image overwritten - must RESET the board to recover\n"); 687 bootstage_error(BOOTSTAGE_ID_OVERWRITTEN); 688 return BOOTM_ERR_RESET; 689 } 690 } 691 692 if (IS_ENABLED(CONFIG_CMD_BOOTI) && images->os.arch == IH_ARCH_ARM64 && 693 images->os.os == IH_OS_LINUX) { 694 ulong relocated_addr; 695 ulong image_size; 696 int ret; 697 698 ret = booti_setup(load, &relocated_addr, &image_size, false); 699 if (ret) { 700 printf("Failed to prep arm64 kernel (err=%d)\n", ret); 701 return BOOTM_ERR_RESET; 702 } 703 704 /* Handle BOOTM_STATE_LOADOS */ 705 if (relocated_addr != load) { 706 printf("Moving Image from 0x%lx to 0x%lx, end=%lx\n", 707 load, relocated_addr, 708 relocated_addr + image_size); 709 memmove((void *)relocated_addr, load_buf, image_size); 710 } 711 712 images->ep = relocated_addr; 713 images->os.start = relocated_addr; 714 images->os.end = relocated_addr + image_size; 715 } 716 717 lmb_reserve(&images->lmb, images->os.load, (load_end - 718 images->os.load)); 719 return 0; 720} 721 722/** 723 * bootm_disable_interrupts() - Disable interrupts in preparation for load/boot 724 * 725 * Return: interrupt flag (0 if interrupts were disabled, non-zero if they were 726 * enabled) 727 */ 728ulong bootm_disable_interrupts(void) 729{ 730 ulong iflag; 731 732 /* 733 * We have reached the point of no return: we are going to 734 * overwrite all exception vector code, so we cannot easily 735 * recover from any failures any more... 736 */ 737 iflag = disable_interrupts(); 738#ifdef CONFIG_NETCONSOLE 739 /* Stop the ethernet stack if NetConsole could have left it up */ 740 eth_halt(); 741#endif 742 743#if defined(CONFIG_CMD_USB) 744 /* 745 * turn off USB to prevent the host controller from writing to the 746 * SDRAM while Linux is booting. This could happen (at least for OHCI 747 * controller), because the HCCA (Host Controller Communication Area) 748 * lies within the SDRAM and the host controller writes continously to 749 * this area (as busmaster!). The HccaFrameNumber is for example 750 * updated every 1 ms within the HCCA structure in SDRAM! For more 751 * details see the OpenHCI specification. 752 */ 753 usb_stop(); 754#endif 755 return iflag; 756} 757 758#define CONSOLE_ARG "console=" 759#define NULL_CONSOLE (CONSOLE_ARG "ttynull") 760#define CONSOLE_ARG_SIZE sizeof(NULL_CONSOLE) 761 762/** 763 * fixup_silent_linux() - Handle silencing the linux boot if required 764 * 765 * This uses the silent_linux envvar to control whether to add/set a "console=" 766 * parameter to the command line 767 * 768 * @buf: Buffer containing the string to process 769 * @maxlen: Maximum length of buffer 770 * Return: 0 if OK, -ENOSPC if @maxlen is too small 771 */ 772static int fixup_silent_linux(char *buf, int maxlen) 773{ 774 int want_silent; 775 char *cmdline; 776 int size; 777 778 /* 779 * Move the input string to the end of buffer. The output string will be 780 * built up at the start. 781 */ 782 size = strlen(buf) + 1; 783 if (size * 2 > maxlen) 784 return -ENOSPC; 785 cmdline = buf + maxlen - size; 786 memmove(cmdline, buf, size); 787 /* 788 * Only fix cmdline when requested. The environment variable can be: 789 * 790 * no - we never fixup 791 * yes - we always fixup 792 * unset - we rely on the console silent flag 793 */ 794 want_silent = env_get_yesno("silent_linux"); 795 if (want_silent == 0) 796 return 0; 797 else if (want_silent == -1 && !(gd->flags & GD_FLG_SILENT)) 798 return 0; 799 800 debug("before silent fix-up: %s\n", cmdline); 801 if (*cmdline) { 802 char *start = strstr(cmdline, CONSOLE_ARG); 803 804 /* Check space for maximum possible new command line */ 805 if (size + CONSOLE_ARG_SIZE > maxlen) 806 return -ENOSPC; 807 808 if (start) { 809 char *end = strchr(start, ' '); 810 int start_bytes; 811 812 start_bytes = start - cmdline; 813 strncpy(buf, cmdline, start_bytes); 814 strncpy(buf + start_bytes, NULL_CONSOLE, CONSOLE_ARG_SIZE); 815 if (end) 816 strcpy(buf + start_bytes + CONSOLE_ARG_SIZE - 1, end); 817 else 818 buf[start_bytes + CONSOLE_ARG_SIZE] = '\0'; 819 } else { 820 sprintf(buf, "%s %s", cmdline, NULL_CONSOLE); 821 } 822 if (buf + strlen(buf) >= cmdline) 823 return -ENOSPC; 824 } else { 825 if (maxlen < CONSOLE_ARG_SIZE) 826 return -ENOSPC; 827 strcpy(buf, NULL_CONSOLE); 828 } 829 debug("after silent fix-up: %s\n", buf); 830 831 return 0; 832} 833 834/** 835 * process_subst() - Handle substitution of ${...} fields in the environment 836 * 837 * Handle variable substitution in the provided buffer 838 * 839 * @buf: Buffer containing the string to process 840 * @maxlen: Maximum length of buffer 841 * Return: 0 if OK, -ENOSPC if @maxlen is too small 842 */ 843static int process_subst(char *buf, int maxlen) 844{ 845 char *cmdline; 846 int size; 847 int ret; 848 849 /* Move to end of buffer */ 850 size = strlen(buf) + 1; 851 cmdline = buf + maxlen - size; 852 if (buf + size > cmdline) 853 return -ENOSPC; 854 memmove(cmdline, buf, size); 855 856 ret = cli_simple_process_macros(cmdline, buf, cmdline - buf); 857 858 return ret; 859} 860 861int bootm_process_cmdline(char *buf, int maxlen, int flags) 862{ 863 int ret; 864 865 /* Check config first to enable compiler to eliminate code */ 866 if (IS_ENABLED(CONFIG_SILENT_CONSOLE) && 867 !IS_ENABLED(CONFIG_SILENT_U_BOOT_ONLY) && 868 (flags & BOOTM_CL_SILENT)) { 869 ret = fixup_silent_linux(buf, maxlen); 870 if (ret) 871 return log_msg_ret("silent", ret); 872 } 873 if (IS_ENABLED(CONFIG_BOOTARGS_SUBST) && IS_ENABLED(CONFIG_CMDLINE) && 874 (flags & BOOTM_CL_SUBST)) { 875 ret = process_subst(buf, maxlen); 876 if (ret) 877 return log_msg_ret("subst", ret); 878 } 879 880 return 0; 881} 882 883int bootm_process_cmdline_env(int flags) 884{ 885 const int maxlen = MAX_CMDLINE_SIZE; 886 bool do_silent; 887 const char *env; 888 char *buf; 889 int ret; 890 891 /* First check if any action is needed */ 892 do_silent = IS_ENABLED(CONFIG_SILENT_CONSOLE) && 893 !IS_ENABLED(CONFIG_SILENT_U_BOOT_ONLY) && (flags & BOOTM_CL_SILENT); 894 if (!do_silent && !IS_ENABLED(CONFIG_BOOTARGS_SUBST)) 895 return 0; 896 897 env = env_get("bootargs"); 898 if (env && strlen(env) >= maxlen) 899 return -E2BIG; 900 buf = malloc(maxlen); 901 if (!buf) 902 return -ENOMEM; 903 if (env) 904 strcpy(buf, env); 905 else 906 *buf = '\0'; 907 ret = bootm_process_cmdline(buf, maxlen, flags); 908 if (!ret) { 909 ret = env_set("bootargs", buf); 910 911 /* 912 * If buf is "" and bootargs does not exist, this will produce 913 * an error trying to delete bootargs. Ignore it 914 */ 915 if (ret == -ENOENT) 916 ret = 0; 917 } 918 free(buf); 919 if (ret) 920 return log_msg_ret("env", ret); 921 922 return 0; 923} 924 925int bootm_measure(struct bootm_headers *images) 926{ 927 int ret = 0; 928 929 /* Skip measurement if EFI is going to do it */ 930 if (images->os.os == IH_OS_EFI && 931 IS_ENABLED(CONFIG_EFI_TCG2_PROTOCOL) && 932 IS_ENABLED(CONFIG_BOOTM_EFI)) 933 return ret; 934 935 if (IS_ENABLED(CONFIG_MEASURED_BOOT)) { 936 struct tcg2_event_log elog; 937 struct udevice *dev; 938 void *initrd_buf; 939 void *image_buf; 940 const char *s; 941 u32 rd_len; 942 bool ign; 943 944 elog.log_size = 0; 945 ign = IS_ENABLED(CONFIG_MEASURE_IGNORE_LOG); 946 ret = tcg2_measurement_init(&dev, &elog, ign); 947 if (ret) 948 return ret; 949 950 image_buf = map_sysmem(images->os.image_start, 951 images->os.image_len); 952 ret = tcg2_measure_data(dev, &elog, 8, images->os.image_len, 953 image_buf, EV_COMPACT_HASH, 954 strlen("linux") + 1, (u8 *)"linux"); 955 if (ret) 956 goto unmap_image; 957 958 rd_len = images->rd_end - images->rd_start; 959 initrd_buf = map_sysmem(images->rd_start, rd_len); 960 ret = tcg2_measure_data(dev, &elog, 9, rd_len, initrd_buf, 961 EV_COMPACT_HASH, strlen("initrd") + 1, 962 (u8 *)"initrd"); 963 if (ret) 964 goto unmap_initrd; 965 966 if (IS_ENABLED(CONFIG_MEASURE_DEVICETREE)) { 967 ret = tcg2_measure_data(dev, &elog, 0, images->ft_len, 968 (u8 *)images->ft_addr, 969 EV_TABLE_OF_DEVICES, 970 strlen("dts") + 1, 971 (u8 *)"dts"); 972 if (ret) 973 goto unmap_initrd; 974 } 975 976 s = env_get("bootargs"); 977 if (!s) 978 s = ""; 979 ret = tcg2_measure_data(dev, &elog, 1, strlen(s) + 1, (u8 *)s, 980 EV_PLATFORM_CONFIG_FLAGS, 981 strlen(s) + 1, (u8 *)s); 982 983unmap_initrd: 984 unmap_sysmem(initrd_buf); 985 986unmap_image: 987 unmap_sysmem(image_buf); 988 tcg2_measurement_term(dev, &elog, ret != 0); 989 } 990 991 return ret; 992} 993 994int bootm_run_states(struct bootm_info *bmi, int states) 995{ 996 struct bootm_headers *images = bmi->images; 997 boot_os_fn *boot_fn; 998 ulong iflag = 0; 999 int ret = 0, need_boot_fn; 1000 1001 images->state |= states; 1002 1003 /* 1004 * Work through the states and see how far we get. We stop on 1005 * any error. 1006 */ 1007 if (states & BOOTM_STATE_START) 1008 ret = bootm_start(); 1009 1010 if (!ret && (states & BOOTM_STATE_PRE_LOAD)) 1011 ret = bootm_pre_load(bmi->addr_img); 1012 1013 if (!ret && (states & BOOTM_STATE_FINDOS)) 1014 ret = bootm_find_os(bmi->cmd_name, bmi->addr_img); 1015 1016 if (!ret && (states & BOOTM_STATE_FINDOTHER)) { 1017 ulong img_addr; 1018 1019 img_addr = bmi->addr_img ? hextoul(bmi->addr_img, NULL) 1020 : image_load_addr; 1021 ret = bootm_find_other(img_addr, bmi->conf_ramdisk, 1022 bmi->conf_fdt); 1023 } 1024 1025 if (IS_ENABLED(CONFIG_MEASURED_BOOT) && !ret && 1026 (states & BOOTM_STATE_MEASURE)) 1027 bootm_measure(images); 1028 1029 /* Load the OS */ 1030 if (!ret && (states & BOOTM_STATE_LOADOS)) { 1031 iflag = bootm_disable_interrupts(); 1032 ret = bootm_load_os(images, 0); 1033 if (ret && ret != BOOTM_ERR_OVERLAP) 1034 goto err; 1035 else if (ret == BOOTM_ERR_OVERLAP) 1036 ret = 0; 1037 } 1038 1039 /* Relocate the ramdisk */ 1040#ifdef CONFIG_SYS_BOOT_RAMDISK_HIGH 1041 if (!ret && (states & BOOTM_STATE_RAMDISK)) { 1042 ulong rd_len = images->rd_end - images->rd_start; 1043 1044 ret = boot_ramdisk_high(&images->lmb, images->rd_start, 1045 rd_len, &images->initrd_start, &images->initrd_end); 1046 if (!ret) { 1047 env_set_hex("initrd_start", images->initrd_start); 1048 env_set_hex("initrd_end", images->initrd_end); 1049 } 1050 } 1051#endif 1052#if CONFIG_IS_ENABLED(OF_LIBFDT) && defined(CONFIG_LMB) 1053 if (!ret && (states & BOOTM_STATE_FDT)) { 1054 boot_fdt_add_mem_rsv_regions(&images->lmb, images->ft_addr); 1055 ret = boot_relocate_fdt(&images->lmb, &images->ft_addr, 1056 &images->ft_len); 1057 } 1058#endif 1059 1060 /* From now on, we need the OS boot function */ 1061 if (ret) 1062 return ret; 1063 boot_fn = bootm_os_get_boot_func(images->os.os); 1064 need_boot_fn = states & (BOOTM_STATE_OS_CMDLINE | 1065 BOOTM_STATE_OS_BD_T | BOOTM_STATE_OS_PREP | 1066 BOOTM_STATE_OS_FAKE_GO | BOOTM_STATE_OS_GO); 1067 if (boot_fn == NULL && need_boot_fn) { 1068 if (iflag) 1069 enable_interrupts(); 1070 printf("ERROR: booting os '%s' (%d) is not supported\n", 1071 genimg_get_os_name(images->os.os), images->os.os); 1072 bootstage_error(BOOTSTAGE_ID_CHECK_BOOT_OS); 1073 return 1; 1074 } 1075 1076 /* Call various other states that are not generally used */ 1077 if (!ret && (states & BOOTM_STATE_OS_CMDLINE)) 1078 ret = boot_fn(BOOTM_STATE_OS_CMDLINE, bmi); 1079 if (!ret && (states & BOOTM_STATE_OS_BD_T)) 1080 ret = boot_fn(BOOTM_STATE_OS_BD_T, bmi); 1081 if (!ret && (states & BOOTM_STATE_OS_PREP)) { 1082 int flags = 0; 1083 /* For Linux OS do all substitutions at console processing */ 1084 if (images->os.os == IH_OS_LINUX) 1085 flags = BOOTM_CL_ALL; 1086 ret = bootm_process_cmdline_env(flags); 1087 if (ret) { 1088 printf("Cmdline setup failed (err=%d)\n", ret); 1089 ret = CMD_RET_FAILURE; 1090 goto err; 1091 } 1092 ret = boot_fn(BOOTM_STATE_OS_PREP, bmi); 1093 } 1094 1095#ifdef CONFIG_TRACE 1096 /* Pretend to run the OS, then run a user command */ 1097 if (!ret && (states & BOOTM_STATE_OS_FAKE_GO)) { 1098 char *cmd_list = env_get("fakegocmd"); 1099 1100 ret = boot_selected_os(BOOTM_STATE_OS_FAKE_GO, bmi, boot_fn); 1101 if (!ret && cmd_list) 1102 ret = run_command_list(cmd_list, -1, 0); 1103 } 1104#endif 1105 1106 /* Check for unsupported subcommand. */ 1107 if (ret) { 1108 printf("subcommand failed (err=%d)\n", ret); 1109 return ret; 1110 } 1111 1112 /* Now run the OS! We hope this doesn't return */ 1113 if (!ret && (states & BOOTM_STATE_OS_GO)) 1114 ret = boot_selected_os(BOOTM_STATE_OS_GO, bmi, boot_fn); 1115 1116 /* Deal with any fallout */ 1117err: 1118 if (iflag) 1119 enable_interrupts(); 1120 1121 if (ret == BOOTM_ERR_UNIMPLEMENTED) { 1122 bootstage_error(BOOTSTAGE_ID_DECOMP_UNIMPL); 1123 } else if (ret == BOOTM_ERR_RESET) { 1124 printf("Resetting the board...\n"); 1125 reset_cpu(); 1126 } 1127 1128 return ret; 1129} 1130 1131int boot_run(struct bootm_info *bmi, const char *cmd, int extra_states) 1132{ 1133 int states; 1134 1135 bmi->cmd_name = cmd; 1136 states = BOOTM_STATE_MEASURE | BOOTM_STATE_OS_PREP | 1137 BOOTM_STATE_OS_FAKE_GO | BOOTM_STATE_OS_GO; 1138 if (IS_ENABLED(CONFIG_SYS_BOOT_RAMDISK_HIGH)) 1139 states |= BOOTM_STATE_RAMDISK; 1140 states |= extra_states; 1141 1142 return bootm_run_states(bmi, states); 1143} 1144 1145int bootm_run(struct bootm_info *bmi) 1146{ 1147 return boot_run(bmi, "bootm", BOOTM_STATE_START | BOOTM_STATE_FINDOS | 1148 BOOTM_STATE_PRE_LOAD | BOOTM_STATE_FINDOTHER | 1149 BOOTM_STATE_LOADOS); 1150} 1151 1152int bootz_run(struct bootm_info *bmi) 1153{ 1154 return boot_run(bmi, "bootz", 0); 1155} 1156 1157int booti_run(struct bootm_info *bmi) 1158{ 1159 return boot_run(bmi, "booti", 0); 1160} 1161 1162int bootm_boot_start(ulong addr, const char *cmdline) 1163{ 1164 char addr_str[30]; 1165 struct bootm_info bmi; 1166 int states; 1167 int ret; 1168 1169 states = BOOTM_STATE_START | BOOTM_STATE_FINDOS | BOOTM_STATE_PRE_LOAD | 1170 BOOTM_STATE_FINDOTHER | BOOTM_STATE_LOADOS | 1171 BOOTM_STATE_OS_PREP | BOOTM_STATE_OS_FAKE_GO | 1172 BOOTM_STATE_OS_GO; 1173 if (IS_ENABLED(CONFIG_SYS_BOOT_RAMDISK_HIGH)) 1174 states |= BOOTM_STATE_RAMDISK; 1175 if (IS_ENABLED(CONFIG_PPC) || IS_ENABLED(CONFIG_MIPS)) 1176 states |= BOOTM_STATE_OS_CMDLINE; 1177 images.state |= states; 1178 1179 snprintf(addr_str, sizeof(addr_str), "%lx", addr); 1180 1181 ret = env_set("bootargs", cmdline); 1182 if (ret) { 1183 printf("Failed to set cmdline\n"); 1184 return ret; 1185 } 1186 bootm_init(&bmi); 1187 bmi.addr_img = addr_str; 1188 bmi.cmd_name = "bootm"; 1189 ret = bootm_run_states(&bmi, states); 1190 1191 return ret; 1192} 1193 1194void bootm_init(struct bootm_info *bmi) 1195{ 1196 memset(bmi, '\0', sizeof(struct bootm_info)); 1197 bmi->boot_progress = true; 1198 if (IS_ENABLED(CONFIG_CMD_BOOTM)) 1199 bmi->images = &images; 1200} 1201 1202/** 1203 * switch_to_non_secure_mode() - switch to non-secure mode 1204 * 1205 * This routine is overridden by architectures requiring this feature. 1206 */ 1207void __weak switch_to_non_secure_mode(void) 1208{ 1209} 1210 1211#else /* USE_HOSTCC */ 1212 1213#if defined(CONFIG_FIT_SIGNATURE) 1214static int bootm_host_load_image(const void *fit, int req_image_type, 1215 int cfg_noffset) 1216{ 1217 const char *fit_uname_config = NULL; 1218 ulong data, len; 1219 struct bootm_headers images; 1220 int noffset; 1221 ulong load_end, buf_size; 1222 uint8_t image_type; 1223 uint8_t image_comp; 1224 void *load_buf; 1225 int ret; 1226 1227 fit_uname_config = fdt_get_name(fit, cfg_noffset, NULL); 1228 memset(&images, '\0', sizeof(images)); 1229 images.verify = 1; 1230 noffset = fit_image_load(&images, (ulong)fit, 1231 NULL, &fit_uname_config, 1232 IH_ARCH_DEFAULT, req_image_type, -1, 1233 FIT_LOAD_IGNORED, &data, &len); 1234 if (noffset < 0) 1235 return noffset; 1236 if (fit_image_get_type(fit, noffset, &image_type)) { 1237 puts("Can't get image type!\n"); 1238 return -EINVAL; 1239 } 1240 1241 if (fit_image_get_comp(fit, noffset, &image_comp)) 1242 image_comp = IH_COMP_NONE; 1243 1244 /* Allow the image to expand by a factor of 4, should be safe */ 1245 buf_size = (1 << 20) + len * 4; 1246 load_buf = malloc(buf_size); 1247 ret = image_decomp(image_comp, 0, data, image_type, load_buf, 1248 (void *)data, len, buf_size, &load_end); 1249 free(load_buf); 1250 1251 if (ret) { 1252 ret = handle_decomp_error(image_comp, load_end - 0, buf_size, ret); 1253 if (ret != BOOTM_ERR_UNIMPLEMENTED) 1254 return ret; 1255 } 1256 1257 return 0; 1258} 1259 1260int bootm_host_load_images(const void *fit, int cfg_noffset) 1261{ 1262 static uint8_t image_types[] = { 1263 IH_TYPE_KERNEL, 1264 IH_TYPE_FLATDT, 1265 IH_TYPE_RAMDISK, 1266 }; 1267 int err = 0; 1268 int i; 1269 1270 for (i = 0; i < ARRAY_SIZE(image_types); i++) { 1271 int ret; 1272 1273 ret = bootm_host_load_image(fit, image_types[i], cfg_noffset); 1274 if (!err && ret && ret != -ENOENT) 1275 err = ret; 1276 } 1277 1278 /* Return the first error we found */ 1279 return err; 1280} 1281#endif 1282 1283#endif /* ndef USE_HOSTCC */ 1284