int board_init(void)
{
struct ccsr_cci400 *cci = (struct ccsr_cci400 *)(CONFIG_SYS_IMMR +
CONFIG_SYS_CCI400_OFFSET);
/*
* Set CCI-400 control override register to enable barrier
* transaction
*/
out_le32(&cci->ctrl_ord, CCI400_CTRLORD_EN_BARRIER);
#ifdef CONFIG_SYS_FSL_ERRATUM_A010315
erratum_a010315();
#endif
#ifdef CONFIG_ENV_IS_NOWHERE
gd->env_addr = (ulong)&default_environment[0];
#endif
#ifdef CONFIG_FSL_CAAM
sec_init();
#endif
#ifdef CONFIG_FSL_LS_PPA
ppa_init();
#endif
return 0;
}
/* Send an authentication response packet */
static void
licence_send_authresp(uint8 *token, uint8 *crypt_hwid, uint8 *signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length = 58;
STREAM s;
s = sec_init(sec_flags, length + 2);
out_uint16_le(s, LICENCE_TAG_AUTHRESP);
out_uint16_le(s, length);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_TOKEN_SIZE);
out_uint8p(s, token, LICENCE_TOKEN_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
sec_send(s, sec_flags);
}
/* Send a platform challenge response packet */
static void
licence_send_platform_challenge_response(uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 length = 58;
STREAM s;
s = sec_init(sec_flags, length + 2);
out_uint8(s, LICENCE_TAG_PLATFORM_CHALLENGE_RESPONSE);
out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2)); /* version */
out_uint16_le(s, length);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_TOKEN_SIZE);
out_uint8p(s, token, LICENCE_TOKEN_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
sec_send(s, sec_flags);
}
void alc_init(void) {
#ifdef _MSC_VER
sec_init(); /* Initialize timer */
#endif
lib_init = TRUE;
}
/* Send a Licensing packet with Platform Challenge Response */
static void
licence_send_authresp(rdpLicence * licence, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 length = 58;
STREAM s;
s = sec_init(licence->sec, sec_flags, length + 2);
/* Licensing Preamble (LICENSE_PREAMBLE) */
out_uint8(s, PLATFORM_CHALLENGE_RESPONSE); /* PLATFORM_CHALLENGE_RESPONSE */
out_uint8(s, 2); /* PREAMBLE_VERSION_2_0 */
out_uint16_le(s, length);
/* Licensing Binary BLOB with EncryptedPlatformChallengeResponse: */
out_uint16_le(s, 1); /* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
out_uint16_le(s, LICENCE_TOKEN_SIZE); /* wBlobLen */
out_uint8p(s, token, LICENCE_TOKEN_SIZE); /* RC4-encrypted challenge data */
/* Licensing Binary BLOB with EncryptedHWID: */
out_uint16_le(s, 1); /* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
out_uint16_le(s, LICENCE_HWID_SIZE); /* wBlobLen */
out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE); /* RC4-encrypted Client Hardware Identification */
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE); /* MACData */
s_mark_end(s);
sec_send(licence->sec, s, sec_flags);
}
/* Send an authentication response packet */
static void
licence_send_authresp(RDConnectionRef conn, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length = 58;
RDStreamRef s;
s = sec_init(conn, sec_flags, length + 2);
out_uint8(s, LICENCE_TAG_AUTHRESP);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_TOKEN_SIZE);
out_uint8p(s, token, LICENCE_TOKEN_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
sec_send(conn, s, sec_flags);
}
int board_init(void)
{
struct ccsr_scfg *scfg = (struct ccsr_scfg *)CONFIG_SYS_FSL_SCFG_ADDR;
#ifdef CONFIG_SECURE_BOOT
/*
* In case of Secure Boot, the IBR configures the SMMU
* to allow only Secure transactions.
* SMMU must be reset in bypass mode.
* Set the ClientPD bit and Clear the USFCFG Bit
*/
u32 val;
val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_SCR0, val);
val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_NSCR0, val);
#endif
#ifdef CONFIG_FSL_CAAM
sec_init();
#endif
#ifdef CONFIG_FSL_LS_PPA
ppa_init();
#endif
/* invert AQR105 IRQ pins polarity */
out_be32(&scfg->intpcr, AQR105_IRQ_MASK);
return 0;
}
/* Send an authentication response packet */
static BOOL
licence_send_authresp(RDPCLIENT * This, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length = 58;
STREAM s;
s = sec_init(This, sec_flags, length + 2);
if(s == NULL)
return False;
out_uint8(s, LICENCE_TAG_AUTHRESP);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_TOKEN_SIZE);
out_uint8p(s, token, LICENCE_TOKEN_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
/* Send a confirm active PDU */
static void rdp_send_confirm_active(void) {
STREAM s;
uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen = RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER
+ RDP_CAPLEN_COLCACHE + RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL
+ RDP_CAPLEN_SHARE + RDP_CAPLEN_BRUSHCACHE + 0x58 + 0x08 + 0x08
+ 0x34 /* unknown caps */+ 4 /* w2k fix, sessionid */;
if (g_use_rdp5) {
caplen += RDP_CAPLEN_BMPCACHE2;
caplen += RDP_CAPLEN_NEWPOINTER;
} else {
caplen += RDP_CAPLEN_BMPCACHE;
caplen += RDP_CAPLEN_POINTER;
}
s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10));
/* Version 1 */
out_uint16_le(s, (g_mcs_userid + 1001));
out_uint32_le(s, g_rdp_shareid);
out_uint16_le(s, 0x3ea);
/* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xe);
/* num_caps */
out_uint8s(s, 2);
/* pad */
rdp_out_general_caps(s);
rdp_out_bitmap_caps(s);
rdp_out_order_caps(s);
if (g_use_rdp5) {
rdp_out_bmpcache2_caps(s);
rdp_out_newpointer_caps(s);
} else {
rdp_out_bmpcache_caps(s);
rdp_out_pointer_caps(s);
}
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_share_caps(s);
rdp_out_brushcache_caps(s);
rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* CAPSTYPE_INPUT */
rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c); /* CAPSTYPE_SOUND */
rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e); /* CAPSTYPE_FONT */
rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* CAPSTYPE_GLYPHCACHE */
s_mark_end(s);
sec_send(s, sec_flags);
}
/* Initialise an RDP data packet */
static STREAM rdp_init_data(int maxlen) {
STREAM s;
s = sec_init(g_encryption ? SEC_ENCRYPT : 0, maxlen + 18);
s_push_layer(s, rdp_hdr, 18);
return s;
}
void
channel_send(STREAM s, VCHANNEL * channel)
{
uint32 length, flags;
uint32 thislength, remaining;
uint8 *data;
#ifdef WITH_SCARD
scard_lock(SCARD_LOCK_CHANNEL);
#endif
/* first fragment sent in-place */
s_pop_layer(s, channel_hdr);
length = s->end - s->p - 8;
DEBUG_CHANNEL(("channel_send, length = %d\n", length));
thislength = MIN(length, CHANNEL_CHUNK_LENGTH);
/* Note: In the original clipboard implementation, this number was
1592, not 1600. However, I don't remember the reason and 1600 seems
to work so.. This applies only to *this* length, not the length of
continuation or ending packets. */
remaining = length - thislength;
flags = (remaining == 0) ? CHANNEL_FLAG_FIRST | CHANNEL_FLAG_LAST : CHANNEL_FLAG_FIRST;
if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
flags |= CHANNEL_FLAG_SHOW_PROTOCOL;
out_uint32_le(s, length);
out_uint32_le(s, flags);
data = s->end = s->p + thislength;
DEBUG_CHANNEL(("Sending %d bytes with FLAG_FIRST\n", thislength));
sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);
/* subsequent segments copied (otherwise would have to generate headers backwards) */
while (remaining > 0)
{
thislength = MIN(remaining, CHANNEL_CHUNK_LENGTH);
remaining -= thislength;
flags = (remaining == 0) ? CHANNEL_FLAG_LAST : 0;
if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
flags |= CHANNEL_FLAG_SHOW_PROTOCOL;
DEBUG_CHANNEL(("Sending %d bytes with flags %d\n", thislength, flags));
s = sec_init(g_encryption ? SEC_ENCRYPT : 0, thislength + 8);
out_uint32_le(s, length);
out_uint32_le(s, flags);
out_uint8p(s, data, thislength);
s_mark_end(s);
sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);
data += thislength;
}
#ifdef WITH_SCARD
scard_unlock(SCARD_LOCK_CHANNEL);
#endif
}
STREAM
channel_init(VCHANNEL * channel, uint32 length)
{
STREAM s;
s = sec_init(g_encryption ? SEC_ENCRYPT : 0, length + 8);
s_push_layer(s, channel_hdr, 8);
return s;
}
int arch_misc_init(void)
{
#ifdef CONFIG_FSL_DEBUG_SERVER
debug_server_init();
#endif
#ifdef CONFIG_FSL_CAAM
sec_init();
#endif
return 0;
}
int misc_init_r(void)
{
#ifndef CONFIG_QSPI_BOOT
config_board_mux();
#endif
#ifdef CONFIG_FSL_CAAM
return sec_init();
#endif
}
void init(void) {
kernel_init();
xn_init();
tmplt_init();
sec_init();
xr_reset();
#ifndef EXOPC
disk_init();
#endif
}
int main() {
slong n, i, m, prec = 60;
flint_rand_t state;
flint_printf("symplectic basis...");
fflush(stdout);
flint_randinit(state);
for (n = 3; n < 10; n++)
{
for (i = 0; i < 5; i++)
{
acb_ptr x;
tree_t tree;
x = _acb_vec_init(n);
acb_vec_set_random(x, n, state, prec, 4);
tree_init(tree, n - 1);
spanning_tree(tree, x, n, INT_DE);
for (m = 2; m < 7; m++)
{
sec_t c;
homol_t alpha, beta;
sec_init(&c, m, n);
tree_ydata_init(tree, x, n, m, prec);
alpha = flint_malloc(c.g * sizeof(loop_t));
beta = flint_malloc(c.g * sizeof(loop_t));
symplectic_basis(alpha, beta, tree, c);
homol_clear(alpha, c.g);
homol_clear(beta, c.g);
tree_ydata_clear(tree);
sec_clear(c);
}
tree_clear(tree);
_acb_vec_clear(x, n);
}
}
flint_randclear(state);
flint_cleanup();
printf("PASS\n");
return 0;
}
int misc_init_r(void)
{
#ifdef CONFIG_FSL_DEVICE_DISABLE
device_disable(devdis_tbl, ARRAY_SIZE(devdis_tbl));
#endif
#if !defined(CONFIG_QSPI_BOOT) && !defined(CONFIG_SD_BOOT_QSPI)
config_board_mux();
#endif
#ifdef CONFIG_FSL_CAAM
return sec_init();
#endif
}
/* Initialise an RDP data packet */
static STREAM
rdp_init_data(RDPCLIENT * This, int maxlen)
{
STREAM s;
s = sec_init(This, This->encryption ? SEC_ENCRYPT : 0, maxlen + 18);
if(s == NULL)
return NULL;
s_push_layer(s, rdp_hdr, 18);
return s;
}
/* Send a confirm active PDU */
static BOOL
rdp_send_confirm_active(RDPCLIENT * This)
{
STREAM s;
uint32 sec_flags = This->encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen =
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER +
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE +
RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL +
RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE +
0x58 + 0x08 + 0x08 + 0x34 /* unknown caps */ +
4 /* w2k fix, why? */ ;
s = sec_init(This, sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
if(s == NULL)
return False;
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */
out_uint16_le(s, (This->mcs_userid + 1001));
out_uint32_le(s, This->rdp_shareid);
out_uint16_le(s, 0x3ea); /* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xd); /* num_caps */
out_uint8s(s, 2); /* pad */
rdp_out_general_caps(This, s);
rdp_out_bitmap_caps(This, s);
rdp_out_order_caps(This, s);
This->use_rdp5 ? rdp_out_bmpcache2_caps(This, s) : rdp_out_bmpcache_caps(This, s);
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_pointer_caps(s);
rdp_out_share_caps(s);
rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* international? */
rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c);
rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e);
rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* glyph cache? */
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
int misc_init_r(void)
{
int conflict_flag;
/* some signals can not enable simultaneous*/
conflict_flag = 0;
if (hwconfig("sdhc"))
conflict_flag++;
if (hwconfig("iic2"))
conflict_flag++;
if (conflict_flag > 1) {
printf("WARNING: pin conflict !\n");
return 0;
}
conflict_flag = 0;
if (hwconfig("rgmii"))
conflict_flag++;
if (hwconfig("can"))
conflict_flag++;
if (hwconfig("sai"))
conflict_flag++;
if (conflict_flag > 1) {
printf("WARNING: pin conflict !\n");
return 0;
}
if (hwconfig("can"))
config_board_mux(MUX_TYPE_CAN);
else if (hwconfig("rgmii"))
config_board_mux(MUX_TYPE_RGMII);
else if (hwconfig("sai"))
config_board_mux(MUX_TYPE_SAI);
if (hwconfig("iic2"))
config_board_mux(MUX_TYPE_IIC2);
else if (hwconfig("sdhc"))
config_board_mux(MUX_TYPE_SDHC);
#ifdef CONFIG_FSL_DEVICE_DISABLE
device_disable(devdis_tbl, ARRAY_SIZE(devdis_tbl));
#endif
#ifdef CONFIG_FSL_CAAM
return sec_init();
#endif
return 0;
}
int
vchan_send(rdpChannels * chan, int mcs_id, char * data, int total_length)
{
STREAM s;
int sec_flags;
int length;
int sent;
int chan_flags;
int chan_index;
rdpSet * settings;
struct rdp_chan * channel;
settings = chan->mcs->sec->rdp->settings;
chan_index = (mcs_id - MCS_GLOBAL_CHANNEL) - 1;
if ((chan_index < 0) || (chan_index >= settings->num_channels))
{
ui_error(chan->mcs->sec->rdp->inst, "error\n");
return 0;
}
channel = &(settings->channels[chan_index]);
chan_flags = CHANNEL_FLAG_FIRST;
sent = 0;
sec_flags = settings->encryption ? SEC_ENCRYPT : 0;
while (sent < total_length)
{
length = MIN(CHANNEL_CHUNK_LENGTH, total_length);
length = MIN(total_length - sent, length);
if ((sent + length) >= total_length)
{
chan_flags |= CHANNEL_FLAG_LAST;
}
if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
{
chan_flags |= CHANNEL_FLAG_SHOW_PROTOCOL;
}
s = sec_init(chan->mcs->sec, sec_flags, length + 8);
out_uint32_le(s, total_length);
out_uint32_le(s, chan_flags);
out_uint8p(s, data + sent, length);
s_mark_end(s);
sec_send_to_channel(chan->mcs->sec, s, sec_flags, mcs_id);
sent += length;
chan_flags = 0;
}
return sent;
}
/* Send a Licensing packet with Client License Information */
static void
licence_present(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 length =
16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
STREAM s;
s = sec_init(licence->sec, sec_flags, length + 4);
/* Licensing Preamble (LICENSE_PREAMBLE) */
out_uint8(s, LICENSE_INFO); /* bMsgType LICENSE_INFO */
out_uint8(s, 2); /* bVersion PREAMBLE_VERSION_2_0 */
out_uint16_le(s, length);
/* Client License Information: */
out_uint32_le(s, 1); /* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
out_uint16_le(s, 0); /* PlatformId, unknown platform and ISV */
out_uint16_le(s, 0x0201); /* PlatformId, build/version */
out_uint8p(s, client_random, SEC_RANDOM_SIZE); /* ClientRandom */
/* Licensing Binary Blob with EncryptedPreMasterSecret: */
out_uint16_le(s, 0); /* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE)); /* wBlobLen */
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE); /* 48 bit random number encrypted for server */
out_uint8s(s, SEC_PADDING_SIZE);
/* Licensing Binary Blob with LicenseInfo: */
out_uint16_le(s, 1); /* wBlobType BB_DATA_BLOB */
out_uint16_le(s, licence_size); /* wBlobLen */
out_uint8p(s, licence_data, licence_size); /* CAL issued by servers license server */
/* Licensing Binary Blob with EncryptedHWID */
out_uint16_le(s, 1); /* wBlobType BB_DATA_BLOB */
out_uint16_le(s, LICENCE_HWID_SIZE); /* wBlobLen */
out_uint8p(s, hwid, LICENCE_HWID_SIZE); /* RC4-encrypted Client Hardware Identification */
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE); /* MACData */
s_mark_end(s);
sec_send(licence->sec, s, sec_flags);
}
int main(int argc, char **argv)
{
sec_init();
load_case_tables();
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n",
get_dyn_CONFIGFILE());
exit(1);
}
if (argc == 1) {
help();
exit(1);
}
process_arguments(argc, argv);
exit(0);
}
/* Send a Licensing packet with Client New License Request */
static void
licence_send_request(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data, char *user,
char *host)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 userlen = strlen(user) + 1;
uint16 hostlen = strlen(host) + 1;
uint16 length = 128 + userlen + hostlen;
STREAM s;
s = sec_init(licence->sec, sec_flags, length + 2);
/* Licensing Preamble (LICENSE_PREAMBLE) */
out_uint8(s, NEW_LICENSE_REQUEST); /* NEW_LICENSE_REQUEST */
out_uint8(s, 2); /* PREAMBLE_VERSION_2_0 */
out_uint16_le(s, length);
out_uint32_le(s, 1); /* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
out_uint16_le(s, 0); /* PlatformId, unknown platform and ISV */
out_uint16_le(s, 0xff01); /* PlatformId, build/version */
out_uint8p(s, client_random, SEC_RANDOM_SIZE); /* ClientRandom */
/* Licensing Binary Blob with EncryptedPreMasterSecret: */
out_uint16_le(s, 0); /* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE)); /* wBlobLen */
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE); /* 48 bit random number encrypted for server */
out_uint8s(s, SEC_PADDING_SIZE);
/* Licensing Binary Blob with ClientUserName: */
out_uint16_le(s, LICENCE_TAG_USER); /* wBlobType BB_CLIENT_USER_NAME_BLOB */
out_uint16_le(s, userlen); /* wBlobLen */
out_uint8p(s, user, userlen);
/* Licensing Binary Blob with ClientMachineName: */
out_uint16_le(s, LICENCE_TAG_HOST); /* wBlobType BB_CLIENT_MACHINE_NAME_BLOB */
out_uint16_le(s, hostlen); /* wBlobLen */
out_uint8p(s, host, hostlen);
s_mark_end(s);
sec_send(licence->sec, s, sec_flags);
}
/* Present an existing licence to the server */
static BOOL
licence_present(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length =
16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
STREAM s;
s = sec_init(This, sec_flags, length + 4);
if(s == NULL)
return False;
out_uint8(s, LICENCE_TAG_PRESENT);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0x0201);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, licence_size);
out_uint8p(s, licence_data, licence_size);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr)
{
int res;
/*
* Check Boot Mode
* If Boot Mode is Non-Secure, skip validation
*/
if (fsl_check_boot_mode_secure() == 0)
return;
printf("SPL: Validating U-Boot image\n");
#ifdef CONFIG_ADDR_MAP
init_addr_map();
#endif
#ifdef CONFIG_FSL_CORENET
if (pamu_init() < 0)
fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT);
#endif
#ifdef CONFIG_FSL_CAAM
if (sec_init() < 0)
fsl_secboot_handle_error(ERROR_ESBC_SEC_INIT);
#endif
/*
* dm_init_and_scan() is called as part of common SPL framework, so no
* need to call it again but in case of powerpc platforms which currently
* do not use common SPL framework, so need to call this function here.
*/
#if defined(CONFIG_SPL_DM) && (!defined(CONFIG_SPL_FRAMEWORK))
dm_init_and_scan(false);
#endif
res = fsl_secboot_validate(hdr_addr, CONFIG_SPL_UBOOT_KEY_HASH,
&img_addr);
if (res == 0)
printf("SPL: Validation of U-boot successful\n");
}
/**
* blob_dek() - Encapsulate the DEK as a blob using CAM's Key
* @src: - Address of data to be encapsulated
* @dst: - Desination address of encapsulated data
* @len: - Size of data to be encapsulated
*
* Returns zero on success,and negative on error.
*/
static int blob_encap_dek(const u8 *src, u8 *dst, u32 len)
{
int ret = 0;
u32 jr_size = 4;
u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR + 0x102c);
if (out_jr_size != jr_size) {
hab_caam_clock_enable(1);
sec_init();
}
if (!((len == 128) | (len == 192) | (len == 256))) {
debug("Invalid DEK size. Valid sizes are 128, 192 and 256b\n");
return -1;
}
len /= 8;
ret = blob_dek(src, dst, len);
return ret;
}
/* Send a confirm active PDU */
static void
rdp_send_confirm_active(void)
{
STREAM s;
uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen =
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER +
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE +
RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL +
RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE + RDP_CAPLEN_UNKNOWN + 4 /* w2k fix, why? */ ;
s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */
out_uint16_le(s, (g_mcs_userid + 1001));
out_uint32_le(s, g_rdp_shareid);
out_uint16_le(s, 0x3ea); /* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xd); /* num_caps */
out_uint8s(s, 2); /* pad */
rdp_out_general_caps(s);
rdp_out_bitmap_caps(s);
rdp_out_order_caps(s);
rdp_out_bmpcache_caps(s);
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_pointer_caps(s);
rdp_out_share_caps(s);
rdp_out_unknown_caps(s);
s_mark_end(s);
sec_send(s, sec_flags);
}
int board_init(void)
{
select_i2c_ch_pca9547(I2C_MUX_CH_DEFAULT);
#ifdef CONFIG_SYS_FSL_SERDES
config_serdes_mux();
#endif
#ifdef CONFIG_LAYERSCAPE_NS_ACCESS
enable_layerscape_ns_access();
#endif
if (adjust_vdd(0))
printf("Warning: Adjusting core voltage failed.\n");
#ifdef CONFIG_FSL_LS_PPA
ppa_init();
#endif
#ifdef CONFIG_SECURE_BOOT
/*
* In case of Secure Boot, the IBR configures the SMMU
* to allow only Secure transactions.
* SMMU must be reset in bypass mode.
* Set the ClientPD bit and Clear the USFCFG Bit
*/
u32 val;
val = (in_le32(SMMU_SCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_SCR0, val);
val = (in_le32(SMMU_NSCR0) | SCR0_CLIENTPD_MASK) & ~(SCR0_USFCFG_MASK);
out_le32(SMMU_NSCR0, val);
#endif
#ifdef CONFIG_FSL_CAAM
sec_init();
#endif
return 0;
}
/* Send a licence request packet */
static BOOL
licence_send_request(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data, char *user, char *host)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 userlen = (uint16)strlen(user) + 1;
uint16 hostlen = (uint16)strlen(host) + 1;
uint16 length = 128 + userlen + hostlen;
STREAM s;
s = sec_init(This, sec_flags, length + 2);
if(s == NULL)
return False;
out_uint8(s, LICENCE_TAG_REQUEST);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0xff01);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, LICENCE_TAG_USER);
out_uint16_le(s, userlen);
out_uint8p(s, user, userlen);
out_uint16_le(s, LICENCE_TAG_HOST);
out_uint16_le(s, hostlen);
out_uint8p(s, host, hostlen);
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
