void security_check(void) { /* do security check */ if(Check_Signature( (SB20_CONTEXT *)BL1_SIGNATURE_ADDR, (unsigned char*)CONFIG_SECURE_KERNEL_BASE, CONFIG_SECURE_KERNEL_SIZE-256, (unsigned char*)(CONFIG_SECURE_KERNEL_BASE+CONFIG_SECURE_KERNEL_SIZE-256), 256 ) != 0) { printf("Kernel Integrity check fail\nSystem Halt...."); while(1); } printf("Kernel Integirty check success.\n"); #ifdef CONFIG_SECURE_ROOTFS if(Check_Signature( (SB20_CONTEXT *)BL1_SIGNATURE_ADDR, (unsigned char*)CONFIG_SECURE_ROOTFS_BASE, CONFIG_SECURE_ROOTFS_SIZE-256, (unsigned char*)(CONFIG_SECURE_ROOTFS_BASE+CONFIG_SECURE_ROOTFS_SIZE-256), 256 ) != 0) { printf("rootfs Integrity check fail\nSystem Halt...."); while(1); } printf("rootfs Integirty check success.\n"); #endif }
template <class T> T Cast_Object_Function(T p) { switch (ArmorLevel) { case 1: Check_Pointer(p); break; case 2: Check_Signature(p); break; case 3: Check_Signature(p); p->TestInstance(); break; case 4: Check_Signature(p); p->TestInstance(); Verify(dynamic_cast<T>(p) != NULL); break; } return p; }
void emmc_4_4_uboot_copy(void) { MSH_ReadFromFIFO_eMMC bl2_copy = (MSH_ReadFromFIFO_eMMC) (*(u32 *) (MSH_ReadFromFIFO_eMMC_ADDRESS)); #if defined (CONFIG_EXYNOS4212) || defined (CONFIG_ARCH_EXYNOS5) bl2_copy(MOVI_UBOOT_BLKCNT, CONFIG_PHY_UBOOT_BASE); #ifdef CONFIG_CORTEXA5_ENABLE uboot_memcpy(0x40000000, CONFIG_PHY_UBOOT_BASE, PART_SIZE_UBOOT); #endif #else bl2_copy(0x10, MOVI_UBOOT_BLKCNT, CONFIG_PHY_UBOOT_BASE); #endif #ifdef CONFIG_SECURE_BOOT if (Check_Signature((SB20_CONTEXT *)SECURE_CONTEXT_BASE, (unsigned char*)CONFIG_PHY_UBOOT_BASE, PART_SIZE_UBOOT-256, (unsigned char*)(CONFIG_PHY_UBOOT_BASE+PART_SIZE_UBOOT-256), 256) != 0) { while(1); } #endif }
void movi_bl2_copy(void) { unsigned long bl2_addr; copy_sd_mmc_to_mem copy_bl2; if(CHIP_VER == 1) bl2_addr = (0x00002360); else bl2_addr = (0x00001908); copy_bl2 = (copy_sd_mmc_to_mem)(bl2_addr); copy_bl2(MOVI_BL2_POS, MOVI_BL2_BLKCNT, CFG_PHY_UBOOT_BASE); #if defined(CONFIG_SECURE_BOOT) unsigned int rv; /* do integrity check */ rv = Check_Signature( (SB20_CONTEXT *)SECURE_BOOT_CONTEXT_ADDR, (unsigned char *)(0x27e00000),(1024*512-256), (unsigned char *)((0x27e00000)+(1024*512-256)), 256 ); if (rv != 0) { while(1); } #endif }
void movi_uboot_copy(void) { int i; #ifdef CONFIG_EVT1 #ifdef CONFIG_CORTEXA5_ENABLE SDMMC_ReadBlocks(MOVI_UBOOT_POS, MOVI_UBOOT_BLKCNT, 0x40000000); #endif SDMMC_ReadBlocks(MOVI_UBOOT_POS, MOVI_UBOOT_BLKCNT, CONFIG_PHY_UBOOT_BASE); #ifdef CONFIG_TRUSTZONE for(i = 0; i < 100; i++) { *((u32*)(0x2028000)+i) = 0xBAADD00D; } SDMMC_ReadBlocks(MOVI_TZSW_POS, MOVI_TZSW_BLKCNT, CFG_FASTBOOT_TRANSFER_BUFFER); uboot_memcpy(TZSW_MEM_ADDR, CFG_FASTBOOT_TRANSFER_BUFFER, PART_SIZE_TZSW); #endif #else copy_sd_mmc_to_mem copy_uboot = (copy_sd_mmc_to_mem)(0x00002488); copy_uboot(MOVI_UBOOT_POS, MOVI_UBOOT_BLKCNT, CONFIG_PHY_UBOOT_BASE); #ifdef CONFIG_TRUSTZONE copy_uboot(MOVI_TZSW_POS, MOVI_TZSW_BLKCNT, TZSW_MEM_ADDR); #endif #endif #ifdef CONFIG_SECURE_BOOT if(Check_Signature( (SB20_CONTEXT *)SECURE_CONTEXT_BASE, (unsigned char*)CONFIG_PHY_UBOOT_BASE, PART_SIZE_UBOOT-256, (unsigned char*)(CONFIG_PHY_UBOOT_BASE+PART_SIZE_UBOOT-256), 256 ) != 0) { while(1); } #endif }
template <class T> void Check_Object_Function(T *p) { switch (ArmorLevel) { case 1: Check_Pointer(p); break; case 2: Check_Signature(p); break; case 3: case 4: Check_Signature(p); p->TestInstance(); break; } }
// //########################################################################### // CheckForPrimeSize //########################################################################### // bool Hash::CheckForPrimeSize() { Check_Signature(this); Verify(hashTableSize > 2); CollectionSize upper_bound = static_cast<CollectionSize>(Sqrt(static_cast<Scalar>(hashTableSize))); for (CollectionSize i = 2; i < upper_bound; i++) { if ((hashTableSize % i) == 0) return false; } return true; }
// //########################################################################### // BuildHashTable //########################################################################### // void Hash::BuildHashTable() { Check_Signature(this); int i; hashTable = new SortedChain*[hashTableSize]; Register_Pointer(hashTable); for (i = 0; i < hashTableSize; i++) { Check_Pointer(hashTable); Verify_Index(i); hashTable[i] = NULL; } }
void movi_uboot_copy(void) { #ifdef CONFIG_RAM_TEST uboot_mem_test(); #endif #ifdef CONFIG_CORTEXA5_ENABLE SDMMC_ReadBlocks(MOVI_UBOOT_POS, MOVI_UBOOT_BLKCNT, 0x40000000); #endif SDMMC_ReadBlocks(MOVI_UBOOT_POS, MOVI_UBOOT_BLKCNT, CONFIG_PHY_UBOOT_BASE); #ifdef CONFIG_SECURE_BOOT if (Check_Signature((SB20_CONTEXT *)SECURE_CONTEXT_BASE, (unsigned char*)CONFIG_PHY_UBOOT_BASE, PART_SIZE_UBOOT-256, (unsigned char*)(CONFIG_PHY_UBOOT_BASE+PART_SIZE_UBOOT-256), 256) != 0) { while(1); } #endif }
int do_bootm (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { image_header_t *hdr; ulong addr; ulong iflag; const char *type_name; uint unc_len = CONFIG_SYS_BOOTM_LEN; uint8_t comp, type, os; void *os_hdr; ulong os_data, os_len; ulong image_start, image_end; ulong load_start, load_end; ulong mem_start; phys_size_t mem_size; struct lmb lmb; #if defined(CONFIG_SECURE_BOOT) int rv; #endif #if defined(CONFIG_SECURE_BOOT) rv = Check_Signature( (SecureBoot_CTX *)SECURE_BOOT_CONTEXT_ADDR, (unsigned char*)CONFIG_SECURE_KERNEL_BASE, CONFIG_SECURE_KERNEL_SIZE-128, (unsigned char*)(CONFIG_SECURE_KERNEL_BASE+CONFIG_SECURE_KERNEL_SIZE-128), 128 ); if(rv != SB_OK) { printf("Kernel Integrity check fail\nSystem Halt...."); while(1); } printf("Kernel Integirty check success.\n"); rv = Check_Signature( (SecureBoot_CTX *)SECURE_BOOT_CONTEXT_ADDR, (unsigned char*)CONFIG_SECURE_ROOTFS_BASE, CONFIG_SECURE_ROOTFS_SIZE-128, (unsigned char*)(CONFIG_SECURE_ROOTFS_BASE+CONFIG_SECURE_ROOTFS_SIZE-128), 128 ); if(rv != SB_OK) { printf("rootfs Integrity check fail\nSystem Halt...."); while(1); } printf("rootfs Integirty check success.\n"); #endif memset ((void *)&images, 0, sizeof (images)); images.verify = getenv_yesno ("verify"); // images.lmb = &lmb; memcpy (&images.lmb, &lmb, sizeof(struct lmb)); lmb_init(&lmb); mem_start = getenv_bootm_low(); mem_size = getenv_bootm_size(); lmb_add(&lmb, (phys_addr_t)mem_start, mem_size); board_lmb_reserve(&lmb); #ifdef CONFIG_ZIMAGE_BOOT #define LINUX_ZIMAGE_MAGIC 0x016f2818 /* find out kernel image address */ if (argc < 2) { addr = load_addr; debug ("* kernel: default image load address = 0x%08lx\n", load_addr); } else { addr = simple_strtoul(argv[1], NULL, 16); //debug ("* kernel: cmdline image address = 0x%08lx\n", img_addr); } if (*(ulong *)(addr + 9*4) == LINUX_ZIMAGE_MAGIC) { printf("Boot with zImage\n"); addr = virt_to_phys(addr); hdr = (image_header_t *)addr; hdr->ih_os = IH_OS_LINUX; hdr->ih_ep = ntohl(addr); memmove (&images.legacy_hdr_os_copy, hdr, sizeof(image_header_t)); /* save pointer to image header */ images.legacy_hdr_os = hdr; images.legacy_hdr_valid = 1; goto after_header_check; } #endif /* get kernel image header, start address and length */ os_hdr = boot_get_kernel (cmdtp, flag, argc, argv, &images, &os_data, &os_len); if (os_len == 0) { puts ("ERROR: can't get kernel image!\n"); return 1; } /* get image parameters */ switch (genimg_get_format (os_hdr)) { case IMAGE_FORMAT_LEGACY: type = image_get_type (os_hdr); comp = image_get_comp (os_hdr); os = image_get_os (os_hdr); image_end = image_get_image_end (os_hdr); load_start = image_get_load (os_hdr); break; #if defined(CONFIG_FIT) case IMAGE_FORMAT_FIT: if (fit_image_get_type (images.fit_hdr_os, images.fit_noffset_os, &type)) { puts ("Can't get image type!\n"); show_boot_progress (-109); return 1; } if (fit_image_get_comp (images.fit_hdr_os, images.fit_noffset_os, &comp)) { puts ("Can't get image compression!\n"); show_boot_progress (-110); return 1; } if (fit_image_get_os (images.fit_hdr_os, images.fit_noffset_os, &os)) { puts ("Can't get image OS!\n"); show_boot_progress (-111); return 1; } image_end = fit_get_end (images.fit_hdr_os); if (fit_image_get_load (images.fit_hdr_os, images.fit_noffset_os, &load_start)) { puts ("Can't get image load address!\n"); show_boot_progress (-112); return 1; } break; #endif default: puts ("ERROR: unknown image format type!\n"); return 1; } image_start = (ulong)os_hdr; load_end = 0; type_name = genimg_get_type_name (type); /* * We have reached the point of no return: we are going to * overwrite all exception vector code, so we cannot easily * recover from any failures any more... */ iflag = disable_interrupts(); #if defined(CONFIG_CMD_USB) /* * turn off USB to prevent the host controller from writing to the * SDRAM while Linux is booting. This could happen (at least for OHCI * controller), because the HCCA (Host Controller Communication Area) * lies within the SDRAM and the host controller writes continously to * this area (as busmaster!). The HccaFrameNumber is for example * updated every 1 ms within the HCCA structure in SDRAM! For more * details see the OpenHCI specification. */ usb_stop(); #endif #ifdef CONFIG_AMIGAONEG3SE /* * We've possible left the caches enabled during * bios emulation, so turn them off again */ icache_disable(); invalidate_l1_instruction_cache(); flush_data_cache(); dcache_disable(); #endif switch (comp) { case IH_COMP_NONE: if (load_start == (ulong)os_hdr) { printf (" XIP %s ... ", type_name); } else { printf (" Loading %s ... ", type_name); memmove_wd ((void *)load_start, (void *)os_data, os_len, CHUNKSZ); } load_end = load_start + os_len; puts("OK\n"); break; case IH_COMP_GZIP: printf (" Uncompressing %s ... ", type_name); if (gunzip ((void *)load_start, unc_len, (uchar *)os_data, &os_len) != 0) { puts ("GUNZIP: uncompress or overwrite error " "- must RESET board to recover\n"); show_boot_progress (-6); do_reset (cmdtp, flag, argc, argv); } load_end = load_start + os_len; break; #ifdef CONFIG_BZIP2 case IH_COMP_BZIP2: printf (" Uncompressing %s ... ", type_name); /* * If we've got less than 4 MB of malloc() space, * use slower decompression algorithm which requires * at most 2300 KB of memory. */ int i = BZ2_bzBuffToBuffDecompress ((char*)load_start, &unc_len, (char *)os_data, os_len, CFG_MALLOC_LEN < (4096 * 1024), 0); if (i != BZ_OK) { printf ("BUNZIP2: uncompress or overwrite error %d " "- must RESET board to recover\n", i); show_boot_progress (-6); do_reset (cmdtp, flag, argc, argv); } load_end = load_start + unc_len; break; #endif /* CONFIG_BZIP2 */ default: if (iflag) enable_interrupts(); printf ("Unimplemented compression type %d\n", comp); show_boot_progress (-7); return 1; } puts ("OK\n"); debug (" kernel loaded at 0x%08lx, end = 0x%08lx\n", load_start, load_end); show_boot_progress (7); if ((load_start < image_end) && (load_end > image_start)) { debug ("image_start = 0x%lX, image_end = 0x%lx\n", image_start, image_end); debug ("load_start = 0x%lx, load_end = 0x%lx\n", load_start, load_end); if (images.legacy_hdr_valid) { if (image_get_type (&images.legacy_hdr_os_copy) == IH_TYPE_MULTI) puts ("WARNING: legacy format multi component " "image overwritten\n"); } else { puts ("ERROR: new format image overwritten - " "must RESET the board to recover\n"); show_boot_progress (-113); do_reset (cmdtp, flag, argc, argv); } } show_boot_progress (8); lmb_reserve(&lmb, load_start, (load_end - load_start)); #if defined(CONFIG_ZIMAGE_BOOT) after_header_check: os = hdr->ih_os; #endif switch (os) { default: /* handled by (original) Linux case */ case IH_OS_LINUX: #ifdef CONFIG_SILENT_CONSOLE fixup_silent_linux(); #endif do_bootm_linux (flag, argc, argv, &images); break; #ifdef CONFIG_BOOTM_NETBSD case IH_OS_NETBSD: do_bootm_netbsd (flag, argc, argv, &images); break; #endif #ifdef CONFIG_LYNXKDI case IH_OS_LYNXOS: do_bootm_lynxkdi (flag, argc, argv, &images); break; #endif #ifdef CONFIG_BOOTM_RTEMS case IH_OS_RTEMS: do_bootm_rtems (flag, argc, argv, &images); break; #endif /* #if defined(CONFIG_CMD_ELF) case IH_OS_VXWORKS: do_bootm_vxworks (cmdtp, flag, argc, argv, &images); break; case IH_OS_QNX: do_bootm_qnxelf (cmdtp, flag, argc, argv, &images); break; #endif */ #ifdef CONFIG_ARTOS case IH_OS_ARTOS: do_bootm_artos (cmdtp, flag, argc, argv, &images); break; #endif } show_boot_progress (-9); #ifdef DEBUG puts ("\n## Control returned to monitor - resetting...\n"); do_reset (cmdtp, flag, argc, argv); #endif if (iflag) enable_interrupts(); return 1; }