Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / 465491e6bd1f5f50926ef1ffe6a87855d9fe789f / . / app / aboot / aboot.c
blob: 44e212ba900df078f4a1621fb53746becac746e7 [file] [log] [blame]
/*
* Copyright (c) 2009, Google Inc.
* All rights reserved.
*
* Copyright (c) 2009-2012, Code Aurora Forum. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of Code Aurora nor
* the names of its contributors may be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <app.h>
#include <debug.h>
#include <arch/arm.h>
#include <dev/udc.h>
#include <string.h>
#include <kernel/thread.h>
#include <arch/ops.h>
#include <dev/flash.h>
#include <lib/ptable.h>
#include <dev/keys.h>
#include <dev/fbcon.h>
#include <baseband.h>
#include <target.h>
#include <mmc.h>
#include <partition_parser.h>
#include <platform.h>
#include <crypto_hash.h>
#if DEVICE_TREE
#include <libfdt.h>
#endif
#include "image_verify.h"
#include "recovery.h"
#include "bootimg.h"
#include "fastboot.h"
#include "sparse_format.h"
#include "mmc.h"
#include "devinfo.h"
#include "board.h"
#include "scm.h"
#define EXPAND(NAME) #NAME
#define TARGET(NAME) EXPAND(NAME)
#define DEFAULT_CMDLINE "mem=100M console=null";
#ifdef MEMBASE
#define EMMC_BOOT_IMG_HEADER_ADDR (0xFF000+(MEMBASE))
#else
#define EMMC_BOOT_IMG_HEADER_ADDR 0xFF000
#endif
#define RECOVERY_MODE 0x77665502
#define FASTBOOT_MODE 0x77665500
#if DEVICE_TREE
#define DEV_TREE_SUCCESS 0
#define DEV_TREE_MAGIC "QCDT"
#define DEV_TREE_VERSION 1
#define DEV_TREE_HEADER_SIZE 12
struct dt_entry{
uint32_t platform_id;
uint32_t variant_id;
uint32_t soc_rev;
uint32_t offset;
uint32_t size;
};
struct dt_table{
uint32_t magic;
uint32_t version;
unsigned num_entries;
};
struct dt_entry * get_device_tree_ptr(struct dt_table *);
int update_device_tree(const void *, char *, void *, unsigned);
#endif
static const char *emmc_cmdline = " androidboot.emmc=true";
static const char *usb_sn_cmdline = " androidboot.serialno=";
static const char *battchg_pause = " androidboot.mode=charger";
static const char *auth_kernel = " androidboot.authorized_kernel=true";
static const char *baseband_apq = " androidboot.baseband=apq";
static const char *baseband_msm = " androidboot.baseband=msm";
static const char *baseband_csfb = " androidboot.baseband=csfb";
static const char *baseband_svlte2a = " androidboot.baseband=svlte2a";
static const char *baseband_mdm = " androidboot.baseband=mdm";
static const char *baseband_sglte = " androidboot.baseband=sglte";
/* Assuming unauthorized kernel image by default */
static int auth_kernel_img = 0;
static device_info device = {DEVICE_MAGIC, 0, 0};
static struct udc_device surf_udc_device = {
.vendor_id = 0x18d1,
.product_id = 0xD00D,
.version_id = 0x0100,
.manufacturer = "Google",
.product = "Android",
};
struct atag_ptbl_entry
{
char name[16];
unsigned offset;
unsigned size;
unsigned flags;
};
char sn_buf[13];
extern int emmc_recovery_init(void);
#if NO_KEYPAD_DRIVER
extern int fastboot_trigger(void);
#endif
static void ptentry_to_tag(unsigned **ptr, struct ptentry *ptn)
{
struct atag_ptbl_entry atag_ptn;
memcpy(atag_ptn.name, ptn->name, 16);
atag_ptn.name[15] = '\0';
atag_ptn.offset = ptn->start;
atag_ptn.size = ptn->length;
atag_ptn.flags = ptn->flags;
memcpy(*ptr, &atag_ptn, sizeof(struct atag_ptbl_entry));
*ptr += sizeof(struct atag_ptbl_entry) / sizeof(unsigned);
}
unsigned char *update_cmdline(const char * cmdline)
{
int cmdline_len = 0;
int have_cmdline = 0;
unsigned char *cmdline_final = NULL;
int pause_at_bootup = 0;
if (cmdline && cmdline[0]) {
cmdline_len = strlen(cmdline);
have_cmdline = 1;
}
if (target_is_emmc_boot()) {
cmdline_len += strlen(emmc_cmdline);
}
cmdline_len += strlen(usb_sn_cmdline);
cmdline_len += strlen(sn_buf);
if (target_pause_for_battery_charge()) {
pause_at_bootup = 1;
cmdline_len += strlen(battchg_pause);
}
if(target_use_signed_kernel() && auth_kernel_img) {
cmdline_len += strlen(auth_kernel);
}
/* Determine correct androidboot.baseband to use */
switch(target_baseband())
{
case BASEBAND_APQ:
cmdline_len += strlen(baseband_apq);
break;
case BASEBAND_MSM:
cmdline_len += strlen(baseband_msm);
break;
case BASEBAND_CSFB:
cmdline_len += strlen(baseband_csfb);
break;
case BASEBAND_SVLTE2A:
cmdline_len += strlen(baseband_svlte2a);
break;
case BASEBAND_MDM:
cmdline_len += strlen(baseband_mdm);
break;
case BASEBAND_SGLTE:
cmdline_len += strlen(baseband_sglte);
break;
}
if (cmdline_len > 0) {
const char *src;
char *dst = malloc((cmdline_len + 4) & (~3));
assert(dst != NULL);
/* Save start ptr for debug print */
cmdline_final = dst;
if (have_cmdline) {
src = cmdline;
while ((*dst++ = *src++));
}
if (target_is_emmc_boot()) {
src = emmc_cmdline;
if (have_cmdline) --dst;
have_cmdline = 1;
while ((*dst++ = *src++));
}
src = usb_sn_cmdline;
if (have_cmdline) --dst;
have_cmdline = 1;
while ((*dst++ = *src++));
src = sn_buf;
if (have_cmdline) --dst;
have_cmdline = 1;
while ((*dst++ = *src++));
if (pause_at_bootup) {
src = battchg_pause;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
}
if(target_use_signed_kernel() && auth_kernel_img) {
src = auth_kernel;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
}
switch(target_baseband())
{
case BASEBAND_APQ:
src = baseband_apq;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
case BASEBAND_MSM:
src = baseband_msm;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
case BASEBAND_CSFB:
src = baseband_csfb;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
case BASEBAND_SVLTE2A:
src = baseband_svlte2a;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
case BASEBAND_MDM:
src = baseband_mdm;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
case BASEBAND_SGLTE:
src = baseband_sglte;
if (have_cmdline) --dst;
while ((*dst++ = *src++));
break;
}
}
return cmdline_final;
}
unsigned *atag_core(unsigned *ptr)
{
/* CORE */
*ptr++ = 2;
*ptr++ = 0x54410001;
return ptr;
}
unsigned *atag_ramdisk(unsigned *ptr, void *ramdisk,
unsigned ramdisk_size)
{
if (ramdisk_size) {
*ptr++ = 4;
*ptr++ = 0x54420005;
*ptr++ = (unsigned)ramdisk;
*ptr++ = ramdisk_size;
}
return ptr;
}
unsigned *atag_ptable(unsigned **ptr_addr)
{
int i;
struct ptable *ptable;
if ((ptable = flash_get_ptable()) && (ptable->count != 0)) {
*(*ptr_addr)++ = 2 + (ptable->count * (sizeof(struct atag_ptbl_entry) /
sizeof(unsigned)));
*(*ptr_addr)++ = 0x4d534d70;
for (i = 0; i < ptable->count; ++i)
ptentry_to_tag(ptr_addr, ptable_get(ptable, i));
}
return (*ptr_addr);
}
unsigned *atag_cmdline(unsigned *ptr, const char *cmdline)
{
int cmdline_length = 0;
int n;
unsigned char *cmdline_final = NULL;
char *dest;
cmdline_final = update_cmdline(cmdline);
if (cmdline_final){
dprintf(INFO, "cmdline: %s\n", cmdline_final);
}
cmdline_length =strlen(cmdline_final);
n = (cmdline_length + 4) & (~3);
*ptr++ = (n / 4) + 2;
*ptr++ = 0x54410009;
dest = (char *) ptr;
while (*dest++ = *cmdline_final++);
ptr += (n / 4);
return ptr;
}
unsigned *atag_end(unsigned *ptr)
{
/* END */
*ptr++ = 0;
*ptr++ = 0;
return ptr;
}
void generate_atags(unsigned *ptr, const char *cmdline,
void *ramdisk, unsigned ramdisk_size)
{
ptr = atag_core(ptr);
ptr = atag_ramdisk(ptr, ramdisk, ramdisk_size);
ptr = target_atag_mem(ptr);
/* Skip NAND partition ATAGS for eMMC boot */
if (!target_is_emmc_boot()){
ptr = atag_ptable(&ptr);
}
ptr = atag_cmdline(ptr, cmdline);
ptr = atag_end(ptr);
}
void boot_linux(void *kernel, unsigned *tags,
const char *cmdline, unsigned machtype,
void *ramdisk, unsigned ramdisk_size)
{
int ret = 0;
void (*entry)(unsigned, unsigned, unsigned*) = kernel;
#if DEVICE_TREE
/* Update the Device Tree */
ret = update_device_tree(tags, cmdline, ramdisk, ramdisk_size);
if(ret)
{
dprintf(CRITICAL, "ERROR: Updating Device Tree Failed \n");
ASSERT(0);
}
#else
/* Generating the Atags */
generate_atags(tags, cmdline, ramdisk, ramdisk_size);
#endif
dprintf(INFO, "booting linux @ %p, ramdisk @ %p (%d)\n",
kernel, ramdisk, ramdisk_size);
enter_critical_section();
/* do any platform specific cleanup before kernel entry */
platform_uninit();
arch_disable_cache(UCACHE);
/* NOTE:
* The value of "entry" is getting corrupted at this point.
* The value is in R4 and gets pushed to stack on entry into
* disable_cache(), however, on return it is not the same.
* Not entirely sure why this dsb() seems to take of this.
* The stack pop operation on return from disable_cache()
* should restore R4 properly, but that is not happening.
* Will need to revisit to find the root cause.
*/
dsb();
arch_disable_mmu();
entry(0, machtype, tags);
}
unsigned page_size = 0;
unsigned page_mask = 0;
#define ROUND_TO_PAGE(x,y) (((x) + (y)) & (~(y)))
static unsigned char buf[4096]; //Equal to max-supported pagesize
static unsigned char dt_buf[4096];
int boot_linux_from_mmc(void)
{
struct boot_img_hdr *hdr = (void*) buf;
struct boot_img_hdr *uhdr;
unsigned offset = 0;
unsigned long long ptn = 0;
unsigned n = 0;
const char *cmdline;
int index = INVALID_PTN;
unsigned char *image_addr = 0;
unsigned kernel_actual;
unsigned ramdisk_actual;
unsigned imagesize_actual;
unsigned second_actual = 0;
unsigned dt_actual = 0;
#if DEVICE_TREE
struct dt_table *table;
struct dt_entry *dt_entry_ptr;
unsigned dt_table_offset;
#endif
uhdr = (struct boot_img_hdr *)EMMC_BOOT_IMG_HEADER_ADDR;
if (!memcmp(uhdr->magic, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
dprintf(INFO, "Unified boot method!\n");
hdr = uhdr;
goto unified_boot;
}
if (!boot_into_recovery) {
index = partition_get_index("boot");
ptn = partition_get_offset(index);
if(ptn == 0) {
dprintf(CRITICAL, "ERROR: No boot partition found\n");
return -1;
}
}
else {
index = partition_get_index("recovery");
ptn = partition_get_offset(index);
if(ptn == 0) {
dprintf(CRITICAL, "ERROR: No recovery partition found\n");
return -1;
}
}
if (mmc_read(ptn + offset, (unsigned int *) buf, page_size)) {
dprintf(CRITICAL, "ERROR: Cannot read boot image header\n");
return -1;
}
if (memcmp(hdr->magic, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
dprintf(CRITICAL, "ERROR: Invalid boot image header\n");
return -1;
}
if (hdr->page_size && (hdr->page_size != page_size)) {
page_size = hdr->page_size;
page_mask = page_size - 1;
}
/* Authenticate Kernel */
if(target_use_signed_kernel() && (!device.is_unlocked) && (!device.is_tampered))
{
image_addr = (unsigned char *)target_get_scratch_address();
kernel_actual = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
second_actual = ROUND_TO_PAGE(hdr->second_size, page_mask);
dt_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
imagesize_actual = (page_size + kernel_actual + ramdisk_actual + second_actual +
dt_actual);
offset = 0;
/* Assuming device rooted at this time */
device.is_tampered = 1;
/* Read image without signature */
if (mmc_read(ptn + offset, (void *)image_addr, imagesize_actual))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image\n");
return -1;
}
offset = imagesize_actual;
/* Read signature */
if(mmc_read(ptn + offset, (void *)(image_addr + offset), page_size))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image signature\n");
}
else
{
auth_kernel_img = image_verify((unsigned char *)image_addr,
(unsigned char *)(image_addr + imagesize_actual),
imagesize_actual,
CRYPTO_AUTH_ALG_SHA256);
if(auth_kernel_img)
{
/* Authorized kernel */
device.is_tampered = 0;
}
}
/* Move kernel, ramdisk and device tree to correct address */
memmove((void*) hdr->kernel_addr, (char *)(image_addr + page_size), hdr->kernel_size);
memmove((void*) hdr->ramdisk_addr, (char *)(image_addr + page_size + kernel_actual), hdr->ramdisk_size);
#if DEVICE_TREE
if(hdr->dt_size) {
table = (struct dt_table*) dt_buf;
dt_table_offset = (image_addr + page_size + kernel_actual + ramdisk_actual + second_actual);
memmove((void *) dt_buf, (char *)dt_table_offset, page_size);
/* Restriction that the device tree entry table should be less than a page*/
ASSERT(((table->num_entries * sizeof(struct dt_entry))+ DEV_TREE_HEADER_SIZE) < hdr->page_size);
/* Validate the device tree table header */
if((table->magic != DEV_TREE_MAGIC) && (table->version != DEV_TREE_VERSION)) {
dprintf(CRITICAL, "ERROR: Cannot validate Device Tree Table \n");
return -1;
}
/* Find index of device tree within device tree table */
if((dt_entry_ptr = get_device_tree_ptr(table)) == NULL){
dprintf(CRITICAL, "ERROR: Device Tree Blob cannot be found\n");
return -1;
}
/* Read device device tree in the "tags_add */
memmove((void *)hdr->tags_addr, (char *)dt_table_offset + dt_entry_ptr->offset, dt_entry_ptr->size);
}
#endif
/* Make sure everything from scratch address is read before next step!*/
if(device.is_tampered)
{
write_device_info_mmc(&device);
#ifdef TZ_TAMPER_FUSE
set_tamper_fuse_cmd();
#endif
}
#if USE_PCOM_SECBOOT
set_tamper_flag(device.is_tampered);
#endif
}
else
{
offset += page_size;
n = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
if (mmc_read(ptn + offset, (void *)hdr->kernel_addr, n)) {
dprintf(CRITICAL, "ERROR: Cannot read kernel image\n");
return -1;
}
offset += n;
n = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
if(n != 0)
{
if (mmc_read(ptn + offset, (void *)hdr->ramdisk_addr, n)) {
dprintf(CRITICAL, "ERROR: Cannot read ramdisk image\n");
return -1;
}
}
offset += n;
if(hdr->second_size != 0) {
n = ROUND_TO_PAGE(hdr->second_size, page_mask);
offset += n;
}
#if DEVICE_TREE
if(hdr->dt_size != 0) {
/* Read the device tree table into buffer */
if(mmc_read(ptn + offset,(unsigned int *) dt_buf, page_size)) {
dprintf(CRITICAL, "ERROR: Cannot read the Device Tree Table\n");
return -1;
}
table = (struct dt_table*) dt_buf;
/* Restriction that the device tree entry table should be less than a page*/
ASSERT(((table->num_entries * sizeof(struct dt_entry))+ DEV_TREE_HEADER_SIZE) < hdr->page_size);
/* Validate the device tree table header */
if((table->magic != DEV_TREE_MAGIC) && (table->version != DEV_TREE_VERSION)) {
dprintf(CRITICAL, "ERROR: Cannot validate Device Tree Table \n");
return -1;
}
/* Calculate the offset of device tree within device tree table */
if((dt_entry_ptr = get_device_tree_ptr(table)) == NULL){
dprintf(CRITICAL, "ERROR: Getting device tree address failed\n");
return -1;
}
/* Read device device tree in the "tags_add */
hdr->tags_addr = 0x8400000;
if(mmc_read(ptn + offset + dt_entry_ptr->offset,
(void *)hdr->tags_addr, dt_entry_ptr->size)) {
dprintf(CRITICAL, "ERROR: Cannot read device tree\n");
return -1;
}
}
#endif
}
unified_boot:
dprintf(INFO, "\nkernel @ %x (%d bytes)\n", hdr->kernel_addr,
hdr->kernel_size);
dprintf(INFO, "ramdisk @ %x (%d bytes)\n", hdr->ramdisk_addr,
hdr->ramdisk_size);
if(hdr->cmdline[0]) {
cmdline = (char*) hdr->cmdline;
} else {
cmdline = DEFAULT_CMDLINE;
}
dprintf(INFO, "cmdline = '%s'\n", cmdline);
dprintf(INFO, "\nBooting Linux\n");
boot_linux((void *)hdr->kernel_addr, (unsigned *) hdr->tags_addr,
(const char *)cmdline, board_machtype(),
(void *)hdr->ramdisk_addr, hdr->ramdisk_size);
return 0;
}
int boot_linux_from_flash(void)
{
struct boot_img_hdr *hdr = (void*) buf;
unsigned n;
struct ptentry *ptn;
struct ptable *ptable;
unsigned offset = 0;
const char *cmdline;
unsigned char *image_addr = 0;
unsigned kernel_actual;
unsigned ramdisk_actual;
unsigned imagesize_actual;
if (target_is_emmc_boot()) {
hdr = (struct boot_img_hdr *)EMMC_BOOT_IMG_HEADER_ADDR;
if (memcmp(hdr->magic, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
dprintf(CRITICAL, "ERROR: Invalid boot image header\n");
return -1;
}
goto continue_boot;
}
ptable = flash_get_ptable();
if (ptable == NULL) {
dprintf(CRITICAL, "ERROR: Partition table not found\n");
return -1;
}
if(!boot_into_recovery)
{
ptn = ptable_find(ptable, "boot");
if (ptn == NULL) {
dprintf(CRITICAL, "ERROR: No boot partition found\n");
return -1;
}
}
else
{
ptn = ptable_find(ptable, "recovery");
if (ptn == NULL) {
dprintf(CRITICAL, "ERROR: No recovery partition found\n");
return -1;
}
}
if (flash_read(ptn, offset, buf, page_size)) {
dprintf(CRITICAL, "ERROR: Cannot read boot image header\n");
return -1;
}
if (memcmp(hdr->magic, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
dprintf(CRITICAL, "ERROR: Invalid boot image header\n");
return -1;
}
if (hdr->page_size != page_size) {
dprintf(CRITICAL, "ERROR: Invalid boot image pagesize. Device pagesize: %d, Image pagesize: %d\n",page_size,hdr->page_size);
return -1;
}
/* Authenticate Kernel */
if(target_use_signed_kernel() && (!device.is_unlocked) && (!device.is_tampered))
{
image_addr = (unsigned char *)target_get_scratch_address();
kernel_actual = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
imagesize_actual = (page_size + kernel_actual + ramdisk_actual);
offset = 0;
/* Assuming device rooted at this time */
device.is_tampered = 1;
/* Read image without signature */
if (flash_read(ptn, offset, (void *)image_addr, imagesize_actual))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image\n");
return -1;
}
offset = imagesize_actual;
/* Read signature */
if (flash_read(ptn, offset, (void *)(image_addr + offset), page_size))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image signature\n");
}
else
{
/* Verify signature */
auth_kernel_img = image_verify((unsigned char *)image_addr,
(unsigned char *)(image_addr + imagesize_actual),
imagesize_actual,
CRYPTO_AUTH_ALG_SHA256);
if(auth_kernel_img)
{
/* Authorized kernel */
device.is_tampered = 0;
}
}
/* Move kernel and ramdisk to correct address */
memmove((void*) hdr->kernel_addr, (char *)(image_addr + page_size), hdr->kernel_size);
memmove((void*) hdr->ramdisk_addr, (char *)(image_addr + page_size + kernel_actual), hdr->ramdisk_size);
/* Make sure everything from scratch address is read before next step!*/
if(device.is_tampered)
{
write_device_info_flash(&device);
}
#if USE_PCOM_SECBOOT
set_tamper_flag(device.is_tampered);
#endif
}
else
{
offset = page_size;
n = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
if (flash_read(ptn, offset, (void *)hdr->kernel_addr, n)) {
dprintf(CRITICAL, "ERROR: Cannot read kernel image\n");
return -1;
}
offset += n;
n = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
if (flash_read(ptn, offset, (void *)hdr->ramdisk_addr, n)) {
dprintf(CRITICAL, "ERROR: Cannot read ramdisk image\n");
return -1;
}
offset += n;
}
continue_boot:
dprintf(INFO, "\nkernel @ %x (%d bytes)\n", hdr->kernel_addr,
hdr->kernel_size);
dprintf(INFO, "ramdisk @ %x (%d bytes)\n", hdr->ramdisk_addr,
hdr->ramdisk_size);
if(hdr->cmdline[0]) {
cmdline = (char*) hdr->cmdline;
} else {
cmdline = DEFAULT_CMDLINE;
}
dprintf(INFO, "cmdline = '%s'\n", cmdline);
/* TODO: create/pass atags to kernel */
dprintf(INFO, "\nBooting Linux\n");
boot_linux((void *)hdr->kernel_addr, (void *)hdr->tags_addr,
(const char *)cmdline, board_machtype(),
(void *)hdr->ramdisk_addr, hdr->ramdisk_size);
return 0;
}
unsigned char info_buf[4096];
void write_device_info_mmc(device_info *dev)
{
struct device_info *info = (void*) info_buf;
unsigned long long ptn = 0;
unsigned long long size;
int index = INVALID_PTN;
index = partition_get_index("aboot");
ptn = partition_get_offset(index);
if(ptn == 0)
{
return;
}
size = partition_get_size(index);
memcpy(info, dev, sizeof(device_info));
if(mmc_write((ptn + size - 512), 512, (void *)info_buf))
{
dprintf(CRITICAL, "ERROR: Cannot write device info\n");
return;
}
}
void read_device_info_mmc(device_info *dev)
{
struct device_info *info = (void*) info_buf;
unsigned long long ptn = 0;
unsigned long long size;
int index = INVALID_PTN;
index = partition_get_index("aboot");
ptn = partition_get_offset(index);
if(ptn == 0)
{
return;
}
size = partition_get_size(index);
if(mmc_read((ptn + size - 512), (void *)info_buf, 512))
{
dprintf(CRITICAL, "ERROR: Cannot read device info\n");
return;
}
if (memcmp(info->magic, DEVICE_MAGIC, DEVICE_MAGIC_SIZE))
{
memcpy(info->magic, DEVICE_MAGIC, DEVICE_MAGIC_SIZE);
info->is_unlocked = 0;
info->is_tampered = 0;
write_device_info_mmc(info);
}
memcpy(dev, info, sizeof(device_info));
}
void write_device_info_flash(device_info *dev)
{
struct device_info *info = (void *) info_buf;
struct ptentry *ptn;
struct ptable *ptable;
ptable = flash_get_ptable();
if (ptable == NULL)
{
dprintf(CRITICAL, "ERROR: Partition table not found\n");
return;
}
ptn = ptable_find(ptable, "devinfo");
if (ptn == NULL)
{
dprintf(CRITICAL, "ERROR: No boot partition found\n");
return;
}
memcpy(info, dev, sizeof(device_info));
if (flash_write(ptn, 0, (void *)info_buf, page_size))
{
dprintf(CRITICAL, "ERROR: Cannot write device info\n");
return;
}
}
void read_device_info_flash(device_info *dev)
{
struct device_info *info = (void*) info_buf;
struct ptentry *ptn;
struct ptable *ptable;
ptable = flash_get_ptable();
if (ptable == NULL)
{
dprintf(CRITICAL, "ERROR: Partition table not found\n");
return;
}
ptn = ptable_find(ptable, "devinfo");
if (ptn == NULL)
{
dprintf(CRITICAL, "ERROR: No boot partition found\n");
return;
}
if (flash_read(ptn, 0, (void *)info_buf, page_size))
{
dprintf(CRITICAL, "ERROR: Cannot write device info\n");
return;
}
if (memcmp(info->magic, DEVICE_MAGIC, DEVICE_MAGIC_SIZE))
{
memcpy(info->magic, DEVICE_MAGIC, DEVICE_MAGIC_SIZE);
info->is_unlocked = 0;
info->is_tampered = 0;
write_device_info_flash(info);
}
memcpy(dev, info, sizeof(device_info));
}
void write_device_info(device_info *dev)
{
if(target_is_emmc_boot())
{
write_device_info_mmc(dev);
}
else
{
write_device_info_flash(dev);
}
}
void read_device_info(device_info *dev)
{
if(target_is_emmc_boot())
{
read_device_info_mmc(dev);
}
else
{
read_device_info_flash(dev);
}
}
void reset_device_info()
{
dprintf(ALWAYS, "reset_device_info called.");
device.is_tampered = 0;
write_device_info(&device);
}
void set_device_root()
{
dprintf(ALWAYS, "set_device_root called.");
device.is_tampered = 1;
write_device_info(&device);
}
void cmd_boot(const char *arg, void *data, unsigned sz)
{
unsigned kernel_actual;
unsigned ramdisk_actual;
static struct boot_img_hdr hdr;
char *ptr = ((char*) data);
if (sz < sizeof(hdr)) {
fastboot_fail("invalid bootimage header");
return;
}
memcpy(&hdr, data, sizeof(hdr));
/* ensure commandline is terminated */
hdr.cmdline[BOOT_ARGS_SIZE-1] = 0;
if(target_is_emmc_boot() && hdr.page_size) {
page_size = hdr.page_size;
page_mask = page_size - 1;
}
kernel_actual = ROUND_TO_PAGE(hdr.kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr.ramdisk_size, page_mask);
/* sz should have atleast raw boot image */
if (page_size + kernel_actual + ramdisk_actual > sz) {
fastboot_fail("incomplete bootimage");
return;
}
memmove((void*) hdr.kernel_addr, ptr + page_size, hdr.kernel_size);
memmove((void*) hdr.ramdisk_addr, ptr + page_size + kernel_actual, hdr.ramdisk_size);
fastboot_okay("");
udc_stop();
boot_linux((void*) hdr.kernel_addr, (void*) hdr.tags_addr,
(const char*) hdr.cmdline, board_machtype(),
(void*) hdr.ramdisk_addr, hdr.ramdisk_size);
}
void cmd_erase(const char *arg, void *data, unsigned sz)
{
struct ptentry *ptn;
struct ptable *ptable;
ptable = flash_get_ptable();
if (ptable == NULL) {
fastboot_fail("partition table doesn't exist");
return;
}
ptn = ptable_find(ptable, arg);
if (ptn == NULL) {
fastboot_fail("unknown partition name");
return;
}
if (flash_erase(ptn)) {
fastboot_fail("failed to erase partition");
return;
}
fastboot_okay("");
}
void cmd_erase_mmc(const char *arg, void *data, unsigned sz)
{
unsigned long long ptn = 0;
unsigned int out[512] = {0};
int index = INVALID_PTN;
index = partition_get_index(arg);
ptn = partition_get_offset(index);
if(ptn == 0) {
fastboot_fail("Partition table doesn't exist\n");
return;
}
/* Simple inefficient version of erase. Just writing
0 in first block */
if (mmc_write(ptn , 512, (unsigned int *)out)) {
fastboot_fail("failed to erase partition");
return;
}
fastboot_okay("");
}
void cmd_flash_mmc_img(const char *arg, void *data, unsigned sz)
{
unsigned long long ptn = 0;
unsigned long long size = 0;
int index = INVALID_PTN;
if (!strcmp(arg, "partition"))
{
dprintf(INFO, "Attempt to write partition image.\n");
if (write_partition(sz, (unsigned char *) data)) {
fastboot_fail("failed to write partition");
return;
}
}
else
{
index = partition_get_index(arg);
ptn = partition_get_offset(index);
if(ptn == 0) {
fastboot_fail("partition table doesn't exist");
return;
}
if (!strcmp(arg, "boot") || !strcmp(arg, "recovery")) {
if (memcmp((void *)data, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
fastboot_fail("image is not a boot image");
return;
}
}
size = partition_get_size(index);
if (ROUND_TO_PAGE(sz,511) > size) {
fastboot_fail("size too large");
return;
}
else if (mmc_write(ptn , sz, (unsigned int *)data)) {
fastboot_fail("flash write failure");
return;
}
}
fastboot_okay("");
return;
}
void cmd_flash_mmc_sparse_img(const char *arg, void *data, unsigned sz)
{
unsigned int chunk;
unsigned int chunk_data_sz;
sparse_header_t *sparse_header;
chunk_header_t *chunk_header;
uint32_t total_blocks = 0;
unsigned long long ptn = 0;
unsigned long long size = 0;
int index = INVALID_PTN;
index = partition_get_index(arg);
ptn = partition_get_offset(index);
if(ptn == 0) {
fastboot_fail("partition table doesn't exist");
return;
}
size = partition_get_size(index);
if (ROUND_TO_PAGE(sz,511) > size) {
fastboot_fail("size too large");
return;
}
/* Read and skip over sparse image header */
sparse_header = (sparse_header_t *) data;
data += sparse_header->file_hdr_sz;
if(sparse_header->file_hdr_sz > sizeof(sparse_header_t))
{
/* Skip the remaining bytes in a header that is longer than
* we expected.
*/
data += (sparse_header->file_hdr_sz - sizeof(sparse_header_t));
}
dprintf (SPEW, "=== Sparse Image Header ===\n");
dprintf (SPEW, "magic: 0x%x\n", sparse_header->magic);
dprintf (SPEW, "major_version: 0x%x\n", sparse_header->major_version);
dprintf (SPEW, "minor_version: 0x%x\n", sparse_header->minor_version);
dprintf (SPEW, "file_hdr_sz: %d\n", sparse_header->file_hdr_sz);
dprintf (SPEW, "chunk_hdr_sz: %d\n", sparse_header->chunk_hdr_sz);
dprintf (SPEW, "blk_sz: %d\n", sparse_header->blk_sz);
dprintf (SPEW, "total_blks: %d\n", sparse_header->total_blks);
dprintf (SPEW, "total_chunks: %d\n", sparse_header->total_chunks);
/* Start processing chunks */
for (chunk=0; chunk<sparse_header->total_chunks; chunk++)
{
/* Read and skip over chunk header */
chunk_header = (chunk_header_t *) data;
data += sizeof(chunk_header_t);
dprintf (SPEW, "=== Chunk Header ===\n");
dprintf (SPEW, "chunk_type: 0x%x\n", chunk_header->chunk_type);
dprintf (SPEW, "chunk_data_sz: 0x%x\n", chunk_header->chunk_sz);
dprintf (SPEW, "total_size: 0x%x\n", chunk_header->total_sz);
if(sparse_header->chunk_hdr_sz > sizeof(chunk_header_t))
{
/* Skip the remaining bytes in a header that is longer than
* we expected.
*/
data += (sparse_header->chunk_hdr_sz - sizeof(chunk_header_t));
}
chunk_data_sz = sparse_header->blk_sz * chunk_header->chunk_sz;
switch (chunk_header->chunk_type)
{
case CHUNK_TYPE_RAW:
if(chunk_header->total_sz != (sparse_header->chunk_hdr_sz +
chunk_data_sz))
{
fastboot_fail("Bogus chunk size for chunk type Raw");
return;
}
if(mmc_write(ptn + ((uint64_t)total_blocks*sparse_header->blk_sz),
chunk_data_sz,
(unsigned int*)data))
{
fastboot_fail("flash write failure");
return;
}
total_blocks += chunk_header->chunk_sz;
data += chunk_data_sz;
break;
case CHUNK_TYPE_DONT_CARE:
total_blocks += chunk_header->chunk_sz;
break;
case CHUNK_TYPE_CRC:
if(chunk_header->total_sz != sparse_header->chunk_hdr_sz)
{
fastboot_fail("Bogus chunk size for chunk type Dont Care");
return;
}
total_blocks += chunk_header->chunk_sz;
data += chunk_data_sz;
break;
default:
fastboot_fail("Unknown chunk type");
return;
}
}
dprintf(INFO, "Wrote %d blocks, expected to write %d blocks\n",
total_blocks, sparse_header->total_blks);
if(total_blocks != sparse_header->total_blks)
{
fastboot_fail("sparse image write failure");
}
fastboot_okay("");
return;
}
void cmd_flash_mmc(const char *arg, void *data, unsigned sz)
{
sparse_header_t *sparse_header;
/* 8 Byte Magic + 2048 Byte xml + Encrypted Data */
unsigned int *magic_number = (unsigned int *) data;
int ret=0;
if (magic_number[0] == DECRYPT_MAGIC_0 &&
magic_number[1] == DECRYPT_MAGIC_1)
{
#ifdef SSD_ENABLE
ret = decrypt_scm((uint32 **) &data, &sz);
#endif
if (ret != 0) {
dprintf(CRITICAL, "ERROR: Invalid secure image\n");
return;
}
}
else if (magic_number[0] == ENCRYPT_MAGIC_0 &&
magic_number[1] == ENCRYPT_MAGIC_1)
{
#ifdef SSD_ENABLE
ret = encrypt_scm((uint32 **) &data, &sz);
#endif
if (ret != 0) {
dprintf(CRITICAL, "ERROR: Encryption Failure\n");
return;
}
}
sparse_header = (sparse_header_t *) data;
if (sparse_header->magic != SPARSE_HEADER_MAGIC)
cmd_flash_mmc_img(arg, data, sz);
else
cmd_flash_mmc_sparse_img(arg, data, sz);
return;
}
void cmd_flash(const char *arg, void *data, unsigned sz)
{
struct ptentry *ptn;
struct ptable *ptable;
unsigned extra = 0;
ptable = flash_get_ptable();
if (ptable == NULL) {
fastboot_fail("partition table doesn't exist");
return;
}
ptn = ptable_find(ptable, arg);
if (ptn == NULL) {
fastboot_fail("unknown partition name");
return;
}
if (!strcmp(ptn->name, "boot") || !strcmp(ptn->name, "recovery")) {
if (memcmp((void *)data, BOOT_MAGIC, BOOT_MAGIC_SIZE)) {
fastboot_fail("image is not a boot image");
return;
}
}
if (!strcmp(ptn->name, "system")
|| !strcmp(ptn->name, "userdata")
|| !strcmp(ptn->name, "persist")
|| !strcmp(ptn->name, "recoveryfs")) {
if (flash_ecc_bch_enabled())
/* Spare data bytes for 8 bit ECC increased by 4 */
extra = ((page_size >> 9) * 20);
else
extra = ((page_size >> 9) * 16);
} else
sz = ROUND_TO_PAGE(sz, page_mask);
dprintf(INFO, "writing %d bytes to '%s'\n", sz, ptn->name);
if (flash_write(ptn, extra, data, sz)) {
fastboot_fail("flash write failure");
return;
}
dprintf(INFO, "partition '%s' updated\n", ptn->name);
fastboot_okay("");
}
void cmd_continue(const char *arg, void *data, unsigned sz)
{
fastboot_okay("");
udc_stop();
if (target_is_emmc_boot())
{
boot_linux_from_mmc();
}
else
{
boot_linux_from_flash();
}
}
void cmd_reboot(const char *arg, void *data, unsigned sz)
{
dprintf(INFO, "rebooting the device\n");
fastboot_okay("");
reboot_device(0);
}
void cmd_reboot_bootloader(const char *arg, void *data, unsigned sz)
{
dprintf(INFO, "rebooting the device\n");
fastboot_okay("");
reboot_device(FASTBOOT_MODE);
}
void cmd_oem_unlock(const char *arg, void *data, unsigned sz)
{
if(!device.is_unlocked)
{
device.is_unlocked = 1;
write_device_info(&device);
}
fastboot_okay("");
}
void cmd_oem_devinfo(const char *arg, void *data, unsigned sz)
{
char response[64];
snprintf(response, 64, "\tDevice tampered: %s", (device.is_tampered ? "true" : "false"));
fastboot_info(response);
snprintf(response, 64, "\tDevice unlocked: %s", (device.is_unlocked ? "true" : "false"));
fastboot_info(response);
fastboot_okay("");
}
void splash_screen ()
{
struct ptentry *ptn;
struct ptable *ptable;
struct fbcon_config *fb_display = NULL;
if (!target_is_emmc_boot())
{
ptable = flash_get_ptable();
if (ptable == NULL) {
dprintf(CRITICAL, "ERROR: Partition table not found\n");
return;
}
ptn = ptable_find(ptable, "splash");
if (ptn == NULL) {
dprintf(CRITICAL, "ERROR: No splash partition found\n");
} else {
fb_display = fbcon_display();
if (fb_display) {
if (flash_read(ptn, 0, fb_display->base,
(fb_display->width * fb_display->height * fb_display->bpp/8))) {
fbcon_clear();
dprintf(CRITICAL, "ERROR: Cannot read splash image\n");
}
}
}
}
}
void aboot_init(const struct app_descriptor *app)
{
unsigned reboot_mode = 0;
unsigned usb_init = 0;
unsigned sz = 0;
/* Setup page size information for nand/emmc reads */
if (target_is_emmc_boot())
{
page_size = 2048;
page_mask = page_size - 1;
}
else
{
page_size = flash_page_size();
page_mask = page_size - 1;
}
if(target_use_signed_kernel())
{
read_device_info(&device);
}
target_serialno((unsigned char *) sn_buf);
dprintf(SPEW,"serial number: %s\n",sn_buf);
surf_udc_device.serialno = sn_buf;
/* Check if we should do something other than booting up */
if (keys_get_state(KEY_HOME) != 0)
boot_into_recovery = 1;
if (keys_get_state(KEY_VOLUMEUP) != 0)
boot_into_recovery = 1;
if(!boot_into_recovery)
{
if (keys_get_state(KEY_BACK) != 0)
goto fastboot;
if (keys_get_state(KEY_VOLUMEDOWN) != 0)
goto fastboot;
}
#if NO_KEYPAD_DRIVER
if (fastboot_trigger())
goto fastboot;
#endif
reboot_mode = check_reboot_mode();
if (reboot_mode == RECOVERY_MODE) {
boot_into_recovery = 1;
} else if(reboot_mode == FASTBOOT_MODE) {
goto fastboot;
}
if (target_is_emmc_boot())
{
if(emmc_recovery_init())
dprintf(ALWAYS,"error in emmc_recovery_init\n");
if(target_use_signed_kernel())
{
if((device.is_unlocked) || (device.is_tampered))
{
#ifdef TZ_TAMPER_FUSE
set_tamper_fuse_cmd();
#endif
#if USE_PCOM_SECBOOT
set_tamper_flag(device.is_tampered);
#endif
}
}
boot_linux_from_mmc();
}
else
{
recovery_init();
#if USE_PCOM_SECBOOT
if((device.is_unlocked) || (device.is_tampered))
set_tamper_flag(device.is_tampered);
#endif
boot_linux_from_flash();
}
dprintf(CRITICAL, "ERROR: Could not do normal boot. Reverting "
"to fastboot mode.\n");
fastboot:
target_fastboot_init();
if(!usb_init)
udc_init(&surf_udc_device);
fastboot_register("boot", cmd_boot);
if (target_is_emmc_boot())
{
fastboot_register("flash:", cmd_flash_mmc);
fastboot_register("erase:", cmd_erase_mmc);
}
else
{
fastboot_register("flash:", cmd_flash);
fastboot_register("erase:", cmd_erase);
}
fastboot_register("continue", cmd_continue);
fastboot_register("reboot", cmd_reboot);
fastboot_register("reboot-bootloader", cmd_reboot_bootloader);
fastboot_register("oem unlock", cmd_oem_unlock);
fastboot_register("oem device-info", cmd_oem_devinfo);
fastboot_publish("product", TARGET(BOARD));
fastboot_publish("kernel", "lk");
fastboot_publish("serialno", sn_buf);
partition_dump();
sz = target_get_max_flash_size();
fastboot_init(target_get_scratch_address(), sz);
udc_start();
}
APP_START(aboot)
.init = aboot_init,
APP_END
#if DEVICE_TREE
struct dt_entry * get_device_tree_ptr(struct dt_table *table)
{
unsigned i;
struct dt_entry *dt_entry_ptr;
dt_entry_ptr = (char *)table + DEV_TREE_HEADER_SIZE ;
for(i = 0; i < table->num_entries; i++)
{
if((dt_entry_ptr->platform_id == board_platform_id()) &&
(dt_entry_ptr->variant_id == board_hardware_id()) &&
(dt_entry_ptr->soc_rev == 0)){
return dt_entry_ptr;
}
dt_entry_ptr++;
}
return NULL;
}
int update_device_tree(const void * fdt, char *cmdline,
void *ramdisk, unsigned ramdisk_size)
{
int ret = 0;
int offset;
uint32_t *memory_reg;
unsigned char *final_cmdline;
uint32_t len;
/* Check the device tree header */
ret = fdt_check_header(fdt);
if(ret)
{
dprintf(CRITICAL, "Invalid device tree header \n");
return ret;
}
/* Get offset of the memory node */
offset = fdt_path_offset(fdt,"/memory");
memory_reg = target_dev_tree_mem(&len);
/* Adding the memory values to the reg property */
ret = fdt_setprop(fdt, offset, "reg", memory_reg, sizeof(uint32_t) * len * 2);
if(ret)
{
dprintf(CRITICAL, "ERROR: Cannot update memory node\n");
return ret;
}
/* Get offset of the chosen node */
offset = fdt_path_offset(fdt, "/chosen");
/* Adding the cmdline to the chosen node */
final_cmdline = update_cmdline(cmdline);
ret = fdt_setprop_string(fdt, offset, "bootargs", final_cmdline);
if(ret)
{
dprintf(CRITICAL, "ERROR: Cannot update chosen node [bootargs]\n");
return ret;
}
/* Adding the initrd-start to the chosen node */
ret = fdt_setprop_cell(fdt, offset, "linux,initrd-start", ramdisk);
if(ret)
{
dprintf(CRITICAL, "ERROR: Cannot update chosen node [linux,initrd-start]\n");
return ret;
}
/* Adding the initrd-end to the chosen node */
ret = fdt_setprop_cell(fdt, offset, "linux,initrd-end", (ramdisk + ramdisk_size));
if(ret)
{
dprintf(CRITICAL, "ERROR: Cannot update chosen node [linux,initrd-end]\n");
return ret;
}
fdt_pack(fdt);
return ret;
}
#endif