diff options
Diffstat (limited to 'arch/arm/cpu/armv7/rda/rda_romapi.c')
-rw-r--r-- | arch/arm/cpu/armv7/rda/rda_romapi.c | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/arch/arm/cpu/armv7/rda/rda_romapi.c b/arch/arm/cpu/armv7/rda/rda_romapi.c new file mode 100644 index 0000000000..3eca055ed5 --- /dev/null +++ b/arch/arm/cpu/armv7/rda/rda_romapi.c @@ -0,0 +1,133 @@ +/* + * Warning: + * + * This file is a mess of debugging and ROM bug workarounds. + */ + +/* Enable a workaround for a bug in the bootrom romapi. */ +#define RDA8810_VENDOR_EFUSE_WORKAROUND + +/* Enable debugging certificates in pdl1: */ +//#define RDA_CRYPTO_DEBUG_FAKE_ROMCERT + + + +#ifdef RDA_CRYPTO_DEBUG_FAKE_ROMCERT +/* + * Debugging version og get_chip_security_context(). + * This version is enabled with RDA_CRYPTO_DEBUG_FAKE_ROMCERT + * +TEST DATA + Use this secret key (file: rdatest.sec, pw: pa$$w0rd): + +"Comment: RDA PDL-Test-01 secret key +UkRBU0VkQksAAAAq0Ai4xjiIrmda3G8qI6q3B4gPbVQMPISmUkRBIFBETC1UZXN0LTAxACU+PXqYnPYI +gGYdDrpN5PljQAAht3pYTN4bNgtA6oRp/sEVIrSXZiEkZPRGsnqlGPGFRHn3MMsDZBz/FhZGdE1m2FnD +YYgQMg==" + */ +int get_chip_security_context( + struct chip_security_context *context, + struct pubkey *pubkey) +{ + const struct chip_security_context c = { + 3, 0x42, + RDA_SE_CFG_SECURITY_ENABLE_BIT | + RDA_SE_CFG_INDIRECT_SIGN_BIT | + RDA_SE_CFG_UNLOCK_ALLOWED + }; + const struct pubkey pk = { + /* Public key: rdatest.pub */ + {'R','D','A','S'}, {'E','d'},{}, "RDA PDL-Test-01 ", + { 0x25,0x3e,0x3d,0x7a,0x98,0x9c,0xf6,0x08 }, + { 0x7b,0x4a,0x5a,0xa8,0xa1,0xda,0x92,0xea,0x9e,0x90,0xa8,0x7e, + 0xfa,0x76,0x37,0x52,0xe0,0xe0,0x40,0x63,0x09,0x02,0xd3,0x86, + 0x8b,0x9d,0xe0,0xae,0xf3,0x57,0xd7,0x44 } + }; + + // Set the hardcoded debug public key and context + *context = c; + *pubkey = pk; + + return ROM_API_SECURITY_ENABLED; +} +#endif + + + +#ifdef RDA8810_VENDOR_EFUSE_WORKAROUND + +#include <common.h> +#include <asm/arch/rda_crypto.h> +#include <asm/arch/ispi.h> + +#define RDA_EFUSE_INDEX_SECURITY (11) + +/* + Fuse layout: + VVVVVVVV.T.H.I.S.KKKK + VVVVVVVV: Vendor ID - 6bit + 2bit armour + T: Trace disable + H: Host serial disable + I: Indirectly signed image + S: Security enable + KKKK: RDA Public Key Index - 3bit + 1 bit armour +*/ +/* define bit for rda se config */ +#define RDA_SE_CFG_KEY_INDEX(n) (((n)&0xF)<<0) +#define RDA_SE_CFG_GET_KEY_INDEX(r) (((r)>>0)&0xF) +#define RDA_SE_CFG_SECURITY_ENABLE_BIT (1<<4) +#define RDA_SE_CFG_INDIRECT_SIGN_BIT (1<<5) +#define RDA_SE_CFG_HOST_DISABLE_BIT (1<<6) +#define RDA_SE_CFG_TRACE_DISABLE_BIT (1<<7) +#define RDA_SE_CFG_VENDOR_ID(n) (((n)&0xFF)<<8) +#define RDA_SE_CFG_GET_VENDOR_ID(r) (((r)>>8)&0xFF) + +// RDA Public Key index map +// (armour 6 indexes in 4 bits) +static const uint8_t keyindex_map[16] = { + 15, 15, 15, 0, 15, 1, 2, 15, + 15, 3, 4, 15, 5, 15, 15, 15 +}; + +// Vendor ID +// (armour 50 vendor ID'd in 8 bits) +static int valid_vendor_id( unsigned vendor ) +{ + unsigned c; + unsigned i = vendor >> 2; + c = ((i & 0xaa)>>1) + (i & 0x55); + c = ((c & 0xcc)>>2) + (c & 0x33); + c = ((c & 0xf0)>>4) + (c & 0x0f); + return ((vendor & 3) + c) == 5; +} +#endif + + + + +#ifndef RDA_CRYPTO_DEBUG_FAKE_ROMCERT +int get_chip_security_context( + struct chip_security_context *context, + struct pubkey *pubkey) +{ + int ret = romapi->get_chip_security_context(context, pubkey); + +#ifdef RDA8810_VENDOR_EFUSE_WORKAROUND + if (ret == ROM_API_INVALID_VENDOR_ID && romapi->version == 100) { + uint16_t sec = rda_read_efuse(RDA_EFUSE_INDEX_SECURITY); + + // check validity of key index + int key = keyindex_map[RDA_SE_CFG_GET_KEY_INDEX(sec)]; + + // check validity of vendor id + int vendor = RDA_SE_CFG_GET_VENDOR_ID(sec); + if (valid_vendor_id(vendor)) { + context->rda_key_index = key; + context->vendor_id = vendor; + ret = 0; + } + } +#endif + return ret; +} +#endif |