defendkey: script signing tool: support upgrade check [5/5]

PD#SWPL-3204 Problem: GXL/TXLX/G12A/G12B: script signing tool need to support defendkey Solution: 1.change dtb decrypt process Verify: GXL/TXLX/G12A/G12B skt board verify pass Change-Id: I165db827dec82837edb8a4a5197090bbd79d536d Signed-off-by: Zhongfu Luo <zhongfu.luo@amlogic.com>
2026-06-07 11:26:02 +09:00 · 2018-12-27 17:47:20 +08:00
parent 2709452f24
commit 61ae581366
2 changed files with 40 additions and 17 deletions
--- a/drivers/amlogic/defendkey/defendkey.c
+++ b/drivers/amlogic/defendkey/defendkey.c
@@ -134,8 +134,8 @@ static long defendkey_compat_ioctl(struct file *filp,
 static ssize_t defendkey_read(struct file *file,
 	char __user *buf, size_t count, loff_t *ppos)
 {
-	int i, ret;
-	unsigned long copy_base, copy_size;
+	int ret;
+	unsigned long copy_base, copy_size, mem_base_phy, check_offset;

 	switch (decrypt_dtb) {
 	case e_upgrade_check:
@@ -143,29 +143,44 @@ static ssize_t defendkey_read(struct file *file,
 		return ret_error;
 	case e_decrypt_dtb_success:
 	{
-		for (i = 0; i <= count/mem_size; i++) {
-			copy_size = mem_size;
-			copy_base = (unsigned long)buf+i*mem_size;
-			if ((i+1)*mem_size > count)
-				copy_size = count - mem_size*i;
-			ret = copy_to_user((void __user *)copy_base,
-				(const void *)mem_base_virt, copy_size);
-			if (ret) {
-				pr_err("%s:copy_to_user fail! ret:%d\n",
-					__func__, ret);
-				return ret_fail;
-			}
-		//__dma_flush_area((const void *)mem_base_virt, copy_size);
+		mem_base_phy = virt_to_phys(mem_base_virt);
+
+		check_offset = aml_sec_boot_check(AML_D_Q_IMG_SIG_HDR_SIZE,
+			mem_base_phy, mem_size, 0);
+		if (AML_D_Q_IMG_SIG_HDR_SIZE == (check_offset & 0xFFFF))
+			check_offset = (check_offset >> 16) & 0xFFFF;
+		else
+			check_offset = 0;
+
+		if (check_offset)
+			memmove((void *)mem_base_virt,
+				(void *)mem_base_virt + check_offset, mem_size);
+
+		if (mem_size < count) {
+			pr_err("%s:data size overflow!\n", __func__);
+			return ret_fail;
 		}
-		if (!ret) {
+
+		copy_base = (unsigned long)buf;
+		copy_size = count;
+		ret = copy_to_user((void __user *)copy_base,
+			(const void *)mem_base_virt, copy_size);
+		if (ret) {
+			pr_err("%s:copy_to_user fail! ret:%d\n",
+				__func__, ret);
+			ret = ret_fail;
+		} else {
 			pr_info("%s: copy data to user successfully!\n",
 				__func__);
-			return ret_success;
+			ret = ret_success;
 		}
+
 	}
 	default:
 		return ret_error;
 	}
+
+	return ret;
 }

 static ssize_t defendkey_write(struct file *file,
@@ -357,6 +372,7 @@ static struct class defendkey_class = {
 static int __init early_defendkey_para(char *buf)
 {
 	int ret;
+	struct page *page = NULL;

 	if (!buf)
 		return -EINVAL;
@@ -368,6 +384,12 @@ static int __init early_defendkey_para(char *buf)
 		return -EINVAL;
 	}

+	page = pfn_to_page(defendkey_rmem.base >> PAGE_SHIFT);
+	if (PageHighMem(page)) {
+		pr_err("invalid boot args \"defendkey\"\n");
+		return -EINVAL;
+	}
+
 	pr_info("%s, base:%lx, size:%lx\n",
 		__func__, defendkey_rmem.base, defendkey_rmem.size);

--- a/drivers/amlogic/defendkey/securekey.h
+++ b/drivers/amlogic/defendkey/securekey.h
@@ -18,6 +18,7 @@
 #if (defined CONFIG_ARM64) || (defined CONFIG_ARM64_A32)
 #define AML_D_P_UPGRADE_CHECK   (0x80)
 #define AML_D_P_IMG_DECRYPT     (0x40)
+#define AML_D_Q_IMG_SIG_HDR_SIZE	 (0x100)
 #define AML_DATA_PROCESS		(0x820000FF)
 #define GET_SHARE_MEM_INPUT_BASE	0x82000020