mdt_loader.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Qualcomm Peripheral Image Loader
  4. *
  5. * Copyright (C) 2016 Linaro Ltd
  6. * Copyright (C) 2015 Sony Mobile Communications Inc
  7. * Copyright (c) 2012-2013, The Linux Foundation. All rights reserved.
  8. */
  9. #include <linux/cleanup.h>
  10. #include <linux/device.h>
  11. #include <linux/elf.h>
  12. #include <linux/firmware.h>
  13. #include <linux/kernel.h>
  14. #include <linux/module.h>
  15. #include <linux/firmware/qcom/qcom_scm.h>
  16. #include <linux/sizes.h>
  17. #include <linux/slab.h>
  18. #include <linux/soc/qcom/mdt_loader.h>
  19. static bool mdt_header_valid(const struct firmware *fw)
  20. {
  21. const struct elf32_hdr *ehdr;
  22. size_t phend;
  23. size_t shend;
  24. if (fw->size < sizeof(*ehdr))
  25. return false;
  26. ehdr = (struct elf32_hdr *)fw->data;
  27. if (memcmp(ehdr->e_ident, ELFMAG, SELFMAG))
  28. return false;
  29. if (ehdr->e_phentsize != sizeof(struct elf32_phdr))
  30. return false;
  31. phend = size_add(size_mul(sizeof(struct elf32_phdr), ehdr->e_phnum), ehdr->e_phoff);
  32. if (phend > fw->size)
  33. return false;
  34. if (ehdr->e_shentsize || ehdr->e_shnum) {
  35. if (ehdr->e_shentsize != sizeof(struct elf32_shdr))
  36. return false;
  37. shend = size_add(size_mul(sizeof(struct elf32_shdr), ehdr->e_shnum), ehdr->e_shoff);
  38. if (shend > fw->size)
  39. return false;
  40. }
  41. return true;
  42. }
  43. static bool mdt_phdr_loadable(const struct elf32_phdr *phdr)
  44. {
  45. if (phdr->p_type != PT_LOAD)
  46. return false;
  47. if ((phdr->p_flags & QCOM_MDT_TYPE_MASK) == QCOM_MDT_TYPE_HASH)
  48. return false;
  49. if (!phdr->p_memsz)
  50. return false;
  51. return true;
  52. }
  53. static ssize_t mdt_load_split_segment(void *ptr, const struct elf32_phdr *phdrs,
  54. unsigned int segment, const char *fw_name,
  55. struct device *dev)
  56. {
  57. const struct elf32_phdr *phdr = &phdrs[segment];
  58. const struct firmware *seg_fw;
  59. ssize_t ret;
  60. if (strlen(fw_name) < 4)
  61. return -EINVAL;
  62. char *seg_name __free(kfree) = kstrdup(fw_name, GFP_KERNEL);
  63. if (!seg_name)
  64. return -ENOMEM;
  65. sprintf(seg_name + strlen(fw_name) - 3, "b%02d", segment);
  66. ret = request_firmware_into_buf(&seg_fw, seg_name, dev,
  67. ptr, phdr->p_filesz);
  68. if (ret) {
  69. dev_err(dev, "error %zd loading %s\n", ret, seg_name);
  70. return ret;
  71. }
  72. if (seg_fw->size != phdr->p_filesz) {
  73. dev_err(dev,
  74. "failed to load segment %d from truncated file %s\n",
  75. segment, seg_name);
  76. ret = -EINVAL;
  77. }
  78. release_firmware(seg_fw);
  79. return ret;
  80. }
  81. /**
  82. * qcom_mdt_get_size() - acquire size of the memory region needed to load mdt
  83. * @fw: firmware object for the mdt file
  84. *
  85. * Returns size of the loaded firmware blob, or -EINVAL on failure.
  86. */
  87. ssize_t qcom_mdt_get_size(const struct firmware *fw)
  88. {
  89. const struct elf32_phdr *phdrs;
  90. const struct elf32_phdr *phdr;
  91. const struct elf32_hdr *ehdr;
  92. phys_addr_t min_addr = PHYS_ADDR_MAX;
  93. phys_addr_t max_addr = 0;
  94. int i;
  95. if (!mdt_header_valid(fw))
  96. return -EINVAL;
  97. ehdr = (struct elf32_hdr *)fw->data;
  98. phdrs = (struct elf32_phdr *)(fw->data + ehdr->e_phoff);
  99. for (i = 0; i < ehdr->e_phnum; i++) {
  100. phdr = &phdrs[i];
  101. if (!mdt_phdr_loadable(phdr))
  102. continue;
  103. if (phdr->p_paddr < min_addr)
  104. min_addr = phdr->p_paddr;
  105. if (phdr->p_paddr + phdr->p_memsz > max_addr)
  106. max_addr = ALIGN(phdr->p_paddr + phdr->p_memsz, SZ_4K);
  107. }
  108. return min_addr < max_addr ? max_addr - min_addr : -EINVAL;
  109. }
  110. EXPORT_SYMBOL_GPL(qcom_mdt_get_size);
  111. /**
  112. * qcom_mdt_read_metadata() - read header and metadata from mdt or mbn
  113. * @fw: firmware of mdt header or mbn
  114. * @data_len: length of the read metadata blob
  115. * @fw_name: name of the firmware, for construction of segment file names
  116. * @dev: device handle to associate resources with
  117. *
  118. * The mechanism that performs the authentication of the loading firmware
  119. * expects an ELF header directly followed by the segment of hashes, with no
  120. * padding inbetween. This function allocates a chunk of memory for this pair
  121. * and copy the two pieces into the buffer.
  122. *
  123. * In the case of split firmware the hash is found directly following the ELF
  124. * header, rather than at p_offset described by the second program header.
  125. *
  126. * The caller is responsible to free (kfree()) the returned pointer.
  127. *
  128. * Return: pointer to data, or ERR_PTR()
  129. */
  130. void *qcom_mdt_read_metadata(const struct firmware *fw, size_t *data_len,
  131. const char *fw_name, struct device *dev)
  132. {
  133. const struct elf32_phdr *phdrs;
  134. const struct elf32_hdr *ehdr;
  135. unsigned int hash_segment = 0;
  136. size_t hash_offset;
  137. size_t hash_size;
  138. size_t ehdr_size;
  139. unsigned int i;
  140. ssize_t ret;
  141. void *data;
  142. if (!mdt_header_valid(fw))
  143. return ERR_PTR(-EINVAL);
  144. ehdr = (struct elf32_hdr *)fw->data;
  145. phdrs = (struct elf32_phdr *)(fw->data + ehdr->e_phoff);
  146. if (ehdr->e_phnum < 2)
  147. return ERR_PTR(-EINVAL);
  148. if (phdrs[0].p_type == PT_LOAD)
  149. return ERR_PTR(-EINVAL);
  150. for (i = 1; i < ehdr->e_phnum; i++) {
  151. if ((phdrs[i].p_flags & QCOM_MDT_TYPE_MASK) == QCOM_MDT_TYPE_HASH) {
  152. hash_segment = i;
  153. break;
  154. }
  155. }
  156. if (!hash_segment) {
  157. dev_err(dev, "no hash segment found in %s\n", fw_name);
  158. return ERR_PTR(-EINVAL);
  159. }
  160. ehdr_size = phdrs[0].p_filesz;
  161. hash_size = phdrs[hash_segment].p_filesz;
  162. data = kmalloc(ehdr_size + hash_size, GFP_KERNEL);
  163. if (!data)
  164. return ERR_PTR(-ENOMEM);
  165. /* Copy ELF header */
  166. memcpy(data, fw->data, ehdr_size);
  167. if (ehdr_size + hash_size == fw->size) {
  168. /* Firmware is split and hash is packed following the ELF header */
  169. hash_offset = phdrs[0].p_filesz;
  170. memcpy(data + ehdr_size, fw->data + hash_offset, hash_size);
  171. } else if (phdrs[hash_segment].p_offset + hash_size <= fw->size) {
  172. /* Hash is in its own segment, but within the loaded file */
  173. hash_offset = phdrs[hash_segment].p_offset;
  174. memcpy(data + ehdr_size, fw->data + hash_offset, hash_size);
  175. } else {
  176. /* Hash is in its own segment, beyond the loaded file */
  177. ret = mdt_load_split_segment(data + ehdr_size, phdrs, hash_segment, fw_name, dev);
  178. if (ret) {
  179. kfree(data);
  180. return ERR_PTR(ret);
  181. }
  182. }
  183. *data_len = ehdr_size + hash_size;
  184. return data;
  185. }
  186. EXPORT_SYMBOL_GPL(qcom_mdt_read_metadata);
  187. static int __qcom_mdt_pas_init(struct device *dev, const struct firmware *fw,
  188. const char *fw_name, int pas_id, phys_addr_t mem_phys,
  189. struct qcom_scm_pas_context *ctx)
  190. {
  191. const struct elf32_phdr *phdrs;
  192. const struct elf32_phdr *phdr;
  193. const struct elf32_hdr *ehdr;
  194. phys_addr_t min_addr = PHYS_ADDR_MAX;
  195. phys_addr_t max_addr = 0;
  196. bool relocate = false;
  197. size_t metadata_len;
  198. void *metadata;
  199. int ret;
  200. int i;
  201. if (!mdt_header_valid(fw))
  202. return -EINVAL;
  203. ehdr = (struct elf32_hdr *)fw->data;
  204. phdrs = (struct elf32_phdr *)(fw->data + ehdr->e_phoff);
  205. for (i = 0; i < ehdr->e_phnum; i++) {
  206. phdr = &phdrs[i];
  207. if (!mdt_phdr_loadable(phdr))
  208. continue;
  209. if (phdr->p_flags & QCOM_MDT_RELOCATABLE)
  210. relocate = true;
  211. if (phdr->p_paddr < min_addr)
  212. min_addr = phdr->p_paddr;
  213. if (phdr->p_paddr + phdr->p_memsz > max_addr)
  214. max_addr = ALIGN(phdr->p_paddr + phdr->p_memsz, SZ_4K);
  215. }
  216. metadata = qcom_mdt_read_metadata(fw, &metadata_len, fw_name, dev);
  217. if (IS_ERR(metadata)) {
  218. ret = PTR_ERR(metadata);
  219. dev_err(dev, "error %d reading firmware %s metadata\n", ret, fw_name);
  220. goto out;
  221. }
  222. ret = qcom_scm_pas_init_image(pas_id, metadata, metadata_len, ctx);
  223. kfree(metadata);
  224. if (ret) {
  225. /* Invalid firmware metadata */
  226. dev_err(dev, "error %d initializing firmware %s\n", ret, fw_name);
  227. goto out;
  228. }
  229. if (relocate) {
  230. ret = qcom_scm_pas_mem_setup(pas_id, mem_phys, max_addr - min_addr);
  231. if (ret) {
  232. /* Unable to set up relocation */
  233. dev_err(dev, "error %d setting up firmware %s\n", ret, fw_name);
  234. goto out;
  235. }
  236. }
  237. out:
  238. return ret;
  239. }
  240. static bool qcom_mdt_bins_are_split(const struct firmware *fw)
  241. {
  242. const struct elf32_phdr *phdrs;
  243. const struct elf32_hdr *ehdr;
  244. uint64_t seg_start, seg_end;
  245. int i;
  246. ehdr = (struct elf32_hdr *)fw->data;
  247. phdrs = (struct elf32_phdr *)(fw->data + ehdr->e_phoff);
  248. for (i = 0; i < ehdr->e_phnum; i++) {
  249. /*
  250. * The size of the MDT file is not padded to include any
  251. * zero-sized segments at the end. Ignore these, as they should
  252. * not affect the decision about image being split or not.
  253. */
  254. if (!phdrs[i].p_filesz)
  255. continue;
  256. seg_start = phdrs[i].p_offset;
  257. seg_end = phdrs[i].p_offset + phdrs[i].p_filesz;
  258. if (seg_start > fw->size || seg_end > fw->size)
  259. return true;
  260. }
  261. return false;
  262. }
  263. /**
  264. * qcom_mdt_load_no_init() - load the firmware which header is loaded as fw
  265. * @dev: device handle to associate resources with
  266. * @fw: firmware object for the mdt file
  267. * @fw_name: name of the firmware, for construction of segment file names
  268. * @mem_region: allocated memory region to load firmware into
  269. * @mem_phys: physical address of allocated memory region
  270. * @mem_size: size of the allocated memory region
  271. * @reloc_base: adjusted physical address after relocation
  272. *
  273. * Returns 0 on success, negative errno otherwise.
  274. */
  275. int qcom_mdt_load_no_init(struct device *dev, const struct firmware *fw,
  276. const char *fw_name, void *mem_region,
  277. phys_addr_t mem_phys, size_t mem_size,
  278. phys_addr_t *reloc_base)
  279. {
  280. const struct elf32_phdr *phdrs;
  281. const struct elf32_phdr *phdr;
  282. const struct elf32_hdr *ehdr;
  283. phys_addr_t mem_reloc;
  284. phys_addr_t min_addr = PHYS_ADDR_MAX;
  285. ssize_t offset;
  286. bool relocate = false;
  287. bool is_split;
  288. void *ptr;
  289. int ret = 0;
  290. int i;
  291. if (!fw || !mem_region || !mem_phys || !mem_size)
  292. return -EINVAL;
  293. if (!mdt_header_valid(fw))
  294. return -EINVAL;
  295. is_split = qcom_mdt_bins_are_split(fw);
  296. ehdr = (struct elf32_hdr *)fw->data;
  297. phdrs = (struct elf32_phdr *)(fw->data + ehdr->e_phoff);
  298. for (i = 0; i < ehdr->e_phnum; i++) {
  299. phdr = &phdrs[i];
  300. if (!mdt_phdr_loadable(phdr))
  301. continue;
  302. if (phdr->p_flags & QCOM_MDT_RELOCATABLE)
  303. relocate = true;
  304. if (phdr->p_paddr < min_addr)
  305. min_addr = phdr->p_paddr;
  306. }
  307. if (relocate) {
  308. /*
  309. * The image is relocatable, so offset each segment based on
  310. * the lowest segment address.
  311. */
  312. mem_reloc = min_addr;
  313. } else {
  314. /*
  315. * Image is not relocatable, so offset each segment based on
  316. * the allocated physical chunk of memory.
  317. */
  318. mem_reloc = mem_phys;
  319. }
  320. for (i = 0; i < ehdr->e_phnum; i++) {
  321. phdr = &phdrs[i];
  322. if (!mdt_phdr_loadable(phdr))
  323. continue;
  324. offset = phdr->p_paddr - mem_reloc;
  325. if (offset < 0 || offset + phdr->p_memsz > mem_size) {
  326. dev_err(dev, "segment outside memory range\n");
  327. ret = -EINVAL;
  328. break;
  329. }
  330. if (phdr->p_filesz > phdr->p_memsz) {
  331. dev_err(dev,
  332. "refusing to load segment %d with p_filesz > p_memsz\n",
  333. i);
  334. ret = -EINVAL;
  335. break;
  336. }
  337. ptr = mem_region + offset;
  338. if (phdr->p_filesz && !is_split) {
  339. /* Firmware is large enough to be non-split */
  340. if (phdr->p_offset + phdr->p_filesz > fw->size) {
  341. dev_err(dev, "file %s segment %d would be truncated\n",
  342. fw_name, i);
  343. ret = -EINVAL;
  344. break;
  345. }
  346. memcpy(ptr, fw->data + phdr->p_offset, phdr->p_filesz);
  347. } else if (phdr->p_filesz) {
  348. /* Firmware not large enough, load split-out segments */
  349. ret = mdt_load_split_segment(ptr, phdrs, i, fw_name, dev);
  350. if (ret)
  351. break;
  352. }
  353. if (phdr->p_memsz > phdr->p_filesz)
  354. memset(ptr + phdr->p_filesz, 0, phdr->p_memsz - phdr->p_filesz);
  355. }
  356. if (reloc_base)
  357. *reloc_base = mem_reloc;
  358. return ret;
  359. }
  360. EXPORT_SYMBOL_GPL(qcom_mdt_load_no_init);
  361. /**
  362. * qcom_mdt_load() - load the firmware which header is loaded as fw
  363. * @dev: device handle to associate resources with
  364. * @fw: firmware object for the mdt file
  365. * @fw_name: name of the firmware, for construction of segment file names
  366. * @pas_id: PAS identifier
  367. * @mem_region: allocated memory region to load firmware into
  368. * @mem_phys: physical address of allocated memory region
  369. * @mem_size: size of the allocated memory region
  370. * @reloc_base: adjusted physical address after relocation
  371. *
  372. * Returns 0 on success, negative errno otherwise.
  373. */
  374. int qcom_mdt_load(struct device *dev, const struct firmware *fw,
  375. const char *fw_name, int pas_id, void *mem_region,
  376. phys_addr_t mem_phys, size_t mem_size,
  377. phys_addr_t *reloc_base)
  378. {
  379. int ret;
  380. ret = __qcom_mdt_pas_init(dev, fw, fw_name, pas_id, mem_phys, NULL);
  381. if (ret)
  382. return ret;
  383. return qcom_mdt_load_no_init(dev, fw, fw_name, mem_region, mem_phys,
  384. mem_size, reloc_base);
  385. }
  386. EXPORT_SYMBOL_GPL(qcom_mdt_load);
  387. /**
  388. * qcom_mdt_pas_load - Loads and authenticates the metadata of the firmware
  389. * (typically contained in the .mdt file), followed by loading the actual
  390. * firmware segments (e.g., .bXX files). Authentication of the segments done
  391. * by a separate call.
  392. *
  393. * The PAS context must be initialized using qcom_scm_pas_context_init()
  394. * prior to invoking this function.
  395. *
  396. * @ctx: Pointer to the PAS (Peripheral Authentication Service) context
  397. * @fw: Firmware object representing the .mdt file
  398. * @firmware: Name of the firmware used to construct segment file names
  399. * @mem_region: Memory region allocated for loading the firmware
  400. * @reloc_base: Physical address adjusted after relocation
  401. *
  402. * Return: 0 on success or a negative error code on failure.
  403. */
  404. int qcom_mdt_pas_load(struct qcom_scm_pas_context *ctx, const struct firmware *fw,
  405. const char *firmware, void *mem_region, phys_addr_t *reloc_base)
  406. {
  407. int ret;
  408. ret = __qcom_mdt_pas_init(ctx->dev, fw, firmware, ctx->pas_id, ctx->mem_phys, ctx);
  409. if (ret)
  410. return ret;
  411. return qcom_mdt_load_no_init(ctx->dev, fw, firmware, mem_region, ctx->mem_phys,
  412. ctx->mem_size, reloc_base);
  413. }
  414. EXPORT_SYMBOL_GPL(qcom_mdt_pas_load);
  415. MODULE_DESCRIPTION("Firmware parser for Qualcomm MDT format");
  416. MODULE_LICENSE("GPL v2");