[PATCH v7 15/16] cmd: pre_load_verify: initial import

[Philippe Reynes <philippe.reynes@softathome.com>]

Add the command pre_load_verify that check the signature of
an image with the pre-load header. If the check
succeed, the u-boot env variable 'loadaddr_verified'
is set to the address of the image (without the header).

It allows to run such commands:
tftp script.img && pre_load_verify $loadaddr && source $loadaddr_verified

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
---
 cmd/Kconfig                   |  8 ++++++
 cmd/Makefile                  |  2 ++
 cmd/pre-load-verify.c         | 53 +++++++++++++++++++++++++++++++++++
 doc/usage/pre-load-verify.rst | 44 +++++++++++++++++++++++++++++
 4 files changed, 107 insertions(+)
 create mode 100644 cmd/pre-load-verify.c
 create mode 100644 doc/usage/pre-load-verify.rst

diff --git a/cmd/Kconfig b/cmd/Kconfig
index 87aa3fb11a..9b235210e3 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -428,6 +428,14 @@ config CMD_THOR_DOWNLOAD
 	  There is no documentation about this within the U-Boot source code
 	  but you should be able to find something on the interwebs.
 
+config CMD_PRE_LOAD_VERIFY
+	bool "verify the global signature"
+	depends on IMAGE_PRE_LOAD
+	help
+	  Verify the signature provided in a pre-load header of
+	  a full image.
+          Documentation is available in doc/usage/pre-load-verify.txt
+
 config CMD_ZBOOT
 	bool "zboot - x86 boot command"
 	help
diff --git a/cmd/Makefile b/cmd/Makefile
index 166c652d98..29ee9b8fab 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -188,6 +188,8 @@ obj-$(CONFIG_CMD_ETHSW) += ethsw.o
 obj-$(CONFIG_CMD_AXI) += axi.o
 obj-$(CONFIG_CMD_PVBLOCK) += pvblock.o
 
+obj-$(CONFIG_CMD_PRE_LOAD_VERIFY) += pre-load-verify.o
+
 # Power
 obj-$(CONFIG_CMD_PMIC) += pmic.o
 obj-$(CONFIG_CMD_REGULATOR) += regulator.o
diff --git a/cmd/pre-load-verify.c b/cmd/pre-load-verify.c
new file mode 100644
index 0000000000..c2c4e57d5f
--- /dev/null
+++ b/cmd/pre-load-verify.c
@@ -0,0 +1,53 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (C) 2022 Philippe Reynes <philippe.reynes@softathome.com>
+ */
+
+#include <common.h>
+#include <env.h>
+#include <image.h>
+#include <mapmem.h>
+
+static ulong verify_get_addr(int argc, char *const argv[])
+{
+	ulong addr;
+
+	if (argc > 0)
+		addr = hextoul(argv[0], NULL);
+	else
+		addr = image_load_addr;
+
+	return addr;
+}
+
+static int do_verify(struct cmd_tbl *cmdtp, int flag, int argc,
+		     char *const argv[])
+{
+	ulong addr = verify_get_addr(argc, argv);
+	int ret = 0;
+
+	argc--; argv++;
+
+	addr = verify_get_addr(argc, argv);
+
+	if (CONFIG_IS_ENABLED(IMAGE_PRE_LOAD)) {
+		ret = image_pre_load(addr);
+
+		if (ret) {
+			ret = CMD_RET_FAILURE;
+			goto out;
+		}
+
+		env_set_hex("loadaddr_verified", addr + image_load_offset);
+	}
+
+ out:
+	return ret;
+}
+
+U_BOOT_CMD(pre_load_verify, 2, 1, do_verify,
+	   "verify the global signature provided in the pre-load header,\n",
+	   "\tif the check succeed, the u-boot env variable loadaddr_verified\n"
+	   "\tis set to the address of the image (without the header)"
+	   "<image addr>"
+);
diff --git a/doc/usage/pre-load-verify.rst b/doc/usage/pre-load-verify.rst
new file mode 100644
index 0000000000..7b833d079b
--- /dev/null
+++ b/doc/usage/pre-load-verify.rst
@@ -0,0 +1,44 @@
+.. SPDX-License-Identifier: GPL-2.0+
+
+pre-load-verify command
+=======================
+
+Synopsis
+--------
+
+::
+
+    pre_load_verify <addr>
+
+Description
+-----------
+
+The pre-load-verify command verify the signature of the binary at address addr
+using the pre-load header that should be at the beginning of the binary.
+
+addr
+    Address of the binary to verify
+
+
+Examples
+--------
+
+
+::
+
+    => pre_load_verify 100
+    INFO: signature check has succeed
+
+If succeed, the u-boot env variable loadaddr_verified is set to the address
+if the binary after the pre-load header
+
+::
+
+    => printenv loadaddr_verified
+    loadaddr_verified=1100
+
+
+Return value
+------------
+
+The return value $? is 0 is the signature check succeed, 1 otherwise
-- 
2.17.1