common: android: simplify image verify/un-verify

Support hash verify if header version < 3.

Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: I2ade1a50aa26cd94c4464c25c86836421d973f00

common/image-android.c

@@ -477,6 +477,29 @@ crypto_calc:
 	return 0;
 }
 
+static int images_load_verify(struct andr_img_hdr *hdr, ulong part_start,
+			      void *ram_base, struct udevice *crypto)
+{
+	/* load, never change order ! */
+	if (image_load(IMG_KERNEL, hdr, part_start, ram_base, crypto))
+		return -1;
+	if (image_load(IMG_RAMDISK, hdr, part_start, ram_base, crypto))
+		return -1;
+	if (image_load(IMG_SECOND, hdr, part_start, ram_base, crypto))
+		return -1;
+	if (hdr->header_version > 0) {
+		if (image_load(IMG_RECOVERY_DTBO, hdr, part_start,
+			       ram_base, crypto))
+			return -1;
+	}
+	if (hdr->header_version > 1) {
+		if (image_load(IMG_DTB, hdr, part_start, ram_base, crypto))
+			return -1;
+	}
+
+	return 0;
+}
+
 /*
  * @ram_base: !NULL means require memcpy for an exist full android image.
  */
@@ -486,6 +509,7 @@ static int android_image_separate(struct andr_img_hdr *hdr,
 				  void *ram_base)
 {
 	ulong bstart;
+	int ret;
 
 	if (android_image_check_header(hdr)) {
 		printf("Bad android image header\n");
@@ -500,7 +524,13 @@ static int android_image_separate(struct andr_img_hdr *hdr,
 	 * 1. Load images to their individual target ram position
 	 *    in order to disable fdt/ramdisk relocation.
 	 */
+
+	/* load rk-kernel.dtb alone */
+	if (image_load(IMG_RK_DTB, hdr, bstart, ram_base, NULL))
+		return -1;
+
 #if defined(CONFIG_DM_CRYPTO) && defined(CONFIG_ANDROID_BOOT_IMAGE_HASH)
+	if (hdr->header_version < 3) {
 		struct udevice *dev;
 		sha_context ctx;
 		uchar hash[20];
@@ -509,7 +539,7 @@ static int android_image_separate(struct andr_img_hdr *hdr,
 		ctx.algo = CRYPTO_SHA1;
 		dev = crypto_get_device(ctx.algo);
 		if (!dev) {
-		printf("Can't find crypto device for SHA1 capability\n");
+			printf("Can't find crypto device for SHA1\n");
 			return -ENODEV;
 		}
 
@@ -523,53 +553,26 @@ static int android_image_separate(struct andr_img_hdr *hdr,
 		if (hdr->header_version > 1)
 			ctx.length += hdr->dtb_size + sizeof(hdr->dtb_size);
 
-	/* load, never change order ! */
-	if (image_load(IMG_RK_DTB,  hdr, bstart, ram_base, NULL))
-		return -1;
-
 		crypto_sha_init(dev, &ctx);
-	if (image_load(IMG_KERNEL,  hdr, bstart, ram_base, dev))
+		ret = images_load_verify(hdr, bstart, ram_base, dev);
-		return -1;
+		if (ret)
-	if (image_load(IMG_RAMDISK, hdr, bstart, ram_base, dev))
+			return ret;
-		return -1;
-	if (image_load(IMG_SECOND,  hdr, bstart, ram_base, dev))
-		return -1;
-	if (hdr->header_version > 0) {
-		if (image_load(IMG_RECOVERY_DTBO, hdr, bstart, ram_base, dev))
-			return -1;
-	}
-	if (hdr->header_version > 1) {
-		if (image_load(IMG_DTB, hdr, bstart, ram_base, dev))
-			return -1;
-	}
-
 		crypto_sha_final(dev, &ctx, hash);
+
 		if (memcmp(hash, hdr->id, 20)) {
 			print_hash("Hash from header", (u8 *)hdr->id, 20);
 			print_hash("Hash real", (u8 *)hash, 20);
 			return -EBADFD;
 		} else {
-		printf("Image hash OK\n");
+			printf("ANDROID: Hash OK\n");
-	}
-
-#else /* !(CONFIG_DM_CRYPTO && CONFIG_ANDROID_BOOT_IMAGE_HASH) */
-	if (image_load(IMG_RK_DTB,  hdr, bstart, ram_base, NULL))
-		return -1;
-	if (image_load(IMG_KERNEL,  hdr, bstart, ram_base, NULL))
-		return -1;
-	if (image_load(IMG_RAMDISK, hdr, bstart, ram_base, NULL))
-		return -1;
-	if (image_load(IMG_SECOND,  hdr, bstart, ram_base, NULL))
-		return -1;
-	if (hdr->header_version > 0) {
-		if (image_load(IMG_RECOVERY_DTBO, hdr, bstart, ram_base, NULL))
-			return -1;
-	}
-	if (hdr->header_version > 1) {
-		if (image_load(IMG_DTB, hdr, bstart, ram_base, NULL))
-			return -1;
 		}
+	} else
 #endif
+	{
+		ret = images_load_verify(hdr, bstart, ram_base, NULL);
+		if (ret)
+			return ret;
+	}
 
 	/* 2. Disable fdt/ramdisk relocation, it saves boot time */
 	env_set("bootm-no-reloc", "y");