From patchwork Sat Dec 30 01:08:46 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122983 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp5322746qgn; Fri, 29 Dec 2017 17:22:16 -0800 (PST) X-Google-Smtp-Source: ACJfBossdAZvWm0BmAb+dUd4qUZnKrqPmfvC4BeH3W7U1TbULyackLCRx1BEYgTDXVxxJ3Bd/dxw X-Received: by 10.80.205.88 with SMTP id d24mr48283719edj.7.1514596936557; Fri, 29 Dec 2017 17:22:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514596936; cv=none; d=google.com; s=arc-20160816; b=JpKL5QHZIWyDnxFbVl8hBDOvUi10cJb+jprcQBQv12q41hWoaWFJmNSZU6uZ4+U1Tk K99JsreDbNva+Qkf5XlxuTOtS070O/38ZPoLgKq2HLdoreXwvahRPpOKXf250ulh/Xm5 pAN5LOCkLJgd/6g8HyLOEEv9vR4UqRkeDSiW3AQmz1mQJBIICzmDRAQpeU+SXWFRvaDo kOda69pDKllh/6Pd9jymuAqB0wJycKoLGzCKiEG8WM0O9MS9YM+nkLD+VBT6T87Xx/ZL /kp9gdy5COABQqtVjS2OmotmVWt16Ig6tWkMvcPFGujo+8KH5Y/N4eBqkT8o8zCrrdV5 KqXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=3XTExcfm/R4RjVYQ5snUtBTR1VaGqHb70DkOCWDVdKo=; b=v06FAFciP4V21SaquZrxCQ3tioJp8+N5yLBlYTbHzaly2DM5y6G2B9jzoWQn/ELo5C sDFvUFFGxyvkDFJ2CmqXdZxoluxc6fUYhU0oJqZHvcLjX3wWJAYkK5ehVLttc3g/R2sl lKJ0LExOkoMHaVEYX0HP/oCnHmi7Uy7o9jwPs8DHUFw4hbJG2TSe0UFyssgQsLGF4E/E HZSl3Camn5UwUpxMlncG/L8qaYs2DJRrosSvK/vSaRLzd0QCfdeFdXJIgCgF7Nn6Qvlm +rG+fJTK6aO+fkV/8CkeVSTACMEEDkZLXL/V8e1HAOnrLy7s5czFSQ1q+3/vDQ3QpoGE hvUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HalsoVZM; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id q13si541261edq.55.2017.12.29.17.22.16; Fri, 29 Dec 2017 17:22:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HalsoVZM; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 24226C21DD0; Sat, 30 Dec 2017 01:11:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E7F3CC21DB0; Sat, 30 Dec 2017 01:09:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 640BCC21DE8; Sat, 30 Dec 2017 01:09:27 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 261BCC21DDB for ; Sat, 30 Dec 2017 01:09:24 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f206so50070898wmf.5 for ; Fri, 29 Dec 2017 17:09:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=PPsvQyZLH4Mt+sx5I0UYIarc4H2t9RPw5bIGqqXCotw=; b=HalsoVZM47BzBwUQwX4oCUbYKm3LbJLobc7PVzWBG/KdiPCd/xh+0H3fLH9rmB3Vf6 rV5G+OVf7U7bVjz9xwlJHZIFweP3lxtO02whgQGdieWcvzSbGCn146lR41dPmLD63uGR aLHi+08kSaSwkNGSbU1mOZ2mnYr0FfPpcOOBo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=PPsvQyZLH4Mt+sx5I0UYIarc4H2t9RPw5bIGqqXCotw=; b=sCstihS/3juxszHynVpJBAgNWAr/ENt8oGnFiMGNY6cXbWJH/ZzZXk4ZfF+EGLY8/c Ssoj5vXKgvP1Qk91DfnyBKKIoj75qhyOkdxZTZTmeKI6sqc+nGKIxaHuQIWdQ4dSdqet ZKtj6wzs/a5/ZTzwXL+wXmax6cfUNCx72toRI0SbhLHanrDHF01baI+HU/yYdsPzqNjc lTk3UtiW50i/bW6AV2AtCcNHNaOMZlyVJLjfygjzr5X0p6aUANnJwcCu935L4QnLizc3 W4fVeMmkPG9Mq9CyG8cG4fmjKvQRsmCY3boKEI1iNxf7g6RWLAahdcwzmplmG+HZujIV IfqA== X-Gm-Message-State: AKGB3mLnh53Sggu2jp42UquH2m8sHh2TgWMRi6IGST9cS/7/XfUpWmaW 4VUM4x2efE8/MnwwNTW2Iw4AESESQiE= X-Received: by 10.80.201.196 with SMTP id c4mr46789619edi.56.1514596163586; Fri, 29 Dec 2017 17:09:23 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id f9sm26484148edm.83.2017.12.29.17.09.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 29 Dec 2017 17:09:22 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Sat, 30 Dec 2017 01:08:46 +0000 Message-Id: <1514596142-22050-18-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514596142-22050-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514596142-22050-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v3 17/25] arm: imx: hab: Add a hab_rvt_check_target to image auth X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 858f2a7..92d342b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -437,12 +437,15 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; + enum hab_status status; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; + hab_rvt_check_target = hab_rvt_check_target_p; if (!is_hab_enabled()) { puts("hab fuse not enabled\n"); @@ -478,6 +481,12 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, goto hab_caam_clock_disable; } + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + if (status != HAB_SUCCESS) { + printf("HAB check target 0x%08x-0x%08x fail\n", + ddr_start, ddr_start + bytes); + goto hab_caam_clock_disable; + } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry,