From patchwork Fri Jan 12 12:39:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124313 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2014451qgn; Fri, 12 Jan 2018 04:42:22 -0800 (PST) X-Google-Smtp-Source: ACJfBosVbfq52CgszKktTj1PZGA922HEi+qz1UfR7YTX4yj1ZF5aXcTtj0IFrB5dZG/s2p8OwdKU X-Received: by 10.80.222.2 with SMTP id z2mr16289686edk.78.1515760942592; Fri, 12 Jan 2018 04:42:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515760942; cv=none; d=google.com; s=arc-20160816; b=ftwh2RY4bQOVbPYo5cHYnjvtEXcwdad9GB8i/DEnlPVECR6oM3B4ZB2QO74JwZCw/T zAsB4HVTSRQr/YvRu9bpXbWqL6bBKu+T9juhIHairYnh80Hkp77zyrUlUTzUs2jeh1Yj NBIqGIFuj3J7uCJteSVj+RVse2T1a1lJGmQ998K/R6oIRm5Kvnp4pL0PQJsKCP2o8l+j r5F9oMtV3tGdXJDRmnzhSoiKukBFvduPwqIBTIAnYdhXuFM08JizaCduxtHM2J0TyZJ7 7iCrhzm5EIyXYJMhWCbKGDsf7lTbMi8E0GX+vrk9WOBVQeaITqjRpoh3tGqPGksXbbqT kf4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Fz/H/d26BOAnzjaqYCmHzXbXgnQK6o6VpdEEdiIDe5U=; b=CtgfiBrojMwjQLfKvc+LporS28WGKpBoYuQ3ncr79fYUhMlfq+C/yIEZjEkGeCwTyv D7laByIfXgp00X3A/2pqWYGEEkuHzhHh/2GXwFrpOfJNsMdmpR8/occe2ZTAEDjEvgcV hk2jiOj/ZixIE/GxxkmwUsBFvaEgRU6xQfoyxkLxwv8BHJxbxtcVllEqDoLgznY9t9m8 G0y3ycAUFEONKNleKzVSfkSWOLhAEFE1csRJ9KO3yei44D83INJqUsyOt8x7EjOjSw24 7FELOxVB/eKXt8CBsjMhif7GH/DOLx6FL9HqfyLtAmbDkRnwLqeVQXqdlrljo4EjZGqp lu2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=QF8N6Zyi; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w18si3465493edd.60.2018.01.12.04.42.22; Fri, 12 Jan 2018 04:42:22 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=QF8N6Zyi; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 27015C22203; Fri, 12 Jan 2018 12:40:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9142FC22137; Fri, 12 Jan 2018 12:40:26 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5B940C220B3; Fri, 12 Jan 2018 12:40:24 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id F14C2C220AD for ; Fri, 12 Jan 2018 12:40:23 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id v123so2390681wmd.5 for ; Fri, 12 Jan 2018 04:40:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=cXmghMZnsBNvXEl+g9N7RrkYyrns9YqQPyDb/FcqhHA=; b=QF8N6Zyi2wp7yx9DKOWgDQP6nnr3CJat4WbupR/3zv+qHJvNosnkSN2Ke0P9s+DIKP vO8BSDh0nIyDbZdR0S8D6pBCEuFRi1HRz06Pwltamw77DC/z2jck3y0+3MSkn9xgCfO7 YFaLMiL+udIdWzSaXkYTepYkbry7zYcOlzFWY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=cXmghMZnsBNvXEl+g9N7RrkYyrns9YqQPyDb/FcqhHA=; b=XC1Z8EK/2ORL3ixgHXh4Zn+HK5+fQ+Ftrx4ykjwadXd7JTY7ueO8zF649k+6+mTG8T 6HgRPvJiiRblDywGr3c/2E71J1fVhYfsu5e/jspse6gYw7CsKc1iQCsK4EZpNFwnsp7r Zr1zl2SxmF277r1rPMPv+vCrfjHERVGN4IKjCKU5PM6Y6fAGkHzEBCHYyJhuOPcRgevV eWfcRox9StADtZvpsSptjC1JexLIQjmGbKePGzv705keeglGzDbhQHfWurwV0sYL4JfP vCfVwdPUgylkU45nzUvZAX3OCIm4gqfslZvY0Xm3rHo/bosctUbuY9APkv3unv2JfcK3 Zwvg== X-Gm-Message-State: AKGB3mJF+wevAcPHJnadKWsOrtKlPJEGA3TUKcl51+3hTKFkFPjrS5SV iKy/2vLMIROAdPQVM1CFCudJf3g6bRQ= X-Received: by 10.80.201.75 with SMTP id p11mr35508574edh.199.1515760823250; Fri, 12 Jan 2018 04:40:23 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:22 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:39:55 +0000 Message-Id: <1515760819-15116-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 01/25] arm: imx: hab: Make authenticate_image return int X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Both usages of authenticate_image treat the result code as a simple binary. The command line usage of authenticate_image directly returns the result code of authenticate_image as a success/failure code. Right now when calling hab_auth_img and test the result code in a shell a passing hab_auth_img will appear to the shell as a fail. The first step in fixing this behaviour is to fix-up the result code return by authenticate_image() itself, subsequent patches fix the interpretation of authenticate_image so that zero will return CMD_RET_SUCCESS and non-zero will return CMD_RET_FAILURE. The first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 2 +- arch/arm/mach-imx/hab.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index e0ff459..1b7a5e4 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -145,6 +145,6 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 02c7ae4..09892a6 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -410,7 +410,7 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size) { uint32_t load_addr = 0; size_t bytes; From patchwork Fri Jan 12 12:39:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124312 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2014073qgn; Fri, 12 Jan 2018 04:41:57 -0800 (PST) X-Google-Smtp-Source: ACJfBotZLLZN4Hu19ek7ZC0zldM4xeMQlUAZeLgQ8/kNYU/RooW0C3HoviYXQx8WofF9Tl1Xmpea X-Received: by 10.80.240.86 with SMTP id u22mr5925025edl.276.1515760917305; Fri, 12 Jan 2018 04:41:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515760917; cv=none; d=google.com; s=arc-20160816; b=RXl6aYNo8gg8N4WGtejH0xefBUElv0gMlB/5d8JBnXvmRESzpb2D2ITKlzfx20cIAr lXi7oEwzrc4WPdtvH4clOHKyuWBgP2agNBEFtcgKQDJP+pqiO8MWJhDhNikFGpWwCFxE ikzbAVQgofmpAvDwpIk9dEu3LAiavJaXK/ZE/mIaLQgrOSEMfHDq75NUXBlqK+TGYw/4 iDXNCVR8MKyUIDVQ25ho8YS4UiOeDMbS8heUGBoJGsz/CJ+FaGYQL0MZgHokyyWtdcDe s0LKy+sUEwLJJFfcpjANh3/uIAQAh5EsWvbHREPzHw9h9O3Ft/pEe5VrEpZB+PPRc+CJ 513w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=YR6zb3s73Lwsg26QNHJM+OQB6FiZzHCxsFKv4cdiQkA=; b=KXA+Zx8s4YUoVxxVKEfQ1ExF7lIXiSY4IpVlL/grPuB8R0AOttZNPvBusIx95+gHqC kRGNdxH9pvnFVqoaXl1M79SRr0sAb9RdH8VnH5hME3jDFmV5iaf7URyKFKM7kwMNoM74 YbaxsHUXzWv14IeHvyADcaYla5wDE5dJ82cYtLx9D4+yjTqop19jhwgXtoRlyEThlcke VGPW9YVpqxAquRydlncNVzNddYj2sUAuIJMncVlCVam1ZILOAyMno9qEvpo3419UhgBk MS0zbtE/vGw1JvGCNyuUB0EFb3iSISr2wGbgvxqem2R4pnCubPYfUnSxUG63/rDirzdZ 1skQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=V3YOpAzs; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id l30si2901880edl.217.2018.01.12.04.41.57; Fri, 12 Jan 2018 04:41:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=V3YOpAzs; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C7BA3C22157; Fri, 12 Jan 2018 12:41:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 98CDEC220B8; Fri, 12 Jan 2018 12:40:29 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B7D20C220BE; Fri, 12 Jan 2018 12:40:25 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 62E0BC220AD for ; Fri, 12 Jan 2018 12:40:25 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id f140so11509922wmd.2 for ; Fri, 12 Jan 2018 04:40:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ySFxBv/ByuxpRjbsAntbGNOEdsIMEzEt6so7xbNEWt4=; b=V3YOpAzsRwG5TLFJf2rju3gcSeWbxceZDT4z+CiOYOOwMfsAyweBs6iDQ14t4eHEvE dwQL89dwnhQGsKyznqtqjybAcqItS4sqYZm/BJdgGgR4NWzDOwmunMywEq3vWTNMHtst zf4a1bbipjS6NhZMETDjBAmCECc0AkQTxezWM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ySFxBv/ByuxpRjbsAntbGNOEdsIMEzEt6so7xbNEWt4=; b=tszeNTZ8EwFP3QDpd695xYE4YEQjNaU0pWUxvak27nJBeThMEJFMu1yZMptyYfMoUL wc6ZcqwxE35qeCBtz1rpnr7CKLggmchNM+YNvu3Vhmt6cE9VBFoEwO2XSi+ZPBdAeqmL 2aTYhiBP5dStoKuxl0HjfTCoWWqZob1MOv9tfdd9pFHfvqQngjjxDD35ovAsl6BQYQns trGnALeE4BRIwHy6NbljiHjX2I/AKQ8m8YGYcOiY7b6SofLGFoZxwLZGVyWHLGFKDlI0 rf/+LO5i+ifVkku/P0/4V+Pk/3jss2yLjiqbfDkrhjaQMUCcOPDKk6yjLJzgQN9aB0ZV eczg== X-Gm-Message-State: AKGB3mIpBZ/15Brw4aijyivxVRu6LLKJB4ekwuvdnQ6PbfXvVxxsa4fe 00MxR5JpbCVU6LqDn5Dc/88SvV5hVXI= X-Received: by 10.80.214.136 with SMTP id r8mr35236425edi.288.1515760824781; Fri, 12 Jan 2018 04:40:24 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:23 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:39:56 +0000 Message-Id: <1515760819-15116-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 02/25] arm: imx: hab: Fix authenticate_image result code X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" authenticate_image returns 1 for success and 0 for failure. That result code is mapped directly to the result code for the command line function hab_auth_img - which means when hab_auth_img succeeds it is returning CMD_RET_FAILURE (1) instead of CMD_RET_SUCCESS (0). This patch fixes this behaviour by making authenticate_image() return 0 for success and 1 for failure. Both users of authenticate_image() as a result have some minimal churn. The upshot is once done when hab_auth_img is called from the command line we set $? in the standard way for scripting functions to act on. Fixes: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 9 ++++++--- arch/arm/mach-imx/spl.c | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 09892a6..9fe6d43 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -373,7 +373,10 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, ivt_offset = simple_strtoul(argv[2], NULL, 16); rcode = authenticate_image(addr, ivt_offset); - + if (rcode == 0) + rcode = CMD_RET_SUCCESS; + else + rcode = CMD_RET_FAILURE; return rcode; } @@ -415,7 +418,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) uint32_t load_addr = 0; size_t bytes; ptrdiff_t ivt_offset = 0; - int result = 0; + int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; @@ -510,7 +513,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) } if ((!is_hab_enabled()) || (load_addr != 0)) - result = 1; + result = 0; return result; } diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index d0d1b73..6e930b3 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -163,8 +163,8 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ - if (authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + if (!authenticate_image(spl_image->load_addr, + spl_image->size - CONFIG_CSF_SIZE)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Fri Jan 12 12:39:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124316 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2016834qgn; Fri, 12 Jan 2018 04:45:07 -0800 (PST) X-Google-Smtp-Source: ACJfBos7fTMWfE8wFx/y5n1DKXthVaG7vDGaFYH8x45ABea3N8yTb3dneYVFk4J9B6/H1+rDtz0S X-Received: by 10.80.231.145 with SMTP id b17mr36042685edn.190.1515761107060; Fri, 12 Jan 2018 04:45:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761107; cv=none; d=google.com; s=arc-20160816; b=H2UzxEEVldCKgKMTvc+8Vf1+FND/u6TYC4W2N1JsReo+LnMb5q9V/9OTHA7Xu/XmJl xwQztU+tGg5+0RTjSH3GzNPZmOBW5zfECSYTcsBYrd78pSGgDjHXtn6B1bxbj9bmn6YQ XdQlLEr7rY/3Nyny2mHtcEJSOqylmEArhhXpAuxFwnsdqp7g9lFuh5oSVWGzEO7M5MkK QQDcaN1jZB6RTPoRFB4WUIkJWk1tyER5ebf2Ij5xY5MKvBLUT0EM+e4S7VGHPq66IIB3 LfPMf+Bvyg9RO55OhVuAWcEHmVPoUd08YkSf8RxFsHz5cZ9ifproO7ffsnu4nCmdhNwK KGbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=TetUHm3dU1dpuciloTFNs9+SylnQ4ODAPZjEEHqmm4A=; b=d5jpBp1xelcSat8IfsU/tt6e2lVqsVgI86LrefFfvjzMI2Q4MjINrItnrNb7v45Q48 /ss/yj4RqNTQhKXmCjYUSmo76n6m6jDl8d56zEFn1LUVdZ8Aspb2IWvJ/IerVRpY5/bN ejJgFSWoXgQiGkDee4K9Qx9zW+QUBGctQdtT76aqNTd9W8tWcWsFkqNBaMRB2PL57czH jQhgXqTLY4WEYHVKO6KwEILYEKa2IZdzywSocDT4LNdcPvhjbA3ZBvfZGHv19X7fhbqc Jzp0fYFjq91CFB1np45VKu66RUeWJtY3YcR5EsiK1xrdqeCqJxS7JAf2jyFGXdKLftE8 Ng4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=YsNTT9I6; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o4si6090989edc.118.2018.01.12.04.45.06; Fri, 12 Jan 2018 04:45:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=YsNTT9I6; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 9ED20C220AD; Fri, 12 Jan 2018 12:43:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 822B5C221F1; Fri, 12 Jan 2018 12:40:51 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 77C32C221DF; Fri, 12 Jan 2018 12:40:32 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id C20C5C22157 for ; Fri, 12 Jan 2018 12:40:26 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id r78so11664325wme.0 for ; Fri, 12 Jan 2018 04:40:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=t1yE75he4CwZhe9fZUxRQZpJGDDreHJlq37nxEaqs/k=; b=YsNTT9I6E6s1F0/h6/Sr5IHIfJd0vg053yXSPFdGYYPqUJd429rJcm1GkSCFW/w7Fs WGDiwfCxS2O7S0ch7oyIviTI52sJ+F1GiT8cfycBlLg8JmPRecG/PROVWC4ZsJwvlVGZ hl50UEMfDscgZcLAdKo6SFlT3mNVJMu+TWHvg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=t1yE75he4CwZhe9fZUxRQZpJGDDreHJlq37nxEaqs/k=; b=JxjXpvyYU5rp+lOSuZRi0DQR9dibnnuMbi6X+7Aw55VBEa68P5UHFf5X0DmcxzKgoL ssIlnahpGjf3UkuDNmWZYiD4GxcfXlhdNL11qeIU1PfSRDb+3icZwNFYr0eKb8cT+PCd JIgc6VO19o7dNIaBhLRaCiONj6IoJcByD3gMcAvZGxHEptEUyHB+x/vKc/xd1gfAK915 6RI+1qQYLKbOkQu7QZ/PlV9U3Le0mlbhUldkevmbch1ZJmolX0O1pVXc0pjzVgTTQCZQ XO77eFxT8v3rCRBTaSg/Kbk96KkKgR24i4lWCij2j/8cnaLolvkrft4xvuowg801rPvP fLZQ== X-Gm-Message-State: AKwxytdLhEVxO6Rye98sCq3dhswBWQrCV7evldeCLfVSPWFwvZGSCuXh zNjeux66N8iyPS/kbWCWtraHzFi10FE= X-Received: by 10.80.165.21 with SMTP id y21mr11501386edb.148.1515760826053; Fri, 12 Jan 2018 04:40:26 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:25 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:39:57 +0000 Message-Id: <1515760819-15116-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 03/25] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 138 ++++++++++++++++++++++++------------------------ 1 file changed, 69 insertions(+), 69 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 9fe6d43..6f86c02 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -428,91 +428,91 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; - if (is_hab_enabled()) { - printf("\nAuthenticate image from DDR location 0x%x...\n", - ddr_start); + if (!is_hab_enabled()) { + puts("hab fuse not enabled\n"); + return result; + } - hab_caam_clock_enable(1); + printf("\nAuthenticate image from DDR location 0x%x...\n", + ddr_start); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + hab_caam_clock_enable(1); - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + if (hab_rvt_entry() == HAB_SUCCESS) { + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset+IVT_SIZE, - (void *)(ddr_start + ivt_offset+IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } + } else { + puts("hab entry function fail\n"); + } - hab_caam_clock_enable(0); + hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - } else { - puts("hab fuse not enabled\n"); - } - - if ((!is_hab_enabled()) || (load_addr != 0)) + if (load_addr != 0) result = 0; return result; From patchwork Fri Jan 12 12:39:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124320 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2019532qgn; Fri, 12 Jan 2018 04:47:57 -0800 (PST) X-Google-Smtp-Source: ACJfBouduhp8nDRNG/gVe99Jz3r6NWS/45PaKi6T39YX3HSrg3HB+4CTOKVt8Q/WOIVaYVqHwcfp X-Received: by 10.80.179.14 with SMTP id q14mr36488989edd.251.1515761277757; Fri, 12 Jan 2018 04:47:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761277; cv=none; d=google.com; s=arc-20160816; b=ZDISV98JD5ZerRg/ValVP+v6EjIHCLIA35xFcOAUMrxVwbzLkFWn8mHHhu8k1syR/F 95ZVAwxhY1fyDuJMBEGncx40pVpsChudvFH2IJv60IUGP1mLprzukbt57z/HjB4uuLY8 4AA/+1b65FIXTXCHGvcn0h8SGiRs1wlzSy+y8pN99RtgUhjqVLJEfFVbVCOeYzPzPt+I GD1W9JYrQAYZO4cy7E9MQJYwMy9xM0LlNax2dw6RSZm93hvuRbFSbHrJr/J3ywjRb2hn daIAoaEzKl7maX9VTojupSUiQK+4kPWr2jPxJwiBLQ6yIT5Z4WGJp5OlYolf09/x81Lo eGQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=GxBDeVhbOuhFSqISpePv7pGbLjlmwPxGBxkmI06aSiE=; b=aMX2yfK19USorFSk8yj1ziI7eaLJLJR0/Ps256Dh4FtJhTvzsdGdXg64rt8OkzHjsQ iq1Q0FDlrA0uWCAWXqlLQ3zYs3Jy4fwriKvwXuXygHeD2I2SsFgu2HBGWmbYnmJ3DTNm e+dBl1HCRp0S/3xPseLPHuWsVI3xgaZesvFJE6X76jbKEWz8p7U0kDlNpsfc862IJcub wfNTjD4u/cT4jCVuPeb06eQfRs5nuxYUjUj1JTJonbM+QkEVVhDZqWzzEqMkKoTR6k+r 42i+J+KV99RnvhKdmWO5kPb4hD35Ds6N5+NdQ1V/bhUu0O9edxp/dz2j/y/CTOzc+4Vz r7Mg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ID/JNclH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g45si3000275edb.218.2018.01.12.04.47.57; Fri, 12 Jan 2018 04:47:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ID/JNclH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 14039C220B3; Fri, 12 Jan 2018 12:42:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C2D4EC22135; Fri, 12 Jan 2018 12:40:47 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B1E58C220AD; Fri, 12 Jan 2018 12:40:32 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 337BAC22180 for ; Fri, 12 Jan 2018 12:40:28 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id b141so11924496wme.1 for ; Fri, 12 Jan 2018 04:40:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=u7vE7YWrpw+jBpx+sSS7j9qiOYEqTcirLMPHF0Jw0YQ=; b=ID/JNclHmXyL+Dxjnu+I8NQfM220uVZF1h0otIgr0vGW5qCbETn2HLhyxS4I3tGdRv SlK81c1AIQJ84C2i/0yoJkTqxfxtgL1EvyRmjs5vrYJafmXGuc6SKJ8WKhTucXfMLp6P A/88ux+GcctCujT8MpRH06SuU7fiFg27x7Nm4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=u7vE7YWrpw+jBpx+sSS7j9qiOYEqTcirLMPHF0Jw0YQ=; b=A+shIcR3gXfrEpZXmpZMZzqhz4pmBnQM+63IiTurCLWryYu4xRrrGMP0AnyP89CN4o BAM672JskWWHlL/16+CeqqFakGu0KPSY4t02UpkOwLw0MdL1X5P5Td/El9wbkJbsc1s8 UjyJ5SyFwEUXVlYRn4QxYBfcM7rQTaTiOEMoMsoBFt9kohw9yg41aTdqAQfT78P184lg P0/KlxzTw3IHhQfW5cTdphfPQkcwkfqkFbz1UIurlxu5+I3SDmYbDmJv4xtyqZfcgXrY io1b5E9lrmIFIbHr7sOpT2RfK8OdhHyHwvfrIlCkP8Guekwjjo3cOAV+R7miBqVYoUmT WUgQ== X-Gm-Message-State: AKwxytcEaxrBegCUdFTvq/iaYPIJGfhy5KJFLipthMrVtn1zbCqcASLF Wq4iVaecsoo104rZxqNNV5dtE2iO+2E= X-Received: by 10.80.245.116 with SMTP id w49mr6865690edm.73.1515760827510; Fri, 12 Jan 2018 04:40:27 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:26 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:39:58 +0000 Message-Id: <1515760819-15116-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 04/25] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 118 ++++++++++++++++++++++++------------------------ 1 file changed, 60 insertions(+), 58 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6f86c02..f878b7b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -438,75 +438,77 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_caam_clock_enable(1); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + if (hab_rvt_entry() != HAB_SUCCESS) { + puts("hab entry function fail\n"); + goto hab_caam_clock_disable; + } - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } +hab_caam_clock_disable: hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) From patchwork Fri Jan 12 12:39:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124325 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2023328qgn; Fri, 12 Jan 2018 04:51:59 -0800 (PST) X-Google-Smtp-Source: ACJfBotluV4j1aIlpteRVMhWg9XW2rxdV8eOCKAhU0qzZozsxxcwp3y4el0oOjReVcCj8a70HVQa X-Received: by 10.80.144.13 with SMTP id b13mr3114958eda.165.1515761519233; Fri, 12 Jan 2018 04:51:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761519; cv=none; d=google.com; s=arc-20160816; b=gxtsSq0+pjBOKolrTtvLhibR8K6QHjrtdHNwQy4RDd8e6qnfzr++3mvVuhICOxMZ2a iIUBBd/osIcv3SyisKBHrbmCUtcYgMQJ78knoNgTI32ZCgfbiTZdmw81CaPho4OViC0H Yu35jlCMd5do6LSXwpRCYOBgsJFIB2mP2p9jpH/mWXosNGt20pgMIeQmX0KUhEohGrjJ FfYRhDHj6F5KnjV873Awe4Wh9Tx3tmTzsJs6pfvOZUW5OXwxOM/P9JGAotgM08Icts76 cn1s6ZmUfy2Vw+0+rbnbQgE6CB/8H4XubgCESYJ1fknp06A97zh5REzBJvUyQfGSIm93 f30w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=KC9co8ZgUqQ8aUszl/4ctf5wf3DHwqQOPqGhNoMTZWw=; b=owSd1nlQR14ANeKsMvG20v6mBvcVYk9o6AlD0krPzLEi/0VqeEB4hUaA80LLpoSjmx 1bzLqC7LKnBaC5T2ugLNVRSOoc98Sg/GM5VHb/o29KBerpCSgJugxsUu3ji8I/7cfDZo 1Zpbth7W1o5HIkW2xeNionEPCWvEB5L0Gn96EEptq4T9E0ULGf3Od/XAL95SVEJAFCTw dyhte1JrjSrSJEwo2BoSJ9Qtc+KStRQQBckYhY6ur6jYadTA+3luWyOkI8YHAKn9sjPL QsYVMe315rGXJyyGKcreDiFUKrM32Nky8O9Q50ppTtky9ngh0Dbo2KxTBZBtivQKt6W5 PEfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=POpmyNHx; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id i31si2607694edi.530.2018.01.12.04.51.58; Fri, 12 Jan 2018 04:51:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=POpmyNHx; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id B9394C221EA; Fri, 12 Jan 2018 12:44:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5FEF4C221F8; Fri, 12 Jan 2018 12:41:07 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7B9AAC221D9; Fri, 12 Jan 2018 12:40:33 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 706DBC22186 for ; Fri, 12 Jan 2018 12:40:29 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id i11so11510844wmf.4 for ; Fri, 12 Jan 2018 04:40:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tHg73M2mIVttQCjo4Q7oDJtFBX0+gr0bhQX5+ednXxU=; b=POpmyNHxuqPxSJ8PzIkrb0Hdaz185dtQ+gSYY+zme9qcKFm5pEQsTBhzIiw+FbhfEQ shJi/900A5/CkLlVduHclWRJcGjjMKLe2MSu93puzG66aKczveO0FFia2TzoBSiq2Bwc UO8Jsm30UphcCOam1zdx6iLKYir6LqwO1s/2s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tHg73M2mIVttQCjo4Q7oDJtFBX0+gr0bhQX5+ednXxU=; b=c4+i4zg42ecOL/DUN48b5F1ZcE4BJZDMN4ZFvBXWidZK1BynQ5ZwQ5e5HFkA+q7iOe 9/ntTTwtIWVcACZP3w9n9rs3fbJqCb+v9f9s+etl90+VWn/QAxVRhAhkHT+m8Y1mP0IH HQ7tjJQwQOYMD31YGA4ng0CY6JNSqhkAof3eGYPq1EZQE+eHrheIU09EcF/f8paj4GV3 8+tC+vQ4edr/L/jedD08v+FZTsT+uEDwg4dlEz/ioa5TVQys5kKr+yp8ChHAbP+y5jVL 4eFOWrFGEV5aIzhAUOmt1HNNeOjHHYWANTknGjMP/t/DpgzgSkQSHV3lVwR27b7xA3w9 0ssQ== X-Gm-Message-State: AKwxytdP8d+VeGLBT9aLvLRkskcPloplaVxrVMQ7ikY0O2M8qTiAcW6q Vfpf1jnThmNEc/jv4sJUPxlyjJCPYTg= X-Received: by 10.80.214.74 with SMTP id c10mr17207676edj.80.1515760828831; Fri, 12 Jan 2018 04:40:28 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:28 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:39:59 +0000 Message-Id: <1515760819-15116-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 05/25] arm: imx: hab: Move IVT_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ arch/arm/mach-imx/hab.c | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 1b7a5e4..3c19d2e 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -143,6 +143,8 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_ROM 0 /**< ROM Caller ID */ #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ +#define IVT_SIZE 0x20 + /* ----------- end of HAB API updates ------------*/ int authenticate_image(uint32_t ddr_start, uint32_t image_size); diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index f878b7b..6367562 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,7 +70,6 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) -#define IVT_SIZE 0x20 #define ALIGN_SIZE 0x1000 #define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 From patchwork Fri Jan 12 12:40:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124327 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2023768qgn; Fri, 12 Jan 2018 04:52:26 -0800 (PST) X-Google-Smtp-Source: ACJfBouH0xX27lLfoB2mAM2G5f0vv8IOmz13++N1JfYmQnQpkvlpXv9nGOc7/m/exiT3ZgyISycz X-Received: by 10.80.241.69 with SMTP id z5mr11017374edl.101.1515761546408; Fri, 12 Jan 2018 04:52:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761546; cv=none; d=google.com; s=arc-20160816; b=kTCInNeKtG2XXVN1RPZD/O2tvH2wAxanBRoMn2r27UpN35jsbuUCPEodm9cDs2t0yj z42c2MMkCgV86Cr+L9lN/kYM2VkG4KEMdRKV5bHJ9yRJKxHWfBhI/iEjb68kGS9MVlX5 zljBJQLMsgxNSo4ACuVRarNU+2saUPE/6NJDkyS0NTsY4vT1tHHP7BZV3ZSjn9NENhxw aDVUzzyBmk0JbgPnAj3Pazc0MJDrCTr7KBKI82lguCO6VN+gxEJNQxQXPAvXRDcwkTju TTO+wo/f9ncSyW/yZJGdZkNsZmTSCvFLiVZMGI9QXYWvK+74BgMaAYK5emKQvkatcN9L SwoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=jFCktXg8PZtRNhKXZ2ZWcWGzp2kAJ75nyz3fOQcFMPE=; b=SXuMTk9Ge3/aQ+kVSupBWW88P513ez5vTW+Sne5gBlSMOjQ6biw4g+totDk1c2mdoU STySqVRv0e6BoUgarobbbKPqXwhE9kUs071S9JzoD1DqtP6mOzgyvjaZAB1qzXeLJ9gK +Dq/NTtWb9ph2cn4jSlfLX+A/DUMmCUPfNM3lZhi00dhNIJ91eqEqSb+ks0C6jQylSXU RGDdHXOI9/uoGgrCzKp/5/OcE9CZ6Icqn1umFg+HfyGkv98xeUkmfaP7vMhI0tAj2Gc1 LRgdaSn4zaPPB5uEaUOf2TFIBeZ4WWCD8CBpTmGRwBlNNMRPWj3J/gqdVzO1xPpf+fWJ cEbA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h8StPe/W; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id s7si145007edk.64.2018.01.12.04.52.26; Fri, 12 Jan 2018 04:52:26 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h8StPe/W; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 03DA1C221F8; Fri, 12 Jan 2018 12:43:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5A25AC221F0; Fri, 12 Jan 2018 12:41:02 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 98DB3C221D0; Fri, 12 Jan 2018 12:40:34 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id A6704C221BB for ; Fri, 12 Jan 2018 12:40:30 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id t8so11795820wmc.3 for ; Fri, 12 Jan 2018 04:40:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=pCoMhpVCIg+ZPFfavEhkyjwKSfwb57ETYFUzoSyftUY=; b=h8StPe/Wvt+C6jfwwKVrPo/jSTRzZ48On6kRVrdokjTa48Wl8P5cbemPrz1v/Y7rHt Gu934pQJeSds6S86jciqbMzgYzhBmWYC6YJ21+Nzx+ADr7qMjv6prcqwu6F+LgB9MxyR 6iJN368PcJVjKVGjrKcb1wz3tOio1ADwtFINU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=pCoMhpVCIg+ZPFfavEhkyjwKSfwb57ETYFUzoSyftUY=; b=s0lvTvGndhNoDTgkTHHhzL+qdWW7a8dNY2dl1zGSRj8BXAsNFBZtE0diFc5qcqLuTT iq2eGmcJfrd7vI0sunkB25dNAjfpOuyF/DdVq4kd/RWyy4+3OzBqK4dDEpwOUQd/3FZZ +MJpiiDidEnSh7X3fXmrWlncXeWHFR1UE8A5rRCtmCci9cSQk2y9Acqv9rTabvkEPpws bfh33cZHkGIRcZLyJJE75Xue5NcJKk6romTMsKtD4fccAQdseutk2tKRqbJ7tFr3RolX C6te/NKjsbQrxGp9pP9QWtSpGTWG3GzBaz27BGjz2KImbGEEaXUUum3k/iR23TvL7sg8 lvzg== X-Gm-Message-State: AKGB3mKEUge2WU+I1VvroEF9JX1GV3x3rpDk9da4toM3l0/2QlBkocrw GFEZuJhvyNx2gjSo/UCH3svDUpTPwQg= X-Received: by 10.80.164.169 with SMTP id w38mr35079279edb.154.1515760829934; Fri, 12 Jan 2018 04:40:29 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:29 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:00 +0000 Message-Id: <1515760819-15116-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 06/25] arm: imx: hab: Move CSF_PAD_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 3c19d2e..91dda42 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -144,6 +144,7 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ #define IVT_SIZE 0x20 +#define CSF_PAD_SIZE 0x2000 /* ----------- end of HAB API updates ------------*/ diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6367562..039a017 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -71,7 +71,6 @@ ) #define ALIGN_SIZE 0x1000 -#define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 From patchwork Fri Jan 12 12:40:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124317 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2018011qgn; Fri, 12 Jan 2018 04:46:18 -0800 (PST) X-Google-Smtp-Source: ACJfBovaZkIvn8416JlXuIg8UwhnxaoktvhA+/nfqNoN/j5OJmnbPUOlzEc4Nva7I0WKWJEeS0RQ X-Received: by 10.80.201.193 with SMTP id c1mr34801502edi.22.1515761178230; Fri, 12 Jan 2018 04:46:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761178; cv=none; d=google.com; s=arc-20160816; b=IhkKtODercnwRUB4Q36tPVjlYSSMI34flXkgy2+zpPRQlwZqhjv3t+FY5wnh14xM84 oKsrEW8Up5Jz6Xx0JLoNXJGsY3+Le4oeLKaGCBN5zN1yhd/dzLCMhPhMjvWifjB3+jyD MLd7zVKmh3kNTlgA40QVSxfTolyOhE8O91XXNRnJSvDV7EYW/T+Zcx8v7nNS8598KIS/ W/Z4q5FuR7nZnh4LFDzwjtTdnas5EReuW14MgqZg6uflmy/I+emQnkdLxgr0b8QWIOmN t4fXkNand+SViMxL6P2nOc8CVpKl54Tj7ZpFP383z783TpNHCkG6185kZiOymhFEflsj 9PLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=22eR5LtgdYZeuxzeST5khf2AtcJcdiM1xb/UmHZicSw=; b=qUXjH+rZJkBVW6nOdIn6U5peJzGLYNs/J+rdN8EofEGlrV5GY1AoACgRAT64H/asUO sSw5jCKV8F67TP2+bA4EKQy7ahpoquSc2tC+cPusgH40JwQqapaMt7srqfVZiw/j4NZv HLiGA0s858SEZDTdrQBIHhxW3GHuZy8Hnuvu+j8drxOt4mnYr8h9pLfKMh/VgtkxL8V4 +E4c0AQXVCj1FcO9zRAIruHHO5zxv6RDOX1ZRZaJRc/A54iproDfQjeo5Y37OLEnoCiw ZMgzrNBhXYEiSGfZhcFQxf/G+VTi7UoP6Kon6aZiXsC6EI5ciTmCzs56MN1EXGm0zd1N ppnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HuCBkgTE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x24si4280867eda.255.2018.01.12.04.46.17; Fri, 12 Jan 2018 04:46:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HuCBkgTE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D2499C2218A; Fri, 12 Jan 2018 12:41:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 940A5C22193; Fri, 12 Jan 2018 12:40:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id BC292C220AD; Fri, 12 Jan 2018 12:40:35 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 1DE89C221B4 for ; Fri, 12 Jan 2018 12:40:32 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id b141so11924866wme.1 for ; Fri, 12 Jan 2018 04:40:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=NOCUakZU8t+N7T8VxDTqhLdZFoegBr2wX3EpOjYPFUE=; b=HuCBkgTELjsKt/ea8cj9j2Tyk8fSO9bzg62AHC7SQWg3gY1siPS8R9SYU9+b0JZbRZ zcbXO4x4R7U4hfvh1guQR0P0ztlc+r8SdOz7vpe1S95HVnAs5akx/GeJHQDkayRW0OAw FhduOTvOCJW2l9B7AdMsXczbuuDgdDsUsCpYw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=NOCUakZU8t+N7T8VxDTqhLdZFoegBr2wX3EpOjYPFUE=; b=Ce8YHut+6FwwekzLDFionDtrE1JbpKcrOjs9b+JgxsGAGTUT72ElpIG+EFsQAIRp0E k+AMFvM4Wvk7cFzBA5m7bcrkSS5hY6nkqbcgEMdpMyfBEnsIbR1sTokJ8yVUV3a9bRJC uDdjTiHBTo1STzUOXbUY1VeZh4hLG68FSWDHkVZiO/U6/XyUXsKV5ZhQYReL606GEc9v /y/h0Xd9SCOLusIyvnBHuue8bauo0nkdNUa0vAbil8IOOIdsasb6ZNg1aV1094QXtlad vc7WzsEiJgeDIsooOJofCw2I38hKHvukbEHiFrPxUjrNFEnP3kflXLjJRHvtzAIEhNbC rM5A== X-Gm-Message-State: AKwxytdxiGVv6kUzSDeWnej9UVLS3zsL5D6vgHat0GlFUZFBESW1kuBw Bblx3PxzImehdEUmLDmUSMi/R9+ipBY= X-Received: by 10.80.135.205 with SMTP id 13mr6821828edz.253.1515760831369; Fri, 12 Jan 2018 04:40:31 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:30 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:01 +0000 Message-Id: <1515760819-15116-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 07/25] arm: imx: hab: Fix authenticate_image input parameters X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" u-boot command "hab_auth_img" tells a user that it takes - addr - image hex address - offset - hex offset of IVT in the image but in fact the callback hab_auth_img makes to authenticate_image treats the second 'offset' parameter as an image length. Furthermore existing code requires the IVT header to be appended to the end of the image which is not actually a requirement of HABv4. This patch fixes this situation by 1: Adding a new parameter to hab_auth_img - addr : image hex address - length : total length of the image - offset : offset of IVT from addr 2: Updates the existing call into authenticate_image() in arch/arm/mach-imx/spl.c:jump_to_image_no_args() to pass addr, length and IVT offset respectively. This allows then hab_auth_img to actually operate the way it was specified in the help text and should still allow existing code to work. It has the added advantage that the IVT header doesn't have to be appended to an image given to HAB - it can be prepended for example. Note prepending the IVT is what u-boot will do when making an IVT for the BootROM. It should be possible for u-boot properly authenticate images made by mkimage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 3 +- arch/arm/mach-imx/hab.c | 73 +++++++++++-------------------------- arch/arm/mach-imx/spl.c | 35 +++++++++++++++++- 3 files changed, 57 insertions(+), 54 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 91dda42..b2a8031 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -148,6 +148,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 039a017..2a40d06 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -78,37 +78,6 @@ (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -/* - * +------------+ 0x0 (DDR_UIMAGE_START) - - * | Header | | - * +------------+ 0x40 | - * | | | - * | | | - * | | | - * | | | - * | Image Data | | - * . | | - * . | > Stuff to be authenticated ----+ - * . | | | - * | | | | - * | | | | - * +------------+ | | - * | | | | - * | Fill Data | | | - * | | | | - * +------------+ Align to ALIGN_SIZE | | - * | IVT | | | - * +------------+ + IVT_SIZE - | - * | | | - * | CSF DATA | <---------------------------------------------------------+ - * | | - * +------------+ - * | | - * | Fill Data | - * | | - * +------------+ + CSF_PAD_SIZE - */ - static bool is_hab_enabled(void); #if !defined(CONFIG_SPL_BUILD) @@ -361,20 +330,22 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - ulong addr, ivt_offset; + ulong addr, length, ivt_offset; int rcode = 0; - if (argc < 3) + if (argc < 4) return CMD_RET_USAGE; addr = simple_strtoul(argv[1], NULL, 16); - ivt_offset = simple_strtoul(argv[2], NULL, 16); + length = simple_strtoul(argv[2], NULL, 16); + ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, ivt_offset); + rcode = authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else rcode = CMD_RET_FAILURE; + return rcode; } @@ -385,10 +356,11 @@ U_BOOT_CMD( ); U_BOOT_CMD( - hab_auth_img, 3, 0, do_authenticate_image, + hab_auth_img, 4, 0, do_authenticate_image, "authenticate image via HAB", - "addr ivt_offset\n" + "addr length ivt_offset\n" "addr - image hex address\n" + "length - image hex length\n" "ivt_offset - hex offset of IVT in the image" ); @@ -411,11 +383,12 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; - ptrdiff_t ivt_offset = 0; + uint32_t ivt_addr = 0; int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; @@ -441,24 +414,18 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) goto hab_caam_clock_disable; } - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); - + /* Calculate IVT address header */ + ivt_addr = ddr_start + ivt_offset; start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + bytes = image_size; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); + print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, + 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); @@ -468,6 +435,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); +#else + (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 6e930b3..e5d0c35 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -152,9 +152,41 @@ u32 spl_boot_mode(const u32 boot_device) #if defined(CONFIG_SECURE_BOOT) +/* + * +------------+ 0x0 (DDR_UIMAGE_START) - + * | Header | | + * +------------+ 0x40 | + * | | | + * | | | + * | | | + * | | | + * | Image Data | | + * . | | + * . | > Stuff to be authenticated ----+ + * . | | | + * | | | | + * | | | | + * +------------+ | | + * | | | | + * | Fill Data | | | + * | | | | + * +------------+ Align to ALIGN_SIZE | | + * | IVT | | | + * +------------+ + IVT_SIZE - | + * | | | + * | CSF DATA | <---------------------------------------------------------+ + * | | + * +------------+ + * | | + * | Fill Data | + * | | + * +------------+ + CSF_PAD_SIZE + */ + __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) { typedef void __noreturn (*image_entry_noargs_t)(void); + uint32_t offset; image_entry_noargs_t image_entry = (image_entry_noargs_t)(unsigned long)spl_image->entry_point; @@ -163,8 +195,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ + offset = spl_image->size - CONFIG_CSF_SIZE; if (!authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Fri Jan 12 12:40:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124318 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2018059qgn; Fri, 12 Jan 2018 04:46:21 -0800 (PST) X-Google-Smtp-Source: ACJfBoue4TGOjsUXMyQ1yZoMmvY3bJo9qkPPgywbBRsg6FnyH7fiU2f9tkCNuPwgsK5vdOWzPlvl X-Received: by 10.80.184.103 with SMTP id k36mr35525295ede.102.1515761181041; Fri, 12 Jan 2018 04:46:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761181; cv=none; d=google.com; s=arc-20160816; b=DLLa6XgywHBhNUTfvOEXyGYSkwkvUHoUxQXRsAP1kBmQ9SoR9Hj6BOadXbtCNb3IWc YdsWpRa0QRaWLBguIx5kRp7E8RzMbArXD0EdChHubf66nWalFVnI8tEya3D3Yxx0LWJn t+qXtqBabS0Hl+vUv76u/Hw7DCHYNNw0dYD0ryQwh/SlCk4Z50Rp13uXITRWZpOfMxU0 +mY14Aqbjq2d51S8DsX7QN7Ppyfu7aV+7X7JnKdXyRdHao0/Y/RGu7XazaE3KY3fEUy+ 3zH0E7mx1MoucFAELPpuOo1rejFOdGrhOscCeGrp8DUJImpKsV2qyBg+jBlW0FV/+yuB oEkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=pdHm3APt+UvgoEe4/KCFm/b0W+IVLvYsmTVRTs11VqA=; b=BVK12UTUyE8jhUXWUdCtZzMuef5j8sXjjcURNhNxvh7ncQnQrpb0F2IcpUx7zeeZWm 5hzoVdYC7j/cVs69pYQcTvMhN8HMSvyTNH5w8f7RDWsQAfM/Yru8QijlK43nQ4PbdSf4 o3lxymb6uPpQUf75M2h0aL4NkWWn39/6tmqa52u1qPoG1qQ5KUO0xjMTIyKWq6CGczKk dHAR3xIUgqp5iEGhCDw+R4MiZ/Kv5fHelYxj+rcOFzA0CodfGWosn1QeTojgW7+Dc0hm eQsVPsreF4FFARXw1tfy2H9JZbwom0Q5f20dbrfZtje53FiaaML9A0y/zoi1Jn0YqQCI IHCw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MTpMuXIS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id b22si1554338edn.176.2018.01.12.04.46.20; Fri, 12 Jan 2018 04:46:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MTpMuXIS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 90098C220B8; Fri, 12 Jan 2018 12:41:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 8E1ADC221C3; Fri, 12 Jan 2018 12:40:45 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5065BC22140; Fri, 12 Jan 2018 12:40:37 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 52125C22186 for ; Fri, 12 Jan 2018 12:40:33 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id 143so11750634wma.5 for ; Fri, 12 Jan 2018 04:40:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=w+zK1eWV5hBU6c/Zv9Z9lu/ZFoqHxc3b/EFH3dGFNHo=; b=MTpMuXISsx1Osl2pqv1FtQr0VAsQMR1wJx+HLpxubLYDtArM0mjnHyAx91cH/jJKwe uputCFYs2JQalUJwet2Z1k4v4q7nswrdSWx3Fn3fpwi52PwP3GmgvvXo4L/X6NMazvww eacO5e+smIeQkyIzpJBM+tYxE84ebyb/FFoyo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=w+zK1eWV5hBU6c/Zv9Z9lu/ZFoqHxc3b/EFH3dGFNHo=; b=Ls1x6FL4cQuhfOXnltM3RAzoHKAxvkLsBqxr3FpX4sqZ4AnhQt6IB7NaSGq7GtsOsi eJG98Jg/+g+qBmjq2N8+wF1iENPFWXY58Oh3QZ5CVQpFsS9XpU4tu7E7Q8gp+oeKoGfK 7lXT2jwA8Hax90hcTzkovS6lMJ/EdLTvDOavNxGrJRllRPxHa8iNXE8DnKqkVA/uiv+P 4Nw81r1WVHM63X0XQOFzl/6wmKar8UUjYwDBXNWg7nFa+2nFVkcjMBkc3NVK5FPK+K+W RELT/Z3xoBscxY58kuMiK7j8E7puaz2DId3Up0UxAuUW568hoDSVQzRbPrYy07okIAO8 tRRA== X-Gm-Message-State: AKwxytfBhbqvUti7Jov6O6vbszW+tt2cNNcGGzUlxd1lwHNxsYabhl86 S/cc4l2z9vAAfp2Qj4i6MXvTTMWC938= X-Received: by 10.80.245.172 with SMTP id u41mr16883235edm.163.1515760832755; Fri, 12 Jan 2018 04:40:32 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:32 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:02 +0000 Message-Id: <1515760819-15116-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 08/25] arm: imx: hab: Add IVT header definitions X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The various i.MX BootROMs containing the High Assurance Boot (HAB) block rely on a data structure called the Image Vector Table (IVT) to describe to the BootROM where to locate various data-structures used by HAB during authentication. This patch adds a definition of the IVT header for use in later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index b2a8031..28cde38 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -10,6 +10,34 @@ #include +/* + * IVT header definitions + * Security Reference Manual for i.MX 7Dual and 7Solo Applications Processors, + * Rev. 0, 03/2017 + * Section : 6.7.1.1 + */ +#define IVT_HEADER_MAGIC 0xD1 +#define IVT_TOTAL_LENGTH 0x20 +#define IVT_HEADER_V1 0x40 +#define IVT_HEADER_V2 0x41 + +struct ivt_header { + uint8_t magic; + uint16_t length; + uint8_t version; +} __attribute__((packed)); + +struct ivt { + struct ivt_header hdr; /* IVT header above */ + uint32_t entry; /* Absolute address of first instruction */ + uint32_t reserved1; /* Reserved should be zero */ + uint32_t dcd; /* Absolute address of the image DCD */ + uint32_t boot; /* Absolute address of the boot data */ + uint32_t self; /* Absolute address of the IVT */ + uint32_t csf; /* Absolute address of the CSF */ + uint32_t reserved2; /* Reserved should be zero */ +}; + /* -------- start of HAB API updates ------------*/ /* The following are taken from HAB4 SIS */ From patchwork Fri Jan 12 12:40:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124315 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2016699qgn; Fri, 12 Jan 2018 04:44:56 -0800 (PST) X-Google-Smtp-Source: ACJfBouH2UHyozuZ483Nd0dTPXij1zrbYkYg1kM5mwiBLmFr4zJ/H7JR/LoaRy4cpFItdBHLvv8m X-Received: by 10.80.164.169 with SMTP id w38mr35096559edb.154.1515761096645; Fri, 12 Jan 2018 04:44:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761096; cv=none; d=google.com; s=arc-20160816; b=NheddUarE61WHRj1+5zgbLTV4+lR+0yEIbHJPouslqgU68AnyvsmdyOmLhQvHArziT wCaBKpP95MOPP/I7dCfghrunhmBvmW9OZHxVMGOmfYGPh8DSLF0ugM/XMPfJDyCdos8f F6N+aFc0UO5QLC13EC0jN6e6uQefEzox72pUi2S9eODyBfKzpkY3d6Je4lsCq8nhlYD4 k2ET3WF5T+XKaj/v1H/TW4b2w4/ZQi4oR0MHigqJcygqok35g34qgt4euUS9Has6fFc6 iyXhijmyw/JkcIA3DutnZQRpVDyeioBUcrjD7somqBLhzHJcBNWf9EyLCYlQZ4K+6xJY azrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=fj6n6JypHd4gIQwyknYnLkHHKtfweMk1BvW5cSKvc14=; b=aYqy+EYOJouXyTXBtc+DDuvTYEB5BI9Wv8d+yg1+jSbcBA9GdDpf/blXo8lWLuzi2n UT+4w+GqUe36m6t/PaxE2J/2PzZlufmGBJc5jMc0SOAxtrt+bOfEeBZvXGf602ptTj0j sIBpmJ2e/rJ4ZUMdNQy1xQKsV9qgOFjQSZ3prflnN8jo6Ktb6BNxbm2eC2dwlWK7NrER os1NSi4FW9koa+b+0hKlXrHGtqunPC2r3bQKIG3KSE9GYl3KcRTi5rNus3i2E974uGgC ZQNlC714grNJKYGyU2+CERxevwiJ39+MipCcyRsN5vHGUIVA5UMrEbifFTtD0XqvDoyK kScQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=jA4EctAO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p1si8629653edl.305.2018.01.12.04.44.56; Fri, 12 Jan 2018 04:44:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=jA4EctAO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 2A782C220AD; Fri, 12 Jan 2018 12:43:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 198F3C2218E; Fri, 12 Jan 2018 12:40:59 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 25925C221EA; Fri, 12 Jan 2018 12:40:38 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 89933C22150 for ; Fri, 12 Jan 2018 12:40:34 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 81so2226761wmb.1 for ; Fri, 12 Jan 2018 04:40:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XFQQHynXYNN1UQQJeZ7sE3PLF+77JU7nxbA/fiXFCAo=; b=jA4EctAOwgK60zGVfvSXISIt3hR8mVqH+gOdll/Xfh18nXt1/4Of1rwOVBo9mliI3j x4dv9IP+31hcnKXXfyKDCFVc0SIJuu283qNzI2dZumpJwA588vtmfUk0ODcc2mSfzSSW ujv0S25JK7oxvnhRuCoN63SODemhLtuw5Cn0M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XFQQHynXYNN1UQQJeZ7sE3PLF+77JU7nxbA/fiXFCAo=; b=kaC0bY9T70xyp363DPIrHN5odLZuX/JRfJrsYjT8VCDdiHZuyLpd08XO+HqqJocQB+ AwRIzY1M/m2jpOt6jMoVG1zFCWxXgHrZchGUNTdUBboPj88KRh7abq3d7StL8TqGrKqr 6w+oFmCIfcG2nrtFMN9sDwPMIXkTZuY7aX2Nn+XB/8cXw+6K4wPyUX6MzZxm/+yanimU p2QaG1ySW21gUyShdGFuiQ5irj1yaSuthgtWfRrjjS3YIgmT/at+CgQJhD3f0YuKp9fN It35zTA/RXs+f9lbj+PNkTijkxGu7K8f/xmkL59zJnBcip5+H75eHnodAHK7wSd6Ieze dFNg== X-Gm-Message-State: AKGB3mKEBIve6zBUfcUffcK1NDHaWHtEnWNKXn0C5t/13Of/jXh12CG9 A+CzaE09T/1O0ERbu1xjS3tznn9IIBs= X-Received: by 10.80.164.175 with SMTP id w44mr34821516edb.57.1515760833890; Fri, 12 Jan 2018 04:40:33 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:33 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:03 +0000 Message-Id: <1515760819-15116-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 09/25] arm: imx: hab: Add IVT header verification X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 2a40d06..998d253 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -80,6 +80,31 @@ static bool is_hab_enabled(void); +static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) +{ + printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, + ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); + + return 1; +} + +static int verify_ivt_header(struct ivt_header *ivt_hdr) +{ + int result = 0; + + if (ivt_hdr->magic != IVT_HEADER_MAGIC) + result = ivt_header_error("bad magic", ivt_hdr); + + if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) + result = ivt_header_error("bad length", ivt_hdr); + + if (ivt_hdr->version != IVT_HEADER_V1 && + ivt_hdr->version != IVT_HEADER_V2) + result = ivt_header_error("bad version", ivt_hdr); + + return result; +} + #if !defined(CONFIG_SPL_BUILD) #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ @@ -394,6 +419,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + struct ivt *ivt; + struct ivt_header *ivt_hdr; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; @@ -416,6 +443,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, /* Calculate IVT address header */ ivt_addr = ddr_start + ivt_offset; + ivt = (struct ivt *)ivt_addr; + ivt_hdr = &ivt->hdr; + + /* Verify IVT header bugging out on error */ + if (verify_ivt_header(ivt_hdr)) + goto hab_caam_clock_disable; + start = ddr_start; bytes = image_size; #ifdef DEBUG @@ -435,8 +469,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); -#else - (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM From patchwork Fri Jan 12 12:40:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124314 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2014926qgn; Fri, 12 Jan 2018 04:42:58 -0800 (PST) X-Google-Smtp-Source: ACJfBosr0RMkIPHw8hwewe0bhugqKCkcs8dplo0wBoBPLAaXnKfZMGiCsdaVj3UNOifYG4I8SLCe X-Received: by 10.80.187.73 with SMTP id y67mr35282553ede.172.1515760978032; Fri, 12 Jan 2018 04:42:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515760978; cv=none; d=google.com; s=arc-20160816; b=obDUt/p1TyuB9k5BTRLbE6IXdl7l0EwMzs8mLyL94OEFIkNQ8NKyQhpeuJ72D+ROJV l2SLGlTOrNbTDBco7mXF1YnQ45cLmgf/2ZqcMQ0VJXhSZ6LctKCHtbQTujwU6MUy2oKA yoxRCewD0nMe/ZkyliFOmNfnJf1ZW6En3l7syPL2SL4bdWz2d35So29qaMFjq4CozWqn wXj7FNzvgqwGqpc5dNPoMqrhr/qVAqZrD8aoyBkmgXFsKbs6qoH4aGk7iUx5q9PiCLYU npD7Aez5EBwBxOFDWwpaJmUai8UhIKAxA2nVAZumgRlvmyLbhNF2KmLcqCYR4U048D+p xhxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=TdU6jj3ZF0bIGAml0QTCOd/25KCrTmwuadLeLaR0wW8=; b=howAxY1Jy1HpN7oPWVrIsR843lmTtMR82KYgtIM3Ja3Iw5kD3wFezBAA5ROYnYSRkT HCAlKYukP0MRqtlmTQR0ovOZyPDJ80P4wTyOTOE/yG/mPHErWDQq3l/NPzcVPn3Up10C SQdJTuC4Jcn00DD1sTYkiqBPPVcQqavBir2o79NHu9XCgm7XDErFqJvwDnKrhucriZiP f1g67UnWD3qBNX7ucAaE8/LLFfnpFQZ1YuKTZUGnYdVre9PonUV8u1sELBCSGhHKYR8W IJbDV8G95A0KdckamvJPqWiTxkVjvqdCeiLNjhzUfEVkbQTKlH+44dT+tvtW4haAVfkP 5Ihg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=A6I/VAMo; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d7si7748717edl.453.2018.01.12.04.42.57; Fri, 12 Jan 2018 04:42:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=A6I/VAMo; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 825C5C221A6; Fri, 12 Jan 2018 12:42:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C0D8BC221D8; Fri, 12 Jan 2018 12:40:48 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 27571C221BB; Fri, 12 Jan 2018 12:40:39 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id AA1BDC2219C for ; Fri, 12 Jan 2018 12:40:35 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id 141so11493981wme.3 for ; Fri, 12 Jan 2018 04:40:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=w0UpYjfDIqm23d6EVyqoYJ+SiVwbAItHqPu71Xu0+2M=; b=A6I/VAMov1+zZre/F+9p+dGBrxDF9/xG2dj1UA4pFjofG3DHW2cQbkBcDDQpjtxQqY ABDe/KuWXNXY3dCLQshmC6yxYBWfLDF9SO4oRiSXCEcc+BEtsxgp03Z0ldP7BjLT5DmY B/v+9eqoKr0TaQYWgLKHBcLUYDFglRaS24k7M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=w0UpYjfDIqm23d6EVyqoYJ+SiVwbAItHqPu71Xu0+2M=; b=ZvWXPSCPIXaEpQs6Eot96qEBfptozfRDwRLK/TLRb75T6htAAd1hr+IxWruCdFuGnQ 5rQa5AXCMkQ/scLh6xMCC4iYrTJTEXA3Be8JdF6W7Ps6VUkkCKYU3yGlgRmxXNZjJqdZ 466Zg/f+HCTOIEhu/X0/bpDauWA9qaG3hKQwuRqIaofQg14Je6HAluuc4BFGpxAGXgFO /yBcNnvwR+1f8RZ1s+gnf6Jy+l9NhL1OVVgaAxxQ79tyvkuveKz33M3vnBFYTjIrr87x Ct2GiOHcqyloXX/Oatpn1zuEYnVF5Vhh4ssySqXxarhcLwcTJp5aCk94DV+nzTE7YRQ5 xDHA== X-Gm-Message-State: AKGB3mKp2QG03TIs0UeEg/wvzRM3c0pLpUU5Zt4UR+rLjqmfmXdnS//4 juU9LPURlh/KzQBdD89oZ++zQ4jyB0U= X-Received: by 10.80.205.15 with SMTP id z15mr36599976edi.83.1515760835136; Fri, 12 Jan 2018 04:40:35 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:34 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:04 +0000 Message-Id: <1515760819-15116-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 10/25] arm: imx: hab: Verify IVT self matches calculated address X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 998d253..39f8f2d 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -450,6 +450,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, if (verify_ivt_header(ivt_hdr)) goto hab_caam_clock_disable; + /* Verify IVT body */ + if (ivt->self != ivt_addr) { + printf("ivt->self 0x%08x pointer is 0x%08x\n", + ivt->self, ivt_addr); + goto hab_caam_clock_disable; + } + start = ddr_start; bytes = image_size; #ifdef DEBUG From patchwork Fri Jan 12 12:40:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124319 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2018825qgn; Fri, 12 Jan 2018 04:47:09 -0800 (PST) X-Google-Smtp-Source: ACJfBovLm4+ova1VlJM8dS87nBj86ZT+SgIKQ0bmiy2mpYxfgapQeaG33bXtZLSA5Dll0/GCylaS X-Received: by 10.80.167.161 with SMTP id i30mr35383789edc.26.1515761229154; Fri, 12 Jan 2018 04:47:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761229; cv=none; d=google.com; s=arc-20160816; b=v8aqg19RklBGDjPgWjlRiFZLaaABHPhsklioHUDA6qrnn6lOvsdQaboLWZaLdyN44J zBEQoW12d0q1DmNBvlaXoQc9Nwm6wRk/W5jBvjLduuaS29Rp3H/FTpWfaay1hxBzLUuF AUmFRv+vtFCFgAKqV1gzYz3CmQgccmLBdutWbfc3yg71ayuIDlh2JXASE9d17qFpnpQa P/tze0SU5PodIOjy9Qqi9Ef4zApfsg4KBxyhQFe7GioxAvC/0LsJJaiL/u6+7m/EpWOc riKDYPeie/qR1z7gZWRg0nATp8Yvnd/277QX0mnQYsO2tdd6tGlHqOG2EYHAIFt7fB2Z wrBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=1e4SC/YscwEJQhhC69OQ3QxrJCQ7Mzhlpb0lF4FaElE=; b=K0MjWpmvpjrVNQvrZnMSUxl2/2+JzXqe83gjRYGUKfVd+O3p6lYjhrd8kP8ZXGqo9Q TrKaky1ZV8oQvb/H8y9DYRSAJEjixj3I1JyqbK8qTxhidqrJ6XYSQ1DXEr5PYgdYvJbM qdyNGQ2AMNku2k4eba+DkjG7OB5ouOualilzzLcaAcR/k6KWVCsmUoFZUtx6HkaTqhdD jzYMdC7eqPJAujP45gHGm9j0N60Ap8aszLh7UKBopgrioTgJX9VDkuhbQDdkxlNyhl2L KoQt05bobDJvzZWHZtDBY237y40Z3ABiFmV/zeUmCnJWGin9IsaHpekqQO+wlevWbE5r u8mg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fkNZRV5r; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g21si8357833edh.544.2018.01.12.04.47.08; Fri, 12 Jan 2018 04:47:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fkNZRV5r; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BE548C22193; Fri, 12 Jan 2018 12:42:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B0A78C221D1; Fri, 12 Jan 2018 12:40:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id EBD0DC221D9; Fri, 12 Jan 2018 12:40:40 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 1A5C2C22186 for ; Fri, 12 Jan 2018 12:40:37 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 81so2226911wmb.1 for ; Fri, 12 Jan 2018 04:40:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=pzZNs5mDpoh1R9RVKRDzhFbnnduJwpCQ0tmJJUroTDc=; b=fkNZRV5rGhr6u6Hvj8ZsU/azH39fK3NcYv9YuRadEX2k9l69JyxJW6hI6nZfBDJgz2 8Ct4QnXrZV8BgF5aoccQgLuEHlPCQmcNPCeKeLoLuoqeC526pc/wFROgjHzAvI2b3hh2 Fld0kbBZvnmaFMzm1JS8fzwaIZICVbTwOSLd0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=pzZNs5mDpoh1R9RVKRDzhFbnnduJwpCQ0tmJJUroTDc=; b=UtB6mBR2q6sftaMLYTwNQ8nmcWai3dU+T/wWjXc7+f5OVjsb/WxfiPHJ4J/jNcMgzP +BYGAMEKmrLnVd30iQo2yWoYSYkTUKeuSbdBwQbkbfMQ9djHW4vHp+NHBibxBbLlY1MZ Nbf0hJeUq8RZAbWkDXHLrHgwjMOybGasJKRx0doryJ3viGpwRVpgsXDKkguMGWntoID1 2NQISCkmr5J/P3XcQ3qwRYkapm3XSuOMGYVRkL7i5xPPg+Bqn2yz/+z16v/RIGTqfUgt +GMt/83FsWNyGfo2XHmzb4of27iAFGq2R0DVFxzeKdeoCRHRK9GGmZOTepRSy3BQOIB+ VLkg== X-Gm-Message-State: AKwxytcYDt8WNLZ3r08A4fcdqBfvVs4qo65++zpTWPW2eegzf18qwS/+ y8ddpzX5hiPgJ3/lQvY9229Y9s4+bds= X-Received: by 10.80.135.205 with SMTP id 13mr6822230edz.253.1515760836424; Fri, 12 Jan 2018 04:40:36 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:35 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:05 +0000 Message-Id: <1515760819-15116-12-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 11/25] arm: imx: hab: Only call ROM once headers are verified X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Previous patches added IVT header verification steps. We shouldn't call hab_rvt_entry() until we have done the basic header verification steps. This patch changes the time we make the hab_rvt_entry() call so that it only takes place if we are happy with the IVT header sanity checks. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 39f8f2d..a8e3e79 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -436,11 +436,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_caam_clock_enable(1); - if (hab_rvt_entry() != HAB_SUCCESS) { - puts("hab entry function fail\n"); - goto hab_caam_clock_disable; - } - /* Calculate IVT address header */ ivt_addr = ddr_start + ivt_offset; ivt = (struct ivt *)ivt_addr; @@ -459,6 +454,12 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, start = ddr_start; bytes = image_size; + + if (hab_rvt_entry() != HAB_SUCCESS) { + puts("hab entry function fail\n"); + goto hab_caam_clock_disable; + } + #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); puts("Dumping IVT\n"); From patchwork Fri Jan 12 12:40:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124336 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2028591qgn; Fri, 12 Jan 2018 04:57:41 -0800 (PST) X-Google-Smtp-Source: ACJfBotPeJjc321Ob36Bfx3tnHybkypY+d1h6/moim2ZOQ/tb3XIF/IZLo1eU4xvXxABSKjpW+B3 X-Received: by 10.80.164.197 with SMTP id x5mr34565531edb.53.1515761861262; Fri, 12 Jan 2018 04:57:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761861; cv=none; d=google.com; s=arc-20160816; b=gDruWA1UeqyVLgzxk4hO0PTJwxlFax33WVYIUeghIqC/PBDq07Aqn2gBT9Jse9sNgI zDMZL8WGLYbrZBpsmxNlmTTpP8/E1bHqL9q82YjMFiahwsorfE/NzGN/8IM0htaI8S/p uuyxj5CvSIdN97LNrGJ1Vbc67XP3btgxrX0Q+6o6jj/8U6UC//DA5xtiU8E3YenptQ/F cGEL7ifkCUh5G1ez1sE4aml/EK96d3MXb36Kyt0pDOhfLJfmaBfsOJBBH2TEIKVwG47A EuUIQNFX0RsU92gvB9Qo5FruFu6Sw+Y7IKCJwrB2RGKcGvlZknKFWyr4ukD5J8rQHUvq QmxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=crMi4kzvb8kC3+6SaEdHdaJ/Bis58bxvykUDzNqSFqA=; b=tWX51M1OPEC0+OoCOZO2XuHSKRPF1SuFACKtUbLG+RA2AJn6UZbkkxYzofpFmQ4aD+ cD/FDly3RDBSDc1vRfs96pQ4ZYlT++MhFXF5SdCusdBD1z0cVxWzzVlnUVfYV8uha2Io 1PZp9HkxKSmSwvDa+gf2yykzCbwddHHzyM13Evnn4OYruFUg/JBKZe8YQUULu78iRAeh GFCO+dMVynBYVkDM1cIwGq9W/Y43J4PGk575uVmBeHSV7EE0vZsWEx72UyDsl67/DS92 kptQBXun4BOFFCajKUqJevdBJcrkozBpPpnu5lr5Xp4fNwjrYs/uhRNzr3kzU4RHKmNm YEYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=B2kcPXE7; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id m57si2600249edc.116.2018.01.12.04.57.40; Fri, 12 Jan 2018 04:57:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=B2kcPXE7; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BE90BC221EA; Fri, 12 Jan 2018 12:47:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9B7AEC22213; Fri, 12 Jan 2018 12:42:00 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 9C31AC21EF7; Fri, 12 Jan 2018 12:40:42 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 9DAAFC22150 for ; Fri, 12 Jan 2018 12:40:38 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id r78so11665329wme.0 for ; Fri, 12 Jan 2018 04:40:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uPf5TXpZuo5tthq/fIi2SUs55wI+DtHZLs3ap6wroog=; b=B2kcPXE7lBycY6PQKfWpCgWK/v1tYhYtk5fQ4FIN4o93RUERpybe56A81qZCHW5TZ7 baUwUfN9geayKCI0vJGBe62LfFWkg/F1ZeeEP/4fcjq8O5j+UDFzE3yBZ+ihJrIXqkVt HwYaAVJCRSY3L7CwuVd4wzhjjKRbKic/AGh7U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uPf5TXpZuo5tthq/fIi2SUs55wI+DtHZLs3ap6wroog=; b=YuIqaJmqcoSU2nJ1R0mndwYwDejmsf/rvayL9BOwUttWB9X/YGPQdXf2bzYF+LWJMH mrDgp/8/O7RB31o60ZSpf6QHzsSfV1jG3aFN/E1hOQyEMSVJaBy4pgdbPWfPjdhr8gN7 rty1HvGKkaNkYP9n+o0ZGJH8qRDYZCDM/IWtkD97T1CMLdDVmv+NRoLH0dfGQg2uA3j0 5VhDGw4u7Gg1NY0tYdeAQ9T9zjRmJn/vqvnCGV196wAN+hHbD/29u4CORWyqpLm+0h4K 4FcdmTJ7Bh8D0GBPDkzBteJ+qvre6/PM2zpcL9hyDoSKdB2m7/87rvLf4Xa9U7/B6PVv wyzA== X-Gm-Message-State: AKwxytfJ+V90rgdxD3q09OtzqVFB/XotsiUJnstM8PifKKBKh646tKon GgRIhUYYXji/kcIWvY1sTilZlgbEgig= X-Received: by 10.80.142.188 with SMTP id w57mr1970034edw.11.1515760838088; Fri, 12 Jan 2018 04:40:38 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:37 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:06 +0000 Message-Id: <1515760819-15116-13-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 12/25] arm: imx: hab: Print CSF based on IVT descriptor X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index a8e3e79..229c723 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -466,8 +466,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, - 0x10, 0); + print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); From patchwork Fri Jan 12 12:40:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124331 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2025739qgn; Fri, 12 Jan 2018 04:54:40 -0800 (PST) X-Google-Smtp-Source: ACJfBosmI7KBnXfxdWirh7+pe5U1X/WI2quwWRDnwKTZrxIvkifKJkWlKNlbbgTi0I6b/Z9SW11d X-Received: by 10.80.146.211 with SMTP id l19mr1989231eda.152.1515761680881; Fri, 12 Jan 2018 04:54:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761680; cv=none; d=google.com; s=arc-20160816; b=LNOLivQvA2pGHZ/Wu0jAgrJj8WvcVnqJiwrQuj1Cf2sshqgpPCdAJgiHIAsc66X6MC dwbAcKK2mOPvBz1TabYZ4vBqMnLA3kMbSB8hT3vFpun4zuUbd0E/v9MQaLRbqHN2ttBn FQsg7Br7hhADvFTMQLu6/35aK68S/Zb+1VYZ49Lankxzmc32YbMDeYYj1aWhdm4A4oMb BRz97r17Jj/TZE+44q92X/q+XFm9b1A/hSd8MFbLT10zng+R78Mdk/8VdY3kOH3CTbxb Ux0qLmX2F3+OglLcRfxzkqxZYguAYmIJjbEn3mnz67Nkm4+Q9vyB/X3+tLR6qfXmGiaY tBSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=nGvzru6g4IEvqQJ4Dq2EjFkHM+TjLr6ldN/jSRIbl+A=; b=jHD3Jj24TlUGdSaoL2M73n6ChwhYgiZwbU8WfsenfZeCoRrW2whlpSggxoAAswE+wB ml3EUhm/eVxaR0RM7wwjv6HWF8XaoUCRVTFHZTKfmn/E+feRX6qrqxxYkeCsDh9LYfZu W5gBiwfb4l8rCy7BcLpZPckiDL7bV7Jezi3h/wyAvmXN3Y2ELKqK7F48D3Ia5Aruzfgl AjCeHm6QjRTv9t2+yER5pKPTqI2ZKXyk59e0TZS4iIIFjttlT3s4v7gIRxeHC7qavLqD 150FeZu2lx0xmU5osIgSgFLMgZWUBjmI+9xlsTczuzcEn59lM7kzsRJB1Yt0xjy6ZUem 90Ew== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=THM6iHhA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id u21si978816edl.382.2018.01.12.04.54.40; Fri, 12 Jan 2018 04:54:40 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=THM6iHhA; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 3A621C221FE; Fri, 12 Jan 2018 12:46:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 7892BC22195; Fri, 12 Jan 2018 12:41:40 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C987CC220BE; Fri, 12 Jan 2018 12:40:43 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id A2775C22140 for ; Fri, 12 Jan 2018 12:40:39 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id t8so11796676wmc.3 for ; Fri, 12 Jan 2018 04:40:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TJraWStgvLR8ZdpUK9IM/Oi1TqUAhnOY1+zHjc97QMM=; b=THM6iHhAr/MYZhGknpMg2+VZrrSk3bpE+st1JIM54N8BbBda2w+z0pGgLTvxZtk4LN p7x5NdbbYgd/xlJ+7cbZRGQzJaBQ5ddVSuTsCSWHCxGF5Na0UBWm3pmKvsysMXYktnQD pQOYAuJOPIWrIcceysvih5PhdBnTQpkHOe/gc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TJraWStgvLR8ZdpUK9IM/Oi1TqUAhnOY1+zHjc97QMM=; b=TayKyPvAM7+zzWG/l2mNCsgkoujczdvws5svLR2DqxwwoGQFdItlRl9STaRpHTJZBi ggBZdicw3edr2THpsp0pRmpOlysIFFhTVXDBHtt6uzjnMbotrdppbY12qIkOemxAnH5Q RdG4cnClO3rg5gpMvJ/UYo6HByEPwbXgrSujQArW6HTZIlF2fRPvmR2nHso2SRuTlN/E 9pl6K01UrrF9mqtcOrMYgCNoAOTtrFPztyfydL+lWX1CbiRYUbw2N3U2MHLgqHlcG+f3 Z6cab/KNFhpSKlDjTGAigIzGJH7ujviImGVV60EXMYPa17Sd/JW3poJuiBgkX08jrajm fcEQ== X-Gm-Message-State: AKGB3mJyUXSHS5eVjHHO7ObkePHT0/Df14ywFxINuhoKXndSOkxH33EV ZpcLAvUjojIHAvZtVS0SY0b78rwO4v8= X-Received: by 10.80.214.136 with SMTP id r8mr35237535edi.288.1515760839184; Fri, 12 Jan 2018 04:40:39 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:38 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:07 +0000 Message-Id: <1515760819-15116-14-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 13/25] arm: imx: hab: Print additional IVT elements during debug X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 229c723..364bd6b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -462,6 +462,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); + printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, + ivt->dcd, ivt->csf); puts("Dumping IVT\n"); print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); From patchwork Fri Jan 12 12:40:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124333 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2026760qgn; Fri, 12 Jan 2018 04:55:52 -0800 (PST) X-Google-Smtp-Source: ACJfBot4PFGKZOZppPDgIgKx4BrasuR04+R8UZ1h/F+jdON54To2xhZCsy/cavMocN2BQNrPQuTS X-Received: by 10.80.186.55 with SMTP id g52mr12229436edc.25.1515761752445; Fri, 12 Jan 2018 04:55:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761752; cv=none; d=google.com; s=arc-20160816; b=x1i/RinW3wUBnOFwKzVlSqRQPnOM6GEOXJqJjEZ23w5SmXeCdyDkjfiXY1lgvMkK/S Ek1Um1kdg0ZYklYHrIZqrHvP73AmRPT5qeVOLeADr3bnZ/lK6n0IkhZeNnkfL3ycQQaE 8N7uCH7FhnRfhKlKfzGDMjsaNXtBpMJG60i6wNjErsSC/ya4yP39unGJT34qUt2uV44C /AY285jkfW1KOYl6hKLaHmKuGKoUekQDP3LX6fcFxxluSqSvuLm0sn3wbeyenj3jwYHu /YBEVPf7c2rQHAGWvRHkAKUw80QX42/i3TjhBat0ClS5sLqaTgzgaWO4qDm5ypH+WSof hsOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=d5lq7IN6SMVgZKZjE2VKhJdF8A8B78tC9wwwNDNX/Cs=; b=JxrEiWesABKGSI6+j5vV4g88xdVioCkPxQst182xz5KGD5RCeEQuCbpFNpS+kKjpYm TEcBFVYRSMWJ6aCvz5bEKuCjIX+992WSHkb00CdwQ8xSFg9gxx7tXII/okr9aJsJB/AT DxMnZ9UxF3axfx2litPKfYfhAXcIQuHa7p2KAuId4v8p7SbrLISGrVj1q5XvdSKoPzz7 h81qpdcWE8xGhfhYH6xsrAqp0JRUZq2cpxU8TtB9B8Y5IC7nsgM7CoGNuoTmJuP8/RQm bYI74kZWwSa8fZojXdEmDeZjsm2aGVzE7VrsfwRyWhWf7rD9VponV+n46amBfdKEcavB Wnag== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=d5TCsO8t; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id f18si258864edb.350.2018.01.12.04.55.52; Fri, 12 Jan 2018 04:55:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=d5TCsO8t; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 016DAC2221F; Fri, 12 Jan 2018 12:46:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 45C81C22211; Fri, 12 Jan 2018 12:41:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 4DB26C221FA; Fri, 12 Jan 2018 12:40:45 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id C0512C22114 for ; Fri, 12 Jan 2018 12:40:40 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id g75so11924554wme.0 for ; Fri, 12 Jan 2018 04:40:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2m71j0u3DKpVzKZO3SBWaA8zOrn5Z3DQgK5N0NKFXcU=; b=d5TCsO8tlLfhQcGH26tTYwB3w920CRWSLOEIHE0wGXRW2ORieUH/hAxPjk+nhlfbkN wTgNg0r4uvIRwmlwmXwx2db8shY1FTo0464XUiaBhpXWbZSXAqzP7ixJtFFUmjPy4qSh emhYIwMJqFWuaFv5F4ObNYRzLzRebVFyc5VHg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2m71j0u3DKpVzKZO3SBWaA8zOrn5Z3DQgK5N0NKFXcU=; b=WiptBzu8WFPvYwoM/AMkkoGDzvQtMvrNbID2wCmgrwMDBZ0kveHj09mhNoQNqobuhJ vyvf3QhMZYLF+rGA2p68KDxxN3BabWB/+pNGMzJezpdcNG2oYAAwxPyAKHQG4CIHtOpv E93g1cpzzGpzJHKA0x/FyzoeR7wSvrvKukZf9a4R8CmJh+HfyGMNrYdwPuZ6WKBfb7iY MD3OxKznYT1eigGV4p0htcgR+DxU43IrzfyEYwC7dzznXHxuZmjwCdtxRfOLWwDyq6ML AzVoWAzozi64Ho30/mCMEdbJozwli8JEJP7wQHUUo3pemoXfCug4BvxlSK9OWJxuIvNH BbQQ== X-Gm-Message-State: AKwxytdauwJxB9CNFPm7NDRQiI9BPUqyhjLscAFdRLoxIr88Ftn/CYu5 X2m65RJtBRl3COKgHzw5JoE4s5CjUGA= X-Received: by 10.80.137.50 with SMTP id e47mr13234538ede.3.1515760840258; Fri, 12 Jan 2018 04:40:40 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:39 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:08 +0000 Message-Id: <1515760819-15116-15-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 14/25] arm: imx: hab: Define rvt_check_target() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_check_target() callback according to the HABv4 documentation: "This function reports whether or not a given target region is allowed for either peripheral configuration or image loading in memory. It is intended for use by post-ROM boot stage components, via the ROM Vector Table, in order to avoid configuring security-sensitive peripherals, or loading images over sensitive memory regions or outside recognized memory devices in the address map." It is a useful function to support as a precursor to calling into authenticate_image() to validate the target memory region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 28cde38..14e1220 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -113,6 +113,12 @@ enum hab_context { HAB_CTX_MAX }; +enum hab_target { + HAB_TGT_MEMORY = 0x0f, + HAB_TGT_PERIPHERAL = 0xf0, + HAB_TGT_ANY = 0x55, +}; + struct imx_sec_config_fuse_t { int bank; int word; @@ -132,6 +138,8 @@ typedef enum hab_status hab_rvt_entry_t(void); typedef enum hab_status hab_rvt_exit_t(void); typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); +typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, + size_t); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -158,6 +166,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_ENTRY (*(uint32_t *)(HAB_RVT_BASE + 0x04)) #define HAB_RVT_EXIT (*(uint32_t *)(HAB_RVT_BASE + 0x08)) +#define HAB_RVT_CHECK_TARGET (*(uint32_t *)(HAB_RVT_BASE + 0x0C)) #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) From patchwork Fri Jan 12 12:40:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124322 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2021946qgn; Fri, 12 Jan 2018 04:50:29 -0800 (PST) X-Google-Smtp-Source: ACJfBov/kzGKmFgdRvk8XBbfsWGDNliSuE7Ogjd+EuDbXuUQ3BcTeJJNvhmLuEzIVKhZnhf1RQnA X-Received: by 10.80.177.178 with SMTP id m47mr10937037edd.45.1515761429246; Fri, 12 Jan 2018 04:50:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761429; cv=none; d=google.com; s=arc-20160816; b=vXl3TGWyX+TSYSV5wh6gH+9mJ4KCs3OYGyvyuEJ1LffU4GupdV/fDiiixX4biP5lht jBux7iI/nhzmD5SLT5NS6mHLF4YOoeJ3x1MPRHxNfeZa2mcBpzJf/Tgq1Dgj17gLsVMX PPov4bcpVwc9VkbFpmC1VUrAS6nLynl4BHz0FAkhSG5ePtsMdQ50f81mTY5TtWynAQe+ moSAbG+EVYvo+jyxfy1ABhB1ImHlesn/SoLm/ALEykNbrui+iXUiW74wxj2CrgziLDar b37B+8r/puUY5Ycy0NUWc334Tj/Fn//FmW5bhWdDC/GeiZr1oUTfkX/SR4fTRWkceM44 OWkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=2UGQwrSRZY+bR4BKYI/G8ULT6ER3tL+8W8Cf9jGDAxQ=; b=czn8vgPlMOf63b4kEdA0kYkXSKF6lEBa9VDSn5ea3Ta+qnyqN1vEVDZjEOmJvjpjbd UNwwKklCmVZMcH/HJjonMxB8kGsBswiM7XGQcbDUNUr067jW4nica7aAE7PVkp+iQlMn Wb7VdzcuzaFx2ALCQWVilkCeZ5SApfsYkjoWamFYbwNC1cd7J/mW3l4uPZ9LcYTn234U c9v3MXhH88kZrNq5kqn/YI4E71Br7pn8BatBT3UX9qexyjotwXGPx1ReK8b1WEgU5oeY I3skS786epfLloz6dJwxMy5LJzVD2Uufh8FH6VjRYY7amzF4+LuzY8TxgSMEfamWF1uw /cFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UDQ+tuhj; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id f2si391284edc.549.2018.01.12.04.50.29; Fri, 12 Jan 2018 04:50:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UDQ+tuhj; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id CEE4BC220AD; Fri, 12 Jan 2018 12:48:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 8E84CC221D6; Fri, 12 Jan 2018 12:42:35 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3934BC22235; Fri, 12 Jan 2018 12:40:46 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 0A2CFC221BB for ; Fri, 12 Jan 2018 12:40:42 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id g1so11799173wmg.2 for ; Fri, 12 Jan 2018 04:40:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=joF2Ln6QSsowM2ZHzolpQ1A6bZ4GBWxrB4oUz4SoftY=; b=UDQ+tuhjZ8v7RXuJmpRX+8yLo/egMmvXICEttzSuHOBsIU74JGSUH69iOu3CKIsKBE dsI+uHHCodb4N7sDgRrMdw9exRyE/tA5OipmfrBlep9m4mWHCsc/jdW9Vp+L7qPqGMYX Vx1978ZuiYvVyYLi7fW/v2XzDdM6zZUGMRYF8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=joF2Ln6QSsowM2ZHzolpQ1A6bZ4GBWxrB4oUz4SoftY=; b=VhZzvILPiBHTZ2QZe+JBUWmgMyXcAgyMeriV76UjxqTa4DuOtqRR7xDe20/cHSbJ/9 AG5WJBtd58ZCrhjl1dCIOx7AuGEDJ0r8fQnUI3PPqDbjd5usXuDhTILgDoe611/FaXl3 4f+U9NTTkc/+8Gl8Gcndwey/ZkJH3b+Lj+9HqxnB5JrKKD2ntBiVM9+8nK4Wbvv/fzZ0 8MWjzmbA9qYm+Wa2LmiziTj8gc2Y/hICMqiKGdIedLnT5579XPjD8IzavkMWpkZq17Yb oYDTXh2S4UC+fU0pxheje82WGUQ4hBck2j2JtW/LQiP2taxNRWvlIJB3+UG8ATKerua2 Yxkw== X-Gm-Message-State: AKwxytd9MvhAPGMSdiJyS5b+dmA0oVhcetolwvM7TF7Kdk15+FE/1FqN 4w1J1oMQK8i/pB5KK0fthGrm28sUTjw= X-Received: by 10.80.153.45 with SMTP id k42mr11796550edb.21.1515760841514; Fri, 12 Jan 2018 04:40:41 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:40 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:09 +0000 Message-Id: <1515760819-15116-16-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 15/25] arm: imx: hab: Implement hab_rvt_check_target X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_target() for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just have HAB_SUCCESS as a result code. Adding support for the new BootROM callbacks is a TODO. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 364bd6b..2a18ea2 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,24 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, + const void *start, + size_t bytes) +{ + return HAB_SUCCESS; +} + +#define hab_rvt_check_target_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + ((hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET) \ +) + #define ALIGN_SIZE 0x1000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 From patchwork Fri Jan 12 12:40:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124326 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2023689qgn; Fri, 12 Jan 2018 04:52:21 -0800 (PST) X-Google-Smtp-Source: ACJfBosQaLxM/KtEhG9cJxjfAJR2g25fbtXQwRBJSg7WnVTvGHq0Q0v6KWRTZ8Xm9mV1Va832ir3 X-Received: by 10.80.214.136 with SMTP id r8mr35282393edi.288.1515761541232; Fri, 12 Jan 2018 04:52:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761541; cv=none; d=google.com; s=arc-20160816; b=pPpLTyeFnIiquZH+50NqVJyzuSmXk7qN79Erkd7WRY/VNvmlfdelKafgUdSeS6PfZM WwnhCGHzMtdzc3ZxabFC4MdNRbcy3YCvWXVT9w6cT4ci8XKN9/SW4R/I52zOzqDo+kqD 3HRjd5C2pqdlOINjvIW6I6bmGRgwgONbV+asTMbVMGYelW9GdtFxJ0UYs9IrtxmL2bAH 9Kbmmkwx3KcVCkZH9WadKN4NbIuDDtuJlsn2ebeABwARJxVtXDnm1iprKOWoxyZzBz4S JemWLl5VEKUbWREdka5feR35ImgARLOhz7tkZ+a7vGWVrjYo6ZbMLFvxdTwvLMgCDfw6 g2Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=s5M9WlGKOZDYk9OT3z4efCGPo3RG52896jV6gNsas/g=; b=FGi7qGCrPFTVQQOW0/QszegOqD4odipNXbbPjU6DS86pw19cFSo0NL5+GjBrh2lmab rdkxEilkwbLdtxtr9vLgukch/Gdt370gjoU2idiMAgsNuNb3BqG/PlHSTLnsdyr3Yy0v 1quwFf7tbXYRHVPRlQAAncb98YNRVmvUEeVDzsUXPfvYYzN1sAPRtAnxlsW1bCnyGEgu GRzrFKfqd2LLfCvddhqfKc1yYSlG4JkkOYtyhv0gzJQqLf65bBUC9GEyl4jsdzeL8nyq 3LhUJHbzeBaYuRJy7c76Sshfe/JNV7hK13mEbnZUsG4T7JQHa6spx7zgwjGyjfKBeANO cWRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=VVl+h+aa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 7si2868207edj.364.2018.01.12.04.52.20; Fri, 12 Jan 2018 04:52:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=VVl+h+aa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D2C53C221F6; Fri, 12 Jan 2018 12:46:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C8AC9C22215; Fri, 12 Jan 2018 12:41:42 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 96DA9C22150; Fri, 12 Jan 2018 12:40:46 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 0AD64C22189 for ; Fri, 12 Jan 2018 12:40:43 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id i11so11511938wmf.4 for ; Fri, 12 Jan 2018 04:40:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=kJT4MeabAy1PzlYCSEqB9wWTQNibd+Fvvu5gADL50HE=; b=VVl+h+aaiSM6jlSv7x9sZCpaDEChrCrYaBuVWAxbyZw76W4U8HWjLHJIePAqvmde/a do/T5JazEsQiz4rzzbnqG9K7Ara5Ioiir1xUf76x7UTT2Mh2ZjPOIHswS54mdiJH25vq jdBlAlKABV57e2gG1XZxMuvh8iYFPuIueMPYw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=kJT4MeabAy1PzlYCSEqB9wWTQNibd+Fvvu5gADL50HE=; b=Mez7KBB9veTvDcUoBS4hpkAnR2kJTTHDrtDNt6oxlAGP7o/tjTfnBuhCV/Rbyt0fYB A+cuv3L36xhqYhMG1nthpTqdmpY8NPVNXFIMvvApwgnSZFEmkJGQVKMkybarfx/thIP9 jljqXk8vEuSiduDW6MOYWd/ktNueHni4CyIbJG2EseglVGH7RT+BRMiMLMqs1jzNvYES ro2Ac1337V/8SW3Rm3in8Gz0AuWyKKuoti/ymgEzgm5NgU8JQlaWPCfuQyu6DC0E8chV fOfGsKm3dr5Zh9detunOdJAHoh2HYAE4JT1aTa1cVUVibVaXgNyy8H0IZL3c5InMnqN/ 1okQ== X-Gm-Message-State: AKwxytfkmn5Gq3L538CiT9MKShrJkKBuCeu9i8h9MluCFt2aFyc1olf4 fGFl/lkZ3cZ76HbQ7CVQGSjeMLqiAiI= X-Received: by 10.80.181.93 with SMTP id z29mr2165216edd.223.1515760842547; Fri, 12 Jan 2018 04:40:42 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:42 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:10 +0000 Message-Id: <1515760819-15116-17-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 16/25] arm: imx: hab: Add a hab_rvt_check_target to image auth X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 2a18ea2..079423a 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -437,12 +437,15 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; + enum hab_status status; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; + hab_rvt_check_target = hab_rvt_check_target_p; if (!is_hab_enabled()) { puts("hab fuse not enabled\n"); @@ -478,6 +481,12 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, goto hab_caam_clock_disable; } + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + if (status != HAB_SUCCESS) { + printf("HAB check target 0x%08x-0x%08x fail\n", + ddr_start, ddr_start + bytes); + goto hab_caam_clock_disable; + } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, From patchwork Fri Jan 12 12:40:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124328 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2024374qgn; Fri, 12 Jan 2018 04:53:04 -0800 (PST) X-Google-Smtp-Source: ACJfBotilZzSQ/LQZLoYRYsVG2Xme+pmgEQs8mUqSZtnZZI/gRgbD+cYcdGoFGiDGkmD2JDcjSkg X-Received: by 10.80.134.132 with SMTP id r4mr8537520eda.250.1515761584342; Fri, 12 Jan 2018 04:53:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761584; cv=none; d=google.com; s=arc-20160816; b=joOTXu0UbKI0z0PaMKk5zM8amS7p+Duas3uOOMsF6c1ZU2ouFAaskoJvqhgKw/9Hyf vQvnGG34KFmzpMMqJSa7PwI5I7ngVBZLDNnfzkbftfzWfCc2X6IMjfQjI5DTW9GV6zLm uCFKXKdGHlolLyxhohuCWMHbhKfzIvI7ZPXufp43re4hRwCZUFWkjo4wYzSn/MlrAWiV kU3HSVhYjb7F0VBMPHsWXnQm50+JdVK1XB/iM3s7samufzKknl/IgTi7glgRizGWONSn +ykovAP/b8BtWNnYoJeHLUVJo4hqi3t1WI9A/oPjOPGv0QfjZO6hcCD8KFpOMGtnt5kz PeEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ukF0jHBIPDm1jpWdJoR6NhTohFbNH7w04wTMVqP2S5A=; b=0rHLV7W3ZITE8BsTlX7s8KB0RqXrOJoFTo2F/sgv6gLtmmomDaxYKe1XndjC7pDkCj kqPUHw1EubLUdp8Mh/3JAGp6f/786h+Kqv/EeCe7zlk2m0PfdCo7Y56T2J8ikOBa2BUj JCXrRxMGKu4HDlT1Hm9n8Nim7pZzCzoLUhpezvkfTpQm2dVhqW0dOJN33EuO0OS+QLKp CqFmabcsbnm7f8XJt9Mm7ooxR7132JCdx2Zx4/NpeO4ToMQ6kJi6Pkk2beR8F/BUn567 SQJP/XNe33V0Xh6gqmFxw7PIB9f2QubMrI3chm8PEyCT8ODjqLJM8jwPmKLBUIUGS6X0 AbsQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LnPU+kj4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id m57si2592467edc.116.2018.01.12.04.53.04; Fri, 12 Jan 2018 04:53:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=LnPU+kj4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E04C8C221B7; Fri, 12 Jan 2018 12:44:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 81574C221A1; Fri, 12 Jan 2018 12:41:15 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D2828C2219C; Fri, 12 Jan 2018 12:40:48 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 0F503C22167 for ; Fri, 12 Jan 2018 12:40:44 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id b76so11630126wmg.1 for ; Fri, 12 Jan 2018 04:40:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=QgK0hPCAOdChljl9zgGFLZ7VnJmBSqKIFVuJg6jNtjE=; b=LnPU+kj4rBR1dRfeQxWUj6RPvUEpi/1o6SJNNmG6vyvmXrS7m/7qaxFWzD/liPJI0D cFNt0EFYzGtNDmDXdoYhGxX6rhJo12HT/Pf7OkZj+bDmBQxon6IKTnaY0pZv30kybaaO rcZnFVND66suwlrmoyJeLWVn0nVxsJNO3N9po= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=QgK0hPCAOdChljl9zgGFLZ7VnJmBSqKIFVuJg6jNtjE=; b=o8juBJ8DVXynbbNZ5h3GBRibZNXbZFEQVHrLh3Wrohqsj1syszpGxulci2b2O8UO+J VWJXqTw6VETyEcbtul6Ym8hphkFl/JdZvR+0n+Auo5g2FEjjPdeiqmrzIiMZT2BBRsOc c71jGkZD/LTKEBKC1oINpXtUa9eY3GZ25okbuOayJIrnNDdPB2CTreueo4Pif6XNXHyS F+0QQAGO79gAFleYgVKwW/+eSPsmkheR/p3UNmqZSArzC7AiggIHvpAUcrihv/L2iax9 IAUatYpzK8uMrHL1HwAU8Nxi0Q++jtsqcdDUAWYdyVt/UhlBYbWDp14UXkd2B+kGxRgm ISCg== X-Gm-Message-State: AKwxytcSFj+zo4ANuM6Av7iekzu2lZrpGwClIePRMEaLF4O2yxIAhjvF OfWbKlRq/6TamO/oaGoieePnmWQoGvc= X-Received: by 10.80.245.172 with SMTP id u41mr16883965edm.163.1515760843570; Fri, 12 Jan 2018 04:40:43 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:43 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:11 +0000 Message-Id: <1515760819-15116-18-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 17/25] arm: imx: hab: Print HAB event log only after calling ROM X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current flow of authenticate_image() will print the HAB event log even if we reject an element of the IVT header before ever calling into the ROM. This can be confusing. This patch changes the flow of the code so that the HAB event log is only printed out if we have called into the ROM and received some sort of status code. Signed-off-by: Bryan O'Donoghue Suggested-by: Cc: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 079423a..3ae88a4 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -478,14 +478,14 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, if (hab_rvt_entry() != HAB_SUCCESS) { puts("hab entry function fail\n"); - goto hab_caam_clock_disable; + goto hab_exit_failure_print_status; } status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); if (status != HAB_SUCCESS) { printf("HAB check target 0x%08x-0x%08x fail\n", ddr_start, ddr_start + bytes); - goto hab_caam_clock_disable; + goto hab_exit_failure_print_status; } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); @@ -543,12 +543,14 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, load_addr = 0; } -hab_caam_clock_disable: - hab_caam_clock_enable(0); - +hab_exit_failure_print_status: #if !defined(CONFIG_SPL_BUILD) get_hab_status(); #endif + +hab_caam_clock_disable: + hab_caam_clock_enable(0); + if (load_addr != 0) result = 0; From patchwork Fri Jan 12 12:40:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124321 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2021510qgn; Fri, 12 Jan 2018 04:50:00 -0800 (PST) X-Google-Smtp-Source: ACJfBosarD1s8sgyv+3RDK9dYbbTjpbQguGPKLIAekjrTP+jLOqWPbKmvBekkHOgpOfaCL7V0901 X-Received: by 10.80.163.245 with SMTP id t50mr7468365edb.76.1515761400350; Fri, 12 Jan 2018 04:50:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761400; cv=none; d=google.com; s=arc-20160816; b=g1jbsgSavqNCnk+NZmqsdwMjkndeN4zoau4h14YqmBFERwGg8EPp91Zlf07TWcPC8q dKJV4OEC8igCf8ezY0jvROlXDYrA2Kv8N1qonSvWA19rNrMLv/Oz9k/NJUl8yi/tcYnh htXFoM0cgNoTPum8S236hm+4QRaxEmR42jOcrlEBbU+RUMAYdideJB4B9pezVSDW2kTj e1NQOLl4Inzf0gPW6INDJlv4ugabEDw8SfHy/iBrLGZXAC0VunI9vGbvQHISloD2I0K5 B/XUuJAG2ALtdqTCVuSPUQnXryIhl7+IR+454OJqInYSnAoSz8YAYIeQ0O55K2Nkt8y9 hlpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=78TdCwd5h6fM9jVus0ke4dEyJehwex19kPYKryKHgjA=; b=H3uXmqmD5GjgqOXgdiSdLJlooM+RTIIly2UHOyRvEKDv5029PRCmBn71XGcfC0iCTc l2V8vFfun2hy5YhtUr7rcVJHhUYFEvkk+M8KEDs+igKvGNS0tAms7Dns2VWJaFo7c+wq r2mipOSa4CHYjbXnVggTzkkU0xxlD6T8y5NMGAaP93RQqM6Efg1ZO+C5+rOIf5hBXiDd 9ntzW4eLaQRsgE706ygzEd2eS7D5zs0KcwvBUSOJCnX/i5HIAo4VehmuSyWZGMseQzhU bui+8oA3FmqHHJ2l51bzH5LzTgUWdNdc4Ypk8VwNZaUiJiiLYcpLlY6yGV36qxqsaDGs xm4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=IQBx4k0H; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p63si1575001edp.537.2018.01.12.04.50.00; Fri, 12 Jan 2018 04:50:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=IQBx4k0H; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id EF10FC21EE7; Fri, 12 Jan 2018 12:45:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 269AAC221EC; Fri, 12 Jan 2018 12:41:22 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E5594C221FD; Fri, 12 Jan 2018 12:40:48 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 2DF76C221BE for ; Fri, 12 Jan 2018 12:40:45 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id g75so11924939wme.0 for ; Fri, 12 Jan 2018 04:40:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=lUafXjSaTz6byW0HAzBeP08xykubofEHAdlsb9skpoA=; b=IQBx4k0HT/+zI7ELohwA4tZgaEqo8UOLiIATmYWubpMEutesi4NDxmGPVocUEs5J1e V+WovtCFiJjNid+MtPk1EiZvrkqe7wDLBlqotz5YffwX3q2iqE7EzCvSY7sOaFFk6sDo uhyu5zWmWFbZYI7PCUw5a20E2/F26u3iGj+b8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=lUafXjSaTz6byW0HAzBeP08xykubofEHAdlsb9skpoA=; b=dfkHSPVP5Vv+3ZVtDlguw3mGVPIfsM8BNOHY46xC94yoZ4k5yHdxZ1XpVk73Xqe2PN Cc1+cB17izM2Di/zIrVZjWs+bljkRd/gmnUUY2xUJnRyWDaI/075nvU9qo6sXR8V8XKg byH63T/EZO91oJAnCyzRVPWESRHoC6hz0IzEk8acyN2U4fXpY5i0/gZfodP/0mrS29IN 9+6TpVFBH2OxWAiERVCUcRvxk7zQ5l8vZRkktLS4sPPg5L+AfHpkJUCy6oEjiLVekoYg hOV0H2Y2B5HNd+X99B/RtXHzUM+hL3ngDIMTrY2Pim/SSfNRfc9punsYyOZr10rVY/Bt AvUA== X-Gm-Message-State: AKwxytcjzjx8ZN7coYysE2ypbh9MtNc2NSzJNTHWk6t1/389pyq3sAqM 3YDW52jYWhvN5kiW6vYssQ5lRSA0yeI= X-Received: by 10.80.245.248 with SMTP id x53mr2590265edm.239.1515760844664; Fri, 12 Jan 2018 04:40:44 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:44 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:12 +0000 Message-Id: <1515760819-15116-19-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 18/25] arm: imx: hab: Make internal functions and data static X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 159 +++++++++++++++++++++++++----------------------- 1 file changed, 84 insertions(+), 75 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 3ae88a4..ec85548 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -135,73 +135,81 @@ struct record { bool any_rec_flag; }; -char *rsn_str[] = {"RSN = HAB_RSN_ANY (0x00)\n", - "RSN = HAB_ENG_FAIL (0x30)\n", - "RSN = HAB_INV_ADDRESS (0x22)\n", - "RSN = HAB_INV_ASSERTION (0x0C)\n", - "RSN = HAB_INV_CALL (0x28)\n", - "RSN = HAB_INV_CERTIFICATE (0x21)\n", - "RSN = HAB_INV_COMMAND (0x06)\n", - "RSN = HAB_INV_CSF (0x11)\n", - "RSN = HAB_INV_DCD (0x27)\n", - "RSN = HAB_INV_INDEX (0x0F)\n", - "RSN = HAB_INV_IVT (0x05)\n", - "RSN = HAB_INV_KEY (0x1D)\n", - "RSN = HAB_INV_RETURN (0x1E)\n", - "RSN = HAB_INV_SIGNATURE (0x18)\n", - "RSN = HAB_INV_SIZE (0x17)\n", - "RSN = HAB_MEM_FAIL (0x2E)\n", - "RSN = HAB_OVR_COUNT (0x2B)\n", - "RSN = HAB_OVR_STORAGE (0x2D)\n", - "RSN = HAB_UNS_ALGORITHM (0x12)\n", - "RSN = HAB_UNS_COMMAND (0x03)\n", - "RSN = HAB_UNS_ENGINE (0x0A)\n", - "RSN = HAB_UNS_ITEM (0x24)\n", - "RSN = HAB_UNS_KEY (0x1B)\n", - "RSN = HAB_UNS_PROTOCOL (0x14)\n", - "RSN = HAB_UNS_STATE (0x09)\n", - "RSN = INVALID\n", - NULL}; - -char *sts_str[] = {"STS = HAB_SUCCESS (0xF0)\n", - "STS = HAB_FAILURE (0x33)\n", - "STS = HAB_WARNING (0x69)\n", - "STS = INVALID\n", - NULL}; - -char *eng_str[] = {"ENG = HAB_ENG_ANY (0x00)\n", - "ENG = HAB_ENG_SCC (0x03)\n", - "ENG = HAB_ENG_RTIC (0x05)\n", - "ENG = HAB_ENG_SAHARA (0x06)\n", - "ENG = HAB_ENG_CSU (0x0A)\n", - "ENG = HAB_ENG_SRTC (0x0C)\n", - "ENG = HAB_ENG_DCP (0x1B)\n", - "ENG = HAB_ENG_CAAM (0x1D)\n", - "ENG = HAB_ENG_SNVS (0x1E)\n", - "ENG = HAB_ENG_OCOTP (0x21)\n", - "ENG = HAB_ENG_DTCP (0x22)\n", - "ENG = HAB_ENG_ROM (0x36)\n", - "ENG = HAB_ENG_HDCP (0x24)\n", - "ENG = HAB_ENG_RTL (0x77)\n", - "ENG = HAB_ENG_SW (0xFF)\n", - "ENG = INVALID\n", - NULL}; - -char *ctx_str[] = {"CTX = HAB_CTX_ANY(0x00)\n", - "CTX = HAB_CTX_FAB (0xFF)\n", - "CTX = HAB_CTX_ENTRY (0xE1)\n", - "CTX = HAB_CTX_TARGET (0x33)\n", - "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", - "CTX = HAB_CTX_DCD (0xDD)\n", - "CTX = HAB_CTX_CSF (0xCF)\n", - "CTX = HAB_CTX_COMMAND (0xC0)\n", - "CTX = HAB_CTX_AUT_DAT (0xDB)\n", - "CTX = HAB_CTX_ASSERT (0xA0)\n", - "CTX = HAB_CTX_EXIT (0xEE)\n", - "CTX = INVALID\n", - NULL}; - -uint8_t hab_statuses[5] = { +static char *rsn_str[] = { + "RSN = HAB_RSN_ANY (0x00)\n", + "RSN = HAB_ENG_FAIL (0x30)\n", + "RSN = HAB_INV_ADDRESS (0x22)\n", + "RSN = HAB_INV_ASSERTION (0x0C)\n", + "RSN = HAB_INV_CALL (0x28)\n", + "RSN = HAB_INV_CERTIFICATE (0x21)\n", + "RSN = HAB_INV_COMMAND (0x06)\n", + "RSN = HAB_INV_CSF (0x11)\n", + "RSN = HAB_INV_DCD (0x27)\n", + "RSN = HAB_INV_INDEX (0x0F)\n", + "RSN = HAB_INV_IVT (0x05)\n", + "RSN = HAB_INV_KEY (0x1D)\n", + "RSN = HAB_INV_RETURN (0x1E)\n", + "RSN = HAB_INV_SIGNATURE (0x18)\n", + "RSN = HAB_INV_SIZE (0x17)\n", + "RSN = HAB_MEM_FAIL (0x2E)\n", + "RSN = HAB_OVR_COUNT (0x2B)\n", + "RSN = HAB_OVR_STORAGE (0x2D)\n", + "RSN = HAB_UNS_ALGORITHM (0x12)\n", + "RSN = HAB_UNS_COMMAND (0x03)\n", + "RSN = HAB_UNS_ENGINE (0x0A)\n", + "RSN = HAB_UNS_ITEM (0x24)\n", + "RSN = HAB_UNS_KEY (0x1B)\n", + "RSN = HAB_UNS_PROTOCOL (0x14)\n", + "RSN = HAB_UNS_STATE (0x09)\n", + "RSN = INVALID\n", + NULL +}; + +static char *sts_str[] = { + "STS = HAB_SUCCESS (0xF0)\n", + "STS = HAB_FAILURE (0x33)\n", + "STS = HAB_WARNING (0x69)\n", + "STS = INVALID\n", + NULL +}; + +static char *eng_str[] = { + "ENG = HAB_ENG_ANY (0x00)\n", + "ENG = HAB_ENG_SCC (0x03)\n", + "ENG = HAB_ENG_RTIC (0x05)\n", + "ENG = HAB_ENG_SAHARA (0x06)\n", + "ENG = HAB_ENG_CSU (0x0A)\n", + "ENG = HAB_ENG_SRTC (0x0C)\n", + "ENG = HAB_ENG_DCP (0x1B)\n", + "ENG = HAB_ENG_CAAM (0x1D)\n", + "ENG = HAB_ENG_SNVS (0x1E)\n", + "ENG = HAB_ENG_OCOTP (0x21)\n", + "ENG = HAB_ENG_DTCP (0x22)\n", + "ENG = HAB_ENG_ROM (0x36)\n", + "ENG = HAB_ENG_HDCP (0x24)\n", + "ENG = HAB_ENG_RTL (0x77)\n", + "ENG = HAB_ENG_SW (0xFF)\n", + "ENG = INVALID\n", + NULL +}; + +static char *ctx_str[] = { + "CTX = HAB_CTX_ANY(0x00)\n", + "CTX = HAB_CTX_FAB (0xFF)\n", + "CTX = HAB_CTX_ENTRY (0xE1)\n", + "CTX = HAB_CTX_TARGET (0x33)\n", + "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", + "CTX = HAB_CTX_DCD (0xDD)\n", + "CTX = HAB_CTX_CSF (0xCF)\n", + "CTX = HAB_CTX_COMMAND (0xC0)\n", + "CTX = HAB_CTX_AUT_DAT (0xDB)\n", + "CTX = HAB_CTX_ASSERT (0xA0)\n", + "CTX = HAB_CTX_EXIT (0xEE)\n", + "CTX = INVALID\n", + NULL +}; + +static uint8_t hab_statuses[5] = { HAB_STS_ANY, HAB_FAILURE, HAB_WARNING, @@ -209,7 +217,7 @@ uint8_t hab_statuses[5] = { -1 }; -uint8_t hab_reasons[26] = { +static uint8_t hab_reasons[26] = { HAB_RSN_ANY, HAB_ENG_FAIL, HAB_INV_ADDRESS, @@ -238,7 +246,7 @@ uint8_t hab_reasons[26] = { -1 }; -uint8_t hab_contexts[12] = { +static uint8_t hab_contexts[12] = { HAB_CTX_ANY, HAB_CTX_FAB, HAB_CTX_ENTRY, @@ -253,7 +261,7 @@ uint8_t hab_contexts[12] = { -1 }; -uint8_t hab_engines[16] = { +static uint8_t hab_engines[16] = { HAB_ENG_ANY, HAB_ENG_SCC, HAB_ENG_RTIC, @@ -284,7 +292,7 @@ static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) return -1; } -void process_event_record(uint8_t *event_data, size_t bytes) +static void process_event_record(uint8_t *event_data, size_t bytes) { struct record *rec = (struct record *)event_data; @@ -294,7 +302,7 @@ void process_event_record(uint8_t *event_data, size_t bytes) printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); } -void display_event(uint8_t *event_data, size_t bytes) +static void display_event(uint8_t *event_data, size_t bytes) { uint32_t i; @@ -313,7 +321,7 @@ void display_event(uint8_t *event_data, size_t bytes) process_event_record(event_data, bytes); } -int get_hab_status(void) +static int get_hab_status(void) { uint32_t index = 0; /* Loop index */ uint8_t event_data[128]; /* Event data buffer */ @@ -358,7 +366,8 @@ int get_hab_status(void) return 0; } -int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { if ((argc != 1)) { cmd_usage(cmdtp); @@ -371,7 +380,7 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) } static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]) + char * const argv[]) { ulong addr, length, ivt_offset; int rcode = 0; From patchwork Fri Jan 12 12:40:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124337 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2028630qgn; Fri, 12 Jan 2018 04:57:43 -0800 (PST) X-Google-Smtp-Source: ACJfBousyQckeiqYvwaMwTNcPDCm8Sb8/1gbA5y1OTh4f3LpBpTF0iYc65Fkniz/NVN6UaqNAsaQ X-Received: by 10.80.218.201 with SMTP id s9mr4516485edj.240.1515761863363; Fri, 12 Jan 2018 04:57:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761863; cv=none; d=google.com; s=arc-20160816; b=g6E4fVVfamor7Qi2JdUkFkAENVTKVY1yetRAduH8yEZSOLkZqdd3rHWzvkjzYv77+C XxIdMZtbjBHr6Ckt0aBjNaxx7PoTPbOFqrpTsEkai6n9gjmsor2/kTlCr+fdB/e644ZW +mCtfyuUOZkpyba8j3fL/xi+GSrYb5dKrCG/EA4kn+fVBOW1yClUDo2RlT7TKvY/avcq NHeiNlFIQpxICG82S6ASf2etTd3Of4bC1trnJiQN6Af9atCqlL100RxK5MT/Hi31+7Nh CCm+aSnt0dWRPx/qdNG+N+Deri6MsltUXcnwWV+zzDfZgmO/hJNRVrRz48KdUtmbCAQo Uatg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=zQnaQHE9ZdT3ZMfWGGKT1F/52Q3ZDf6hvOMmgWHPiaY=; b=u9wTJrQ5LHfLewTl/pzaIkeoyN8YaNs9dUtXE8U7C4G7sDgzfgaCeXeKNopR85qH6+ kfdrNyO+ndmXOmsCwn7OkgAUfMyzydWOF4QG9uJXUG2a9xpxBfvaITskc2Jo62Xha+Ix gnyRKrAd2PU5Oh4ryTaP1H1Nt0hA89xmQcWYDZxoD2JEBNTBd4HZfjIzMwtz9mWs0GBz AtUTTgZOHOV5uf8iy3dnI3F6vecr0EvLtvMCF5kms7m9NOAYxVH2eToj1BzlDaf3xQmb I2C/pnBsFBG+z4JduX+SFNtdTUc5fv/46fnrmDBb1R2PSjUYJfaeUiE7IteIOk/O8OMP vEYA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XuB9C3L7; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k39si2803549edd.267.2018.01.12.04.57.43; Fri, 12 Jan 2018 04:57:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XuB9C3L7; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E5568C22206; Fri, 12 Jan 2018 12:47:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 20EE6C22150; Fri, 12 Jan 2018 12:42:15 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 20BDFC2217E; Fri, 12 Jan 2018 12:40:51 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 31E6FC221C8 for ; Fri, 12 Jan 2018 12:40:46 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id b76so11630318wmg.1 for ; Fri, 12 Jan 2018 04:40:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qSJUxs3iay+JXekpLMvvTzhiNd5cZOfrROu/Dkh4qYs=; b=XuB9C3L7E0OWtG7Nu/g5kkbtEeaClRlMhDyEDX548d61kVj7bMd/Y/xqlaR7ViPxYU Gq/AibaF9+KLunLW8RX/MptI2IXlNgcXxMzd0HXzNF1AxHhFxXLKaFjewvHetTc5/yHx uypskY8H79LO+djkCRfsmmCfe3GHW7cbPiTsw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qSJUxs3iay+JXekpLMvvTzhiNd5cZOfrROu/Dkh4qYs=; b=ntBazhhxZ8IXYmSt4nYREdybWBngVPTupsoZtY80NQXPIq8SNLC03NLKh9zFONLOB7 03zabEyBUjc/WaczmNCmig3hhs0HdP0qi9b6NFaPeBqE8nnOfLfgKm2oStpHApJIu0Yi cx0FUwwQY1N2PyxLv49XT1A+5C/ukOxrLjXMX2qbiVfPeqk/93+JOMt2CWloDbLcXuKD psGLS2mv5OWDD7lG08rdNhBKTvutTAlZ4CwTlDPSECvLViA039uVcvAqehBUVnEE/cFM IHz3VlBiCyU/FiwaYRMRJLaWVSU8f8i4fsqbJhHgH0Agzf4kByLtNG79neKk/lIBQN1u 10ww== X-Gm-Message-State: AKGB3mLPKZWLO4ljt7CHzS1aCOtIQVT0dYA8pHRACBhsJa8KaU0tQHHG k43coE5hVyHKG4HcBXJyy8MicaPrPmU= X-Received: by 10.80.187.73 with SMTP id y67mr35273872ede.172.1515760845705; Fri, 12 Jan 2018 04:40:45 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:45 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:13 +0000 Message-Id: <1515760819-15116-20-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 19/25] arm: imx: hab: Prefix authenticate_image with imx_hab X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Tidy up the HAB namespace a bit by prefixing external functions with imx_hab. All external facing functions past this point will be prefixed in the same way to make the fact we are doing IMX HAB activities clear from reading the code. authenticate_image() could mean anything imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/hab.c | 6 +++--- arch/arm/mach-imx/spl.c | 5 +++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 14e1220..98bc1bd 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -185,7 +185,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset); +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index ec85548..7c2f828 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -392,7 +392,7 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, length = simple_strtoul(argv[2], NULL, 16); ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, length, ivt_offset); + rcode = imx_hab_authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else @@ -435,8 +435,8 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset) +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index e5d0c35..a5478ce 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -196,8 +196,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ offset = spl_image->size - CONFIG_CSF_SIZE; - if (!authenticate_image(spl_image->load_addr, - offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { + if (!imx_hab_authenticate_image(spl_image->load_addr, + offset + IVT_SIZE + CSF_PAD_SIZE, + offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Fri Jan 12 12:40:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124334 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2028129qgn; Fri, 12 Jan 2018 04:57:15 -0800 (PST) X-Google-Smtp-Source: ACJfBotHVXRvOEA6R31x73SwUzPjsxhilLKMPpeMrojdowyFcC1WmqHE6fWN+jOBhsPGtE/Nzd3T X-Received: by 10.80.195.75 with SMTP id q11mr1890409edb.254.1515761835640; Fri, 12 Jan 2018 04:57:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761835; cv=none; d=google.com; s=arc-20160816; b=JwoFGgjcSrhf/0guZ0uCLtH8HLNQUzk4YjU5ej20xpbXF3jwK6MhyJKsEHsIhxh6Y4 VbnaMGH8gwBJiNQFadmp1JIuIfhcMjZhYkKSKbqnKvUlX3znRYp09t0Pm2QbnW7xZBOq gQ4z1U/WazYCRy+29IR9+TbQnryiZfc3qbfrQtlDHb/ie0rMPwZogk46f43eBh3O1uhD 3n7Zmm9rBOyGLOYJAVNzz/dDwzHPL5rK4HpEz7T1ZpluzptwuoRbrKpTsyOl0vG8Ht7b LXQPuElLds4QwyrkSrkAWQ9QfcJoCsLhrW4YZQ4pJpOOIY0AUIoogKOHfR6XCSYrAvrw sFBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Jgf8slvtqTFIdFaiT8b8bKVXfibcgTLoAOj+jKYWEqM=; b=eD5f8cusplfxeG9N5OzRQLgyezG+WFnpzwoSrrsGRjm181V2HPGEQbhShR0RBXIwpa sOzNphAWsJDknnW6qR/4CwcCSuuYWiFHVywPEO5n3UjW+yTKzXnq6XkukWjzJ6ZUUFWt 0d/kW/J3+4ysMjPa5uB2+dHMsooWyoSU15fCxts37Ws/Ka3201TCzHsFZyDY4avQoo/y kmrflpUyGaN8CCZn1Wk4MIiD2Sdvjn5rFjoHmUNrVbwonWfUgUdB2hrck/BiRf0FrZHf Vc14kuuOdoZ1havPubK7ztjVw+PdfSYtJ4IqbRmLRZH+2H+JDtxfeXpz3MtcnqONDzvR kUFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ktjjx/1S; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id y93si377199edy.358.2018.01.12.04.57.15; Fri, 12 Jan 2018 04:57:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ktjjx/1S; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 44A91C22208; Fri, 12 Jan 2018 12:45:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9F844C2220F; Fri, 12 Jan 2018 12:41:27 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3A143C221FF; Fri, 12 Jan 2018 12:40:51 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 3CBF9C221D2 for ; Fri, 12 Jan 2018 12:40:47 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id b141so11926206wme.1 for ; Fri, 12 Jan 2018 04:40:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3kmeRJAcnNLuvoVzlVMyorvtFHmwtBWxwtce5sh4EVM=; b=ktjjx/1S2HVhxakNRmEFDIT3vLKPFJbUtrV5V8R2jZuWCRMkvvlIRWtyoMLnVuYXho G7gaj8u2pVkuM39WqHRiLnu9eyOfjNVvdv3SxOvHoA6W7tho39LItrjecLTG1h2bf47X +7eJuU3hoK9xDD9pTcH4jAeV8izKd50bHXkvM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3kmeRJAcnNLuvoVzlVMyorvtFHmwtBWxwtce5sh4EVM=; b=sjb/ZYpg4AZtTS6WI1J/5ctJMso3JdedYFbyYtmYsT/u+G1FtCvf8jpe+noUW4+yXB FlzdyOkrRNcRCrsmFCroxLmuHls+099TCrkuItI2KfL4skUuN5j/+tQRQDyksSrnoyVJ S2ZBpDkiPHxjFPJlAPx7v1lvYjwd9pVBpRGkQ3H5nwEKWZ5X2rZw5ELy4bz43sG7C0F0 z1p0CSn+zHNKp5Kb5DynUPNc0l6PCDVBZpaSyJKJCmUT65xBH3XjWjYOASJj4ejV8jBq ESiMFNM0O/TG/cvN1IlUcmBkiN3cNbOBsdDUaCzrwG6qicfz59Fw9FytCM3+3VzRUprF GYIA== X-Gm-Message-State: AKwxytcHwMf6CgvNMxtBKTj5taYZ7z4VMEp6QN52fYDchkiBPlyC3OVg AyGHuaKb2MkB2ikkROzBPub1tvjOsso= X-Received: by 10.80.151.22 with SMTP id c22mr11439817edb.225.1515760846748; Fri, 12 Jan 2018 04:40:46 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:46 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:14 +0000 Message-Id: <1515760819-15116-21-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 20/25] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Understanding if the HAB is enabled is something that we want to interrogate and report on outside of the HAB layer. First step to that is renaming the relevant function to match the previously introduced external naming convention imx_hab_function() The name imx_hab_is_hab_enabled() is a tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 7c2f828..d917ac3 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,7 +96,7 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool is_hab_enabled(void); +static bool imx_hab_is_enabled(void); static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { @@ -334,7 +334,7 @@ static int get_hab_status(void) hab_rvt_report_event = hab_rvt_report_event_p; hab_rvt_report_status = hab_rvt_report_status_p; - if (is_hab_enabled()) + if (imx_hab_is_enabled()) puts("\nSecure boot enabled\n"); else puts("\nSecure boot disabled\n"); @@ -419,7 +419,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool is_hab_enabled(void) +static bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; @@ -456,7 +456,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_exit = hab_rvt_exit_p; hab_rvt_check_target = hab_rvt_check_target_p; - if (!is_hab_enabled()) { + if (!imx_hab_is_enabled()) { puts("hab fuse not enabled\n"); return result; } From patchwork Fri Jan 12 12:40:15 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124323 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2022385qgn; Fri, 12 Jan 2018 04:50:56 -0800 (PST) X-Google-Smtp-Source: ACJfBos3F0aA2jwQ/rVijoZiQFsGPolEinP1Wss0LmBsbJ2HnyDFAGWpFL4F80GOjdCjdjE8Lhrp X-Received: by 10.80.136.129 with SMTP id d1mr35992825edd.256.1515761456093; Fri, 12 Jan 2018 04:50:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761456; cv=none; d=google.com; s=arc-20160816; b=PGNPt0cphKbmNEygyupbiPqibzb79apzJAYOwjjlgfjzXFQRX+ulBw2y/FBB7BW/kA 8PaV7lqhWZBCelAuov9KClcFEEl3lyE3bhZXgPIsZp6RVDiP4cAEnm4ZiYcJblVFsb/l bykJinG4W0oiSddZf8okllOPYQH1hfo68Dgi/l2BRc6dwR2ww6aj0WcSo35UhsIQpSGz 2UV1g7kGN1UdrxoL7QT2EJkVWpnIGNOxzZBXhVk4Y73OjZOu1fiBg8HBF3gGEOw+o818 7XnrKDcOn/ugkdokI8QSxheGL0gpB8CiXux9cSHEs6WAm+B4ocEm0ybiTFgjhFHE37vt +MpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=94MMmcnA4iKvLcnwoaqJLkxlkSdko+a1zk2C6PnP6P0=; b=aSDnQLDwc7A2jd/gAthiJoSmWj5Sg2rLmLuRNs2/90Jrj3lwsRzitFgP77CFYufnRe FipLHTcy7/TTmgVSaJBO5oFNLjxL+dnYaRnFmdJptx8c9NxmgIBwsrHVuGiq/lAF1Ikj 22xh3Trja6oARpm7gkMfY6zTFrnA00mteO88vr86JnOKKWepA+sSUa2MUP0IkVicbH12 TFiWVjRSThMxSlTmhoJi40ZHLRT/nHabwtPIOfwehkLG7YxBJk+nMVSMv4Eb6fd7rT6t RaTlY43O0WntHSGJoSs7RzoFHUJm4V1+PYqV0lDeNbAc/hPZHnrOhUaxgY1uoGGZgpDM hXMg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Vv3OzQO3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id s15si4228882edj.332.2018.01.12.04.50.55; Fri, 12 Jan 2018 04:50:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Vv3OzQO3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A7BC3C221EC; Fri, 12 Jan 2018 12:47:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 68052C22208; Fri, 12 Jan 2018 12:42:19 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 0F175C2221B; Fri, 12 Jan 2018 12:40:53 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 2D452C22167 for ; Fri, 12 Jan 2018 12:40:48 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id b76so11630517wmg.1 for ; Fri, 12 Jan 2018 04:40:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=AweezIEBRSX3muV82c6vfHsAmXM/yGF6ylEcgvYRBiU=; b=Vv3OzQO3zcR+ovAki/KGPTIiW2tEoRiUxRw5B5C6JbVQlTPl7j9Vn/X5uugLIRinoI K5RwuFleGdzQdSFhtj/mDvq8W8JLh1MSvSeGJUVMlM1q6oWivrUOrc84ClodYgNposi5 +9ITav49NeTtgguOdeIeiktu+fPd6kzk0hb5s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=AweezIEBRSX3muV82c6vfHsAmXM/yGF6ylEcgvYRBiU=; b=NPy+D2czQYLPZeACkKCZGtpM+cqTnjpZsj/vWJz7jHP/K7sFhpTMaLY92hjjM9BdWd XY+566Zko0KJJ7UEBcgrPw++gSGeVj6jjufFBafDdnCaHG+3+znhR2x0PpgSuErZH7xS +bxYZo0X1zItfkAOrf2zlrB8tFuhFnhLBjMcZuvoE20Oru4R568rDyslCvOpCxqAv/ov A/quNX66OG9XjS2+MWtpg9fSYJXeNXZQvbrrFH8hze1Jj6muVE2MNuZaZL4JdOy5tRkS 8ZGpIgbJC2SM7P1oSdI0cZVHSCzvLtMC7T+2Bh6HKMjjHIJ+c0iDwb+s5QgxzhCDKJQO Lz4Q== X-Gm-Message-State: AKwxytfXwU7NElkVJOynG9CeoUuY+OFq+kG6nu8E1tKEIeHTVmvWuejX Sk3HMBcRrBtVe8px4ciGLbx1I8LzqFw= X-Received: by 10.80.219.8 with SMTP id o8mr15949173edk.301.1515760847704; Fri, 12 Jan 2018 04:40:47 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:47 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:15 +0000 Message-Id: <1515760819-15116-22-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 21/25] arm: imx: hab: Make authenticate_image() return zero on open boards X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The BootROM will not successfully process a HAB image passed by u-boot unless the board has been set into locked mode. Some of the existing usages of authenticate_image() expect and rely on unlocked boards doing the following 1. Not calling into the BootROM authenticate_image() callback 2. Returning a pass status for authenticate_image() calls anyway A previous patch removed the necessity to call into imx_hab_is_enabled() twice. This patch ensures the reliance on authenticate_image() returning zero is maintained. Signed-off-by: Bryan O'Donoghue Suggested-by: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Tested-by: Breno Lima --- arch/arm/mach-imx/hab.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index d917ac3..3b19a7e 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -458,7 +458,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, if (!imx_hab_is_enabled()) { puts("hab fuse not enabled\n"); - return result; + return 0; } printf("\nAuthenticate image from DDR location 0x%x...\n", From patchwork Fri Jan 12 12:40:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124329 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2024694qgn; Fri, 12 Jan 2018 04:53:23 -0800 (PST) X-Google-Smtp-Source: ACJfBot8q/LNFa/deoHTjvO+5gxBLw8M6UGfsES0Jm+oSlfsX0eW9IEi668ZANHml2JC/IUDOV1F X-Received: by 10.80.184.25 with SMTP id j25mr35922782ede.5.1515761603817; Fri, 12 Jan 2018 04:53:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761603; cv=none; d=google.com; s=arc-20160816; b=r8XufVv7Oxqk1epj1JLR3BCgCQJH8cbAfVqOVDx30IrBvvkR7uO+ac6M4tSfa3FYfM Vib4MfCp5XooFG2yeVJhuaQYcBFdo4f9sL8yLaa8C/u+sKj/NmYSeblStkHsS0Cq9tp7 +/5wLa+SaSlCIATwpuEhra1kdsA3XEK/khpJ8P2ouJSHpSExa1MFnm0ab4es3wR3itXU 4G+up2EmTLP6iGjdobNxi2ksgV4msPE1UrrWDmy9Oa1leUlUlU3HgllgnrDTZPm9eapg lsRE9u9+iUEcPElzireFcNXzPfAwCd9SRO1eHI7t8g1ZKj7fvcJxuAziJC7JTT2vEnj4 1bdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=aZ43QdyV+PV0sNs36RU7Ucl/tQFSC+UeBgSEfAHYN/s=; b=xoB8jmbReWhO9uYruj460wQhhcQimci+tSLMpXskyIUFMsTLYKvBi18nWwdmZml1uk LRF+a10y+Hubo2QNMUrUjI3X7qEfdx5qYx+dnnswmp3Gh3zlzHGMFBJnZuavvMy1Hoc8 oWlkPh09G8sqnUlsJcN+koQDC/rjPbQEaX6jKGOKnVbi8cV8qmHkFtdXqjpyCRg/1Pdh HDeFXgQfzwMAWxYP+AH79QyUtnXujkuFqol4lHkGPsic3j8ijJ0VahXo/8nFD6scKF2o ii8yoBrWSSNZMuj8pOtVwiQ6jIwmazVw9mdWGb/3RWBoZjr3XGbupOX0DEiNDXOzN/hI b7fw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=X2mnX+e5; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id q10si24238edc.473.2018.01.12.04.53.23; Fri, 12 Jan 2018 04:53:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=X2mnX+e5; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 6F87FC22204; Fri, 12 Jan 2018 12:48:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 74AD9C22212; Fri, 12 Jan 2018 12:42:38 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 91AF4C2221E; Fri, 12 Jan 2018 12:40:54 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 3E771C221DC for ; Fri, 12 Jan 2018 12:40:49 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id g75so11925316wme.0 for ; Fri, 12 Jan 2018 04:40:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=bzlqo70ox3kAZ39TlshqaYRMf9OxZ64Z7ef58WdvqsU=; b=X2mnX+e551Sb7k98hjyWKsUl8N2kIF5XKyLh0zxkoXMHbxyv/P1oh+Jx7LKWKUlAxu Ea3ZFSVn+UyeViaXgHH7IFAQDGrtFsvcVwOyWe6cuwsHntTTQks1wuAtfeCIE8v/wnxb WRTsUKh4a+SIwP9+qzFS1a1ojyIMz2Pkpe6mI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=bzlqo70ox3kAZ39TlshqaYRMf9OxZ64Z7ef58WdvqsU=; b=WBYy5d9GRE6Q+bJeiBfrDKDzelqOwTVNeJTfVj12gY9FMyHeUgJi2SX9kstOwOAE8K Zgwa1WEbr/aiYz1+mf0aF1OC8hAhgMrJ1uwUsJATnj4fX9G+Ot7BTwQ0IsCkX6eT9+Fu JecTte98vwtuUjEW1wkgTYHN/trf6yXRbxlGyse8UWyjvJe6AI+pNIy9YByRw5+Db6X8 f5KOIEA1i5mje0+AhWZevaMJoV7+uZRw/f1QXIH4PihGCRRleWzczO+vsBcCiyqxzA9z jYzNBavZhP/qMFxai+mFaikPqr1Yz8RPrt9eHPF75gmZD3EUSag02PJh/2Exm+yiGq7q ufMQ== X-Gm-Message-State: AKwxytc2CeX6P6R5jgG5HIIVlWPj3AjV4YubWjhqEC3WtqLtbnVgtPNs +DZTEQEcX627ncaGSYXQx1ZMEWBFVgY= X-Received: by 10.80.137.233 with SMTP id h38mr8145127edh.39.1515760848736; Fri, 12 Jan 2018 04:40:48 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:48 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:16 +0000 Message-Id: <1515760819-15116-23-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 22/25] arm: imx: hab: Make imx_hab_is_enabled global X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 4 +--- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 98bc1bd..5c13aff 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -187,5 +187,6 @@ typedef void hapi_clock_init_t(void); int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, uint32_t ivt_offset); +bool imx_hab_is_enabled(void); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 3b19a7e..d1c5f69 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,8 +96,6 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool imx_hab_is_enabled(void); - static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, @@ -419,7 +417,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool imx_hab_is_enabled(void) +bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; From patchwork Fri Jan 12 12:40:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124324 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2022921qgn; Fri, 12 Jan 2018 04:51:30 -0800 (PST) X-Google-Smtp-Source: ACJfBosZ7I+ifqSAOC7GflJXLSDrikhnYOmpnu6YGmc2XC/mClsfU3oWTYRsxNEY+W+Sf96oQmDx X-Received: by 10.80.146.29 with SMTP id i29mr2496052eda.27.1515761490659; Fri, 12 Jan 2018 04:51:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761490; cv=none; d=google.com; s=arc-20160816; b=lAZXBK0/RxeL2dSb1aMIq45NPI7PH+XThLAisTrrrV5l7Eu1R7NAZxvplolllsolqH ZtqHq5324OrA35qxJbYXOuOUI5KZ4CIGwIxikR1wLDg7Vj3HfWJE7mF70zxcVToiLH8n 7RbAhfa9VurkmbHWT0W2YkyHGusO3JL8B+VwjwwRjCQ7eqeZydKkMH3bEUx6Wkn25N6L MfvtlEgzWNGxHFTHaulIsD3EvvV+LPJifwVepInZb00vGg/AleGWIcr3MLJ++CU0YPHj PBA0iYDCdWiKZdCjds8jQo89vQRLlDf6YTf1/IqJw35RbHznd8CejzmMV97NnGq0Y8gf Q+UQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=TMvpKY5oWKLJd6N4BAh6sQYU0cYie0xq/NJfpDQ10e8=; b=fUk+YJ27J+j4fMtDmAEWuHa5qCXXjidaDKj82auW0NNJjF3T78hM5I0EkJt50MHPWT Ag4W0eTfGy2KyUBzzUJEGnboQDS8RAi242pxMC7MtyEg5+9b7QO3RDx/v10xNmTTDK14 x0miRGjLnCLQaC8Gzi6/kqtQqYtpuq15EjvyyOlRZoFBh/IRFZucaqPeRovxsO6LBowc GnVa9O1/gsd1iiW/kLWNsoK9KQMkMJ4pDWdGVBpJXw1vOncA89AQC6oatE23N9HejrqW 19MhBU9hxQHUJOwagHCW8eA3Tv9XxWlH+iD/MrLXWdgpjXB4MdKsILpLRgwcQezgueNQ 1a6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eDDuTEjW; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id i19si7082600eda.254.2018.01.12.04.51.30; Fri, 12 Jan 2018 04:51:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eDDuTEjW; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 30CB1C22195; Fri, 12 Jan 2018 12:44:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 00976C221DF; Fri, 12 Jan 2018 12:41:17 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3349FC2215C; Fri, 12 Jan 2018 12:40:54 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 51784C22194 for ; Fri, 12 Jan 2018 12:40:50 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id g1so11799929wmg.2 for ; Fri, 12 Jan 2018 04:40:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=8GsFNs0jtgkX613BljerM4ScjYw1l7gJAwQ/uaGeca0=; b=eDDuTEjWjN6KuBysgAxSqXK+Dns8Vq+VJosogg6T/pskGxoo1GWBvR8i3ygZHMAB6Y 1mXTM/HwWPV49DbibnukWyDGIde5aV4bg0VaazvCBWJVpv2q93r28iO9PcM3UZM9wy7e egyCfMqmZtFenqYk9seGYgbl+1T4Tc9WJs3tU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=8GsFNs0jtgkX613BljerM4ScjYw1l7gJAwQ/uaGeca0=; b=okmSrpRvXnflyCcYJroSIx/k3lXe7ryUlHoJh8uPZzfUmBqcnMp2JNTWkRbbmkeS+q LAgVJUzMIuZG7O88vkCteJOXm1O6PBWPorsg9NLceP9O9HGAvA+6fKi9wFEkJpW5hf8h K9eaYJrVvO6490knmnDGjH8WyxMr6VsB4Jd36DfGV0l9lC8dxVX4YyD7WjvOTobYD53m 6XlycBCnL3drthja7md7ywz6oas46kyPxNuSoDkF3D6UEk1k77X1D46Pp4XWeshYXNYU h6DWxpVXwgu7BcsDck0T4P+2AsG4pgk1OBpkE2y6wDbFFL6iPpkF5a747clKiFD9x+c8 ocWQ== X-Gm-Message-State: AKwxytcVI1f9KUZ0NCepKRN5zzAAvxCIsPL/XHMdNL+oljyDkPZ325sp pM/28HRLLQA4gWhfM5Ngho5SgY36mKk= X-Received: by 10.80.144.233 with SMTP id d38mr547599eda.291.1515760849816; Fri, 12 Jan 2018 04:40:49 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:49 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:17 +0000 Message-Id: <1515760819-15116-24-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 23/25] arm: imx: hab: Define rvt_failsafe() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_failsafe() callback according to the HABv4 documentation: "This function provides a safe path when image authentication has failed and all possible boot paths have been exhausted. It is intended for use by post-ROM boot stage components, via the ROM Vector Table." Once invoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 5c13aff..a0cb19d 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -140,6 +140,7 @@ typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, size_t); +typedef void hab_rvt_failsafe_t(void); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -170,6 +171,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) +#define HAB_RVT_FAILSAFE (*(uint32_t *)(HAB_RVT_BASE + 0x28)) #define HAB_RVT_REPORT_EVENT_NEW (*(uint32_t *)0x000000B8) #define HAB_RVT_REPORT_STATUS_NEW (*(uint32_t *)0x000000BC) From patchwork Fri Jan 12 12:40:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124335 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2028224qgn; Fri, 12 Jan 2018 04:57:21 -0800 (PST) X-Google-Smtp-Source: ACJfBotl0LB3ppuQtmBA7g9s28mo6eCyeY1RoQOaWP1NbVq3QQEzSffLZe9ZChneGCy9Kxaby/c1 X-Received: by 10.80.194.26 with SMTP id n26mr35477225edf.8.1515761841503; Fri, 12 Jan 2018 04:57:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761841; cv=none; d=google.com; s=arc-20160816; b=vEBc6c13s5/Uk30bjhvdi7QwzrDYVsUB6kfnO3V71drIgimLefobaOJaxxKwZGNDns wYkTZMnRmgctX8JUr0MuFeSTtFzHiGiVgA7oL2zoJ1Tkyx8fIDKh7OztL7uSoDj2oxkq kwvrFSeczt1XRCLmzsEkhsw76lHwss+m34R1Sd2EV344I1EEUXawfmbC0+on29tWCwGR vRkutEWZmgGXUzlv+UFPwMeOrsIdmE1l1usMNfDRqQy+vTeHvLALx+wRVjxJheSF3njq OKgMre5o7ldA3BTWH34eCgnCVErA9UcfhF7PqKwe0nzp18tY8ECaAUPChm4EkNB2sI+a rmww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=d3Rxgnc3XfT87P18xmtB1UjW++bDRoF/T7ED+qm6A4U=; b=bqjqpc0jWyTs260HkHGStpn2yqejX3tLEj2GpPXzI1lDWNRtMGu3bAQfjLQ21mYi9a UiEg2dx/IKLkgceRHA7p5dBioy5XKmdJB763n3HtGrGRF1QuX7qq8jNtE9GkRU5brvnG q+g/HDFOz+8gmFDFPK4Sj53xdr1iGE+CFh9jItXCLgXt74qybNXWegKwrUYSnTNB3buc AKGM4ubh4g22obXtO/dR5K6qrjHCwp6sa+LkppVVZNbxsfNijH9FrrbqkQoZWI40XVQ/ BqK0rrGnQXrsMsMPVzcOKV+kQ6sYM8uoooOva4BtxlYIlzy70mkHk5rgnLPEj8GrfUDU ruXQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Bd8irlXC; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id r6si5656890edi.185.2018.01.12.04.57.21; Fri, 12 Jan 2018 04:57:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Bd8irlXC; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E214FC2221B; Fri, 12 Jan 2018 12:48:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id A2C03C22165; Fri, 12 Jan 2018 12:42:31 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E46C5C22165; Fri, 12 Jan 2018 12:40:56 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 7B04AC221EC for ; Fri, 12 Jan 2018 12:40:51 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id b76so11630820wmg.1 for ; Fri, 12 Jan 2018 04:40:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TFoT2Z1Exx2hViqOIt7P23Bo/EKJ2Zrk1kzp9zlRcVo=; b=Bd8irlXCq0h+CuFRB2+yYViKHgM7iZDw2dC1npvXcQY1FNb+hXkVuoFJgwQR6DIqIT 2cM6RzLKrfpcWOh9mLXiazkNKlhhG6mBoU1AWo5rsxsWs96OGT73zoxdIuqyGzEJf0Kr M7r3dQdBfv3Ks9ru9yy7iCDJb3g21R32Yk9jw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TFoT2Z1Exx2hViqOIt7P23Bo/EKJ2Zrk1kzp9zlRcVo=; b=dzvU+pEtwW8EZjYLTNPjUwdkac4hCadgYvTKpvwN7a4RXVXd6NuQMzutWHwIA7DF1i SrVH4VpypP4jCy3aECIcG8GjoMrWegsYzPs93IL8Wi9iSdHy8EqHrxyo/Xtb9DX6SJIS /YZI8D1CsB92LF2kawZyuuUsJ2zwNfKJXeOLlMND23MKvnd1jcky9Z6gxdCl23fWuxtz AqGi8Erro4h21yDHet5S/iaLrGMQB7hbqeldTNY+zEFTCsKv+TevQdc2pJ3sSZtP3eEf JgM0RPVKkFr/murLiZfckwym8aBWoGEtYTXJSTYwNh0ktkaygQ99rsofyNXsfnYEwRv3 ER6A== X-Gm-Message-State: AKwxytevEvtQrF4aXTLivCb+X2tbm6kYA9oe8y4MlGQ6TdS9Ufv0QZcM 1tH2BNzeGpfCMADJFEIG+3Q4ber5CHM= X-Received: by 10.80.151.22 with SMTP id c22mr11440079edb.225.1515760850896; Fri, 12 Jan 2018 04:40:50 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:50 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:18 +0000 Message-Id: <1515760819-15116-25-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 24/25] arm: imx: hab: Implement hab_rvt_failsafe X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_failsafe for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just do nothing and there's definitely a TODO to implement that extra functionality on the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index d1c5f69..1236717 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,21 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline void hab_rvt_failsafe_new(void) +{ +} + +#define hab_rvt_failsafe_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + ((hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE) \ +) + static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, const void *start, size_t bytes) From patchwork Fri Jan 12 12:40:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 124332 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2025913qgn; Fri, 12 Jan 2018 04:54:54 -0800 (PST) X-Google-Smtp-Source: ACJfBou62Xgwnjw25PQZWFKKODCSRhiZ9YJuNTMqjtzRwoa+8CrMTKFlOMNOMGzpQJmCM9YgPpuA X-Received: by 10.80.178.133 with SMTP id p5mr36998486edd.149.1515761694029; Fri, 12 Jan 2018 04:54:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515761694; cv=none; d=google.com; s=arc-20160816; b=x7sQ4sKrGgdBU5zidCuwxofZlLkPsKe1ob8u9mqDNBHwWrZ/LKwzyK0wkjnQil3RIh f4RuNAUS3OG2pr18uaBawfgdwrnchTUMPckmBpW3zbnF3a+dnAAjg2nKIxQQtbkg+tdr Fz/oXoqNbCJIFFOTeZbRcb1QCevElyiJh+/JuTd0kzFkjMLpECsR9Sd14FphNKl/Lsd1 MFZbvtp22lgp2H5dMRm8IBgYzu8uN5qewYatKHQJlCb7C+xnXB7WDV3rb3RGnVLQdqZ1 D5LDPke0ToI5IAyxZ1rlk2LRDdxo5vDGLbSEro4wccLkt2B2yf0XayQxmtBmEFd4fkv2 5gSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=bLbydjOuM7ZZqJU3tRSibQnTZgjU0BzyDjYEhMuSq/w=; b=wzBe3oncFgK/JZIwUOBG5LY2MyxRvKLKhFGxILk2fqrbFlqe0wCE6DwakDrn8bWZ5D QoFOQPPURG9l7PMBYnmWEhZCsypbg+Iqxk0H4C+F7mYRa0sd1aUTuTrKDAcDEQ6gAVym kGOwBgPabcUb2E6AJIOnXLvO8s5jh6KSSx3MaqzMIWaP6QJStnHwqNqv6sMCHQNgTP0L AxdW870HS9pev+/ZIG8pCPoxaUQ7N5ArRKJsO3J1NIRfQzIgET65h+tAWD4zQNsY8XJN mMCF/+JE3ujFj/hWdeeeMxDhaPID/cEixUCcWETe5LST9INZBC3pCrGvhzzQoT4O4nEX kiJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UvrUo7pj; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 47si186675edz.9.2018.01.12.04.54.53; Fri, 12 Jan 2018 04:54:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=UvrUo7pj; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 9A02FC22207; Fri, 12 Jan 2018 12:45:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 17030C22201; Fri, 12 Jan 2018 12:41:19 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 28048C22173; Fri, 12 Jan 2018 12:40:56 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 7694FC221D5 for ; Fri, 12 Jan 2018 12:40:52 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id v123so2393295wmd.5 for ; Fri, 12 Jan 2018 04:40:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=l5VurfZpfkRpBG+7zTVuxyVFyXYTJYgNF7ZfMIDaCys=; b=UvrUo7pj0dNgopg3BcL4j5wa2BHYqs5p/pJ+Mvmk3OimH/ZB9Z7S6c/NG537iDpTyF MMB/a1/HU0JTw+szxV5g+t19SDpD6/A9uLCg/GULwR8wo8zr7SfpYgGj7edLgqsaTLBH 9PQkzcVy7QhQxSzQMQAnSjfH5fduoqlao0/xo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=l5VurfZpfkRpBG+7zTVuxyVFyXYTJYgNF7ZfMIDaCys=; b=BAlouqRS9CkamYDtcB9PpoXU0xkjMNkdR03gOvdH5MQSUUwmMwoQ19BMfqTjie7AXo G73us5bW4uAo09N8c6ElqERlMjj83upv1xAwWuiBMDdZBWgzzJ6kUcbS77trOyyEh3cQ xlqHQuN0LZaVEQ8Yjsbl59xwS1cG+IhAvlxNZYnH0G7rMYMMjz2pt2S3nUhk+5Dgl3FZ rbeHrKqMTq9pk+OpirWWFPjqylQ51umxKfAK8gqS5v4zjwqPVc8cOO3MvIfMo69y4gyI 3Faq+8Kmftip3ZvjFLOGVk6AyDYSGiud2KG1ptCtsVik1MJKB79brtg5/uDJHqXsEE9N XPbw== X-Gm-Message-State: AKwxyteCEEHsVg61Hy1K92HG3rO70lsXiDdZehZ9W20o/bI4vuKVPHEq blkOg0TdRv/6Ode5BmXfC6938g5eflc= X-Received: by 10.80.245.172 with SMTP id u41mr16884482edm.163.1515760851984; Fri, 12 Jan 2018 04:40:51 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id w2sm13893585edb.4.2018.01.12.04.40.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Jan 2018 04:40:51 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Fri, 12 Jan 2018 12:40:19 +0000 Message-Id: <1515760819-15116-26-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515760819-15116-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v6 25/25] arm: imx: hab: Add hab_failsafe console command X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" hab_failsafe when called puts the part into BootROM recovery mode. This will allow u-boot scripts to script the dropping down into recovery mode. => hab_failsafe Shows the i.MX7 appear as "hiddev0,hidraw5: USB HID v1.10 Device [Freescale SemiConductor Inc SP Blank ULT1] " in a Linux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima Tested-by: Breno Lima Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 1236717..5f19777 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -414,6 +414,22 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, return rcode; } +static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + hab_rvt_failsafe_t *hab_rvt_failsafe; + + if (argc != 1) { + cmd_usage(cmdtp); + return 1; + } + + hab_rvt_failsafe = hab_rvt_failsafe_p; + hab_rvt_failsafe(); + + return 0; +} + U_BOOT_CMD( hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, "display HAB status", @@ -429,6 +445,11 @@ U_BOOT_CMD( "ivt_offset - hex offset of IVT in the image" ); +U_BOOT_CMD( + hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, + "run BootROM failsafe routine", + "" + ); #endif /* !defined(CONFIG_SPL_BUILD) */