From patchwork Fri Mar 9 17:35:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131183 Delivered-To: patch@linaro.org Received: by 10.80.194.209 with SMTP id u17csp1291758edf; Fri, 9 Mar 2018 09:38:42 -0800 (PST) X-Google-Smtp-Source: AG47ELvt0xQXRh80SKgtwdAutOTrrjVNvMIraUEvuaV+2RAkpEQBR/4LhYsoDNw8+TgZNN5vJt5X X-Received: by 10.80.179.74 with SMTP id r10mr36652213edd.228.1520617121979; Fri, 09 Mar 2018 09:38:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520617121; cv=none; d=google.com; s=arc-20160816; b=uA2zogcFn3cDnY20QVHDMWymkGIm5rpi753OAn71K0k9FHoDLJF/gEHDS+Fcy5LVgX uUJT5xGq2vlgM6rGFK8BMwYi8c6G/QejGy+AdT/nSZbTPR8KR3SWZS1ZWDPJGU5nw7Rh qBulpuMJ8JGZZZ4zEoPTSREO+Y0lzx9AsZcxTi02E771jgkZWObpnMwGdKplwZRi0ttT /HJLK/ic0J3ky2pvo3UKE67WpPaAsaSxDdGmGIbklRv0PN078aLMLyzBkvW13f4h5PI3 37ANmlgZVE6IILp/zfvCxuLs8LMSJeokbCcSCC2yHFGh9ZiGqX4DPc8CGVCdEO/VS79N IH/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=xn53AiE71pZYwQ3SKoVXBY3Zlr9xA/qMn1GqnI6qs+I=; b=P/SLRVRukMsY0J6g0Gm3Q6Lu/qcH+buXIArF3VfN1NtHWcafUb4oZBX4xDpD9QHOrS gtN5GXy8JZRLKTcvM8HCTNSbyt4ltfYR1F2LiL8or1+/CSXnnIPsCy5NYJPeHbdIXuqz vs3itzvQmwSQyq4JvUbVfWAddHkpcqoL5Q+6Tpi6qLfUmF9RV/K+244VOWFBy2asYw/T ajOR0Ju/lRLiD5FN1JgMeDFDnYJs6TjgMukocwt5odM3mtSyIGzRSqq1MOKaKdF2dy9l GrIPIGKaAwzVitxFKLPWkGxT4gKKem0X04fpYzwbxWiZpGs39N7WnSc2yDoYuoHcz44K KsqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TmslY8Xr; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g9si269204edn.156.2018.03.09.09.38.41; Fri, 09 Mar 2018 09:38:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TmslY8Xr; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 9866EC21D9A; Fri, 9 Mar 2018 17:36:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 21AB2C21BE5; Fri, 9 Mar 2018 17:36:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B9077C21E0F; Fri, 9 Mar 2018 17:35:59 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 5E356C21DEC for ; Fri, 9 Mar 2018 17:35:55 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id t6so5260418wmt.5 for ; Fri, 09 Mar 2018 09:35:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=bHkg1K51w19Y1xdJqvlOpv9YPxa5QkGLS84yYqjcTsg=; b=TmslY8XrbmazZWgs/i9Ul5Z8c0iN+NKk3UgULuylLnlj9KvqCtx4fCeq157qieuyw6 m9VQfXjjzR/pvAwsnHiLPWjvcGhvl2Wr49kaD3/o6nSANxpIKfQyZvViKE7kwPn49+Xo bndJ21hY1vhq35FCxKJHD5I/o9sWHkT4QeZUQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=bHkg1K51w19Y1xdJqvlOpv9YPxa5QkGLS84yYqjcTsg=; b=XEM1Wn8k+Bobk+aXUSktlGoNvMapjHYDg15MYycgLlP9vC0QzPb/Gcgkbf5DMzVqs1 /DQChpBvUj/S3FD4F86BEIFNPnPy2DVrefKGYyNKQ1f1U+NrTlbpCGH4h2Mhf3aK23kn p/JwDYXXUuYi0aDmflwet8Og4O2kI+PMi53LN1MNM37g/Mz6D+12mLwlJmYi1w1ZaqUr KUtw+VVp3lap/vh6jgd+Aids9bu2wt4s95eu6h/LO8HVIF+Sh29OVjjvP1pYv38M4p53 KuW6xaxVW4jpdtPoMCwv28ihqHz9Gzbxgb7rHW4o1QEaFM9fUoWRBKy8AZGV6m+llWah fF7g== X-Gm-Message-State: APf1xPAwK3HhTDBsK8OREQrLJLq8iUHb2FN8t/T4JvfZeapOhUZH70aV 0IKQFHvp05hPlr1LQ2PXC0c0ZWch+vY= X-Received: by 10.80.212.218 with SMTP id e26mr37917566edj.205.1520616954770; Fri, 09 Mar 2018 09:35:54 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a43sm1210126edd.6.2018.03.09.09.35.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 09:35:54 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de, sbabic@denx.de Date: Fri, 9 Mar 2018 17:35:49 +0000 Message-Id: <1520616949-11879-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520616949-11879-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520616949-11879-1-git-send-email-bryan.odonoghue@linaro.org> Cc: breno.lima@nxp.com, fabio.estevam@nxp.com, utkarsh.gupta@nxp.com Subject: [U-Boot] [PATCH 4/4] imx: hab: Provide hab_auth_img_or_fail command X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds hab_auth_img_or_fail() a command line function that encapsulates a common usage of authenticate and failover, namely if authenticate image fails, then drop to BootROM USB recovery mode. For secure-boot systems, this type of locked down behavior is important to ensure no unsigned images can be run. It's possible to script this logic but, when done over and over again the environment starts get very complex and repetitive, reducing that script repetition down to a command line function makes sense. Signed-off-by: Bryan O'Donoghue Cc: Utkarsh Gupta Cc: Breno Lima Cc: Fabio Estevam --- arch/arm/mach-imx/hab.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 0c18b2e..61ccdeb 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -366,6 +366,22 @@ static int do_hab_get_ivt_addr(cmd_tbl_t *cmdtp, int flag, int argc, return CMD_RET_SUCCESS; } +static int do_authenticate_image_or_failover(cmd_tbl_t *cmdtp, int flag, + int argc, char * const argv[]) +{ + if (!imx_hab_is_enabled()) + goto done; + + if (do_authenticate_image(NULL, flag, argc, argv) != CMD_RET_SUCCESS) { + fprintf(stderr, "authentication fail -> %s %s %s %s\n", + argv[0], argv[1], argv[2], argv[3]); + do_hab_failsafe(0, 0, 1, NULL); + }; + +done: + return CMD_RET_SUCCESS; +} + U_BOOT_CMD( hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, "display HAB status", @@ -395,6 +411,16 @@ U_BOOT_CMD( "ivt_offset - hex offset of IVT in the image" ); +U_BOOT_CMD( + hab_auth_img_or_fail, 4, 0, + do_authenticate_image_or_failover, + "authenticate image via HAB on failure drop to USB BootROM mode", + "addr length ivt_offset\n" + "addr - image hex address\n" + "length - image hex length\n" + "ivt_offset - hex offset of IVT in the image" + ); + #endif /* !defined(CONFIG_SPL_BUILD) */ /* Get CSF Header length */