From patchwork Thu Dec 28 18:49:20 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122849 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3797086qgn; Thu, 28 Dec 2017 10:50:42 -0800 (PST) X-Google-Smtp-Source: ACJfBourCJ3dDqTIkwPRcA6S5dpDSZ33N5/hOzjh0T10dGDVXidRInZzE+VphBhngjJ/NsHUH0Wa X-Received: by 10.80.179.233 with SMTP id t38mr40110031edd.267.1514487042740; Thu, 28 Dec 2017 10:50:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487042; cv=none; d=google.com; s=arc-20160816; b=u1WcH8lxolJjvXxyOBRTzlotI9SoUxkJ7W3j48pkj3oRzLagwSSARRblgs1l1NyLPE q3Zgxme0xErd9wlHn41l3XMzzYKKUvvRX/JOSHrm7fUwiu/5mQRWMqXEL3+8kn+tm5WS XHL5OhOtCfzrzMiyYQ4gcAr358X/6I1xNIuJ7k3dF/hLsRpctyq0F8UQSIxspanhYlca xMSzI+m/38mA7ai/Hg1rjysqrzZvZZNqf1xzZZyLyRzRPWxA9NZWq4ZBaZGBZN5XdqK7 sYCK632I3SgkexqEseXY/8IJNQQODIB6QBc4Yx/CNkaDLV7MjeS3d5pQkYg/wDMXGWqd 7DIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=HS7KCmC5EP3My/+W1w4nqOM20jbfY7ICfxQOJquCBzI=; b=EWZkmUNIoHpnI3EgaVVn0CnzqLaIrtiU5k/ytnhiZ+3vLFYn4MOGEHbvlNl95sw/R3 9fW4/zwNZ/BLpbNu6vIem+V402yZFNtNHjKkf3t43jj77R9t7PV0ljheSfFH5CvPzuKA Ah+5xbF+tfv1THVtwXDzcWapIOKGCsKY/ff2pyc1003v8rO/Pyc1OvSxAKPAD60P2HNi b92F3pJpOJZ/itzSAvTmwfRExxhAUHm4TWz76WXWK8e2qYkmCSQJbE+jF8PzFbriuphN L/xiPcGpQa6D3RR8iyNeaQGwoE7dWf/tj3eweORLSMWUJuXrENr7M4EaxLhEI1gbg0ON EadA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OmENK8AO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k23si3335657edj.263.2017.12.28.10.50.42; Thu, 28 Dec 2017 10:50:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=OmENK8AO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 5629EC21DCE; Thu, 28 Dec 2017 18:50:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E983AC21DB0; Thu, 28 Dec 2017 18:49:47 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 06712C21C34; Thu, 28 Dec 2017 18:49:45 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 9CEF2C21C59 for ; Thu, 28 Dec 2017 18:49:45 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f206so44969614wmf.5 for ; Thu, 28 Dec 2017 10:49:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3YZdInYDxFuSNZyaa3f41D9mVUQyXzcYYtPmrUIIf60=; b=OmENK8AOkf5X8KZAZm8LlgrEEaC9JCGYhAlcQv5Gw7HKyeCIqHVFkgNWxgZ8flGq6z HCOnXn8pBPGTNTCy2/My0Pv+bLBon/VhyD5uw30ef0DYED6MnEbDM6CFtKcACPUPxaro EaLXvUSkTdLxz75OtRXxTAA85kTA/LzTtVpJQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3YZdInYDxFuSNZyaa3f41D9mVUQyXzcYYtPmrUIIf60=; b=s2bX5GQ5lDqohyHaN6xQmoy7GGv0sGNhXfBBZ8hq9SXZzCMrb/zI90EG7FwGNa1sIH hF0zZoVcVnp0JUuSz+tlTo2K5HJrjla68H0IqFCHRcrJfDg5+BNCoQH4NU5uqVvoWiTj QKjFtiXRRdE4m1EfidXINk4PnPziC8TseX53LLMW9z4gn45sgyHmIRaFcC4rVlrXeetp d5hK9oRMydMtRtzHGDPcVukhEE9iCasBbukPP1bUc6M30ycynWrSNA49YwPeQF1r5LWc wnn5yE+9G6PZxb3vnssuHQOAVGg9+a7+SU47ebgwTPbN/uM5nUzQrUKQlwgWqZWvHIC4 /v4Q== X-Gm-Message-State: AKGB3mK4BdcSd0PobvzuA2saU6R1k/XMlgF04pADZcscCRGPK+f9eAxV jBCV014ZWb6efPQmkRRgv6kf42fl+pU= X-Received: by 10.80.213.158 with SMTP id v30mr41226761edi.102.1514486985035; Thu, 28 Dec 2017 10:49:45 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:44 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:20 +0000 Message-Id: <1514486982-19059-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 01/23] arm: imx: hab: Make authenticate_image return int X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Both usages of authenticate_image treat the result code as a simple binary. The command line usage of authenticate_image directly returns the result code of authenticate_image as a success/failure code. Right now when calling hab_auth_img and test the result code in a shell a passing hab_auth_img will appear to the shell as a fail. The first step in fixing this behaviour is to fix-up the result code return by authenticate_image() itself, subsequent patches fix the interpretation of authenticate_image so that zero will return CMD_RET_SUCCESS and non-zero will return CMD_RET_FAILURE. The first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 +- arch/arm/mach-imx/hab.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index e0ff459..1b7a5e4 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -145,6 +145,6 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 02c7ae4..09892a6 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -410,7 +410,7 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size) { uint32_t load_addr = 0; size_t bytes; From patchwork Thu Dec 28 18:49:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122854 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3802923qgn; Thu, 28 Dec 2017 10:57:54 -0800 (PST) X-Google-Smtp-Source: ACJfBoun8mo+Rv9aitnrCvR48TizXoKKDyWDtkn0/X+TDIaTDlsG2BRF+Me8Ev929cqq9aZylQQb X-Received: by 10.80.202.200 with SMTP id f8mr40821384edi.54.1514487474635; Thu, 28 Dec 2017 10:57:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487474; cv=none; d=google.com; s=arc-20160816; b=Z9cI6MCPPu0tCBmd8XIzQ79OZI4rvLv6Rm4LpVjkUQuPq4wz4rciif9BQDL6s3x1vH gHgHizpwgsy/LwX8zh6aq/cmh57KcpImbsYHeKD0hkodltg/a/qnz7LJVCRZ11rhxz1a SFrIoSgjFw3a87/RpYPsofipiv/9HzJhLnz7d5ncj1is4Z7aI63nttpZn7BHeuz6k9zf Yub6tj5NO1Pf+rfGWzQBBobIMsB2Kb3sRLKPsLtjvcTuG8HEucVONLujwVnJDRVaxzNo dFODFXDnz7Ir22AzTfXlLLZnF8oADJXZWqDz0PANUdJMSPZGX6Y00YILG9QFsftRvfkf B6gw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=rHJ9/QY5qb5XA3eZSsVELR4G9CQd39u1ezozHIDIsGQ=; b=lFSyIrRrtdA2HhcwfqI/PyVjlFE7relfXKf8h8aMbArIPjt6KpED7werag7JEFWYC1 zMpYI08ZkVCdfJH52lw1qJw4Svzu78sEvNhzJiT6Dv5FVpxRy3s76Gs7we/+W6cHj5R7 7AwRiD2HROcqzVqhCAK/R/koJbIBHajeMwIuTRrKsAxokepCZwqvqEkdAH1DZ/PE+X8Z zZjjgmV8q5dwnK+jOvoEyXekLPshc2gPW+zCyinib5p+ful+4xXKwdiMK/rKek3lBPh5 XopwOY1MY4JiTn27QJCs757RmWiq3iUePX2nSImTX9TnbooDEmkOy/3kyui631Od6S9M 3fPQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=R4QtYZRa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id w7si9852164edi.295.2017.12.28.10.57.54; Thu, 28 Dec 2017 10:57:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=R4QtYZRa; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 380C1C21DD9; Thu, 28 Dec 2017 18:50:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E5015C21DB2; Thu, 28 Dec 2017 18:49:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2C577C21CB1; Thu, 28 Dec 2017 18:49:47 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id C6A6AC21C34 for ; Thu, 28 Dec 2017 18:49:46 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id y82so2846625wmg.1 for ; Thu, 28 Dec 2017 10:49:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TwZ+1qIB7/yAjZU3U+qR5EWeNMJDqcVtGrJ+SK9DAU4=; b=R4QtYZRaQeStY3LBGZpvej4Mc5LWya2qhuWEGsV7mqJehriFa2Jotx1wTqRqcet3bQ Dh2m73z+1Viokk1bEYatoNHu7Wk3cq3FwVWgbvcuSfavXCO6A7Xgi6srNVAhkkDMrnGf APxwK1Yr6EPEB1MC2kxnA+4Ry22UlwhRdeetg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TwZ+1qIB7/yAjZU3U+qR5EWeNMJDqcVtGrJ+SK9DAU4=; b=quWJd+l/TiZhJqoGE1Xx6109FDI+lvp6rP65x8y6VSZu3LZaHJyI1FohyVyuvlUO2g kcuf4FQwo29Nwy5RGpc5gcLwSYeOFW4SO73ybocaCkIGnsPe19TlWdnQyfnOg2XhpTO/ 9iyFMc51jp3H9j6mQMmofFr6CMx3Tq8r81H1szAW4lv+uGlUY65DSZN1dzxwnVBcvrwV ZuRUJCmd9TOp0hdY+b9G3+dBpAmLghLUcKtXjS1TqfRHzTvrTnUM82RmkIWPPQ+xogFV /mhaHwDtV+R32LfSmJ89Gznqx4YxqGFkApLz8YlIf4GVbkLK5UsKVs5aJfjvq+2L1wq2 /L5g== X-Gm-Message-State: AKGB3mLD0KL9PuS4QSD2pubcPG5n1Uo/FF+WYCCAVKWq1eV83yxBg3lz bhcotOSaazaNhJtbikzAaijFv061y4I= X-Received: by 10.80.144.112 with SMTP id z45mr40321618edz.185.1514486986191; Thu, 28 Dec 2017 10:49:46 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:45 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:21 +0000 Message-Id: <1514486982-19059-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 02/23] arm: imx: hab: Fix authenticate_image result code X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" authenticate_image returns 1 for success and 0 for failure. That result code is mapped directly to the result code for the command line function hab_auth_img - which means when hab_auth_img succeeds it is returning CMD_RET_FAILURE (1) instead of CMD_RET_SUCCESS (0). This patch fixes this behaviour by making authenticate_image() return 0 for success and 1 for failure. Both users of authenticate_image() as a result have some minimal churn. The upshot is once done when hab_auth_img is called from the command line we set $? in the standard way for scripting functions to act on. Fixes: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 ++++++--- arch/arm/mach-imx/spl.c | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 09892a6..9fe6d43 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -373,7 +373,10 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, ivt_offset = simple_strtoul(argv[2], NULL, 16); rcode = authenticate_image(addr, ivt_offset); - + if (rcode == 0) + rcode = CMD_RET_SUCCESS; + else + rcode = CMD_RET_FAILURE; return rcode; } @@ -415,7 +418,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) uint32_t load_addr = 0; size_t bytes; ptrdiff_t ivt_offset = 0; - int result = 0; + int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; @@ -510,7 +513,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) } if ((!is_hab_enabled()) || (load_addr != 0)) - result = 1; + result = 0; return result; } diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index d0d1b73..6e930b3 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -163,8 +163,8 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ - if (authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + if (!authenticate_image(spl_image->load_addr, + spl_image->size - CONFIG_CSF_SIZE)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Thu Dec 28 18:49:22 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122851 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3799944qgn; Thu, 28 Dec 2017 10:54:16 -0800 (PST) X-Google-Smtp-Source: ACJfBosqYatu8VM7IIpcciE3S1qUuExerz+yd6OHTcNqfbO2dk+DxH2b8U4mqZ0twtZlS+gNV5rd X-Received: by 10.80.221.73 with SMTP id u9mr39865710edk.162.1514487256829; Thu, 28 Dec 2017 10:54:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487256; cv=none; d=google.com; s=arc-20160816; b=PzUHZMdAa98DSqvs2SM5zzN+JHJd8AwAjVcAymgBwd/yGzDuUqV0WXkkSWzayH//Hh 5Yi+PoWXrQ122gfuhSJXMWlRu9XVw2IHGEBzsRSDbsVQDhWqxi9u+2YehME0YuzVwIkw 3GqigckT/YaJoyLpsVKJbhaAqi9v7EMr6TuyZvH8qSMEW8DnWYJ0TLqNQ3M5mgmIi0P5 70+zeGzepTabmzMK1W0NTZmFTfwiuSqR5uh8ldQLeo9i0ab+AGK6O6I2xwHMM8pytrwt ruB1WHcccknMTxeaYm2SokwMcnxi5P94g0Kow2NYAQGRzQgr02XmpZGTBN8CSsZ54UiK mUGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=/WitLXfEnpiCLqcc5cbQcLmodoRowOstK7tA67Wctsk=; b=iqhb5Mz7Z3VAHEgRM/Xln5QZZ8yCuLZKn2VtqagpUoXFh2sO+wzGMHVAIoDg8gCKUf f9QiCV3jAhKQsLdKcKFKiOrRdzijsOSZwdUMsB3XedWoKnev3uVXlP++F/xhEPUeL4uX ekAIZnbSE/zPirPlfajx5vq4DCFgf63t1rHolylx5TAhDV4/PtQua/WnxVdvlK6FCO7D a+PYVLpmWAAOpNlsoV/ZdQ9YJOEi+12rACDWcNbhw6PqDzteoHOZ885yq6ZcEt/iRKLI nEr6Kr410XjCJirs/il8DbI1shBi0enQaAehXsrsWFKOy3Us50M+TUxFPpv45k5ELXy1 QvtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dkKBpvHu; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g61si749513ede.22.2017.12.28.10.54.16; Thu, 28 Dec 2017 10:54:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dkKBpvHu; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 58903C21DF1; Thu, 28 Dec 2017 18:50:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B2A22C21DA3; Thu, 28 Dec 2017 18:49:58 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E68A7C21DD9; Thu, 28 Dec 2017 18:49:51 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 04A1CC21DB5 for ; Thu, 28 Dec 2017 18:49:48 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id 9so45241757wme.4 for ; Thu, 28 Dec 2017 10:49:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tEb+zxvqiXfooPFKqTTt4TM4oFUuaaywnnCJUJSankY=; b=dkKBpvHujhvLNtEO5Vh3085OXysl8fYp0NegXgqP9dXya+Jd0qAw7nZOAcCgUCtsus ii3sKFVNitSqCgglm4l3UUPbvRwnyKXYt4iiTQ/5uiGbU+69FhdDrtuW7kmnXvWcsJql 6/ING7Wln8mNp8g16T8R/8I/zpabqjbDMdXns= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tEb+zxvqiXfooPFKqTTt4TM4oFUuaaywnnCJUJSankY=; b=ujNzbamqIm8MFiUcvhICFjleq3EsfEqELliODuA8K1HVnkOlbUgxw9IEDn1m3S19uA zPba7lMJJkjsGZfpzpJBZfdjYhotuKymmOLSrCsWhCmD+/je2LvyQl/cRXEL82/l6RHw eo/qd9wKF2BZ/BZvqu37luyem8W6CH6ehaCQ2suYEVjr7hLsXHNj6tAloJ9fe7wgO6Fr cVGvLclmWh+GWDoamBDPJ/2BSzKzUqebonnS2rrHME7mav0NJJ160Tr0r/S9+vjbYknb kWzV+681aa/eSqqJsSnWz6Y/MfNMaQH8/aQist8Tbuny4EfbTbyuyE5oIKCMxOoOGj9E Uylg== X-Gm-Message-State: AKGB3mKhNiv0o5BOcDZTWbj2MrCypL4ZWCHvQ7gp76yv4fuDtYWU1pRL oPGDoGEgzI4+P1gRukss/5q8QBf0w5E= X-Received: by 10.80.172.122 with SMTP id w55mr41890188edc.144.1514486987363; Thu, 28 Dec 2017 10:49:47 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:46 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:22 +0000 Message-Id: <1514486982-19059-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 03/23] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 138 ++++++++++++++++++++++++------------------------ 1 file changed, 69 insertions(+), 69 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 9fe6d43..6f86c02 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -428,91 +428,91 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; - if (is_hab_enabled()) { - printf("\nAuthenticate image from DDR location 0x%x...\n", - ddr_start); + if (!is_hab_enabled()) { + puts("hab fuse not enabled\n"); + return result; + } - hab_caam_clock_enable(1); + printf("\nAuthenticate image from DDR location 0x%x...\n", + ddr_start); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + hab_caam_clock_enable(1); - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + if (hab_rvt_entry() == HAB_SUCCESS) { + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset+IVT_SIZE, - (void *)(ddr_start + ivt_offset+IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } + } else { + puts("hab entry function fail\n"); + } - hab_caam_clock_enable(0); + hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - } else { - puts("hab fuse not enabled\n"); - } - - if ((!is_hab_enabled()) || (load_addr != 0)) + if (load_addr != 0) result = 0; return result; From patchwork Thu Dec 28 18:49:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122852 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3801354qgn; Thu, 28 Dec 2017 10:55:56 -0800 (PST) X-Google-Smtp-Source: ACJfBosiKBDuh1ONpOf1U0gOS0+lbl0CwhVOBonabxHMX5KgJ+wnIAyR0T78ehYdu9EaNLWbu1GQ X-Received: by 10.80.195.12 with SMTP id a12mr5028257edb.142.1514487356816; Thu, 28 Dec 2017 10:55:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487356; cv=none; d=google.com; s=arc-20160816; b=oCq5//L2kahNjWWeCV41XruaAg9e34Mn0rEqJLRE4DbClCEWvO+4Uhkal72Q4OzOXP 0ls0Cj+C69XI3OzNAqu80kkGS4ZKOAs6rAamFp91Y+1NfYpnlbJ5lXmYzCX8q93lQV02 LWSUzS65w+rZy0cvn0HD/kQhOG93TlNT5PRW95vghbUQsImrlwuuqzeHJw206b71Gw42 GIu6kIMN6AJpQAaKnWY1N+dCD8S45e+ZIeDyt23iU9tO1/xl7naESICAQlZPBnf4kFeB cs4KFzUtWfSpV98nctQMYu04hjR3PGznyisd345VcB1BqG+ScUwSuloL72uQ8elubCqR uU0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ltIxGxwbriNIdsJA8E5Tn2uUeswTayfs+quuAx+dYJY=; b=CGCIbIRlYrEYM4WXytX1v1uZ4F0I7/hfi+IeCAFRJFx7WZu3+7jRA65Sg0TfO807ho duXIoofLYghAiG3VIYxwbxxIiR/WKKL0xvdBfz0XrKIogUhfA2/AbJZPk/Z5i82L4Llr wC4yeOEqm1X8vhb+uncElMExq3Q+2xAtZiX7HxqTxavrogKZb/O20j8Q1RnN5JlYA8js d0JqZ9PdQmewiNzMZLfrdSyu0vHU8YlVyZo1lvi+yNAFtVuInXbOIO3m/Y67ECUwVN6M VbzQ4f1P24/Zssgx1xEQMBXUg6iQWmy9o3AkLslbXFj3ylDWtgkW5vUX509BgZV+N+QS xZAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hGQcgO4Y; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id j2si8459586edf.153.2017.12.28.10.55.56; Thu, 28 Dec 2017 10:55:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hGQcgO4Y; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 63401C21DF1; Thu, 28 Dec 2017 18:52:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D75F2C21DED; Thu, 28 Dec 2017 18:50:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B1316C21C8F; Thu, 28 Dec 2017 18:49:53 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 44B5BC21DC8 for ; Thu, 28 Dec 2017 18:49:49 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id a79so6161219wma.0 for ; Thu, 28 Dec 2017 10:49:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EH9nAsP2R6CcqdRJVaGDdlF3b/WA9xPFI4ki25Ui41g=; b=hGQcgO4Yda7kCD88xB1/Qf1pqmYRA4DQhp9WTI+sVzFNtGGkdMHBC7AACaCocQ5izo wEHrtJOHg7JdfDPk7DeWirq4eBMVJ1Gn8daqMbN5aU38iY6QV/cWNm4vzR+35iMc5TA7 qnpg316LujmLc4RJ7RP5436zTThzDl4AezB5k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EH9nAsP2R6CcqdRJVaGDdlF3b/WA9xPFI4ki25Ui41g=; b=N2t4VKseJumMkM1FUgsERBEtrNrVMcz8AWwzH2HwlJ4wIcNa8vz22D/wdENSTCjTLy +6l5P/Zq6bz7tQ2w8NBKw4LIIAqOnbQsAYUD6ZrSMLg5y0XLjUx9KZ5XVjCIxQWFiRlW 2DMOj1ld6PmMzQVuLcGBcFj0H0h6QXdsY4CmnYR6mwz99jdb3AVwH/Mi98j0ziBLOtQE dvg5zC16j14WcTREkiDbFd88+VcPrtPBedpNur/25wqnz+EItiMgkn2Ndk52vYZORbmV N8Wi9Ympf6ouDjiTbsRnRMaBgX482JJPjt6z+JikcQ+yygLQI3fDknvSbypuy1GPwgVs ENQQ== X-Gm-Message-State: AKGB3mLWBqyvt9vy7BLidTOUvGV7GVGPHbiK9esglMbSLhp8EoUpxO1F YY3BVnS4IDa/4HeHUhemnzwmfh/S0Q4= X-Received: by 10.80.148.53 with SMTP id p50mr40932658eda.135.1514486988648; Thu, 28 Dec 2017 10:49:48 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:47 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:23 +0000 Message-Id: <1514486982-19059-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 04/23] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 118 ++++++++++++++++++++++++------------------------ 1 file changed, 60 insertions(+), 58 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6f86c02..f878b7b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -438,75 +438,77 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_caam_clock_enable(1); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + if (hab_rvt_entry() != HAB_SUCCESS) { + puts("hab entry function fail\n"); + goto hab_caam_clock_disable; + } - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } +hab_caam_clock_disable: hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) From patchwork Thu Dec 28 18:49:24 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122863 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3807621qgn; Thu, 28 Dec 2017 11:02:21 -0800 (PST) X-Google-Smtp-Source: ACJfBosdvGSIm3DS4WBNOimg5SR2hDjq46P9Trg6mJ6/k4R5c62DpNZEpR0lz/I+EyG+7mfbBkDv X-Received: by 10.80.194.194 with SMTP id u2mr40875260edf.260.1514487741643; Thu, 28 Dec 2017 11:02:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487741; cv=none; d=google.com; s=arc-20160816; b=xaVsgo02bZLlNoYS2Wq67LqTnssyw6LMATNME9VZ82azhccu/ViITJ7f1BIFakNH6s ZOwQ+56Ncx9474zVqu/m2Sj7I/Kp1UyXXjKwQCRKhZjdxbAk11VjHC6GzWzHiv+AHH24 xmkbtPUBuCsc624a1WgiOWGj6a1sEoh0YZoce4EG35+UNSulcUr9D0EM/Af1SmDKTyXb YazYjedU9KallLZTeez/KX6DWv7Uvcxpymsqn9zkZBZCp3EpWLQMPfbjNAC/tr1laBM8 jMspjtzFOmdrLs3QBQZtZT3Ihk69JSTF2Lwb+jXT1C9P0VzqusNNAQlS2pm41ezzgJCN t93A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ikhStahDui4p/tFfHpF7zYtX8K+0lVPEu6TRgvewZ2w=; b=cYVDHugWZAd2EMkR2ffqWJvo7mHhnAIZfQbDEgpCywUFlqjEqPceV1cTrgOk1Q09rd jJ6TVWaODHGH3A9G1vfAgm0agBeQQ+pswv0P+HtRxoIHdE36CAtaVgBsgbV+vrVCfdC/ XLrhjW5coO4lx32byHJKISR5C2RAqdQalgw7zfcTCxu8muWsa6Tdnioe1HAwx2CvU770 zZc/kRgwgNqXygHZiZRjwh4IKOyHnzT0aPSXVjy41fwzaQ4rf510ds5w+sGYsFHw7n+U bt3s8ITDxhH1eEKsBxCxxyaLQPUkMJ/PqQcRzDO13cxL/UtAuq1TNe8Y5lF4v+grT1Z9 UGUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=epoiJghL; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id z34si9257681edz.7.2017.12.28.11.02.21; Thu, 28 Dec 2017 11:02:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=epoiJghL; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 2958AC21DE5; Thu, 28 Dec 2017 18:52:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 29B52C21D5D; Thu, 28 Dec 2017 18:50:17 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id BDF48C21DBA; Thu, 28 Dec 2017 18:49:54 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 675C8C21DBB for ; Thu, 28 Dec 2017 18:49:50 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id g130so2859993wme.0 for ; Thu, 28 Dec 2017 10:49:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=5osmqO6RuGeR5rNp1YmiKz2CDqY4yTY8yMk3hzOQD9k=; b=epoiJghLteF3zePVJPShanaXNSwJx/quMhfcKU6oD3rpI2K/wv4AJEIRdrfB2VNOPM 3KbsqFmqfCHcdJ0oZE02AlyTP3tcZTgyX7W8MF7ap2HrQDCzE4BMeMWSyEGGamDZtWRB h6K45OBw7vgVFHmVlM9LMqZ+biIFxPIHf0qWc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=5osmqO6RuGeR5rNp1YmiKz2CDqY4yTY8yMk3hzOQD9k=; b=p3sg+mnpWN+Nxi1Lc8KtT7eDC/fMxefBP9+2GmReeLOVriEK1ezbeh5GMKACQJM/NN zFGUePS6VlqyJa9cHmw+jHUAJh/o2++ryAJxxdmVPxSeIiiN/nyoX1DhNyzywSPO+lvO yNiDepvMgztS2x02uDRdzkwYpv4PphAvYO86IzSs58cyLR9p3TlpwiTFON+eo5f6pliv DryvqbhTqPaaHGWwifSEcrJIRbDq8k7nMc0CkSyiE5sX0xXW239rkWHfA8zdHxnx8dg9 QL3oJS/BGpti36mL/9KofYRNwesmyYGui9p4zevTlCRT9Xu3w8adWpl6eaw3dqmDKEVa vS1A== X-Gm-Message-State: AKGB3mJdcyDCx4OFdNhOCzeT4ov7VvRnhHpnm1H5zJmGwXOecD2DXC1q ltvEJ1eDIwxZuOuhF/C2efwZ/M46ZIM= X-Received: by 10.80.142.88 with SMTP id 24mr42121678edx.153.1514486989836; Thu, 28 Dec 2017 10:49:49 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:49 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:24 +0000 Message-Id: <1514486982-19059-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 05/23] arm: imx: hab: Move IVT_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ arch/arm/mach-imx/hab.c | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 1b7a5e4..3c19d2e 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -143,6 +143,8 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_ROM 0 /**< ROM Caller ID */ #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ +#define IVT_SIZE 0x20 + /* ----------- end of HAB API updates ------------*/ int authenticate_image(uint32_t ddr_start, uint32_t image_size); diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index f878b7b..6367562 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,7 +70,6 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) -#define IVT_SIZE 0x20 #define ALIGN_SIZE 0x1000 #define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 From patchwork Thu Dec 28 18:49:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122864 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3808993qgn; Thu, 28 Dec 2017 11:03:33 -0800 (PST) X-Google-Smtp-Source: ACJfBoupsMt8vkcVWLWA/cnFItOYPxZJFPvgqwUMWeloiy57wV+DXAv39Pr8DB2xjNYc9UUeCqrB X-Received: by 10.80.137.9 with SMTP id e9mr41436913ede.199.1514487813157; Thu, 28 Dec 2017 11:03:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487813; cv=none; d=google.com; s=arc-20160816; b=HSgQklmqVhqI/XcmcgAaRWR+elcGI8j/wrrKTN0pEnIDrMtPkfTk5LJG/TpBTO3hCN 8l0HUOo/RLHyTybXTiPqSKEBTLVOJlvJ0+DcwBWyAcgGTY4UMrgALpMtqL9mz5/T95Ep hh3DjcO4sUg+bF+lyV/WtqKZqe7TbbjcsEcfusRanpqkC1nWUDMAqWtWzZZ1jY4pqRaM z8yVXMvD58Gqgre1ewHrH5DcZTH0cODhLMB9fh2pxm4Af2EzHHo0BP/axbLURpUsrlyt apA6b8ntEN0j9TSOy/dYs7FLyJfhZJkGjVY9qEi0YOkEt9zDGtXDjbfBsEF2dBx9wUzM pI9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4A8H0JfHSw8vHNwupD9jh0knhRyZxPcxGbEsqQUu+Aw=; b=DoRGjWrILC6etHisMRtWQKexMx5IpAxMtECo5RiHN+ffKTjYojx18mvV5NGAX+Waxs dDGFKsHRPu/PC8a5IyCY7wjHE3inTsNXKK7snJR8WXMzuWt8VrKKKmfgqOIRHo8DAUxy AaBH8rtYDhcPdvl9gvQ4VZN8eMcJlLbeXQ2Gcznxz8oGFH5f4dO5FN/YD76G+wFd//gu gFUwmkmGFnCzn+XUAWCtY2UUuUH5n2tvKBK2SNuzvbEKdAY21rH9+xyuHDYB7lG7AN01 zauVj5JxvKTuFAeh0kSGQzVXBWmSxdwaLyQ8Db3eE/A4b5TqlmNG6dwCYynwAPQMaBXs oE0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=evTzBEum; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o33si1049346edc.146.2017.12.28.11.03.32; Thu, 28 Dec 2017 11:03:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=evTzBEum; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C38D3C21DA6; Thu, 28 Dec 2017 18:52:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AC566C21C8F; Thu, 28 Dec 2017 18:50:25 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B9FFFC21E14; Thu, 28 Dec 2017 18:49:55 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 9DD40C21DF4 for ; Thu, 28 Dec 2017 18:49:51 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id n138so45236580wmg.2 for ; Thu, 28 Dec 2017 10:49:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3LjNZTTYyCYseZYUKjInSqJMeBXflteglLGsqlXBjII=; b=evTzBEumNnMuidjlQ7McI7GU2VUIh3M1UtFbhCMIAVzqDNla3lPvbnUFZumPERJWUE KCr2lSvkKAI4Z85QKYdLBofPhND4oDGd/SJK01UfNIDIL2yCXiQ/sDMpkscUhoN7IZzS 0bTzsnAXBhuX7c/Y4pEORtuqBLESx+tcTmZQU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3LjNZTTYyCYseZYUKjInSqJMeBXflteglLGsqlXBjII=; b=RKNuw6n772u+/ow7bhSyuh/nK1Nz7Ol/6hWT9EkoNVZ/nlS2FIdVZH16pLMlM1h3U5 hk3lhWHWt8VBmuKYd7BrkTI/av1kGYjCZ1wWQzBU3fPwCljyahY5WMkx4r1Jh784zUsS 2VeazmZxs4u8D1AvfXMp/XjWIrgX4dmsHrHFjlXoCCubV46VD+bD4DMhmykAHcOmt0Er qX9orl5+d4JDtD4Y49TKc7vTEqcTp+RjS7NhSMbjk8lRxKERez+PgeVxjgioXc3fc+Kq gOg+LJbaMZ+nlBEp0Mh20fy1brVVhx+a4PfUxZQcNlxu8r8vMMUjApYdMjk7GP5YjX1W rliw== X-Gm-Message-State: AKGB3mI7rFrvhQwc6vk5oMKZ3GHes/6Hf7NEuxc/NS4L9v53vx9uAuqC 71usF8Twxv1/Nkqzn8up/fXEP/LWGyM= X-Received: by 10.80.215.218 with SMTP id m26mr41596813edj.27.1514486991045; Thu, 28 Dec 2017 10:49:51 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:50 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:25 +0000 Message-Id: <1514486982-19059-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 06/23] arm: imx: hab: Move CSF_PAD_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 3c19d2e..91dda42 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -144,6 +144,7 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ #define IVT_SIZE 0x20 +#define CSF_PAD_SIZE 0x2000 /* ----------- end of HAB API updates ------------*/ diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6367562..039a017 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -71,7 +71,6 @@ ) #define ALIGN_SIZE 0x1000 -#define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 From patchwork Thu Dec 28 18:49:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122850 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3798913qgn; Thu, 28 Dec 2017 10:52:56 -0800 (PST) X-Google-Smtp-Source: ACJfBos+tCun77Mx9Vas/6Ct/fbX5KWMHho2ZiNUlt7mXs70rL891Zz5u4jJX9tSLY7/Ez9TgCTk X-Received: by 10.80.177.72 with SMTP id l8mr41358729edd.175.1514487176137; Thu, 28 Dec 2017 10:52:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487176; cv=none; d=google.com; s=arc-20160816; b=CP1cVolsjCdHqYzha0kXTLcdIt1hAiTfo3y6BpeHdxxQXEnUgpfsRA/cyiGeHUzLSH TaheCFEU3MbZviz+XdQsP0IlRJ1MiXIAUXFpgV4wWQUsvqozdQQ+y6rhAhNpHa42tNFJ 8HIVhghW8PBIpEVB3opnmeAd6qaTtqMa7ClPAfYsteuDvtHWriBgh0ln2EMtlKmlzo6Q 3Gxgxs19XXyk7H2xMwwT2dM0izghEmquiE+4UyCjybDL0zlU0TAWPhV3ShHODYugf2kv ofOiyoMUhw3XSwC+EtOAiaDonhZVs3M25aC/1q5nSSQYXwCvXrUpFskpJbPIYGoRMY7y Q88g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=PDvuER2n8FnoXqXK49o4T47e1bEy4jOkhxw/OL5wZy0=; b=xVCXN95AflH5+CITJqQ46h5E2l6FFgzRUe9Hk9zU9ocBP3VOgcPjN0AhN9vLcZNbpj W9yae+O/DmrTVB+T0qFRWtFRnJT14KgHU6l5dbGOln9djZ2g1c9nxmwh4+EPbjtwVSkN kFw9pLRZD7nOd3oEv8106beJzXgeUv4cIpAdGyHDIFiRM1kaJwC0j2gbYAc1jRmL0fe6 y2gD/ACjIcOQnl8onBvjvDKH3gP5lAOJs5F7f2vSLFA5RokDZe6tilElT7ZFTpGZDBRE zjvMH++BYWcLH+yuf0lqw8Ufz8iEiVsXQGj1Uy7uXfe3o85w66fmCtwC2aXkuQSX8BhW NzBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=cp73xbpG; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id a21si247738edm.378.2017.12.28.10.52.55; Thu, 28 Dec 2017 10:52:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=cp73xbpG; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 91FA7C21DF3; Thu, 28 Dec 2017 18:51:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C0371C21DCA; Thu, 28 Dec 2017 18:50:02 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 6FA1FC21DA6; Thu, 28 Dec 2017 18:49:56 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id F412BC21DD9 for ; Thu, 28 Dec 2017 18:49:52 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id f206so44969965wmf.5 for ; Thu, 28 Dec 2017 10:49:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNtYkPDzIe28L+HNfooKz0qKXIIcKrVLXUdvRxtNK/4=; b=cp73xbpG5SJwubmApdDvYXX3DUzTq/8UyILb6FHWu7jQ1sWZOMVC5JLoUvK6xpaGJj S8FxBu5jUDgteDgJAK9AA6TGdjUCFe1k7GCwTlbuvjuCyppcE6wVj1NOTINz2eqbleC1 5aPdeOUW/GO/neY82n29PMR/hpJdTH26v7BOI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNtYkPDzIe28L+HNfooKz0qKXIIcKrVLXUdvRxtNK/4=; b=qsT8oN439bw37dDza5ytiZTza9pTJDXfC/+TXWkj68gsFSeeE0+qRjSjByyoO/Wu2m 2xpxgrqSmD46bmwd6P5UN2t0OsoMdsp+VKS9JFN3Ah2MY8jZAbw+FWBZd5Tyv3J4R/aI K6B+gkWXQ284DpCiSkO6Angz0bPU5GVaWcJXjb2uazIEh+9Q5kMFZLX6lyKHiRl9DAqu cdatrxZ97LOpdTxZW5atKLDUYWTQ8CzLz2Nhs2qzHekn+Ngc+a1Ivfo/sOHpodFli0T6 nMNMayTaIb6Zl5BYSvjNQQoBYTQOXMi0X8KXTTxws+mvst5ETtc5TkXS3pG03YTVhEWt R4lg== X-Gm-Message-State: AKGB3mKvqSIvKokA854B6N8h4XcjAyqRwMrNgF5fs+M0joww1CR4o0pQ lzwCIbaC4QdFKZR3BWyAVixIWDhUhQ4= X-Received: by 10.80.143.163 with SMTP id y32mr40709422edy.167.1514486992330; Thu, 28 Dec 2017 10:49:52 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:51 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:26 +0000 Message-Id: <1514486982-19059-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 07/23] arm: imx: hab: Fix authenticate_image input parameters X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" u-boot command "hab_auth_img" tells a user that it takes - addr - image hex length - offset - hex offset of IVT in the image but in fact the callback hab_auth_img makes to authenticate_image treats the second 'offset' parameter as an image length. Furthermore existing code requires the IVT header to be appended to the end of the image which is not actually a requirement of HABv4. This patch fixes this situation by 1: Adding a new parameter to hab_auth_img - addr : image hex address - length : total length of the image - offset : offset of IVT from addr 2: Updates the existing call into authenticate_image() in arch/arm/mach-imx/spl.c:jump_to_image_no_args() to pass addr, length and IVT offset respectively. This allows then hab_auth_img to actually operate the way it was specified in the help text and should still allow existing code to work. It has the added advantage that the IVT header doesn't have to be appended to an image given to HAB - it can be prepended for example. Note prepending the IVT is what u-boot will do when making an IVT for the BootROM. It should be possible for u-boot properly authenticate images made by mkimage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 3 +- arch/arm/mach-imx/hab.c | 73 +++++++++++-------------------------- arch/arm/mach-imx/spl.c | 35 +++++++++++++++++- 3 files changed, 57 insertions(+), 54 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 91dda42..b2a8031 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -148,6 +148,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 039a017..2a40d06 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -78,37 +78,6 @@ (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -/* - * +------------+ 0x0 (DDR_UIMAGE_START) - - * | Header | | - * +------------+ 0x40 | - * | | | - * | | | - * | | | - * | | | - * | Image Data | | - * . | | - * . | > Stuff to be authenticated ----+ - * . | | | - * | | | | - * | | | | - * +------------+ | | - * | | | | - * | Fill Data | | | - * | | | | - * +------------+ Align to ALIGN_SIZE | | - * | IVT | | | - * +------------+ + IVT_SIZE - | - * | | | - * | CSF DATA | <---------------------------------------------------------+ - * | | - * +------------+ - * | | - * | Fill Data | - * | | - * +------------+ + CSF_PAD_SIZE - */ - static bool is_hab_enabled(void); #if !defined(CONFIG_SPL_BUILD) @@ -361,20 +330,22 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - ulong addr, ivt_offset; + ulong addr, length, ivt_offset; int rcode = 0; - if (argc < 3) + if (argc < 4) return CMD_RET_USAGE; addr = simple_strtoul(argv[1], NULL, 16); - ivt_offset = simple_strtoul(argv[2], NULL, 16); + length = simple_strtoul(argv[2], NULL, 16); + ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, ivt_offset); + rcode = authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else rcode = CMD_RET_FAILURE; + return rcode; } @@ -385,10 +356,11 @@ U_BOOT_CMD( ); U_BOOT_CMD( - hab_auth_img, 3, 0, do_authenticate_image, + hab_auth_img, 4, 0, do_authenticate_image, "authenticate image via HAB", - "addr ivt_offset\n" + "addr length ivt_offset\n" "addr - image hex address\n" + "length - image hex length\n" "ivt_offset - hex offset of IVT in the image" ); @@ -411,11 +383,12 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; - ptrdiff_t ivt_offset = 0; + uint32_t ivt_addr = 0; int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; @@ -441,24 +414,18 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) goto hab_caam_clock_disable; } - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); - + /* Calculate IVT address header */ + ivt_addr = ddr_start + ivt_offset; start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + bytes = image_size; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); + print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, + 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); @@ -468,6 +435,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); +#else + (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 6e930b3..e5d0c35 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -152,9 +152,41 @@ u32 spl_boot_mode(const u32 boot_device) #if defined(CONFIG_SECURE_BOOT) +/* + * +------------+ 0x0 (DDR_UIMAGE_START) - + * | Header | | + * +------------+ 0x40 | + * | | | + * | | | + * | | | + * | | | + * | Image Data | | + * . | | + * . | > Stuff to be authenticated ----+ + * . | | | + * | | | | + * | | | | + * +------------+ | | + * | | | | + * | Fill Data | | | + * | | | | + * +------------+ Align to ALIGN_SIZE | | + * | IVT | | | + * +------------+ + IVT_SIZE - | + * | | | + * | CSF DATA | <---------------------------------------------------------+ + * | | + * +------------+ + * | | + * | Fill Data | + * | | + * +------------+ + CSF_PAD_SIZE + */ + __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) { typedef void __noreturn (*image_entry_noargs_t)(void); + uint32_t offset; image_entry_noargs_t image_entry = (image_entry_noargs_t)(unsigned long)spl_image->entry_point; @@ -163,8 +195,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ + offset = spl_image->size - CONFIG_CSF_SIZE; if (!authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Thu Dec 28 18:49:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122855 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3803647qgn; Thu, 28 Dec 2017 10:58:51 -0800 (PST) X-Google-Smtp-Source: ACJfBovNQq7Kov9AKyB5Wy4vEUDJmoeYNz6k7C//qvLZERPqMNbZq6Hs8ecXBzHsOE1sH+Fbi5Vl X-Received: by 10.80.172.226 with SMTP id x89mr42687221edc.43.1514487531561; Thu, 28 Dec 2017 10:58:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487531; cv=none; d=google.com; s=arc-20160816; b=KVWQvnqCtqCEbqfOi/XqQclNP0FGjrcgNBRb3ngoXx71Y+QNsBvdqW8tg+GVKcXntz 99e8BV8VGr1QKCZrWRKa3ux/L78D6utyCO4yPethnVeSr+R3BwpcE2k4uavXazJ0TL2E rEEKtglKivOZW0N/lYSX1ltKslSQbHnrGVhdCkROn6sK+YtTBzkd4qyb25a12/nr2CCG MJqYRKJs9fr23XKdFJyQtdzNe1UFWVzrt+v4HsvwzvCcsK8kHUuDnYWBSq+94UTPpi7G S+huGwTRWfDXGGAa9cM4Nf39QJeS95npccDlbuCfN1QzNbk+t9BB/N3e3tvochHV6Rht ySag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=N9cjxq1JSXJ8z95cc24viTXrcEeJuNQ7EWQtfvf+sFU=; b=UnF49RT8BNdT4ThxOEFr0k1EXzGqM9ItQTzrCgNJQXljRALlm3Okow+KfwJL3y+aV2 fIVfp7d3MfsDPTvVjB0uJHEviV9u4WaPf1XGe1pzIOD3ycQb6YudnLu1vHJebGV89RY5 CkK16o7VKpz1DOOJ6GsG2j8125bHtnN1wIJ3hkOEt1Ql5rpUEE1vzBpA7KIUS3znoWIo fMc4WI/Q3tK2UcU/L0r2lea93CZt4v5cdzEsgpmCakde51xkH9X+RAsIFIsGsR/XLl23 tRIclDhBGijr9RyHOKLLH5G28wSYq338Csd8hSVz69G8uRUuiZmwbZGd0/x40nhA1ziB bPBQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=VJrP+1v4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id q12si785782edj.449.2017.12.28.10.58.51; Thu, 28 Dec 2017 10:58:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=VJrP+1v4; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 0DCE3C21D9F; Thu, 28 Dec 2017 18:51:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C6C3EC21E10; Thu, 28 Dec 2017 18:50:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B5D0BC21DA6; Thu, 28 Dec 2017 18:49:57 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 2508AC21C59 for ; Thu, 28 Dec 2017 18:49:54 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id y82so2846947wmg.1 for ; Thu, 28 Dec 2017 10:49:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uTnjN80vRz9KsccagZjGfzkJcvaXHUA7tSlukwiRk1s=; b=VJrP+1v4fKBs7/JPBrQL7J5P5a8mTU64d8PaKz0PzmiU72ktPdNxTo7dugSkInN56B ASGnmUWcY+AxPZAOIgaBMkEf8wIB/T1afvtCF+RYdbmtjPMVllsFx002yRioY1UU2KvN 2DU7GpAscWQQAl16OqcJH7dzsEUOnXI/fFnB4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uTnjN80vRz9KsccagZjGfzkJcvaXHUA7tSlukwiRk1s=; b=Cne5VBOIzWL0EAcK88tu93uXqmXDcN22+Vd/dUmxdYgeP2s6KdLl8jSl9adVP2MN4U 4OwHXhRGJ7ft9KuuoSC8QSPaQOSoVYAsTRV3lwYB37BqHEAsnL6+J6V8D8yO3IFdOUAW X6u99ANOVDvz/KG1rXpCvBm48tplFOdMSxLhPLn36sVxG3Q6JyXKZjxa4UR1AEoLJfFV hZfiwd9wtPYtRpX5/fXyk/AkIPVVOLQGq60kTR1eifjyugvKPiKlJaVo29e/azL19kvu y+pzAqULEMQAO2tSzcO+GmAYnvbcgB1vAkwmAuR8jLV5Idc7CHbvBuSqYp9aS6vjb9PG QzoQ== X-Gm-Message-State: AKGB3mI9b/hOYb8IiFpq944nc4ZRdpq168Jg7x2wNrqRH6C2ylKLsKs3 3xrK9DDH66D+sMqbGMUm9JpmYhj1nK4= X-Received: by 10.80.221.130 with SMTP id w2mr40937880edk.226.1514486993541; Thu, 28 Dec 2017 10:49:53 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:52 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:27 +0000 Message-Id: <1514486982-19059-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 08/23] arm: imx: hab: Fix authenticate image lockup on MX7 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The i.MX6 has some pretty explicit code associated with informing the IROM about flushing caches during authenticate_image(). Looking at various pieces of documentation its pretty clear the i.MX6 IROM registers are not documented and absent similar documentation on the i.MX7 the next-best fix is to disabled the dcache while making an authenticate_image() callback. This patch therefore disables dcache temporarily while doing an IROM authenticate_image() callback, thus resolving a lockup encountered in a complex set of authenticate-image calls observed. Note there is no appreciable performance impact with dcache switched off so this fix is relatively pain-free. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 2a40d06..1d7b069 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -466,10 +466,25 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, } } + /* + * FIXME: Need to disable dcache on MX7 is there an IROM + * register like on MX6 above ? Certain images called in certain + * orders with the dcache switched on will cause + * authenticate_image() to lockup. Switching off the dcache + * resolves the issue. + * https://community.nxp.com/message/953261 + */ + if (is_soc_type(MXC_SOC_MX7)) + dcache_disable(); + load_addr = (uint32_t)hab_rvt_authenticate_image( HAB_CID_UBOOT, ivt_offset, (void **)&start, (size_t *)&bytes, NULL); + + if (is_soc_type(MXC_SOC_MX7)) + dcache_enable(); + if (hab_rvt_exit() != HAB_SUCCESS) { puts("hab exit function fail\n"); load_addr = 0; From patchwork Thu Dec 28 18:49:28 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122868 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3810262qgn; Thu, 28 Dec 2017 11:04:43 -0800 (PST) X-Google-Smtp-Source: ACJfBosHXXaQaA7WLAiBbiFUDKMqucqW1plOBOaSvylTEF6WEZKSW5/Br+2/Qh/D6dmCerHYPMTt X-Received: by 10.80.169.134 with SMTP id n6mr41644498edc.44.1514487883228; Thu, 28 Dec 2017 11:04:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487883; cv=none; d=google.com; s=arc-20160816; b=QI7XEqUg12KsHuuCRCn+KxcLG+jzg+0RJ5vEBZHOaGD7ajQRbalZtpIW2G9skXEU7m 5ZzbOCP92Hs15zny6+6zwYDzkGGq+tY0AECzSpgLJHPLdNfgHc9ikjWWfAfxAVGu3oZH c/ZSOMyCtofNIL6+AxZOaxbVmCOGdHa5LlsDQIPAoTEyvVcsXE0gLzq9uFPTRjncsA+j U6JJ5TMbSbjPDxAqPeygADCZvXFTgHK+djLyvVTJ51ZQZJ9aJ82XXYuZlkDQUylW0QkB 8++F4TrBDjx8EMuEZCHUei83sds6yhieCXEpEAozKfiYlRAFoDRoS8ifo3gKAGFE+rHM mODg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=wMUOic2TFDmrDvyogVjf9hvh3SaCoaZsPmQv9SLgU/M=; b=RQ3N+pQc/NDHOx6NhIWft3zfUsme0JZ7ZJPJMYQt5p9440WTNotixcuONtV7HXji/S 2PlS3TNickVTZsg5xLmeFW2jtVsmoUFJIy5M4ClPmW3+QG/aRXeIyzRXNYekWfckUtMz mzTscEmdv7IP+TwbRFHbdnMvauM9rl5cckEp3a0HSD4trE2U8hyO0eatwKBYi9NqunNl ejyWDYAtnFc6pnXZ02yFXOOpEBUS0EVPLrUPoYQ89A7gDPzOkoGUx8lXdisMnJ4O2gEv ZskrxxZ8ewvEa0er7NsbG7lmv5Sx87qPYS31bJWeHoeMgIHmOjVZsUcW5oXL1jgY4A+E PFLw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PiKtDPSQ; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 44si5075939eds.62.2017.12.28.11.04.42; Thu, 28 Dec 2017 11:04:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PiKtDPSQ; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BE56EC21DBB; Thu, 28 Dec 2017 18:52:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AE4CAC21E14; Thu, 28 Dec 2017 18:50:28 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B517EC21CB1; Thu, 28 Dec 2017 18:49:58 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 55F68C21DDA for ; Thu, 28 Dec 2017 18:49:55 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id 64so44997077wme.3 for ; Thu, 28 Dec 2017 10:49:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=W3aaLbqI/MaiX5sYMhnL4aKeCAri3WIVr9Implx4W6o=; b=PiKtDPSQbvw5At3sI0wOZLHNt7/YUEVAGSMGskelgnLRI/wTkSqEHUhrb7UH98+qlz v0pQD9deoq685dkO8Vu7i3ve3Dv6DIAUC4Ru9lc1gExtW1Ac3TuV9PmP8GnmZnSUOKmW pgB5LImAsZD8TEcTh2GkK2242u2N+h3i5nz2g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=W3aaLbqI/MaiX5sYMhnL4aKeCAri3WIVr9Implx4W6o=; b=LQv3JraOaUDnkAFmEKNkFb98xAI1t49T0sMXgGuqLpRBStq57xoFADzF/oEv34Kmhx BFyi6nRSbnvhdT51xX2HTyREuxLl6gxmdwTb7M/xbeu6Lp6WkyLvhVI+SuuLvoWOf9L9 6LfA8aFIw/Kcv95/eN4oa2O88p8/7OoNGhgU+RMrAIoBbwgpuBkPTMsDAEvIsATBKcdy UtaCKNR67nBnOiOksRe9huZ5bJ4CXIGsT9OOOeTDc01Fw8jWhD7TGB2AObH+Q6Oexhbm gq/xdzm6FJGlTs92MbpGe1KMuozYKRKQ1q0VTqO0yhzHUE+qKn8PR0Oo6TTbl0B68+f/ 6Q3A== X-Gm-Message-State: AKGB3mIjDtJxDptsB19YoyLsFP66PU4LavyZh4VRqsRzFs7/k8q92PnX X/tgBxlTCtEb1lH8+YFtcVAgd2bfNKY= X-Received: by 10.80.243.136 with SMTP id g8mr41811736edm.42.1514486994731; Thu, 28 Dec 2017 10:49:54 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:54 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:28 +0000 Message-Id: <1514486982-19059-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 09/23] arm: imx: hab: Add IVT header definitions X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The various i.MX BootROMs containing the High Assurance Boot (HAB) block rely on a data structure called the Image Vector Table (IVT) to describe to the BootROM where to locate various data-structures used by HAB during authentication. This patch adds a definition of the IVT header for use in later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index b2a8031..28cde38 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -10,6 +10,34 @@ #include +/* + * IVT header definitions + * Security Reference Manual for i.MX 7Dual and 7Solo Applications Processors, + * Rev. 0, 03/2017 + * Section : 6.7.1.1 + */ +#define IVT_HEADER_MAGIC 0xD1 +#define IVT_TOTAL_LENGTH 0x20 +#define IVT_HEADER_V1 0x40 +#define IVT_HEADER_V2 0x41 + +struct ivt_header { + uint8_t magic; + uint16_t length; + uint8_t version; +} __attribute__((packed)); + +struct ivt { + struct ivt_header hdr; /* IVT header above */ + uint32_t entry; /* Absolute address of first instruction */ + uint32_t reserved1; /* Reserved should be zero */ + uint32_t dcd; /* Absolute address of the image DCD */ + uint32_t boot; /* Absolute address of the boot data */ + uint32_t self; /* Absolute address of the IVT */ + uint32_t csf; /* Absolute address of the CSF */ + uint32_t reserved2; /* Reserved should be zero */ +}; + /* -------- start of HAB API updates ------------*/ /* The following are taken from HAB4 SIS */ From patchwork Thu Dec 28 18:49:29 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122866 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3809710qgn; Thu, 28 Dec 2017 11:04:13 -0800 (PST) X-Google-Smtp-Source: ACJfBovIr1Wdslp005z3Cwtzil7Phn8z3xITITub0Vm8YIHCaCi1+G0uqUCXgDOaQMeYC3/nxrnc X-Received: by 10.80.211.18 with SMTP id g18mr42654752edh.279.1514487853391; Thu, 28 Dec 2017 11:04:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487853; cv=none; d=google.com; s=arc-20160816; b=BrvIZ1haIL/mnmT3cbDWf5gMTuYdrx4IPlIDY5PXyMVxoRfQf7mNfF5Z7zowergeMe MKgpCLgbVI35JU4ybBslp382CHayf7JDQEu58yTdrJNuNwSeQ52Yakb6/CsRVpFd7p8h seRyhUtSVcfnjj23J4bMdp8OWlxf9hrjUmKBM9l6jgsSIZVqGogWnHgmcqhk9li4sdnO BJU5SwQqfzWbcUbKkHTX8GnInsuwyqgVay43THzqFS4CX2i7SZOyDYSNhvqCIOs/Gzry Vkw9oFd9p6cm1uF328kkmw48L9eFEqtNRBIciMOyBJ5FB2tv/1u25AMVv3bQ1q6MNla0 jLVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=A6DwTfRPSiUzXqtgXzsWZpp3nihoECQ7yhUhZrQlyq8=; b=sXajcW8oIMMXKz95/s2Sofo7kltRiwNywmbZ4ow+bhiWpUvySAziB4HexTf2mx/h7Y 4EdqixGiXg38bcjQCYF23XedFj5697Ilh8Rh7lGGTrTBLIxoGDPdFDR+DsEuzRtoHe9+ /V9q1Gbi4TqrDgz9dafLUMLij42lYreAoxLShZbz0gnKA1RsTPR29YiR+LqhmWAdhl0T jsidBOf6Z/0whIRpjjkh+/PLYNAvKSLQS+ddNS9n65MPfRdOREvfM2+JpXIUT7ToDVf2 EoKKCGtWXenuup5LtC3xFSYxAoHpAwMlwMGCkz/6VKFXEtPxJJxp7h3tUvECr/9FA4lS CcMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=S12Z8B1H; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id e11si3880681eda.52.2017.12.28.11.04.12; Thu, 28 Dec 2017 11:04:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=S12Z8B1H; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D1159C21DE5; Thu, 28 Dec 2017 18:54:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 22FD1C21E4D; Thu, 28 Dec 2017 18:51:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 30EE7C21DD9; Thu, 28 Dec 2017 18:50:00 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id A6068C21DCE for ; Thu, 28 Dec 2017 18:49:56 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f21so1903098wmh.1 for ; Thu, 28 Dec 2017 10:49:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=K8jGXjHJlQG52Itin0ehjRHo3P34kiVJ1OjHqtyqcC4=; b=S12Z8B1H8RSldiZc1GWT4XkmB00Ee/y6xPdCNMyASpZcINE+aRt/RyHsSBF4914T61 f1qNCKL1jiNgwpNy6eLKhniY/SZcblBIcDED4V1Idse+29VJysRJ4KDedoCBevgnnkgX h53p9bMG6o4NhgpKb1bJysU+u0jdSQROVeIT4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=K8jGXjHJlQG52Itin0ehjRHo3P34kiVJ1OjHqtyqcC4=; b=PjusafFsmAsfx0tC26nXqaIdK00MeiuSfo/bvjlA5TfIQ0rnE2J8Dr+L9Em/s2UUMw JWp7aMLTewZLpDKmtaSivfcIAQqzGiTTNMwjc1wUgp9VKlYYdlJTBoomtG8YDU0R/YlB g4j/V5TqMM9J7t0RNkjkKlhgdNS9wByK+NF6l2k/XFIBCxRAbvlwQi69OJfax2OKCEHv fzTKpX4uLekgYp0j+XcRnnCTVNzP9EdYn+vxr8LCw7N+6lQM8Pd7ixsnbI/U5xOxGNVV daUO1nz+NdK4/AwLj7Zc3CaWEOA8b7PCjeHj3InazjYK6m86jSDFFD+/SVsPwxue4I8j mNeQ== X-Gm-Message-State: AKGB3mLgldPljhwtm0bucbt8EmZT/JeLk/Ar4LwyC3Mvz/nb+3Pfgo9Z g1a1chq7sxIXKp7xUGlK32eNNnz1mDI= X-Received: by 10.80.193.129 with SMTP id m1mr42407302edf.207.1514486996045; Thu, 28 Dec 2017 10:49:56 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:55 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:29 +0000 Message-Id: <1514486982-19059-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 10/23] arm: imx: hab: Add IVT header verification X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 1d7b069..cb6214d 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -80,6 +80,31 @@ static bool is_hab_enabled(void); +static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) +{ + printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, + ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); + + return 1; +} + +static int verify_ivt_header(struct ivt_header *ivt_hdr) +{ + int result = 0; + + if (ivt_hdr->magic != IVT_HEADER_MAGIC) + result = ivt_header_error("bad magic", ivt_hdr); + + if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) + result = ivt_header_error("bad length", ivt_hdr); + + if (ivt_hdr->version != IVT_HEADER_V1 && + ivt_hdr->version != IVT_HEADER_V2) + result = ivt_header_error("bad version", ivt_hdr); + + return result; +} + #if !defined(CONFIG_SPL_BUILD) #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ @@ -394,6 +419,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + struct ivt *ivt; + struct ivt_header *ivt_hdr; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; @@ -416,6 +443,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, /* Calculate IVT address header */ ivt_addr = ddr_start + ivt_offset; + ivt = (struct ivt *)ivt_addr; + ivt_hdr = &ivt->hdr; + + /* Verify IVT header bugging out on error */ + if (verify_ivt_header(ivt_hdr)) + goto hab_caam_clock_disable; + start = ddr_start; bytes = image_size; #ifdef DEBUG @@ -435,8 +469,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); -#else - (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM From patchwork Thu Dec 28 18:49:30 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122860 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3804811qgn; Thu, 28 Dec 2017 11:00:11 -0800 (PST) X-Google-Smtp-Source: ACJfBouA+XQTu+O44myfh3DcPSQDj4OdPZDNw0Z5diQDD/lpTZ7SFlkKfVeeWmwzULk1eU7RF597 X-Received: by 10.80.144.248 with SMTP id d53mr31886612eda.234.1514487611260; Thu, 28 Dec 2017 11:00:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487611; cv=none; d=google.com; s=arc-20160816; b=mW7kSt6Z0R2HDbCqjUifHpCvrgLNPefsmZzYWafstWDHKElHRP6hPU5YI8WNjWsORc PiSOTTuax7ouCaH0sI2qTBDXpXZNxQb0kSZk7//4xeAb0bsZvuSk3Uy+cgqE728w66uS 4NKI2DsLMIeZkjOPFHf7M/LgUbRHUYDqek8ey5mUQhpPIvFI3lBegKTfv4dmBXSEfg92 VgUcCKuaN2xd9v1f9lXSVmo5qt7P/SptU4AP7g7ihV4aS6jrYjKE8Opfd/6ob1eG6sLc v1G81r2DEtFo3VhqCFDDpBSSJcejy4stunrytzXcsQ75OkaLGaogvud7T31Sm8RA8Znb wCnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=MMozsOA+Wk4tbzbRTQ3ojzdmn5TvblgykYvZr4MNXaI=; b=W8795sX73DM18/pGneYgvA248n17WFqN8c1SbVOKw40H2mVjyrUQKkCbAf+PS0vt5g Q5+Rqo3u/kklHwJ20+R07nFs7zrJ6KCaFtgmJzLQn+esoa787d7ufivAKzhzY8qVzt4e 9x+UO+L28WOYZP7qboQVo8WhtG6un9BipIw8p2o8HIA28AfDTXZiF5A33v44RICsqeNt 1yAaBSlKlK6v6y+kRvPaKzH0RIjAtcGT8NYMgmBR/1RF1ZVq3e4BaCKeXdWdwN79NGTy ApsTG5J8amjEzh3GTerS1gD4kY4rjpy3fU0+ODHBN/YXhgFUMMu/rFYLxMs2b+XMv0ON Z0Lg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=EzK7nn3g; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o33si1045174edc.146.2017.12.28.11.00.10; Thu, 28 Dec 2017 11:00:11 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=EzK7nn3g; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id BD897C21DDF; Thu, 28 Dec 2017 18:56:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 69166C21E7F; Thu, 28 Dec 2017 18:51:30 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2B4CCC21E3C; Thu, 28 Dec 2017 18:50:01 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id D11A7C21C59 for ; Thu, 28 Dec 2017 18:49:57 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id y82so2847114wmg.1 for ; Thu, 28 Dec 2017 10:49:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=G8z/3TFmKGvjjpDslWr0bG7tKU0tOafBwtE3humwEZA=; b=EzK7nn3gzVHEZhKG60yCg/1XIi3aBixm1TVI+6AC9noJg06Gz6d1nh8NtzfIQXzaSn ZEAMkTGV63JtIeeDW26boi56PoQiwEx2bQe/OhfgT8hw2S5KmmkWhdQbWVaQpV41HbAe DwfptdgT1WrJB8z3JQxBAmBKJbYQdKWUb7ms8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=G8z/3TFmKGvjjpDslWr0bG7tKU0tOafBwtE3humwEZA=; b=YS/nYRdd5TxcEd9spmPEmVwWwWCkuM61T32/PEx5TJW2fRTtHoPI2pvH73I0vpaQEL 8d8W0kbRgwoGOyEC9AkRQ8DXGneb3WX+JX6wc/VPYLzUNMoNxD4FwuvMShn67nK6FEok GY40zA6Dpqi0GYmFZKWCLZbMM60PTgH+UQRNE22clqaIk4oS1t83rHtlkgCZhn6v+OHv KBWB956NmehKaPeDLLxjmsb70iMVIU+MTqanO6xQPUcoH6ml9TBSY7ttHyEjkCW0wdm4 rFVSWlFxug6NIZcgt/eRY9DtiEai8db0y4aXfTemPHhKFF00iyzZQ7BVEF5MT0+GSqov Y/Pg== X-Gm-Message-State: AKGB3mLmQM+YSaHc6T6X+FBwg9KT+ugZE9nJF3HHMr9wDoOrwQ4uwXk0 sJUSFyK2S2TcuK0j2yc4Cp54JcuecMA= X-Received: by 10.80.215.29 with SMTP id t29mr41518895edi.45.1514486997269; Thu, 28 Dec 2017 10:49:57 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:56 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:30 +0000 Message-Id: <1514486982-19059-12-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 11/23] arm: imx: hab: Verify IVT self matches calculated address X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index cb6214d..479ed96 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -450,6 +450,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, if (verify_ivt_header(ivt_hdr)) goto hab_caam_clock_disable; + /* Verify IVT body */ + if (ivt->self != ivt_addr) { + printf("ivt->self 0x%08x pointer is 0x%08x\n", + ivt->self, ivt_addr); + goto hab_caam_clock_disable; + } + start = ddr_start; bytes = image_size; #ifdef DEBUG From patchwork Thu Dec 28 18:49:31 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122861 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3806167qgn; Thu, 28 Dec 2017 11:01:14 -0800 (PST) X-Google-Smtp-Source: ACJfBov36LAT6go/HxNLSToaryjS8cCPyzukmU1HrwO1dCCygSIEdC8d5VQkrVdgwIQfn9qmQ8M7 X-Received: by 10.80.241.72 with SMTP id z8mr41941795edl.35.1514487674009; Thu, 28 Dec 2017 11:01:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487674; cv=none; d=google.com; s=arc-20160816; b=0ejcG8+h6tl7OqOWrihkNNP9SNMGS10OYn8FSs5jeayh0+ak/DIrf2zWfP2+znFtJR si633MMVFIQjFh9ef+smIPu04FI8HkTOZJfR3mUZNd9bA3QBx0q5jrEPK9e5Tr0m9GyI uvt6PSzDNiEvNiKO7zWnsElBgWlBUXJKvOAbr88xz0Af76y+SXnz66htR84ZDx9FcIY4 fVEAExnICmQmCPhWmM9txK5r6g6kwEVmJrl9OvWqqfxy4jE+0ByZxWrTJdacvQjsOORN mFCE5Zwt3AeuH9haxYVtiwl6xpGzn7WjaVN816Oypjg1fZVEtrO2a19SN9FZBNaoTQ/W kWJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=MMzCGQKpDFcDk93IVE/DWfP/1fpC1U5PBBifuJl57yg=; b=v2vucOaKZXkc4C0bJk7yMB8kEeM34IYlOyjkFxWZAzZPJPt0Om7895+Qw07rGx5LwB x6YU5kKA79cLbHJkiY/UmPk9mF78pPtKfi1Wc11I5U50cMxKoQWui1fQEXwev3sl7qHU bJPKw0X3AnLeFV4C3/kQqKwqdXvuMj7qGgnBFNoQxOhpocA5t5LeWs1vS2C5gJzS687x Q/m1H056stkHcrgE9Ketnmsq6jfyMknfjfa5CnYRxd8PjxleKuAokyryYLQcq4KQoJs2 l/s+5sqndPSlS/elFj1FqDIH+LMikBIuVPm7LcSMvIZA859Rrwyi5Xt0RADNa57aGhUY WLHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MnFQx9LS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id c27si6734079ede.367.2017.12.28.11.01.13; Thu, 28 Dec 2017 11:01:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MnFQx9LS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 2CCE6C21DC1; Thu, 28 Dec 2017 18:55:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 3AA07C21E30; Thu, 28 Dec 2017 18:51:26 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 1AD0AC21E30; Thu, 28 Dec 2017 18:50:02 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 10869C21DE8 for ; Thu, 28 Dec 2017 18:49:59 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id b76so45281861wmg.1 for ; Thu, 28 Dec 2017 10:49:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TcsPXXKd1/3qHv5EDureQHo50P6uMW97nTiFPAmub0M=; b=MnFQx9LSSc1xCKsV0p1mfshmFWaw26ZF/BjoLfBKgu4tSWcA2OFd0Djkxmkvmp7OqP fz6Y6KewqfKCsCeOj2FrKjbvBu4707BN7GMb3ybi6E7vvfR43vCJ/F11KuRkswmwW6FQ aCd5lpFs9aCAUL9tDSgzkvTZ4FLD6ocC9A4uI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TcsPXXKd1/3qHv5EDureQHo50P6uMW97nTiFPAmub0M=; b=bvt0ggY1VK3+rvUETQ3ufPXxSeSM6HUEcjn7yqxO64W1QjHgjJ98GuCWbXcP4dQO29 QoZ0amEgMR7dEJTHldcaKaXp/Gwl77xMsMTTVfWCSAZK7jW/VMyTKAYq9irwslkamh2S OPvLSzUiW9ClHcJsFELmGa1AUH+QBn4rCjm31IlVvnQIGFr9hGHkyTaVzouj9Oc9JLCd aN7snRlf/9DSqFGM/uRoSKN6chPe3X89+uQ64RXKsgDQZVQeh8Mnv/15WHkA0217mEHb gOlxSHjysGZG8AsQ6ML/46v8peb1g6MZSwyMurvg9J8CSaECUpKZDM8xTY3rmEVBwcp7 a3wQ== X-Gm-Message-State: AKGB3mJJkXhkw1nHxCz5UxCqdRHGxGMB45lr2uZLbSaBLX26nh6vmdpH bjl3hR4ACCToBIhpd0DVXY8UNOk3Lo0= X-Received: by 10.80.165.139 with SMTP id a11mr41965138edc.95.1514486998417; Thu, 28 Dec 2017 10:49:58 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.57 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:57 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:31 +0000 Message-Id: <1514486982-19059-13-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 12/23] arm: imx: hab: Print CSF based on IVT descriptor X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the fixed CSF offset currently in place. Its worth noting if you use u-boot mkimage and the i.MX CST tool as described in the NXP documentation you will get an image like IVT | BINARY | CSF not IVT | CSF | BINARY as the code currently assumes. The IVT header must correctly describe the location of the CSF or the BootROM will reject it - so the current dependence on a fixed offset is nothing except limiting. Fix it now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 479ed96..d620524 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -465,8 +465,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, - 0x10, 0); + print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); From patchwork Thu Dec 28 18:49:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122871 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3811350qgn; Thu, 28 Dec 2017 11:05:46 -0800 (PST) X-Google-Smtp-Source: ACJfBot6ieiYri8ZHL8xpnd2V5r6TC7IOHsxIcn2WHGZ4PTasQfnVwrw4RQnR157VfrHSGFrvQ0B X-Received: by 10.80.184.23 with SMTP id j23mr41546347ede.115.1514487946430; Thu, 28 Dec 2017 11:05:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487946; cv=none; d=google.com; s=arc-20160816; b=XYD0bEgVQ0B4H1bXW+elRDN2BZeVUjjacmuFCQ5QHVliioigSkuZqurFY9lf/ecHes EZrpdhjpdW74Wu+P+uTD3XzKg1HftZzwC1Omse/R+2KIid5eiSXpV8hdFNv7On/PQ8lk n25I28hhmkVf5SBZtOUScCugVxVGIulYKD7o3tqF5ocAkXOteagPFl9v3nehk7lHEVlj GyqM2wpNUDNYkWkRjcucMGRok0fAb52HUz8TqwB7b8bGJv46u+Vdm2Vl6/y9Q2Gs2bsE eGuC80tKoSGxFO83+7ge5b071Q45leDt3owV0raZ2kc/fE2ZEUm3HVD5ANYOGcVGv0Lr 8q0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Fh8wCYmrkejb8LLhrIT6RpV12huJ+1SuUAU0hxTsk5A=; b=0fOhFemnqk6N/VenYP9Y36+9pb7lioz4B/WGB9edWPjO/YbkqXB9juE88rvQZyieo6 4ZBlfRZq8uUtI+TS4KkQWC4wxTY8SUH6ddXCCaN439I0EkKagb5LVROlkkuVfkSyDNp7 su+hrfbNQRrmolElOfV2nvg7Jb8BcDjKWjcYpQTbfSisXegacXJIGsGw+GX61V/zNife ggOc57zhzB+7vUtU09EyeNRTrfM76LI24Uo0gWdxhccYzY18zpvEs3oT0xDjASv4OeQ0 00+wDht/xMBhquYYp7ea21FO5EaTqgwL4qPaCoBQsXg004wmVi1gB3uEn9Mq7QbG27TZ zdKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FWdN21OO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 65si2350061edi.238.2017.12.28.11.05.46; Thu, 28 Dec 2017 11:05:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FWdN21OO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id EAC7EC21DB2; Thu, 28 Dec 2017 18:55:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AE475C21DAB; Thu, 28 Dec 2017 18:51:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 372A2C21DC1; Thu, 28 Dec 2017 18:50:03 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 40833C21E06 for ; Thu, 28 Dec 2017 18:50:00 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id r78so45513808wme.5 for ; Thu, 28 Dec 2017 10:50:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=7c9sfTFlc20qfKLGqYsO6eLvrjN1ZxhXWBA6CIL8dIE=; b=FWdN21OOifBzCwXqJBDviE7urVwAhFyb/W8z5ixlDkbPBxg+v9mokFVa+PxiG1iunQ qM33ZAXO7ptZuHarbtKhhyK83zbz0l/B39jeW0LyoeYUBpsbmfVFZBUa2/iGcMuSlVVv HYLgbwiSJuTFub9EkDc+aoxNs6Cm/gHfJsBWY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=7c9sfTFlc20qfKLGqYsO6eLvrjN1ZxhXWBA6CIL8dIE=; b=SkDg/0OucMDAdWddX6gUfBxq+Wqs13ETIP4/20EOg+KPbNW5/kp/TdajweifFuYkfs JCfKgPVTiNYicYkFzkxF4Ore2sQqE1xx9UBMduDZwR+ObFP7kvbPMs7Yi/dPXrgEKHpI ZXTzT+5kT7ZIGlQ70Asgzi1pdKmQbx4FPw7SXWyHV/idhrvH7ySqRhzwOrGxGouTCtM3 1DTYDw3gFUxs+M6e+pxW4+6z4lhso37DPBty+ZB8nvgUNglvdL8RkTmWQR7HGRN0i8U7 sagbToa4QpIG98fXizn/rGflFabthAAYGqDEY27HJPr+JKg69zs0mASgb42jDTdO+5gm v6Yw== X-Gm-Message-State: AKGB3mK1ixXLxGI5+BQlmpl40iQrag6g2nFg+c1jUgw+GNi0VxZYM8j8 BJvyrI2AVpx8ynErCpv0CfsN7Z3AQs8= X-Received: by 10.80.148.163 with SMTP id s32mr41518613eda.74.1514486999633; Thu, 28 Dec 2017 10:49:59 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:49:58 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:32 +0000 Message-Id: <1514486982-19059-14-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 13/23] arm: imx: hab: Print additional IVT elements during debug X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index d620524..6646f81 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -461,6 +461,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, bytes = image_size; #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); + printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, + ivt->dcd, ivt->csf); puts("Dumping IVT\n"); print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); From patchwork Thu Dec 28 18:49:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122869 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3810371qgn; Thu, 28 Dec 2017 11:04:49 -0800 (PST) X-Google-Smtp-Source: ACJfBosdMnHaqcpfHVnN52/eAlTqOzNzYwuokRxHUJZQVhcxC3ZwE5GYpdQgtCANh2aEasJtWt/n X-Received: by 10.80.164.209 with SMTP id x17mr40370618edb.158.1514487889261; Thu, 28 Dec 2017 11:04:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487889; cv=none; d=google.com; s=arc-20160816; b=If3sGXGr2qLSo7jLaYal1pb2/3PmX+s/eyY4/zxcL5IraAu9uRSvAFXTcMwscXBo2Q 4cYfuJUtHqxcV8dfZy/7UAQ+ut4UdN/6Xm+lWc4UO5E/h6SW3jdeb7l26YAfKWlmP/hb 0tPuhnRbndGyGxqO1W4yZzqRtUSL0k2swRkrjPpoHyOVDR5A3GjNaYYvwfT99y7Jegqn S5dkiIkLrPweHBnTX3Bhj+ZiCPo/SPhjtRcSS5ZH9wN6+v+mVdppsxB7ZzmbgtLtq3nz JiykWFwNJdHin66H2mDEBvsLjOK7cEJQQZKuwnZ8e9vgtrpmyQbGl7b41P2kP4E/K73e wCpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=k5X/ItTmKzhWMdp0uZ8EBVqBbJj/pKMrT4QgVq8r6rY=; b=KpjnOXWPiFVas3cI94zudbEvtH/z0UPXijoTqHO4b8Lt4tiprlqUfe54Pm5o04mVbh t9kvspYn6qtV+6iGnLP0GRZgPLnPciVTD0Zf/ISWlg/xswdMUqJVoGc1Un7rCnrL/bgK +kVXXnYQzi7/WeztFJFBPxUJ/9GRvbO9Ybvg2scw8wkrG8KKj8n/67ThPuQPOu7jzfEs c1Z4RJHB2VgSC/GdNQxssxmxWtTO22oa1IxXzZeaquigZbKdQParSzAFJJTz+MteG0xc Pi67P9dxyDu1nJNDwUMB24NS7he7LJxsZKqgdOLgSH9w7bcAP69eI5IZCQvJOmplvBIm 7ecw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dswAKSQ0; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id h38si2446559ede.369.2017.12.28.11.04.48; Thu, 28 Dec 2017 11:04:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dswAKSQ0; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D3360C21DF1; Thu, 28 Dec 2017 18:57:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 23974C21E43; Thu, 28 Dec 2017 18:51:53 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E550FC21C59; Thu, 28 Dec 2017 18:50:05 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 8C2EFC21E09 for ; Thu, 28 Dec 2017 18:50:01 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 64so44997358wme.3 for ; Thu, 28 Dec 2017 10:50:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GOymI+l1h69sKsRpkjL0ZhctMF1/wS3/aTxVjfkswBY=; b=dswAKSQ0HCorKD6JAhG+IYo0wfGZNYRMIfYjaqV2t/XM+MRNufphQimEduoq3kfY+w vHTPrUVvsuXka5QP7MlL9mIcmeFtJvN0JVpt3qqGEtj660TkjuG3qc6eSsZZLZliKcbu l+yUE9IriYdCMIqvDeYsgmYWJB6IBh1UDEK2A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GOymI+l1h69sKsRpkjL0ZhctMF1/wS3/aTxVjfkswBY=; b=ifj5dKTG17iSVnfZeHkiDe8ZD/3dQTp+ppZcK/9txZjHlVg3Ax6LQxULnlJQCH1gJm p1xH+a58U8ZHXAGPVsdq+8vFFudL4rwWPwQCyyjQDEEpeNKFJv7rkgnW/h2IMv1veNsj NHnxlxaFjNCSbgYtx6mIFEkz557Qs9zWmk9ZyNNGpgorefPQ709M0DAsmYUrUPbSf08T wFwgMU85eXjdANZ535AIyXZMZcSNhzyLFaQ8X5RESI5mHuEzbGqToj97FDfFdjVrYJ3a Wc4VaM+Wzs8ed62Lvv7seviRR6ZJ24yNCHJJ3qFgPqT3dCl1UDS3t4+O61dZLQS1dDav foZg== X-Gm-Message-State: AKGB3mI5un0PB6y7MDkz7K2Pk0IxSRCoLlYI5+4q2yFDkB7E3Xwz/e0d Ad9vGOZg7rvdFsdkMpI4Yk6yhfop8l0= X-Received: by 10.80.135.26 with SMTP id i26mr41179665edb.31.1514487000954; Thu, 28 Dec 2017 10:50:00 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.49.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:00 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:33 +0000 Message-Id: <1514486982-19059-15-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 14/23] arm: imx: hab: Define rvt_check_target() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_check_target() callback according to the HABv4 documentation: "This function reports whether or not a given target region is allowed for either peripheral configuration or image loading in memory. It is intended for use by post-ROM boot stage components, via the ROM Vector Table, in order to avoid configuring security-sensitive peripherals, or loading images over sensitive memory regions or outside recognized memory devices in the address map." It is a useful function to support as a precursor to calling into authenticate_image() to validate the target memory region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 28cde38..14e1220 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -113,6 +113,12 @@ enum hab_context { HAB_CTX_MAX }; +enum hab_target { + HAB_TGT_MEMORY = 0x0f, + HAB_TGT_PERIPHERAL = 0xf0, + HAB_TGT_ANY = 0x55, +}; + struct imx_sec_config_fuse_t { int bank; int word; @@ -132,6 +138,8 @@ typedef enum hab_status hab_rvt_entry_t(void); typedef enum hab_status hab_rvt_exit_t(void); typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); +typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, + size_t); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -158,6 +166,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_ENTRY (*(uint32_t *)(HAB_RVT_BASE + 0x04)) #define HAB_RVT_EXIT (*(uint32_t *)(HAB_RVT_BASE + 0x08)) +#define HAB_RVT_CHECK_TARGET (*(uint32_t *)(HAB_RVT_BASE + 0x0C)) #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) From patchwork Thu Dec 28 18:49:34 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122853 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3802805qgn; Thu, 28 Dec 2017 10:57:46 -0800 (PST) X-Google-Smtp-Source: ACJfBouVehTHEwmyKF2a8MUNdeqsl2fqHm641HgTpa4NC7QYiSBiAQfxfc1vQlKIh9TdCTarUHnG X-Received: by 10.80.170.87 with SMTP id p23mr42603525edc.289.1514487466095; Thu, 28 Dec 2017 10:57:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487466; cv=none; d=google.com; s=arc-20160816; b=mDYHEtyw2vtRHJKfj7vRplN05N4NQk3LWxXNIfp1JvXSINcR4Lj87VSwAlSyhGawtp 1RgFqFY6+gD3VouaHvkwccUTu86o/rHOIA7vtlfmZ+XOKF9I5BBgxW9dI3U7zNxLQwg9 maQTGmuWBmo082qoBS5x7HfmIVJ9h6LTnUukXINRH8aDbnPwCCY9LiT9eEZfGn48Qp5G tzxzegIPuLoLor0rnS98HPHkWjB4VmmMGRbF1bbvOONF3YZrb0DJVMw/vYwCxRIrbtyl KpvIj6+iNi4duynvwnexKbNmFsDLplSBjGWD0JBz+AmDna7WSOy9LJp54wDTMpVfpC/V DH9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=H565RPPHP3keQ4qC1H52UbVt3eRN/1Dm9UjKqe6HhZA=; b=tkC3Qb+aGnxOW2qYVOZpRLBM/Jjyt1q6+s7mu1HTpA6JqvWxa9abJBefAlI9wgy/tU wwui8idBFTYII+GvCM3P4KvzOaRMx9HfpjytjCLaApYkl1Pvs8oB92dwHoagAfz4vvsG KUOjFk7RFprauyWmISt0OJHwjEpLwrXUU25BfzU4z9YnhehMVQm3dLv31B3wc8wr1mQ+ vkpnEhLFrOkwKeZ1cCfs9gnT/NFIj5CyCXmgcI8ktS4xVstN3W4/BMFFOJ+jizfmQ8yJ zNKUD7bMLbt5apzmiARiWgY/52iYuEPu9+q3q//odeEt8+lgjWR++WpQpDrN9d99ExDy hb+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FxYE+I3W; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 5si2061020edb.270.2017.12.28.10.57.45; Thu, 28 Dec 2017 10:57:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FxYE+I3W; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A36D4C21DC1; Thu, 28 Dec 2017 18:54:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9CB35C21E41; Thu, 28 Dec 2017 18:50:52 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 00BCCC21E45; Thu, 28 Dec 2017 18:50:08 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id D248EC21D5D for ; Thu, 28 Dec 2017 18:50:02 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id t8so45227634wmc.3 for ; Thu, 28 Dec 2017 10:50:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Lg5/AkBYFxovAmDWiZQJ2tWRRE0vWh+VVPq/Wu7sWLw=; b=FxYE+I3WGG5o3pgmsDT4adQ7LzNkEWtxj735gARcht3P/zwqlkkii++H9Xmwk5Kw98 PCaQRbGo4YA9dHcJLZb+lzrGqVKql/X/Czg1zBxLeJ3cazHjbHBS6JCPYCb6a2PwduA9 Bc9UqSJiKoU45U3NasM6XEVkUM3nP/ectpFYs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Lg5/AkBYFxovAmDWiZQJ2tWRRE0vWh+VVPq/Wu7sWLw=; b=tA+85MRBU/LBMP9OLO7Uf8tyMa3Un+pcrpQviyfnrFZF4lrZHUR4MvhuwEu7jzgrPX dsPJxPdKDLiYEObcOUKf6Lpzykpg2bTCzHB38bmyVY266ooPfDuMixuEtvJwizObqW+/ FOdvCT2iPT5/SzedhXQ/uxK6wr90igumoN6+e4zi5ZO4/OfFAQHQe5pFjcRjWMCwWKWt bTTuwMZ9XF2UEhW7wEPIBg+Q4JagDyOHN/kHRMjhKbBg7nJOtCWB5BuXNAa4kxgOXHq4 1pCyPuD4xbCL2pJ/v9fYZNzv3EC7zdcZ0hgmY9d2PAxL+I43DZ8Z+RYGF1xUlhw5YH7m JnhA== X-Gm-Message-State: AKGB3mKaeHHIlQxugh4xQttn7wT9FA3/TJQuOoIjvcpACemidDMZFQoG iwWbhpoiVDGOzHDf8Yx+3011wWW/0q8= X-Received: by 10.80.173.20 with SMTP id y20mr40736529edc.23.1514487002158; Thu, 28 Dec 2017 10:50:02 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:01 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:34 +0000 Message-Id: <1514486982-19059-16-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 15/23] arm: imx: hab: Implement hab_rvt_check_target X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_target() for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just have HAB_SUCCESS as a result code. Adding support for the new BootROM callbacks is a TODO. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6646f81..eb18f76 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,24 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, + const void *start, + size_t bytes) +{ + return HAB_SUCCESS; +} + +#define hab_rvt_check_target_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + ((hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET) \ +) + #define ALIGN_SIZE 0x1000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 From patchwork Thu Dec 28 18:49:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122859 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3804803qgn; Thu, 28 Dec 2017 11:00:10 -0800 (PST) X-Google-Smtp-Source: ACJfBotlKmfD36IXwlL2iMIqOAfwyD1NA84UhiwChez9m7e2lewGVeP8MtADPv8ocSjUj5W+MZBO X-Received: by 10.80.216.202 with SMTP id y10mr41453233edj.221.1514487610642; Thu, 28 Dec 2017 11:00:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487610; cv=none; d=google.com; s=arc-20160816; b=QhqM8QPbC3U4bjik0vteWbf9caarPNFiZJw6t10RdtJs9qDdEgBMjgRBANeZI4h0AN 9mIBZ+qHQrbPI8UkYN52TbnAIdU0BIMEl8DlnqGFs7olV+2nSBCkVrgs0IzlHt2e7Fry 7Ab1y0Vf9C3YWXDmcwgeEwbM5kWgdEyGmaQp3cDaQYmhGRwT9E0jcCCEbNUbjl0FPtTS 3KMNtGdWFpvRF3YbabNsv05J+M7+gHm+EyiFNqh/DGdkWM1Fg8N5t4aRwo4kSQ3l6p9J BfPfMa9iu9whTuqn8cbovWi61XMNbQHKYN6dhphKffOf4nal4jYkzI7YRePw59p9MmDw 16HA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=R2+TZ+v4yR2DXBKlTas+o5ku3idhzEGhzE7XxUmKuFk=; b=Tnr1Yvc6P3hST70a8kFzPdVn5jMYsmxo63+oe42sFeDey9H3k1WQh279H2k96UanxC eNIHbwGhmFrI3F1Iid/fqTZ/CvtM8LtySoAR70plZyJlvNBXATCQsawg9waooPK7/7IT Q3iLkwbc0IEH2zYay32IDj8Py6cGFSnyHPAOYzuAv7XjHTGlmVycfWr6wLz4kgh/x3ZO l38bM7Hk8lLKsXEWgy0SX8hzQutXLToNY5zJq5ZPS2XznGSdJvEuShR/3boct7TvEowa 3knbovsDnWRhykM7Im3IcZTYC/KYs00cdo9+3AdynqsoBdsyYEppyTD05oF3IOmRiMje c6IA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N0C5BkER; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p63si3884729edp.537.2017.12.28.11.00.09; Thu, 28 Dec 2017 11:00:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N0C5BkER; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C1C83C21DE9; Thu, 28 Dec 2017 18:55:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 621AAC21E63; Thu, 28 Dec 2017 18:51:04 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3B41FC21DA6; Thu, 28 Dec 2017 18:50:08 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id EE027C21C34 for ; Thu, 28 Dec 2017 18:50:03 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id 9so45242662wme.4 for ; Thu, 28 Dec 2017 10:50:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qITMAZB0kBEBYVD0jg4YEIDgGAySjZ7YlWDixrrLCXg=; b=N0C5BkER2phf7xjKF2rRB9w5a53OQsxx4zSAZK7WED5sjiXUPzA4fs8GgqBKgsSoEO Xp3rYEp7thSlW/qCxkZfkSJfuIo/Ae8kKeylApj+I71YbvC/EuA+YUKAWc8jjLePrOVI mvx82M0yfiUxvZEiSs17XslvR/QLcvz0Mo6rQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qITMAZB0kBEBYVD0jg4YEIDgGAySjZ7YlWDixrrLCXg=; b=icww/2bdgOTUkm9hoUTvCBpRCHqUcLutDLkCI+7+vCIB2JUhvvSos/G1TG3ytmj9ln uh9fVnDuiNHqeZhxXjlwrLrkJTj1ByDwsg8Hyy7P5zsP+p0hdtBqmtN09Qens/CKi//O bZohMTj+j8fvt/96u86E1p7ysEn6Qb8cmCinF9Qas9aiq7SGl0ZQOcu7KeulwfPqmKAh XcGRfuinAfvK3ppqx4deRLXkX8DN8br3wI8Po+ZlWBYEkGXCsVqYjGeozSkqul3D7ttJ AYSvlLXeIzI4M9aPxg6yWTOk7fszq2DYJWqkbHhosDxoLj22/bck5nN5IUbqgcPO699i ogmQ== X-Gm-Message-State: AKGB3mKyqJNIFPCr+3e6Pcy6FcAESRt4LEo9fWp05VIUD0CtJ5TfQrTX /1VACD6WEqdQ3UL9Wd1lb59XO9qJPtA= X-Received: by 10.80.142.239 with SMTP id x44mr41242789edx.13.1514487003377; Thu, 28 Dec 2017 10:50:03 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:02 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:35 +0000 Message-Id: <1514486982-19059-17-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 16/23] arm: imx: hab: Add a hab_rvt_check_target to image auth X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index eb18f76..864b1e2 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -437,12 +437,15 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; + enum hab_status status; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; + hab_rvt_check_target = hab_rvt_check_target_p; if (!is_hab_enabled()) { puts("hab fuse not enabled\n"); @@ -477,6 +480,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, start = ddr_start; bytes = image_size; + + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + if (status != HAB_SUCCESS) { + printf("HAB check target 0x%08x-0x%08x fail\n", + ddr_start, ddr_start + bytes); + goto hab_caam_clock_disable; + } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, From patchwork Thu Dec 28 18:49:36 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122858 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3804654qgn; Thu, 28 Dec 2017 11:00:01 -0800 (PST) X-Google-Smtp-Source: ACJfBovuJrWvxRqosfzJfnPH2reMe8cjT62I6jSyUMKmHy/97BpVULY3Hb8P8bJSwGg+FBQdBUHy X-Received: by 10.80.219.69 with SMTP id b5mr41344696edl.218.1514487601622; Thu, 28 Dec 2017 11:00:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487601; cv=none; d=google.com; s=arc-20160816; b=Gh2g8jYBXuqIe8iZT3rPbQwnJaVqDc9ybNH/qqDroT7IZEjE0ba2XCW3Z0crF1zBWY jzWhPasGdRR4SnfvM8LTL6dHvQFoyCVsMlCOJ6lafVDH+q8qPFPpAzZn7qiD4TasYzL8 vC+ntEUh7EphEj6mDwDdUMhJ+nkXfTlvUPT4ObnrMCG7wUrbk/9XMVY4xg/0Sc5908zH f9lDVY1QXLzl6fTTL2gBI4ceLzxlHr6DGVDxA0Yn3WZ61P6D0r4DTPiLpUtkRFK2frXZ dGdUx0crZvvHyBUzH/KpX+U8griOyjOZel29lLB1sh8xAFaAlmWkyeRonA7ghp1ePK5k s5qA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=AY1xJKbTzHRB/0Z8G5n66efc6vRWu6wLeufFcwhVVmk=; b=E1xPMX6Ffk6wGTGxnJKyd6OuVbvQFqkdzTdKKI+7SEqEQnQt7aTfzLQL8ZfxWHq7eM Edjq9JId5wkF+I8bM6YIYH0xtarzakqKU4xd2uGnSHkctyhq/vbT3aHh7EshAorVcGLb XEs4a/stjFC/qAsQLYLxlwmkxMIs3HmY5mSv+mUWppZCvsj3z6vs28P4LVdReyxIww+u VdXtCBVQIELYbDcxFLboP6fIInxJIirwzRw6vqh43FNl07BNXHM5EeOeawpWK56VdEgX XF6gQYmBheZvHLGsFqNtLtg+B6C3DBY4zqLQlLMGSqzRAdCTx7QVqMwmYpIJWcl090h1 lMaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PjMD/aT8; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id n8si730011edb.395.2017.12.28.11.00.01; Thu, 28 Dec 2017 11:00:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PjMD/aT8; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 41555C21DB0; Thu, 28 Dec 2017 18:56:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 41EA4C21E1E; Thu, 28 Dec 2017 18:51:29 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B614AC21E3C; Thu, 28 Dec 2017 18:50:09 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 79BA7C21E0C for ; Thu, 28 Dec 2017 18:50:05 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id t8so45227818wmc.3 for ; Thu, 28 Dec 2017 10:50:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ouQIrmR880rLoLWJlbzHw/0+KAhcI1ZXolEyDnT5lAo=; b=PjMD/aT8UFCzIwtEyetHQPVdJAklRTS886cXz4Gf5Qf9EW75C2VlndkPKQaroYjArd GywfQqKdKO05OYfN8NpQpKAV0ptTLMBFWbfXDuRYukyngzyvKP1eu5WXLNAWs56VfKAH isy12KL9WeeSuY+7MlGS4xoovROfnPWMZFRXI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ouQIrmR880rLoLWJlbzHw/0+KAhcI1ZXolEyDnT5lAo=; b=eTVSQiwTagUuw+fGx6ExTPe+LLhwZhmGkQG91rJ2rle07tA3X6nR9Jn4NSrLTDfTV/ ZweL7Jok7RXO4AcPlA/RhXuOMN1hj216AkbaZx84h1MEdFYCYQnvbryDQnthLtCpcqA4 JmvgB2zQmimTuBoL1LgM7MdEzu5hxO6ZTWZ7h36SOfuQdpvbzBmJSNf9JihjCXSps+0O Wt0RSQSBVmAlDCynDZP74P/ThD1tlpQusB11Heh7DrXfgqO/1mI2ZLuUl5W/yT4svQ96 mJIV0RbAIMn7YJEdK+IyC1kpXlAhWMdWH+6wm9nq96B/mvBWMDAtIiUYhu5EyFLOK5dR WPvQ== X-Gm-Message-State: AKGB3mLIGICd8S8P/j4TMV1PsAotYlDAi1AXLO5QwNqsb+li/nhMwKyN cC53hC9c7My+14sywnbZoGS5iXuEb3c= X-Received: by 10.80.152.66 with SMTP id h2mr40491490edb.192.1514487004837; Thu, 28 Dec 2017 10:50:04 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:03 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:36 +0000 Message-Id: <1514486982-19059-18-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 17/23] arm: imx: hab: Make internal functions and data static X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 159 +++++++++++++++++++++++++----------------------- 1 file changed, 84 insertions(+), 75 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 864b1e2..098cd3c 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -135,73 +135,81 @@ struct record { bool any_rec_flag; }; -char *rsn_str[] = {"RSN = HAB_RSN_ANY (0x00)\n", - "RSN = HAB_ENG_FAIL (0x30)\n", - "RSN = HAB_INV_ADDRESS (0x22)\n", - "RSN = HAB_INV_ASSERTION (0x0C)\n", - "RSN = HAB_INV_CALL (0x28)\n", - "RSN = HAB_INV_CERTIFICATE (0x21)\n", - "RSN = HAB_INV_COMMAND (0x06)\n", - "RSN = HAB_INV_CSF (0x11)\n", - "RSN = HAB_INV_DCD (0x27)\n", - "RSN = HAB_INV_INDEX (0x0F)\n", - "RSN = HAB_INV_IVT (0x05)\n", - "RSN = HAB_INV_KEY (0x1D)\n", - "RSN = HAB_INV_RETURN (0x1E)\n", - "RSN = HAB_INV_SIGNATURE (0x18)\n", - "RSN = HAB_INV_SIZE (0x17)\n", - "RSN = HAB_MEM_FAIL (0x2E)\n", - "RSN = HAB_OVR_COUNT (0x2B)\n", - "RSN = HAB_OVR_STORAGE (0x2D)\n", - "RSN = HAB_UNS_ALGORITHM (0x12)\n", - "RSN = HAB_UNS_COMMAND (0x03)\n", - "RSN = HAB_UNS_ENGINE (0x0A)\n", - "RSN = HAB_UNS_ITEM (0x24)\n", - "RSN = HAB_UNS_KEY (0x1B)\n", - "RSN = HAB_UNS_PROTOCOL (0x14)\n", - "RSN = HAB_UNS_STATE (0x09)\n", - "RSN = INVALID\n", - NULL}; - -char *sts_str[] = {"STS = HAB_SUCCESS (0xF0)\n", - "STS = HAB_FAILURE (0x33)\n", - "STS = HAB_WARNING (0x69)\n", - "STS = INVALID\n", - NULL}; - -char *eng_str[] = {"ENG = HAB_ENG_ANY (0x00)\n", - "ENG = HAB_ENG_SCC (0x03)\n", - "ENG = HAB_ENG_RTIC (0x05)\n", - "ENG = HAB_ENG_SAHARA (0x06)\n", - "ENG = HAB_ENG_CSU (0x0A)\n", - "ENG = HAB_ENG_SRTC (0x0C)\n", - "ENG = HAB_ENG_DCP (0x1B)\n", - "ENG = HAB_ENG_CAAM (0x1D)\n", - "ENG = HAB_ENG_SNVS (0x1E)\n", - "ENG = HAB_ENG_OCOTP (0x21)\n", - "ENG = HAB_ENG_DTCP (0x22)\n", - "ENG = HAB_ENG_ROM (0x36)\n", - "ENG = HAB_ENG_HDCP (0x24)\n", - "ENG = HAB_ENG_RTL (0x77)\n", - "ENG = HAB_ENG_SW (0xFF)\n", - "ENG = INVALID\n", - NULL}; - -char *ctx_str[] = {"CTX = HAB_CTX_ANY(0x00)\n", - "CTX = HAB_CTX_FAB (0xFF)\n", - "CTX = HAB_CTX_ENTRY (0xE1)\n", - "CTX = HAB_CTX_TARGET (0x33)\n", - "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", - "CTX = HAB_CTX_DCD (0xDD)\n", - "CTX = HAB_CTX_CSF (0xCF)\n", - "CTX = HAB_CTX_COMMAND (0xC0)\n", - "CTX = HAB_CTX_AUT_DAT (0xDB)\n", - "CTX = HAB_CTX_ASSERT (0xA0)\n", - "CTX = HAB_CTX_EXIT (0xEE)\n", - "CTX = INVALID\n", - NULL}; - -uint8_t hab_statuses[5] = { +static char *rsn_str[] = { + "RSN = HAB_RSN_ANY (0x00)\n", + "RSN = HAB_ENG_FAIL (0x30)\n", + "RSN = HAB_INV_ADDRESS (0x22)\n", + "RSN = HAB_INV_ASSERTION (0x0C)\n", + "RSN = HAB_INV_CALL (0x28)\n", + "RSN = HAB_INV_CERTIFICATE (0x21)\n", + "RSN = HAB_INV_COMMAND (0x06)\n", + "RSN = HAB_INV_CSF (0x11)\n", + "RSN = HAB_INV_DCD (0x27)\n", + "RSN = HAB_INV_INDEX (0x0F)\n", + "RSN = HAB_INV_IVT (0x05)\n", + "RSN = HAB_INV_KEY (0x1D)\n", + "RSN = HAB_INV_RETURN (0x1E)\n", + "RSN = HAB_INV_SIGNATURE (0x18)\n", + "RSN = HAB_INV_SIZE (0x17)\n", + "RSN = HAB_MEM_FAIL (0x2E)\n", + "RSN = HAB_OVR_COUNT (0x2B)\n", + "RSN = HAB_OVR_STORAGE (0x2D)\n", + "RSN = HAB_UNS_ALGORITHM (0x12)\n", + "RSN = HAB_UNS_COMMAND (0x03)\n", + "RSN = HAB_UNS_ENGINE (0x0A)\n", + "RSN = HAB_UNS_ITEM (0x24)\n", + "RSN = HAB_UNS_KEY (0x1B)\n", + "RSN = HAB_UNS_PROTOCOL (0x14)\n", + "RSN = HAB_UNS_STATE (0x09)\n", + "RSN = INVALID\n", + NULL +}; + +static char *sts_str[] = { + "STS = HAB_SUCCESS (0xF0)\n", + "STS = HAB_FAILURE (0x33)\n", + "STS = HAB_WARNING (0x69)\n", + "STS = INVALID\n", + NULL +}; + +static char *eng_str[] = { + "ENG = HAB_ENG_ANY (0x00)\n", + "ENG = HAB_ENG_SCC (0x03)\n", + "ENG = HAB_ENG_RTIC (0x05)\n", + "ENG = HAB_ENG_SAHARA (0x06)\n", + "ENG = HAB_ENG_CSU (0x0A)\n", + "ENG = HAB_ENG_SRTC (0x0C)\n", + "ENG = HAB_ENG_DCP (0x1B)\n", + "ENG = HAB_ENG_CAAM (0x1D)\n", + "ENG = HAB_ENG_SNVS (0x1E)\n", + "ENG = HAB_ENG_OCOTP (0x21)\n", + "ENG = HAB_ENG_DTCP (0x22)\n", + "ENG = HAB_ENG_ROM (0x36)\n", + "ENG = HAB_ENG_HDCP (0x24)\n", + "ENG = HAB_ENG_RTL (0x77)\n", + "ENG = HAB_ENG_SW (0xFF)\n", + "ENG = INVALID\n", + NULL +}; + +static char *ctx_str[] = { + "CTX = HAB_CTX_ANY(0x00)\n", + "CTX = HAB_CTX_FAB (0xFF)\n", + "CTX = HAB_CTX_ENTRY (0xE1)\n", + "CTX = HAB_CTX_TARGET (0x33)\n", + "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", + "CTX = HAB_CTX_DCD (0xDD)\n", + "CTX = HAB_CTX_CSF (0xCF)\n", + "CTX = HAB_CTX_COMMAND (0xC0)\n", + "CTX = HAB_CTX_AUT_DAT (0xDB)\n", + "CTX = HAB_CTX_ASSERT (0xA0)\n", + "CTX = HAB_CTX_EXIT (0xEE)\n", + "CTX = INVALID\n", + NULL +}; + +static uint8_t hab_statuses[5] = { HAB_STS_ANY, HAB_FAILURE, HAB_WARNING, @@ -209,7 +217,7 @@ uint8_t hab_statuses[5] = { -1 }; -uint8_t hab_reasons[26] = { +static uint8_t hab_reasons[26] = { HAB_RSN_ANY, HAB_ENG_FAIL, HAB_INV_ADDRESS, @@ -238,7 +246,7 @@ uint8_t hab_reasons[26] = { -1 }; -uint8_t hab_contexts[12] = { +static uint8_t hab_contexts[12] = { HAB_CTX_ANY, HAB_CTX_FAB, HAB_CTX_ENTRY, @@ -253,7 +261,7 @@ uint8_t hab_contexts[12] = { -1 }; -uint8_t hab_engines[16] = { +static uint8_t hab_engines[16] = { HAB_ENG_ANY, HAB_ENG_SCC, HAB_ENG_RTIC, @@ -284,7 +292,7 @@ static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) return -1; } -void process_event_record(uint8_t *event_data, size_t bytes) +static void process_event_record(uint8_t *event_data, size_t bytes) { struct record *rec = (struct record *)event_data; @@ -294,7 +302,7 @@ void process_event_record(uint8_t *event_data, size_t bytes) printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); } -void display_event(uint8_t *event_data, size_t bytes) +static void display_event(uint8_t *event_data, size_t bytes) { uint32_t i; @@ -313,7 +321,7 @@ void display_event(uint8_t *event_data, size_t bytes) process_event_record(event_data, bytes); } -int get_hab_status(void) +static int get_hab_status(void) { uint32_t index = 0; /* Loop index */ uint8_t event_data[128]; /* Event data buffer */ @@ -358,7 +366,8 @@ int get_hab_status(void) return 0; } -int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { if ((argc != 1)) { cmd_usage(cmdtp); @@ -371,7 +380,7 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) } static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]) + char * const argv[]) { ulong addr, length, ivt_offset; int rcode = 0; From patchwork Thu Dec 28 18:49:37 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122857 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3804207qgn; Thu, 28 Dec 2017 10:59:34 -0800 (PST) X-Google-Smtp-Source: ACJfBovvGGO52qtpJqHAHjTmPovbICyBNDiV4p86QUEEX3HXZxMXKEy9mDTsCu5B2IxW04YSyb1G X-Received: by 10.80.190.135 with SMTP id b7mr41966110edk.282.1514487574162; Thu, 28 Dec 2017 10:59:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487574; cv=none; d=google.com; s=arc-20160816; b=TVmjSmZ5iUDIG49jf4D9J1cTtdRmhIQ8chU1/jioaJ6FUlnL5htRI65rV+viUgdWYh ET9BewAG+1AFJYwnYbp/ftVc41fOOPUZ3JoAYih4yz30V3uXD6FgVy6s9MSMqfU1PVu/ xpbSy0+BsHyWD+PMDv/cDGLYMPEXtNs6596VVWxaFlFIvjdo6yI/X8C8vWT49kbl+yl+ Ft+T/6xSNgyrIX5ks6Zq6b/eSOdLdp/pJFneef57DpJ4yWG/1saZvBK5ccnlgk2HdbR7 M6V3F220MmeavHHiu44JO87yQfvlHkc+pydkpMK1QjdHnBRTRImZ0C6KRnoNB0nS7v94 ZayA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=mnspU7xisEPTxa3b61kTHyKTjPzhv6rjEItTlwFEloQ=; b=fs+KLcT4lNP4Kg6YxzfVwjlcJTcOrF1s9OzYSllfjVkE7+CR/ZbIJuIeZkNtztZlSO WkD4v6KXW68sdZnxfcEqDR5blTtS5yd78o1Bj2OZz+NPhB10siQbz6szxbh1RzwK9v6U mx3uWgJsKU+r4FMyxOHemKPgshQ8erSGYT6iXPcwVwIwtMK0V+AtUie5fv4Dq6JSrwJs Fy5reSgUrrVvKNhKFSb0tRIx9awBwukJcd4tGeIeKszD61vHo2XDA7aPxGVHOR2tR7dn c0ixTM9uBzDGesTSkSIlY4+EM6aJd6ym6KCB4YZJjvG6hlZInyzE6hNxKash063v5iew rclQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eftwTFQL; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g24si4234097edh.326.2017.12.28.10.59.33; Thu, 28 Dec 2017 10:59:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=eftwTFQL; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id ACB2BC21DC1; Thu, 28 Dec 2017 18:53:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E7A52C21DCE; Thu, 28 Dec 2017 18:50:42 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2550CC21DCE; Thu, 28 Dec 2017 18:50:10 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 93E07C21DA9 for ; Thu, 28 Dec 2017 18:50:06 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id y82so2847549wmg.1 for ; Thu, 28 Dec 2017 10:50:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=oJRppleGPcvEDHSCrnpRxrBvkZ2CPM4bC0Glw14hKls=; b=eftwTFQL1PfUmXXfCcoYCE6aQL5myoiQm3TYi3eCfk0MzFlob1PTxT2udwZmLiaED7 73/iFvQdga0hx2loZuQLKm4XkmDqIlxOqJ1qvSdv1XGyOzRnnuOUV0WEcYqy9UnmO7gk cHo+gYFaypBeG5DUTL7XjpW5JwnewYu0yKIwc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=oJRppleGPcvEDHSCrnpRxrBvkZ2CPM4bC0Glw14hKls=; b=plLOj0uyM/cOyi2N+krceX+1xUiEwwdoVOQDA4N7V3nviNk31IBTGYVAeMyTjz5aXi guAWNqwePSqGuICEg7H2mf9pnqREBVScyvAeLgKIiaU9Wz0sNc1Ss9MCYZPZbyBlvs+j j11paCf3qfwFZv5h3RkdczZ8ZFZjWNk2umwYKuxs+AZ9oa6dNcHI6inPiBOyy8NRoAIe 9y9AePEbgrEREe8QTO/19+XzQ+cMesc1gbs2g6Rpl+vS4TYYYAvNRdf0oLeM/9TZKWPx MaehcK7KEbr6EjDZKo3CH/EidY19v78Dvx8d6fVo2mMHnawkdEUToqAAiGzjL/pbp597 KrJg== X-Gm-Message-State: AKGB3mLMGF68dYFMebfljT++N2IHVpeKag670jBDGynOQjT9sG7HDb91 xe/QuMQ7b29+cK0SfpTHrvLU5DUt7RM= X-Received: by 10.80.142.88 with SMTP id 24mr42122542edx.153.1514487006008; Thu, 28 Dec 2017 10:50:06 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:05 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:37 +0000 Message-Id: <1514486982-19059-19-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 18/23] arm: imx: hab: Prefix authenticate_image with imx_hab X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Tidy up the HAB namespace a bit by prefixing external functions with imx_hab. All external facing functions past this point will be prefixed in the same way to make the fact we are doing IMX HAB activities clear from reading the code. authenticate_image() could mean anything imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/hab.c | 6 +++--- arch/arm/mach-imx/spl.c | 5 +++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 14e1220..98bc1bd 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -185,7 +185,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset); +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 098cd3c..5c2d5fd 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -392,7 +392,7 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, length = simple_strtoul(argv[2], NULL, 16); ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, length, ivt_offset); + rcode = imx_hab_authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else @@ -435,8 +435,8 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset) +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index e5d0c35..a5478ce 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -196,8 +196,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ offset = spl_image->size - CONFIG_CSF_SIZE; - if (!authenticate_image(spl_image->load_addr, - offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { + if (!imx_hab_authenticate_image(spl_image->load_addr, + offset + IVT_SIZE + CSF_PAD_SIZE, + offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Thu Dec 28 18:49:38 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122867 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3810141qgn; Thu, 28 Dec 2017 11:04:37 -0800 (PST) X-Google-Smtp-Source: ACJfBouTLpk9Sy1Bijra9q6NHRAxYpHSr5M5FS79EZ5GFMMrtDuON/p9eqBEPFrL4TsVeswlCGy6 X-Received: by 10.80.177.250 with SMTP id n55mr6826453edd.30.1514487877628; Thu, 28 Dec 2017 11:04:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487877; cv=none; d=google.com; s=arc-20160816; b=Cil6oySCXaxXlQwLbQ1hTFVRghqoJb6qvCCaagOcVRbz3QxreA3uAeAoFxzHUQC0PU FPTtwiKOBMhexDOHaxR83Q4M5Ch5ufnMh1+bBjiWbexvu7g8vsXJHTR8ImrAwzSYsDWB G0C/tOPwDqk9ejmwQ9h96+iiXfUUS2vOxjjS1sQhdfoMBdqlca7S2nnfD+fftTtrjq2e npq1X2MGyasz6CeG900ACa7jcsiFGyCWjQzAL7IE1X7mP7TB+CqoalThcU/8ufZM6fpb VOv5zIjw4DQa/PwuMclOYeFAEZQYaFZVdaizffm5mVacDWpgnUmuk8I9OKv5rGp1cp4G 0uoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=EVo73Wlj+gm57KNsgoesLxirdbrL2pHyunGc6CAZTzg=; b=g3Kii6MD8fsaiaBtYsogQHlPvRHHrNGDxXjrgPYSXCSy3lbJ39sUmFu/LdaW820Ps5 +1tjChOyHqzeraJdUYDxpQIZpSMz6ivENGEQvMm7GzIy6RJGffIMqoVYsgoTP4kBJ1fz 9+R3j4aYZab93MVj8+53KumBkBnqZkoXvCEFGF2LByPHQ99yYT3Wi6ubSF33SmagJBeB UZ4/iUgjeg7OGxwjcUNTGaDaBoNXIpVYpfC52nRufk+Xt8VVo4vkHHTeE3RMhwoFeG0F h7rJOP/HtW88vyVWewwvjka9xEoXp3/LH2aA2BQxezHvhlUxyI9str4PvklMsQXsQcvs 1ahQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ci++fgqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 1si2622731edw.324.2017.12.28.11.04.37; Thu, 28 Dec 2017 11:04:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ci++fgqH; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 1D364C21C59; Thu, 28 Dec 2017 18:54:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E6F0FC21DA6; Thu, 28 Dec 2017 18:51:01 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 1020DC21DB2; Thu, 28 Dec 2017 18:50:12 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id BC068C21DA0 for ; Thu, 28 Dec 2017 18:50:07 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id n138so45237529wmg.2 for ; Thu, 28 Dec 2017 10:50:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=1MDgTJXHB1ycR0bEI+LmGyP/5CwM5VlO+7aFQ9t3QHQ=; b=ci++fgqHHPBUnZEJxNrvBzzOB1W6Euv8t9ehGECpaXWAD51xMbgi8tLCnuMJf8slXY n707WnTrIgrQKQyDXRTlilcVjh2LMNIsJfUtNuk0iDwBYCFovZWbZUp/5Ia3QHDsEDvD xCNKPhyUslXUA9s48yZbk/TS+1R9QPbO3NyFE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=1MDgTJXHB1ycR0bEI+LmGyP/5CwM5VlO+7aFQ9t3QHQ=; b=nM3TMo8OMDu32SsBBB/Q6UPsMkQxS1a58CzaHeQ9DUxcpGS62vcT3Fc3lxkTNGF61E RYonR3qsV8ivJzC5WsH68M2qVXR3yg9IeeaBi4AcHU9eWkKufg60HWJRoTtgifHy7ow0 BOzBmgW/vhubbvEWpaAyftBXorAP1kG/jCUE69sMU8ukBBp38RPcr49c6FT1pa53YXe5 zqBK7xh2Dn7l39wvIvPWSplugU+C005DrwjQb73TaAGSGRD1rASHx3fwuoFphndrsC1v tYKVlwhmkWEKxWLkoe29iEWrh4iqcx+NOJ60T5o+CNGpW9ISsAKQR8PVVl62NsnLDyu6 uzBw== X-Gm-Message-State: AKGB3mL7BHnqZAlZtPb8ct7NeUhMjDxBMLaY/JEwJ1o/pLPBcNTFLzYm 4//pK0191w0v4p0ipORKt8Y3iwvqPIo= X-Received: by 10.80.215.218 with SMTP id m26mr41597649edj.27.1514487007193; Thu, 28 Dec 2017 10:50:07 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:06 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:38 +0000 Message-Id: <1514486982-19059-20-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 19/23] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Understanding if the HAB is enabled is something that we want to interrogate and report on outside of the HAB layer. First step to that is renaming the relevant function to match the previously introduced external naming convention imx_hab_function() The name imx_hab_is_hab_enabled() is a tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 5c2d5fd..a1a13d6 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,7 +96,7 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool is_hab_enabled(void); +static bool imx_hab_is_enabled(void); static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { @@ -334,7 +334,7 @@ static int get_hab_status(void) hab_rvt_report_event = hab_rvt_report_event_p; hab_rvt_report_status = hab_rvt_report_status_p; - if (is_hab_enabled()) + if (imx_hab_is_enabled()) puts("\nSecure boot enabled\n"); else puts("\nSecure boot disabled\n"); @@ -419,7 +419,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool is_hab_enabled(void) +static bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; @@ -456,7 +456,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_exit = hab_rvt_exit_p; hab_rvt_check_target = hab_rvt_check_target_p; - if (!is_hab_enabled()) { + if (!imx_hab_is_enabled()) { puts("hab fuse not enabled\n"); return result; } From patchwork Thu Dec 28 18:49:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122856 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3803675qgn; Thu, 28 Dec 2017 10:58:53 -0800 (PST) X-Google-Smtp-Source: ACJfBovJwxMHjg6/770nCjLlLNPIOhEqEh+tZeINSpod+/VyZKRH+h4yo7RpNWKZRRC2q809qKo9 X-Received: by 10.80.177.250 with SMTP id n55mr6805876edd.30.1514487533279; Thu, 28 Dec 2017 10:58:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487533; cv=none; d=google.com; s=arc-20160816; b=P9C3cKBNzm0BpTc7PjqidlUuiwmUZJTlwz2qsHaWQy/YM4m9Pog62brs7m35/g/da/ wVYva6G14Nt3K1utzETTw0oTNh/ekP50eWT5csGThAFQ1XYJzwkcK9hT6zBRIpOBGUVf 8FxLfXRSulF1Id72Xl4ESxa5i1HWw8K9HlElRGuyep0UnzpVwKRw2UTPqkuO/UKcg5TE 0To2wEG9QLx3AI+1uKh7w4prY4EaiTVFz1o+pKOmL03YVsYrCuJ+0V2fhQj56NtBVDnd UEWx5IK2Yoo30hkdHzRug2wDfy9W8uNJ27IhLmjuS+Viv0eBHO8ujcb6PSWUocwOsylW MZEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=9ygGMgA9G9oEgXGRhz21oZwTSV5584HRp9HwlRkbI9I=; b=E04gZO7Xzt4/BS1HPfELrN6bZuOvScocYKbcuXFm4xPnsbSVwPand5LAaBRlp/eNSS Rs7irGJzCoFKJWPpgiGZ3kKZtOiIif2S4ub9MIfmzEYPwqHyd/iPPod5m4hJhPWv8H9t wyQng/pOQVDz6RfHmi9B8GmqJUaai99ccezKwtgLBXyLK4d9HIHfzFYJnRgOKepxqtOE rau5NoZg1cMeaNXPBnchMgMyAY/gRwCIKhCPJxehNwaV7YKFQVyUlC14CLWXVsa1TyzR bup7osXD+2WVmeSAQTZ6i6Qt2YpMH4DhrlAg2juMjQdLyH29HSWeR6Y0DM6eHQ2MW28R De9A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hr/f5T08; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o59si208505edd.98.2017.12.28.10.58.53; Thu, 28 Dec 2017 10:58:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=hr/f5T08; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id DED1CC21DDA; Thu, 28 Dec 2017 18:53:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 556F8C21E37; Thu, 28 Dec 2017 18:50:45 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2B97EC21DE4; Thu, 28 Dec 2017 18:50:12 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id F27DFC21E09 for ; Thu, 28 Dec 2017 18:50:08 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f140so44992618wmd.2 for ; Thu, 28 Dec 2017 10:50:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GkVER+7hdyRcUFl+4U3LBuOoPDMfCWlBe59l70l6Po0=; b=hr/f5T08Jg5qvy7v/yvqt/aeCySp74AOKvwQKuOJn9d8fns5o/0j+pUk+hTZ084br3 0zWtCJ/HFyhy4QJk9v/b8Oic10CCvsuFMXu9Dc0jPaoCS+SJj000nuOHrV7/watM/0NV tqVlmweNQimVabRkDW+z8mRAVLvfSWN5jL1Ck= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GkVER+7hdyRcUFl+4U3LBuOoPDMfCWlBe59l70l6Po0=; b=iwy76Q3N0jew+bYx8qVI86kKgJz6o8YFVyjDkKDV5jK/TImZ+u6Qbntmqk7gdcr+fH N5XnWWW4l8v4uL8cc5mFudKxZQgBSyvfxBphJBSydddmuQZ3KJVsSl+m1xHIe17+RnzZ +jrDAcVtcUcKNgdkkn7iF/EzOADOVd2m/X2L/gXxNd583VcTh8fu0/lIK/lewL+vqexx v68gweScIzDVfHU4qIFxgin53Tln/Pr+eekFUCCHC4Qg9JTqNwH6AlxTkl9WUtCfNu1U BrYSpEHrO4RXPkxDHNukbfWs1/hiEneEGFEeViidqGItcoi0kFPrtVaZHh+0AZoz7GBo wi5w== X-Gm-Message-State: AKGB3mJ9/VbDo1zCMlIF49Kgw+lyek+FvmFVHWRMeeeJgrp40++3FZrF CtLhlfAiTjLXDHbOWY1RzPdMbrjrWp8= X-Received: by 10.80.240.80 with SMTP id u16mr42122016edl.5.1514487008395; Thu, 28 Dec 2017 10:50:08 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:07 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:39 +0000 Message-Id: <1514486982-19059-21-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 20/23] arm: imx: hab: Make imx_hab_is_enabled global X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 4 +--- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 98bc1bd..5c13aff 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -187,5 +187,6 @@ typedef void hapi_clock_init_t(void); int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, uint32_t ivt_offset); +bool imx_hab_is_enabled(void); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index a1a13d6..7b50ef5 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,8 +96,6 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool imx_hab_is_enabled(void); - static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, @@ -419,7 +417,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool imx_hab_is_enabled(void) +bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; From patchwork Thu Dec 28 18:49:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122865 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3809216qgn; Thu, 28 Dec 2017 11:03:44 -0800 (PST) X-Google-Smtp-Source: ACJfBotk4/9lEHVPGiYR4wU4Fdbl0rfMAaXqUJQhp+3Jm4TxbzD/1TmPWAMGm1KhFfbt+NcwaOrx X-Received: by 10.80.165.109 with SMTP id z42mr39727741edb.18.1514487824158; Thu, 28 Dec 2017 11:03:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487824; cv=none; d=google.com; s=arc-20160816; b=gPbFze5mNRxbB09JiRU5hfp9DBbgIoNPlcAIp4AkZBHcFMkX9qh3/89AQ+yxeACFYM qv4VI849Qx8eyHUk5Aqz/FGyXh5b+XlhFc2+jeUx5dmtHIZxCfeOh4r01ZzIb7Qj//TP JRsyl8i+cL9X21Vjr9AXjARHtoyJEe9gkrROrYb1S4JPl3tdoOHSQlCta3qZ7gTA8tHR 1RyzqkSocj37Zqh+u9ljGRGifOlpT7sFIuBu/uCIqWAj5cLsZrWvHmE+ff9MahNNaPnq 4nbh7XKdnql5HGoWCgolOo1zvvU6DjgSIRRSNkDh3cJqZT/iwOadIua4jXuI7LyA2GuD Jt8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=nEiq0xect4AoWDmrA6PY0pIBd0aNAXXS+iZ9gzfxaCI=; b=BBZtJ4D/EL3LSJ1WyuztB2lqBNOvahQ9c76ZVvy30h9l/bahejYdK/H8wLev6bqLH1 Kt3Lz8ED69j97y+bV7UZTKV/9akpFd4I+7JXC1i4lcEf+CwvdxDw1rHUHH/6cMnQjsui +s7qhtVPZdzuyXPqolsD0fR4AgZAuATThYlfo++XtoVSoMVXUQ3LnJnaFj3DIvANrUrB fAdgT7uKZhSnBslSpTdeRN598IruaOkz/Z4NeBpahszQmcBiQIxKKoOYrOSM7nNOH8Un 1veNg02vSsrLDZgkhxtKqybQ4dGnZbrGaeb1BOOBdIWtKjiGyuiYQb3X/LtBtqyJoDeJ TCjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f0CwntY3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id q28si1879089edb.504.2017.12.28.11.03.43; Thu, 28 Dec 2017 11:03:44 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f0CwntY3; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C30FFC21DE8; Thu, 28 Dec 2017 18:53:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 798CDC21E33; Thu, 28 Dec 2017 18:50:46 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 97D64C21DE4; Thu, 28 Dec 2017 18:50:15 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 24B24C21C8F for ; Thu, 28 Dec 2017 18:50:10 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id i11so44991079wmf.4 for ; Thu, 28 Dec 2017 10:50:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=cYwMYV7HIFFPZjWLmuiyD2xuH7kQg/RPLyU9z34NM2o=; b=f0CwntY3RchKAqe2U3KUrMeFHjOE/t6AuFxidVDBrp/qKxu0Isg3s5lTElC5ajP85B xQuILTNm7o9l9zXJMqOmOnlveH8TWjzaGLdfsOYCBP86RVwMpNzGmgvXylNpfysu0pin K0AxJJJjM6X4Ie4WQMAIb2WiuABjtciDokiY0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=cYwMYV7HIFFPZjWLmuiyD2xuH7kQg/RPLyU9z34NM2o=; b=d4fmVJ3pKRbaySLT1XHZdDFN29BO8j9qqoQkA5apMVOSF9sFq3/VKdhNYILKmdBliQ 4UIpjrBzu82tmieL6L5G6LiVj0EtmBhI0LZKGnXmiXi5Jwa4JITjjb/DMBJKWXDU6F1l jz+aGVwe9yxJU334r53nA1qiAXgQeEvO5CachCd73SE/MAlPtGvVxQoz7Y1xhbMlMSaY 5ivoLJBPLtmtpPEHjubIZATemDJNW/wwy0oOgUUKffXw1ysLoXYietUhg6WBNmaz90/b laCPduEIN/FJgEqpvpWgeB/ggq0htU42Hrl2+Hn4cCvUpgdv8HGk2x4Opth8nbiy5Le9 0WSQ== X-Gm-Message-State: AKGB3mId2SIRSWDef+p97NtaJkzsEb6Ju0IF81hAc8bzrHtBqQO1jmsZ AiFj2ocdD3PUBg005HcsYY87I/txQys= X-Received: by 10.80.243.136 with SMTP id g8mr41812543edm.42.1514487009525; Thu, 28 Dec 2017 10:50:09 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:08 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:40 +0000 Message-Id: <1514486982-19059-22-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 21/23] arm: imx: hab: Define rvt_failsafe() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_failsafe() callback according to the HABv4 documentation: "This function provides a safe path when image authentication has failed and all possible boot paths have been exhausted. It is intended for use by post-ROM boot stage components, via the ROM Vector Table." Once invoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 5c13aff..a0cb19d 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -140,6 +140,7 @@ typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, size_t); +typedef void hab_rvt_failsafe_t(void); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -170,6 +171,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) +#define HAB_RVT_FAILSAFE (*(uint32_t *)(HAB_RVT_BASE + 0x28)) #define HAB_RVT_REPORT_EVENT_NEW (*(uint32_t *)0x000000B8) #define HAB_RVT_REPORT_STATUS_NEW (*(uint32_t *)0x000000BC) From patchwork Thu Dec 28 18:49:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122862 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3807036qgn; Thu, 28 Dec 2017 11:01:54 -0800 (PST) X-Google-Smtp-Source: ACJfBotTqmNsDzPfXxnZoCqtPNkG4+DhFv66vZtY0FGjICJQDCIW0UqVDhwMGvF6+RXaulRu1uv5 X-Received: by 10.80.137.244 with SMTP id h49mr42126348edh.303.1514487714712; Thu, 28 Dec 2017 11:01:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487714; cv=none; d=google.com; s=arc-20160816; b=mLlSLV3XKLFLBD0oJKv25k1RyTHUOCKxMQhWYtF/lfic5F1U5fnuIjwsz6kv8jUjno a1fcNE3YFe0dDO1RHWVkoBji/PvD2wh25e29YA9GVWIO8l+n9v/iVtJSU8oQgy2Y5ITR G6SlaUvMEeJNwLbzBTnZ3cqum1XN+26AAR/gvUMve/T2NRvWp//WvUWK/cqgOyxEIoPr AlsQGftFBj9Jlo6idYWI2HcBsY6/h81tbBxSh4CQq3tPW6F83wMXsNk1niOEtcHw2UlN YYCB1kY3bmmhMrUrj2Kvck5sh1dnCCoIL/XmbcuOvCPeJi2zNLN2pbuApk1qgnTDdkpO Riaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=7w9Pfb1U0xbltAtwOiQS2kxcG9VGX0TpIpMQpx/U2YY=; b=gtul7tbfYg8nJlnP8hAZ1tQh4DM/1Lna1KzYSa+ykG1NzT1E5mCje8zwVt+PVaMneF FjDGjgl73XO5T0QEbcMSq6t8GQ+yNcVHnSEKDXUApLHJhF5fizPWMAK6ReihsiefC9d/ 6iGcDhKWqqCdCDvuEv0oSo7fF/DjskSHUbs2lZbcjLz/GlQCbNRhcxKKZCvxxJ0l569u PF6lhXiNvd3ajTnXodzgVULcxlr78OCqSHPbGmKVT33uphVXVuP5rZ3PQQa+pV9x/wy6 /JTMsmTThejOR6xApqqhxQweoybE+r1tfqOwCRYXptCKpI1Br4BEJxceR5p1bypoP55M P0sA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MA/qLYfN; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id y2si4211177edc.393.2017.12.28.11.01.54; Thu, 28 Dec 2017 11:01:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MA/qLYfN; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 54233C21DDB; Thu, 28 Dec 2017 18:56:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C5BD1C21E68; Thu, 28 Dec 2017 18:51:42 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 12C52C21E57; Thu, 28 Dec 2017 18:50:15 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 64095C21E1E for ; Thu, 28 Dec 2017 18:50:11 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id r78so45514514wme.5 for ; Thu, 28 Dec 2017 10:50:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0muyrCCcBI5tVBC18wTFDBI22BpZ7Gsc3MUDTnGTSHg=; b=MA/qLYfNaUBuf8I+ts0TDCR4mQjVdl9ek4qPjFhWT7PtY6B7BwSgtHf1Iw0HmyKIco coPM8FmVhCdUUIhggbRq1YQwkAhDZrvL4xHZFxw6K6QsExJ/Y/W/fCSQC8OkB+vWD+37 HJEFeZTrjud4RoSPFnTMviLLSq9qYCjoYyWk0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0muyrCCcBI5tVBC18wTFDBI22BpZ7Gsc3MUDTnGTSHg=; b=YbSsyT1cgDVBgQ7rdb7C6uOtzfVxoKqtH+e/NtJJqNCYz4z+GDcPLkXrsXaK0BdKim /dbNmQsFySbz4vt/cFfm11KNuajTuCN5IOw35G4r7poCDvAnepy4gOxBx+LKyDM0IoW8 BmTsE0reSo8NOsQfXLOOm8JTJ1D286hfpV4CXEUoF8e/dfVzQfnlJDT4vsQzmmpbCkKi H92fr+k4YhkEqM70EHDjRy2//MelBBgt6nsYhkeAPv6/isxprzh4gSX0+y6Ddlax51p/ bEo/71OFtHeQgw6B2ZuSvGAQ0DrB5lPS094KgGtZacbNobNyJmEA0jDvhY/623669uju a8tQ== X-Gm-Message-State: AKGB3mLTqeQuvaQ9R/4EUMQfLwJMigzKS5k/yMffgK/55iyVj4xA1X0U 1GZ+ojVQkswpLzp/+ZXX6/fgnFKt/Mg= X-Received: by 10.80.216.11 with SMTP id o11mr40009104edj.235.1514487010825; Thu, 28 Dec 2017 10:50:10 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:10 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:41 +0000 Message-Id: <1514486982-19059-23-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 22/23] arm: imx: hab: Implement hab_rvt_failsafe X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_failsafe for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just do nothing and there's definitely a TODO to implement that extra functionality on the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 7b50ef5..01c0853 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,21 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline void hab_rvt_failsafe_new(void) +{ +} + +#define hab_rvt_failsafe_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + ((hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE) \ +) + static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, const void *start, size_t bytes) From patchwork Thu Dec 28 18:49:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122870 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3811001qgn; Thu, 28 Dec 2017 11:05:25 -0800 (PST) X-Google-Smtp-Source: ACJfBoutpWnZtUCmsGn/WU+daeUfDsMgiY9gkoNGRd9jekiFblOzWP9nI7Qr+Bwro/AzaEAxEcCR X-Received: by 10.80.140.176 with SMTP id q45mr43156744edq.186.1514487925416; Thu, 28 Dec 2017 11:05:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487925; cv=none; d=google.com; s=arc-20160816; b=vWS/3CGMgb2Wt+IA66VL79ISZwFnrhpQzJ6O2H5+AwZA1Tx/ZTXeajU0GpHHcIQABY xekirJY+2XngFRPAryyqfKHlG5FPMZXNMYHuAepGu/UwiXOM3+EBI6oomxKLkSI3ub5t JBvU07GmJxkZK6oZh2PM64LWhW/DNiwmlWI6AYRRi+BZqnPoSUoLKQ3OjSlnKft9GOgB PLfpsWYVLDllwVQ6wHiCHarzea30X+1xdsGcGvGljEWUaz/B/JzMRJr+XaApO4c2S7ud 5hX/XKidVgjWvSG2lrWHbgCR6zPgvpPEzZvI7Tl+QyDpZSsWJFTlL737XXVrpibNSkf+ 0vLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ThKhw7kql/fDmXQrMfgK2kTLIKciIFylSU6OMxqFlJ8=; b=uQ7xdYq2GixCQ8fsHY+75aRykFRa5a5lgBP4xqmd/pV8+Rtybsg8LT7BrddZekq6v4 /Z6nXI6sRrFIynwp7bbmRqzp1Epp6rQp4MnoWmqpZ4l+m6oDfCSx4pFXwuQKQdPOJmS7 +AACJIL2yVPi0ZECr3rccDwhZ5CQxgDv/aR8QET3sPn9L4FmFHuShW0A8+D6mP72QmBc +r3U0VWQHBP+GhdcSjRcJX+VOwUiz9bh2M9UWuBTmGSdQQNoW8w/TMhIFqtBwAFwO0mt VI7fNgTU2wEGwG7jWP/3BDZpdsEQp4RN/kuZoJ0ut892gTdHHQJpV4P00G9cJ426avRa ahFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PBGJTKNf; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d36si2996395eda.310.2017.12.28.11.05.25; Thu, 28 Dec 2017 11:05:25 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=PBGJTKNf; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E68C7C21DA3; Thu, 28 Dec 2017 18:54:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D96BFC21E4A; Thu, 28 Dec 2017 18:50:54 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D352DC21E44; Thu, 28 Dec 2017 18:50:17 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 84B68C21DA0 for ; Thu, 28 Dec 2017 18:50:12 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id a79so6162490wma.0 for ; Thu, 28 Dec 2017 10:50:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=togK0n+9DCUCuihh1Ywp9zW21LV05iKB8lww5XXHr2E=; b=PBGJTKNfzLq3tJ44LK+YuBW/emMEkEDXYVsS8Xlnt+ubLCmcZOD2TgMCmUYfPmDaiW EDtyW4RVJPnLmTe6YehuhK3YNrErU/c6mqALnCpeJBMkY3uDW9beLAQlDLDgHouOuKgi pAcyHSaPV179Xh8Ln0QxxYmMPnZDl5hwsvTWU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=togK0n+9DCUCuihh1Ywp9zW21LV05iKB8lww5XXHr2E=; b=lJuBaHYAzdI0maUZ2t3C5AvUPXrYEPn1llRgoLIUtoOpJy5Nym0rZILfrCmihA7eFt nKCSQx8MAzXhnCR9Vd8ZCOrhOuAz5AlLV+g+COYd6+0d+y1qy5XZFn16VPkF9JAc8IAk nRgRJcToBaX86zdsCytPOXhIpTJbsxXzstlfK4pa75Ju1LVL16Ja0omIC35BLOkK+GK5 flADq4IDmEXCRdoksso5PaSvIx9ikT6hfwrOcg3LfMwiXOTnWfaO5pIDhxxdQ7F2u0jA YEkOIAhoh+M7giKwGNyXMtP1jyT4bAYGNPEzQ4Y3h/mlwZgcEXM2EQ300iQLs+V9X6+X DROw== X-Gm-Message-State: AKGB3mJQKN6TfF6d4paMI5uze6e/zbkoB+bMVqLrb0bnvhYnABSzW7eJ KAJynoMmu3bIadLyD0JQCy0VCX4m9Hw= X-Received: by 10.80.136.228 with SMTP id d91mr40944462edd.296.1514487011939; Thu, 28 Dec 2017 10:50:11 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:11 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:42 +0000 Message-Id: <1514486982-19059-24-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 23/23] arm: imx: hab: Add hab_failsafe console command X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" hab_failsafe when called puts the part into BootROM recovery mode. This will allow u-boot scripts to script the dropping down into recovery mode. => hab_failsafe Shows the i.MX7 appear as "hiddev0,hidraw5: USB HID v1.10 Device [Freescale SemiConductor Inc SP Blank ULT1] " in a Linux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 01c0853..fb78fc1 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -414,6 +414,22 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, return rcode; } +static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + hab_rvt_failsafe_t *hab_rvt_failsafe; + + if (argc != 1) { + cmd_usage(cmdtp); + return 1; + } + + hab_rvt_failsafe = hab_rvt_failsafe_p; + hab_rvt_failsafe(); + + return 0; +} + U_BOOT_CMD( hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, "display HAB status", @@ -429,6 +445,11 @@ U_BOOT_CMD( "ivt_offset - hex offset of IVT in the image" ); +U_BOOT_CMD( + hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, + "run BootROM failsafe routine", + "" + ); #endif /* !defined(CONFIG_SPL_BUILD) */