From patchwork Mon Jan 8 17:36:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123762 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3006928qgn; Mon, 8 Jan 2018 09:37:58 -0800 (PST) X-Google-Smtp-Source: ACJfBot0AT+kNEteSI6dFnd4/zXkOcnSPBZZRAPpy8JtMY6vcjvCZHOBW/2KAwoixbh9v+2uFYAv X-Received: by 10.80.183.34 with SMTP id g31mr17114538ede.191.1515433078670; Mon, 08 Jan 2018 09:37:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433078; cv=none; d=google.com; s=arc-20160816; b=Q3+xhACQvqPRVbcsWTylQC0VMyFLhou8fOCQqC35wyaUIzieWHjzcn0HZ3vhX5eUbr Q7gFUwic8hv4RuQUy+8APUoaDY19706Esezc31Bz949PPSaHX5AM/T1u3ry8HlEOAUwA Sn4uR2soINWciAsMc4ytrvixUMZNYd2inJ9x3PMvORtVoBguDiAHP11lp2owCVdigVIv 4OHsBblWMc+e4vdyMEKS3V7FriL/3iYi8ocehwX0XYbgw13VAZ6hHpiYEWWqkVW758gc 4E6OCH9Fsi7uc5cMbZ3DpupcAZLHEqZ7Ki/qN7ybgpo6B3lKQw903bpq4oe/EJ+JC8Du dU5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=HS7KCmC5EP3My/+W1w4nqOM20jbfY7ICfxQOJquCBzI=; b=mu98hPHJrvsDdBg26o1RtVdTwBtOukYHI6cfbKd7VuPdCbZgKZ0Y9+G5NzMWmCR4Eg 0AJUF5pd6EIEX5sVd7mfjEMdzOx4cpNNqKhfznNKzlQVc+iqwMGJHn2rfAjFNDeuN5Bo orYAfzIeTv3ECxxU3mpczJVWTTaYKZIi3HdTV3R4oes8vKN6Q1YFjqBFPMXB8kspxvL6 Gt6BSyPnH3vA9TPkT219OyuNSehW6Ud9hc7bKpgUdu/0hsijbR3rIH6os5eKbqTO2OQy XJO1XBXJhWj1SFoeI1LtsEyTtKkVU3xW9gEQqV8f0GxNmp0QHMQLY5hjCv+x7adoZCyS VZIg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MQo+V59P; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id c30si1795542eda.147.2018.01.08.09.37.58; Mon, 08 Jan 2018 09:37:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MQo+V59P; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 362ECC21F72; Mon, 8 Jan 2018 17:37:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 42A8EC21E90; Mon, 8 Jan 2018 17:36:49 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id DCC69C21F72; Mon, 8 Jan 2018 17:36:47 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 5B58DC21E90 for ; Mon, 8 Jan 2018 17:36:47 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f206so15696153wmf.5 for ; Mon, 08 Jan 2018 09:36:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3YZdInYDxFuSNZyaa3f41D9mVUQyXzcYYtPmrUIIf60=; b=MQo+V59PmoWFaVaWGtx8feDxljalonE1OmpUFUTd+pV6AT3INcKoXEZ6tOC6cUkHTM YOr1xDYdSwogF3p8aOX+LXa27xdCn9cPz6zjWtfOdvJGikB9ewN9vXbN1jy1eq0I7EPq +fPDtCSPsbWGM3dd34iphkOOpxjstKAgqQgI0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3YZdInYDxFuSNZyaa3f41D9mVUQyXzcYYtPmrUIIf60=; b=NqqD1K3crB8r66Bgh8IxhabV7nDWIj8IJz87w1DDDxA34GYcYXh/bnh9B+XrXVa04I b31PgxDSPf0mU5Y/lXKDb+pyTlC+sBoK+YHOuDaaL34c86BHxoPt2rEraFeDpbnW50ft hGBKzrOd2+BvwQCssot9Ys94vbXPaEN/dSat78TgAfzQ5/AiLaYpWkV7mfGpOLhGnP4d y+F5w4YUGZeWO/HbAFBrP2vkun2eYvzUUpPFq6ypdCv5uXyML3oKGA7aYlMaNosp9LF+ nNdfJMCKvvlD2S2V+cBUd2O8hEnAg6lLg/74A9tBQc2nB2mAfqPB96u5cfV2zn68xASi TMfA== X-Gm-Message-State: AKGB3mJia6IkbmmHIprvHy5pCX9dbeh+qcoS/olH/OlpGa2GnWzpAbt4 2r+QF4WYxZrAr6O/BIPi+oZmb9VVtxE= X-Received: by 10.80.177.28 with SMTP id k28mr17271766edd.124.1515433006724; Mon, 08 Jan 2018 09:36:46 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:45 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:18 +0000 Message-Id: <1515433001-13857-2-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 01/24] arm: imx: hab: Make authenticate_image return int X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Both usages of authenticate_image treat the result code as a simple binary. The command line usage of authenticate_image directly returns the result code of authenticate_image as a success/failure code. Right now when calling hab_auth_img and test the result code in a shell a passing hab_auth_img will appear to the shell as a fail. The first step in fixing this behaviour is to fix-up the result code return by authenticate_image() itself, subsequent patches fix the interpretation of authenticate_image so that zero will return CMD_RET_SUCCESS and non-zero will return CMD_RET_FAILURE. The first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 +- arch/arm/mach-imx/hab.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index e0ff459..1b7a5e4 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -145,6 +145,6 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 02c7ae4..09892a6 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -410,7 +410,7 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size) { uint32_t load_addr = 0; size_t bytes; From patchwork Mon Jan 8 17:36:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123774 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3014621qgn; Mon, 8 Jan 2018 09:45:56 -0800 (PST) X-Google-Smtp-Source: ACJfBouyzBduOFH9ZlNIDVj7MgENDboPTLRWbSmwFhD3RCagazHzeYJ2u5PrqZhENxFztwIImpNv X-Received: by 10.80.171.72 with SMTP id t8mr17460157edc.244.1515433556269; Mon, 08 Jan 2018 09:45:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433556; cv=none; d=google.com; s=arc-20160816; b=V1TkVVCYvKb1U4F0miTWhZuJgpFJMoNsrbEOUkLqeazoCbxMAYdj0KwwSd4xXBzhRs 9F+Lp0hzJqLh8sn3ZyDuNFGPqhJHS1k4tFaqNy4lLlpnz7ykVKnOKm5S6MRnu2TaeWw0 XWd9UYHDKG5fsX0jggf0qhTnb6aS6Xw/v+hCx2PaWDdCz05O7sz/SGyEQcE4UdBpTsL2 K4yNgHORqacusFBk+/5vs/HWEkpDfMQVhOlF1dt0XOT+fOPOSwBsLad6CVp9xvG10fE0 HllCrJdGyT8FRLjo+/uKVnuN1C1KrZgDIdy5lAI3B6vW0WYdAJ0wf6rWyz8yQxuNibFr WLvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=rHJ9/QY5qb5XA3eZSsVELR4G9CQd39u1ezozHIDIsGQ=; b=jPXk9fxj3aD1d68PHTLQ1FO4wtXlIsUMlXuVRMuTxSbGExIKrSSpn3RCyXA+1k67zy 3f4mN7KiQIfyWvGjaXmrZqcAuE3MRXcL2cp1yntL/REaDHvlugMispK962S5fO89Ooiy 4r4ytPoTJ7SNh+wJMam+fLISShPx6mEcDBj6ifnuxdyVr24nqThtwm+wnAX6Zd29qrIJ sC5XIDQAMgGJXWiB3PwAk/K9PS6CbJ9k7nhx8ng0YUAgabCUb9CPcTFUUBfK/cmt/qw6 n6fnR+uf2TgvzGvKW8rRtdDntJAdsIaDWSxgFCbpHr9YKz4Hju3Zt70yrYTH8+PzdXq5 apCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CVEKSF1Z; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id c47si3710247edb.86.2018.01.08.09.45.56; Mon, 08 Jan 2018 09:45:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=CVEKSF1Z; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D990FC21EC2; Mon, 8 Jan 2018 17:37:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E781AC21FC2; Mon, 8 Jan 2018 17:37:01 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 24967C21FB2; Mon, 8 Jan 2018 17:36:52 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id A0BBDC21F88 for ; Mon, 8 Jan 2018 17:36:48 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id n138so15604877wmg.2 for ; Mon, 08 Jan 2018 09:36:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TwZ+1qIB7/yAjZU3U+qR5EWeNMJDqcVtGrJ+SK9DAU4=; b=CVEKSF1ZdDCB35NQiw2Lx9OmtV2Q7mmN+6P9LlQWNhd22+b0CY4Z3KIr4bmqC4CXID 0iA+7ndUDxKDenFXpr7cicUULQD8LJ4WiMh2VA5MbzZjL5YhiDBzEC7qdfs5OBNU4YWO Mx/m2mK+kSmi75i7nJ76jGcEBU87LZZZRbnbM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TwZ+1qIB7/yAjZU3U+qR5EWeNMJDqcVtGrJ+SK9DAU4=; b=d+nv4OF9ZpLnZDsL4P7eMdko4biRw74LrJMEU3L/2mvflkMU67ec0gClH/63Fikhcm 95Ulz9muoVyhpLuZ7jzrwNr5ICM1bGphWla/pQUvFxp29ngnGbps2kbDGc7g9R8ey8ln xLljMyrvrtlOFE+RSN6byG8+gdPu1WoWiaP6GuOR9YTVL3ZwxqrtWdUP+hGuaJnzPkx7 r3QKfBAswqL1F0qTRhRM6TcF80pOnpoDRe+drBj2buOebe2ScOs9wokpqLrqu7sh17KJ 4KUYBznVTmIQ01DwSkc0jeTCA3/j/Y61cKFKdFiPGZHEXxW7APYTRWrw6rmgKi8sd4cN XXrA== X-Gm-Message-State: AKGB3mLzcd6sj4QOQoPvlp3c+u8d4p4+WUsx0bH6Gr9ZfJIJRRp8DVdI mFtnP2OstaYkxGDntQh+NU8bEaJ1V64= X-Received: by 10.80.161.167 with SMTP id 36mr17277285edk.38.1515433007973; Mon, 08 Jan 2018 09:36:47 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:47 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:19 +0000 Message-Id: <1515433001-13857-3-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 02/24] arm: imx: hab: Fix authenticate_image result code X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" authenticate_image returns 1 for success and 0 for failure. That result code is mapped directly to the result code for the command line function hab_auth_img - which means when hab_auth_img succeeds it is returning CMD_RET_FAILURE (1) instead of CMD_RET_SUCCESS (0). This patch fixes this behaviour by making authenticate_image() return 0 for success and 1 for failure. Both users of authenticate_image() as a result have some minimal churn. The upshot is once done when hab_auth_img is called from the command line we set $? in the standard way for scripting functions to act on. Fixes: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 ++++++--- arch/arm/mach-imx/spl.c | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 09892a6..9fe6d43 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -373,7 +373,10 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, ivt_offset = simple_strtoul(argv[2], NULL, 16); rcode = authenticate_image(addr, ivt_offset); - + if (rcode == 0) + rcode = CMD_RET_SUCCESS; + else + rcode = CMD_RET_FAILURE; return rcode; } @@ -415,7 +418,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) uint32_t load_addr = 0; size_t bytes; ptrdiff_t ivt_offset = 0; - int result = 0; + int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; @@ -510,7 +513,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) } if ((!is_hab_enabled()) || (load_addr != 0)) - result = 1; + result = 0; return result; } diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index d0d1b73..6e930b3 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -163,8 +163,8 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ - if (authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + if (!authenticate_image(spl_image->load_addr, + spl_image->size - CONFIG_CSF_SIZE)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Mon Jan 8 17:36:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123777 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3015559qgn; Mon, 8 Jan 2018 09:46:49 -0800 (PST) X-Google-Smtp-Source: ACJfBotkR5DUp6Ki7I0crDEnPvNthX+2uxLoDc+E1F9R7fxOgadMXQZmNtna1o7K+2qD/FpEMGia X-Received: by 10.80.153.92 with SMTP id l28mr16898191edb.62.1515433609567; Mon, 08 Jan 2018 09:46:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433609; cv=none; d=google.com; s=arc-20160816; b=SK1W0ZUqzuCdFHIUrrfFvpZujlCMUAR34T2/O1CEk2EJeQrpMcwkZum3XUrwytMp+h +0FwAk+wqmIoowgrdSK0HAXT1x+do2jm5XiwKW2IN/KUk1tAYvnWGtox86POMkT4H69E Woy7ymaLtGAA3zT31f3ivEyxt6EwsMtmIEKEFs261Y9kS5RQBAuAlgBlqSWf/JGeAcfl Jut1GFlsoTplPt31kS+3FgNUktiW9V9dV7nDD82LkeF50gG0ka0v9dli/jlgBj0KsaDQ tw5x97baFbVn6aAkxSbv/Di9nrgBsypT9hyOkVa5xtB43cwRu5+cJJNExFlCLGtFJQuQ p4rA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=/WitLXfEnpiCLqcc5cbQcLmodoRowOstK7tA67Wctsk=; b=J21eCHNyhO3IusiqYfw2KNL+Iw671fJJeTbHbrO/uW+prBoPOPiuZsTACCYtbNiKTm bTusOfv/jGjl4DMOS6ym70SK9rpCjMR3s0xkjlNBxrFgt18qN2P8GOhANgHzo2CrZ9mE u0sWbdq6bvXpjLL4TDJ1KY6D5YdXLRI38hvGiVSEZ+Yr0UZ3DIbIXviXMJqIcabZj0zK 5gH9I6SuFqFebYTKUxHGBLuZCM+sxqpMINFtKNHoenljnToeldR4BcP6OaJO1L51vZfs PsYoH5JWyiB2l7buJRiQikBlAyAthSTyEujdz76+uyKpIfJX4b4Konje8+mDhIgJgtY7 ZDaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=DSCfJA1V; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id z21si7423477edb.41.2018.01.08.09.46.49; Mon, 08 Jan 2018 09:46:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=DSCfJA1V; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 2BF8CC21FA4; Mon, 8 Jan 2018 17:38:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id DDA09C21FC1; Mon, 8 Jan 2018 17:37:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 12225C21FB2; Mon, 8 Jan 2018 17:36:53 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id D8659C21F67 for ; Mon, 8 Jan 2018 17:36:49 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id g75so15728154wme.0 for ; Mon, 08 Jan 2018 09:36:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tEb+zxvqiXfooPFKqTTt4TM4oFUuaaywnnCJUJSankY=; b=DSCfJA1VOxLh5Ch/snmyrfLTENRhor3a1TdFgMl+GCd19H5CYtU78UZMjPi+F0EWdy E6aJCtILuUzTASlILVqFPt8BAEKdq4fo1dSbv2XgNH5Gacs0LBKaqvZWltNFW8nppRA9 f1rvhUrszimtDzDAk2tWg6Ongnp97Ju+JEqeY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tEb+zxvqiXfooPFKqTTt4TM4oFUuaaywnnCJUJSankY=; b=cTKjJLkioLnOa+WXAHbokloK70aUXhEJs3JzNWdUh5MLuwe+nPw+7j8G9Qa3N5OXbn 7LC2OHcrkdTI4+AiqpeH+PvXSsthb64PkmSPGX1HVEApOr9dQ00nO6kb4YN/qRqUTLFk AkiXYydZZfQhM/sD/O6+yka9TLAeoTYjA2IfcL87pnlYWNSOGOwTxURG/0qGda/aDXlF Bs5pBcPGXObP1gmepKvvggOO2M94V6nrI/uKJV+viShwq0OA7qstLwptXu4WBMcaIANR 2jvEhdaxBfglNqCeNv+SCkgaEGO4JyPRhYxi3tvsePmNZlul7dX7N181I6aJiOByjFYE Q5QQ== X-Gm-Message-State: AKGB3mJ+CpMfpvlIm9uzDfox4dLFG3QBKJCW8Skhuy+iUcGTeV3JfuEx G2vR5bGhGwXChzs4GWybQXPpTYS80B4= X-Received: by 10.80.146.161 with SMTP id k30mr17749728eda.300.1515433009236; Mon, 08 Jan 2018 09:36:49 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:48 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:20 +0000 Message-Id: <1515433001-13857-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 03/24] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 138 ++++++++++++++++++++++++------------------------ 1 file changed, 69 insertions(+), 69 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 9fe6d43..6f86c02 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -428,91 +428,91 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; - if (is_hab_enabled()) { - printf("\nAuthenticate image from DDR location 0x%x...\n", - ddr_start); + if (!is_hab_enabled()) { + puts("hab fuse not enabled\n"); + return result; + } - hab_caam_clock_enable(1); + printf("\nAuthenticate image from DDR location 0x%x...\n", + ddr_start); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + hab_caam_clock_enable(1); - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + if (hab_rvt_entry() == HAB_SUCCESS) { + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset+IVT_SIZE, - (void *)(ddr_start + ivt_offset+IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } + } else { + puts("hab entry function fail\n"); + } - hab_caam_clock_enable(0); + hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - } else { - puts("hab fuse not enabled\n"); - } - - if ((!is_hab_enabled()) || (load_addr != 0)) + if (load_addr != 0) result = 0; return result; From patchwork Mon Jan 8 17:36:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123763 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3006926qgn; Mon, 8 Jan 2018 09:37:58 -0800 (PST) X-Google-Smtp-Source: ACJfBotX6UCoefuoemW7a0CYFQktsf6ReSrIOsy9vIDKiJ6oyhq2CNjpQmZhczrx7BHBIQNc8kl1 X-Received: by 10.80.149.183 with SMTP id w52mr17289420eda.77.1515433078554; Mon, 08 Jan 2018 09:37:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433078; cv=none; d=google.com; s=arc-20160816; b=CDU9/CgNUO6wRWky4Q4lnXvbpC6jrUjD51qcr/31oNCVDZxd1iRCFsT8A+N7ys/l/a ZIg2mdeIUtFSgtz1GV5hp0bG0jvRWRODcswrgTfzo1CurfzZSrXMXvqJaM11szF/H5hd f9YUAiAwxpmB2TbDChjh05aIni9yD2+8P1OJ/yfjt4zn30/KVFERAkfyD146uEFqgE6E HyGIn4smwut4eIO4ofZWmYm+J6yvjmDu4LCHXgMZ68MMxIGuA6xFwwQ3tpO/yT7gNe2a Sc79R/qF6EZZNOrpapEkvWcI/2qC+PCCsjdWq3UQ6IJLBgz10uKolOY8N6BOn2ZCC2vX M0yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ltIxGxwbriNIdsJA8E5Tn2uUeswTayfs+quuAx+dYJY=; b=cC+Shqf5XwntmRXrXmQf2yYv7h0e+OoF2dUkFnjD3JHYnfXItk5LLXnrY0nCx6yYaT uVjmG4SPtHim8OrnuQ9NkmSpe0PiZ1X7wPhRS+mzLzTA2o3nSw+J4JuaMUCNZI0gfd4C zrjphPCcZ8qqfjtV+ojrJtrqQA3SeKyVsKyCKQXwUsxQ5hUOFrAI+5SfYJzxGXieCxZM CkzM+fG2S2XgLUXoLFrhNhtgXQQB6YjVuOmkXnBkTpFABfMwx6c/RtAD5FEaR55NrWXB 54dECsmn5hLnQHCzMFm0PN4YLWSusSMbvFaE7HDd8f1+GtnUa1hTH1isRY82G0aMLDmj mRng== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XUQdjFul; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id s8si1287315edk.346.2018.01.08.09.37.58; Mon, 08 Jan 2018 09:37:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=XUQdjFul; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 09EA9C21FA0; Mon, 8 Jan 2018 17:37:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0E29EC21F76; Mon, 8 Jan 2018 17:36:57 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 02692C21FC3; Mon, 8 Jan 2018 17:36:54 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 0CA97C21FBA for ; Mon, 8 Jan 2018 17:36:51 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id t8so15599283wmc.3 for ; Mon, 08 Jan 2018 09:36:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EH9nAsP2R6CcqdRJVaGDdlF3b/WA9xPFI4ki25Ui41g=; b=XUQdjFulhDvwaMlaRgcsNDQu876EzpHsy0CSHrGgm1SHzlqwKPJwBbfL7xPhA7/Obr rt5HsCDTYPyCJLhBw2XG7rxA+0rAvLwMKSFVPbsBNPVv4j4Z6yURAAlqUpEP+v/0/6ni IGLzpB8guQeItmvQa46lNiUvyDIzvZiYM9TdI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EH9nAsP2R6CcqdRJVaGDdlF3b/WA9xPFI4ki25Ui41g=; b=PeLQnw755g7QgjOr7KhDS/+jeWbsp7ICKy+rNImL9o6x5rV+uBvrGwMscZzcBa7Cpf k8WVeehYqKNFq7HpbMw49uBwoA8BmhE6pFwzFTGkgLWAafFuZc8kGcuUXcCS4RT1LidQ AqaVEV9IYalxLfwtuSObnaq6DZZM0GmYmGoVu1nN0DdKq/qitM0a1177setylHDIDYGN ct2zgOF8k6OMYQw3fuYQYABII256vG7IH7HKlKb85uSNZgFriiV+sJxtM+5fDWEd9Jq9 J8/VF63/wou1K8W/GxtkkWlJz9g4VM4CM+QkAnINtsPF7jLmHXWeqgPSPkdKH5MLTG1e wIxQ== X-Gm-Message-State: AKGB3mKBwzyLIpZpe/PH7z59vj24ucEMMuiy/9r/D48GxW3HBt3GgOuh 0Lav6hgDkWgGM7hF4LQ58yArQlAaIOU= X-Received: by 10.80.213.154 with SMTP id v26mr17488099edi.170.1515433010432; Mon, 08 Jan 2018 09:36:50 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:49 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:21 +0000 Message-Id: <1515433001-13857-5-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 04/24] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 118 ++++++++++++++++++++++++------------------------ 1 file changed, 60 insertions(+), 58 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6f86c02..f878b7b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -438,75 +438,77 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) hab_caam_clock_enable(1); - if (hab_rvt_entry() == HAB_SUCCESS) { - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); + if (hab_rvt_entry() != HAB_SUCCESS) { + puts("hab entry function fail\n"); + goto hab_caam_clock_disable; + } - start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + /* If not already aligned, Align to ALIGN_SIZE */ + ivt_offset = (image_size + ALIGN_SIZE - 1) & + ~(ALIGN_SIZE - 1); + + start = ddr_start; + bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); - puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); - - puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", + ivt_offset, ddr_start + ivt_offset); + puts("Dumping IVT\n"); + print_buffer(ddr_start + ivt_offset, + (void *)(ddr_start + ivt_offset), + 4, 0x8, 0); + + puts("Dumping CSF Header\n"); + print_buffer(ddr_start + ivt_offset + IVT_SIZE, + (void *)(ddr_start + ivt_offset + IVT_SIZE), + 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) - get_hab_status(); + get_hab_status(); #endif - puts("\nCalling authenticate_image in ROM\n"); - printf("\tivt_offset = 0x%x\n", ivt_offset); - printf("\tstart = 0x%08lx\n", start); - printf("\tbytes = 0x%x\n", bytes); + puts("\nCalling authenticate_image in ROM\n"); + printf("\tivt_offset = 0x%x\n", ivt_offset); + printf("\tstart = 0x%08lx\n", start); + printf("\tbytes = 0x%x\n", bytes); #endif - /* - * If the MMU is enabled, we have to notify the ROM - * code, or it won't flush the caches when needed. - * This is done, by setting the "pu_irom_mmu_enabled" - * word to 1. You can find its address by looking in - * the ROM map. This is critical for - * authenticate_image(). If MMU is enabled, without - * setting this bit, authentication will fail and may - * crash. - */ - /* Check MMU enabled */ - if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { - if (is_mx6dq()) { - /* - * This won't work on Rev 1.0.0 of - * i.MX6Q/D, since their ROM doesn't - * do cache flushes. don't think any - * exist, so we ignore them. - */ - if (!is_mx6dqp()) - writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sdl()) { - writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); - } else if (is_mx6sl()) { - writel(1, MX6SL_PU_IROM_MMU_EN_VAR); - } + /* + * If the MMU is enabled, we have to notify the ROM + * code, or it won't flush the caches when needed. + * This is done, by setting the "pu_irom_mmu_enabled" + * word to 1. You can find its address by looking in + * the ROM map. This is critical for + * authenticate_image(). If MMU is enabled, without + * setting this bit, authentication will fail and may + * crash. + */ + /* Check MMU enabled */ + if (is_soc_type(MXC_SOC_MX6) && get_cr() & CR_M) { + if (is_mx6dq()) { + /* + * This won't work on Rev 1.0.0 of + * i.MX6Q/D, since their ROM doesn't + * do cache flushes. don't think any + * exist, so we ignore them. + */ + if (!is_mx6dqp()) + writel(1, MX6DQ_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sdl()) { + writel(1, MX6DLS_PU_IROM_MMU_EN_VAR); + } else if (is_mx6sl()) { + writel(1, MX6SL_PU_IROM_MMU_EN_VAR); } + } - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - puts("hab exit function fail\n"); - load_addr = 0; - } - } else { - puts("hab entry function fail\n"); + load_addr = (uint32_t)hab_rvt_authenticate_image( + HAB_CID_UBOOT, + ivt_offset, (void **)&start, + (size_t *)&bytes, NULL); + if (hab_rvt_exit() != HAB_SUCCESS) { + puts("hab exit function fail\n"); + load_addr = 0; } +hab_caam_clock_disable: hab_caam_clock_enable(0); #if !defined(CONFIG_SPL_BUILD) From patchwork Mon Jan 8 17:36:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123768 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3011530qgn; Mon, 8 Jan 2018 09:42:36 -0800 (PST) X-Google-Smtp-Source: ACJfBos4rtZ75f+rDrsotTvP0C2WnZORoiJXZl+XPwURnltkbtTx00NrvURDjQG0zPXDN2vVwb/K X-Received: by 10.80.145.90 with SMTP id f26mr17833820eda.283.1515433355930; Mon, 08 Jan 2018 09:42:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433355; cv=none; d=google.com; s=arc-20160816; b=JT0ej2ZBOAYw8VSAw7HrXJIjvZK4PUAseczPiaaYt2kbsrHPLyMvDLAP5F2JmDX8Fo IU8RK1ify0mh3Aj6DgYf77Oer25h92ncSt+fXg3zclSlbDCixW2rW5zRf3vNFXYXn6YC qJwnt1CfBq8jU+JMCLERfL3zt7ScrpviJUV9KlyF22jfaAqCxWwDHlSvNAUuPA9bKB+O IxLrdCyNd/KghcAsbgXkpfHQz/XMqVgwAWZeQ1cA9eOKCi2qeJfQsGWupO1IG1G4bALO LN4R9Ti8kRjSGAXHJWkmOuMxV8bUAYdOmCo6S/KEBjX6OnHM4Od7p6Kqff9pLV+m0Itp S/iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=ikhStahDui4p/tFfHpF7zYtX8K+0lVPEu6TRgvewZ2w=; b=J8f4AZJwhv09iKwF7IPQHwgUSq1DBR0YLQJRfAxQd7rufMSb2+4sdA3HTxiQdvOPRa CdS+PqzgKeWGJ4jwo6cHsoMkDFMr1k323kSRzM1JxjqCx2sskWznmTvGO9E/lIPISeoW BmpZL64zSB6JtcI1E5occ60Ya0Me7py+jfhZnopcFxaN32u1iACFpV4HUWaizlsMZV1l uuz4OBj4nypD9KbnBewtavOMT7QGRQKjXpHYDoZlONqBi0NbH4oCvaTAhB5Mja55JUN/ 4bCJx2iZLYI63QV7/dQ5vbBaie2Wxmc4UVSNdxBkUCN2n7BN9hGnu7qmg+Xyy6p/GxLz 1RWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h4kiL1pS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id n17si135421eda.409.2018.01.08.09.42.35; Mon, 08 Jan 2018 09:42:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=h4kiL1pS; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 48C13C21FB8; Mon, 8 Jan 2018 17:40:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E2811C21FD4; Mon, 8 Jan 2018 17:37:33 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 1D536C21FB1; Mon, 8 Jan 2018 17:36:55 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 48DE6C21FB4 for ; Mon, 8 Jan 2018 17:36:52 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id t8so15599440wmc.3 for ; Mon, 08 Jan 2018 09:36:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=5osmqO6RuGeR5rNp1YmiKz2CDqY4yTY8yMk3hzOQD9k=; b=h4kiL1pS9Ss45FDqeJwn+De0G+4+lr+1nzLP2wUJ9WbORVDHTwzbpDLXn4WSZRGVgZ Xfu06n8L/5ubzxlIqpSlGtYP586ymYddVF27+qhy3KfNFFeDn7aOur5jMY2//IrCskbB FTSjDXCjz7L8vWPoryuQWgsveKY1CCiJtgDbQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=5osmqO6RuGeR5rNp1YmiKz2CDqY4yTY8yMk3hzOQD9k=; b=ECaDXhlsyenXxHwIzhmilCutn1Mi5OezCC8hZXm7KpZKmivrG8+gMIAvKwI2PGH2jf H4r06+PUHb2LVdJQesbbeQbUpCQ00LU5LPIMzaLyfNiyky4Y3FBlrpg2xwKsDvHhkB07 3+PMylQdZEthgftS6g7hxV4TFacRTnDqMtAK+kwIGjK2jucl7JG8HNHK8fA+9p0m4eNw bjyHa8nV9yo7DnKdoXmXkKVMvULJuRbb11r3f+RBHbaSvKTRkE7bsqjS70H6joxXTdgG tuOdea+GbeWsluZd6vtxGTu2NMdp7zCFZtRwJNmKsFsyecVOx8bdmcVtCIMnzxazHPwJ 87fg== X-Gm-Message-State: AKGB3mJyCiq8rlT/fLysIr86KzXe8PxoRhex00w6vOBqs+vvIe2ykWFo xc6JOCmHxKAJQg3+nUBwctTJFsghZVY= X-Received: by 10.80.132.169 with SMTP id 38mr17562029edq.75.1515433011657; Mon, 08 Jan 2018 09:36:51 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:50 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:22 +0000 Message-Id: <1515433001-13857-6-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 05/24] arm: imx: hab: Move IVT_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ arch/arm/mach-imx/hab.c | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 1b7a5e4..3c19d2e 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -143,6 +143,8 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_ROM 0 /**< ROM Caller ID */ #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ +#define IVT_SIZE 0x20 + /* ----------- end of HAB API updates ------------*/ int authenticate_image(uint32_t ddr_start, uint32_t image_size); diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index f878b7b..6367562 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,7 +70,6 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) -#define IVT_SIZE 0x20 #define ALIGN_SIZE 0x1000 #define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 From patchwork Mon Jan 8 17:36:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123775 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3015081qgn; Mon, 8 Jan 2018 09:46:22 -0800 (PST) X-Google-Smtp-Source: ACJfBosR1tlqxzzJ9dsRlpDAKATi85I4wLaRHiC8zO22i8XB5TZsCqvBhnIY9pGZ9UFCMhxhqAct X-Received: by 10.80.209.193 with SMTP id i1mr17645220edg.179.1515433581900; Mon, 08 Jan 2018 09:46:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433581; cv=none; d=google.com; s=arc-20160816; b=qqa7bSvNRr4YqdUIJ0N8nQvs/+XPT3I/hqjavre8mZX78bIsj6xirUptdshv+YPzE4 TeF68ssZ54/uoxUVxJB8pUotXIiQA130EcsZ9wq9oqiFWbxBhn98G7U3FonyDRkbbBtx ekI4AamAbLG2mVevZdRnJg98dvRfA7Xf0UbK5Sdx1ZyHQM73A7OQr4QcUshkN0Dz2YXO z+wyoT/MBGoZlkf5Lwcwyj2i6lVO3mrvRpW280dBCWF2ae0DzNSz4A0ao9DrNtSEcGLr ZeCHJS91855OHikjCcKYQUbMxfbXPf0hRtATiuGzy5BRH66rpOIY8cj1z4HzgqIVOoOF /zqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=4A8H0JfHSw8vHNwupD9jh0knhRyZxPcxGbEsqQUu+Aw=; b=EtBFZsjLIYYbshbBYssg8A/d3zeXtxAYHTIf80+BUuZZ9/J5LQTP1UKecOFkUwEdzV Kd0jQ8rPrQhd/kBoGYzV8/EVnUFyLMkizAuwDVlrDtf9/peOJCzBxPafVKmO96YRyudZ 079A/K4fSa8icwZzdTzhrQLEOCUTxTUO8P1p6Wzfw6N9enExamI6ISlQpHhKn5S7wuBW JytPiIwgS09aUH9wO6DzlVnhg/1p+CesyngR1fhh/wuJlSFOEWljvQdylzLM9ul2TiP3 PpwUFtQYn2oCqECX6gvtSFiNALkxBqeOhX/jWgy2uSKynm8KOdJm3uUbIUPtYqZi9Wts JHTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=kVchT/Pb; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id c14si1699066edj.440.2018.01.08.09.46.21; Mon, 08 Jan 2018 09:46:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=kVchT/Pb; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 84C1AC21FA4; Mon, 8 Jan 2018 17:39:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 492C6C21FD1; Mon, 8 Jan 2018 17:37:17 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 68F61C21E90; Mon, 8 Jan 2018 17:36:57 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 67835C21FB0 for ; Mon, 8 Jan 2018 17:36:53 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id g130so16845743wme.0 for ; Mon, 08 Jan 2018 09:36:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3LjNZTTYyCYseZYUKjInSqJMeBXflteglLGsqlXBjII=; b=kVchT/PbP7miaMSA3or+pv32gfsc2fc953zMKwkeGhxgFsubLUStMmADgywSFgMfu+ gWFj9Y2FajwDhanpjLXQQCv4q5Z0MEOrE+l0Oo4zkOemDA6TP+7AgoiGP8IQLnaNKsPm pYXpoAA3jjOWJpCEIm9AWz2iGYdAXBceudyhM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3LjNZTTYyCYseZYUKjInSqJMeBXflteglLGsqlXBjII=; b=pTXQhabMhBEYP1JHp+ZuiNsnLQho4hnAL6AEQSp4HNQ4199Cbdgb0aHJTw6ZwMZ8ir +LLL6MAEHQjnblKk2j4pkZFDEYQ3/yOG8KTKSAaspt8leGwAZpjVGpi9qusD6NHLHd6l hBmChSceRR3UioU+n4APaPCjmbcUDmhHnpklmb7qqb0iGFPrIluEf9oGGuhDYfIHpIVz Vka7zcexhQ9z9miutFYZxDxejxnlM1/PWFfSOrMvt6VI1xR8k/kOkMV9AGxMGk9BIOmf kXGujr3o1c5T4Fy/+Xw0KtMvFrx5guYnVS6AteyR4NnVTNgFmJI1i5mdnaTuDhicgKPl Iu8g== X-Gm-Message-State: AKGB3mKbu9q6iDuqFpMfvSaK5WKq3J64WFa8ncga7aEqhOK/LUEikte8 m7d8MAQKAJodGJ/U2W8iCPoE8HK2aWY= X-Received: by 10.80.148.163 with SMTP id s32mr17635282eda.164.1515433012837; Mon, 08 Jan 2018 09:36:52 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:52 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:23 +0000 Message-Id: <1515433001-13857-7-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 06/24] arm: imx: hab: Move CSF_PAD_SIZE to hab.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 3c19d2e..91dda42 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -144,6 +144,7 @@ typedef void hapi_clock_init_t(void); #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ #define IVT_SIZE 0x20 +#define CSF_PAD_SIZE 0x2000 /* ----------- end of HAB API updates ------------*/ diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 6367562..039a017 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -71,7 +71,6 @@ ) #define ALIGN_SIZE 0x1000 -#define CSF_PAD_SIZE 0x2000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 #define MX6SL_PU_IROM_MMU_EN_VAR 0x00900a18 From patchwork Mon Jan 8 17:36:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123782 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3018080qgn; Mon, 8 Jan 2018 09:49:23 -0800 (PST) X-Google-Smtp-Source: ACJfBovepNt4fBgqJOmTYGxD09FZ9V5SW9tVUrKDQ/9WIyorjcIXymyEBcC4HIlldOyrnUAQ15Bd X-Received: by 10.80.174.67 with SMTP id c61mr17349878edd.121.1515433763845; Mon, 08 Jan 2018 09:49:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433763; cv=none; d=google.com; s=arc-20160816; b=g2r87OmWkheulKtj8/JA3Wd0VMjwrndbR/7N5efthRE5lE4DI85lnvpn2E9Xig3Tne G++4XdSqXrpqO0Ng8dACCiVq9T+RkfLtuj+9OEQ/HujjQSm6R9wJwZcvzaskCr/bvc8F jF61g6xUrPtk2TuVRzowGcEQ1QOUqHWrff35Pkk1qHb6I+2sUE2MePJ8F6RdB9FvA/Ut r2QKsxs8Pb/jqeTOnvh8B15V2cCwYCEVwRUTYlefG0W+S8QGfaixkvRlRmRPWBY84fNI alYrk6ZATZaBeF0TAz+evuVJpiDP41e7EMtd1o3oVh+U19rCUpDKv6+c+wRTdEVybHPt GWBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=/CFeAgyZ025Ytf/Ld84XKfOkYCNCLxgLRiwGO1exCQs=; b=cjOSyLbVA+sWeBd0i0Jno+ENnBpeEhR6V1ZFaidRzlJZIEmVd2jOG66+KAVdRmcI8n 7WzcB03wqddm0ckVqRoecutMvo7jjP954nxOg1RLG4b6otC7drdi/94GGocUgCp27ug4 1lWPzR4TLNgZNlp/cUG3V8XDNV/xBnbsLW3l7MKgkf23SFlC41q4KWMStoOP00s5idaf wcvw2YR68aNg0sLDqtU1X2sHbN1tQviZtw4XTP0U/lN8JbgScnvDV4s0j33tn4dKY8dl k3rrUXgz4Phc82/moBZ1AR3wFYZ7igm9KscSGfjlQqra73Tk2PNWLOpwVU32smkZIUtL 0NRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ASjPIRmb; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id a56si2153618edd.224.2018.01.08.09.49.23; Mon, 08 Jan 2018 09:49:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ASjPIRmb; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 51931C21FD3; Mon, 8 Jan 2018 17:40:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 2A74CC21FE1; Mon, 8 Jan 2018 17:37:39 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 064F9C21FC5; Mon, 8 Jan 2018 17:36:58 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id B32C2C21FBF for ; Mon, 8 Jan 2018 17:36:54 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id g75so15728706wme.0 for ; Mon, 08 Jan 2018 09:36:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EvOW9AnWvFja+KH57XFeHCqYmUyZa4E60vY9BoKFZBs=; b=ASjPIRmbmucoVIPqctd+QuCSQ7OD37PupcGwwNW+23lcfoL7Qsc27OQQgJh9tOzoF4 qM8xY09oaE7mxA3M/Lk8rk/lrJ9Evkww/L0vvCZKOmH+hcNGz+sM+Bz42IINmEtWG2mn rz9l41LXEvEx2Z3IcuC1o1VKajdIpkO+NhJmM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EvOW9AnWvFja+KH57XFeHCqYmUyZa4E60vY9BoKFZBs=; b=EUILQK3/dnFUCzYiZu7riCY2RrKnlo+mEeA5o9ZYieHKt4rvwjUGZXJA2VWHmHwx8m qV2/q4BxxkMCUq119EQtZ3ZNQK7wcY5AS/v5QKfIlbFJbjnFRgZGfByYdu2mxHhfsDvc yRS2Ioh4Ky8DZqlVwB5iGkbRJpuVkw85tGXnkEn5Kopst0rbo/VxK4IOp71G8aFgt2Xu B/hnYhyVgfvI1cN3z3sI4s5ISdVa3R74v9iQNPVVKyEjLsC9PWHxh+KIsANQkfG1dY02 yCguwczGTOlkJa8fu9xozbN2C4gYuvJwV5xVzk+DEHmlX7gIsD2aydOLW09p+4RkGaTI 4DFw== X-Gm-Message-State: AKGB3mI6I8uNvjsC6HeRydiZNNuCLfNn83ZhuE0uHx8bDB1PQm5uLXCI mTjAo6SSTXEGxR4FfVvCffozeGWSEx4= X-Received: by 10.80.217.76 with SMTP id u12mr17366190edj.171.1515433014054; Mon, 08 Jan 2018 09:36:54 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:53 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:24 +0000 Message-Id: <1515433001-13857-8-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 07/24] arm: imx: hab: Fix authenticate_image input parameters X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" u-boot command "hab_auth_img" tells a user that it takes - addr - image hex address - offset - hex offset of IVT in the image but in fact the callback hab_auth_img makes to authenticate_image treats the second 'offset' parameter as an image length. Furthermore existing code requires the IVT header to be appended to the end of the image which is not actually a requirement of HABv4. This patch fixes this situation by 1: Adding a new parameter to hab_auth_img - addr : image hex address - length : total length of the image - offset : offset of IVT from addr 2: Updates the existing call into authenticate_image() in arch/arm/mach-imx/spl.c:jump_to_image_no_args() to pass addr, length and IVT offset respectively. This allows then hab_auth_img to actually operate the way it was specified in the help text and should still allow existing code to work. It has the added advantage that the IVT header doesn't have to be appended to an image given to HAB - it can be prepended for example. Note prepending the IVT is what u-boot will do when making an IVT for the BootROM. It should be possible for u-boot properly authenticate images made by mkimage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 3 +- arch/arm/mach-imx/hab.c | 73 +++++++++++-------------------------- arch/arm/mach-imx/spl.c | 35 +++++++++++++++++- 3 files changed, 57 insertions(+), 54 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 91dda42..b2a8031 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -148,6 +148,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size); +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 039a017..2a40d06 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -78,37 +78,6 @@ (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -/* - * +------------+ 0x0 (DDR_UIMAGE_START) - - * | Header | | - * +------------+ 0x40 | - * | | | - * | | | - * | | | - * | | | - * | Image Data | | - * . | | - * . | > Stuff to be authenticated ----+ - * . | | | - * | | | | - * | | | | - * +------------+ | | - * | | | | - * | Fill Data | | | - * | | | | - * +------------+ Align to ALIGN_SIZE | | - * | IVT | | | - * +------------+ + IVT_SIZE - | - * | | | - * | CSF DATA | <---------------------------------------------------------+ - * | | - * +------------+ - * | | - * | Fill Data | - * | | - * +------------+ + CSF_PAD_SIZE - */ - static bool is_hab_enabled(void); #if !defined(CONFIG_SPL_BUILD) @@ -361,20 +330,22 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - ulong addr, ivt_offset; + ulong addr, length, ivt_offset; int rcode = 0; - if (argc < 3) + if (argc < 4) return CMD_RET_USAGE; addr = simple_strtoul(argv[1], NULL, 16); - ivt_offset = simple_strtoul(argv[2], NULL, 16); + length = simple_strtoul(argv[2], NULL, 16); + ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, ivt_offset); + rcode = authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else rcode = CMD_RET_FAILURE; + return rcode; } @@ -385,10 +356,11 @@ U_BOOT_CMD( ); U_BOOT_CMD( - hab_auth_img, 3, 0, do_authenticate_image, + hab_auth_img, 4, 0, do_authenticate_image, "authenticate image via HAB", - "addr ivt_offset\n" + "addr length ivt_offset\n" "addr - image hex address\n" + "length - image hex length\n" "ivt_offset - hex offset of IVT in the image" ); @@ -411,11 +383,12 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size) +int authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; - ptrdiff_t ivt_offset = 0; + uint32_t ivt_addr = 0; int result = 1; ulong start; hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; @@ -441,24 +414,18 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) goto hab_caam_clock_disable; } - /* If not already aligned, Align to ALIGN_SIZE */ - ivt_offset = (image_size + ALIGN_SIZE - 1) & - ~(ALIGN_SIZE - 1); - + /* Calculate IVT address header */ + ivt_addr = ddr_start + ivt_offset; start = ddr_start; - bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE; + bytes = image_size; #ifdef DEBUG - printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", - ivt_offset, ddr_start + ivt_offset); + printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); puts("Dumping IVT\n"); - print_buffer(ddr_start + ivt_offset, - (void *)(ddr_start + ivt_offset), - 4, 0x8, 0); + print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ddr_start + ivt_offset + IVT_SIZE, - (void *)(ddr_start + ivt_offset + IVT_SIZE), - 4, 0x10, 0); + print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, + 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); @@ -468,6 +435,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size) printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); +#else + (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 6e930b3..e5d0c35 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -152,9 +152,41 @@ u32 spl_boot_mode(const u32 boot_device) #if defined(CONFIG_SECURE_BOOT) +/* + * +------------+ 0x0 (DDR_UIMAGE_START) - + * | Header | | + * +------------+ 0x40 | + * | | | + * | | | + * | | | + * | | | + * | Image Data | | + * . | | + * . | > Stuff to be authenticated ----+ + * . | | | + * | | | | + * | | | | + * +------------+ | | + * | | | | + * | Fill Data | | | + * | | | | + * +------------+ Align to ALIGN_SIZE | | + * | IVT | | | + * +------------+ + IVT_SIZE - | + * | | | + * | CSF DATA | <---------------------------------------------------------+ + * | | + * +------------+ + * | | + * | Fill Data | + * | | + * +------------+ + CSF_PAD_SIZE + */ + __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) { typedef void __noreturn (*image_entry_noargs_t)(void); + uint32_t offset; image_entry_noargs_t image_entry = (image_entry_noargs_t)(unsigned long)spl_image->entry_point; @@ -163,8 +195,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ + offset = spl_image->size - CONFIG_CSF_SIZE; if (!authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Mon Jan 8 17:36:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123778 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3016375qgn; Mon, 8 Jan 2018 09:47:42 -0800 (PST) X-Google-Smtp-Source: ACJfBosx1AyLRQhBOobUuUw4QRFzQUYrmgqxm+zhlULgH97xH8opJOy80A+jMIa2eA73s1TCpXPf X-Received: by 10.80.179.45 with SMTP id q42mr17749312edd.71.1515433662232; Mon, 08 Jan 2018 09:47:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433662; cv=none; d=google.com; s=arc-20160816; b=o13KvQnqTkT2le5RmNDeL3O7/2gr7vEHojQUKE8Ot7zrCpYq1r4bwNUkbaqMbcW1Sv 3Q1JFBecpzPnNCfGNjkjOgzloMka3MEywzcmcpXjr7iyUDS7WSXxIBYg1xGzNIAESqiG dfKqpKrtnG15K41F3SLkuN5e6wnYlj2U0hvYAgijGvmOF7ww9sB4AjaujKWzRcSVl2le i4t7SZ6Ww8jziRnY+1kN0C2iNaY2qCUAU2UGMrRi5ET9l1+Ee5f+L2rfJsXTiD+3528O NI+BWxYxq0vCDWOBpLuXWAoy32sk6ggXI8c16cjw+gDEneHExFbh1V+blmYgLp0WuwpU ZpbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=wMUOic2TFDmrDvyogVjf9hvh3SaCoaZsPmQv9SLgU/M=; b=Zc/HASB1goQhMXhT4c17ieIYP6mvNsa2OC1XnkI1QHs/UXYRKYQ8vJJsAfQp+Iz6be 6rZEJ1Y1Iou03FvTFPAVQDpZ2hJ5fqINBi0OicPtNUe2gYmTLwsn51ZsmrsRBMFRtyY9 Rv6so4jjAfIAYefX1+uxXRwB70ZrMdxPjjeNw9eMxNZBiWbogtjEQtZ9cioGYz8r4JW0 ZBIjB50ju7IJxq4ZsDG0MWMu3fuBnvbWJJ/862NIUta0lCjH7r4efWUj+EIo1LyU/1sg D0DEFjO1C5W4G4Ty+8btcW2bZcD8MN9L937Rc1ynswHx37si8pn+wqA/umAUJNCv04au ouAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Azwgt81g; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 94si752428edo.485.2018.01.08.09.47.41; Mon, 08 Jan 2018 09:47:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Azwgt81g; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A8245C21FD5; Mon, 8 Jan 2018 17:38:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id CDCDAC21F1D; Mon, 8 Jan 2018 17:37:06 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id CEDACC21FAD; Mon, 8 Jan 2018 17:36:59 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id DD1DFC21FB2 for ; Mon, 8 Jan 2018 17:36:55 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id r78so15701436wme.5 for ; Mon, 08 Jan 2018 09:36:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=W3aaLbqI/MaiX5sYMhnL4aKeCAri3WIVr9Implx4W6o=; b=Azwgt81gjklJW5OUtPf69SZ6DXQc6IMHbQHZLQldGnHVhOUBQqcFub+LU3TRuvGkZ5 qgRHwLNMupUi5gjXY3e+jodXa05RhI0w/RIC6UBV68wMCLDe+9CWLZCXH48AnT31rs0u 9hWC1R5cQJU4A1sd59BOkm7iBkBYJlRBaQMeU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=W3aaLbqI/MaiX5sYMhnL4aKeCAri3WIVr9Implx4W6o=; b=OPrgRTW62ixQ1T0mkSsUKOsCooo7FT7ZUrwaB7jdF788Zfloxao6WGedy+QPWfQZ5d 5vTHPfyKRokhrLfcZkEZsLsRm2yaBZN5fKZT54IixYWkUOKsAcjfAF1xMkBViu7/e1vS QwzuF01cCdcF8T/sneQvyvAGoCBxmxqli9Uhz/nfe0jwqwxhcQyE47caYG3eElrLj99X /wc8l8xj/A+6Yw+rEQMiDe50R7YbVlDABnZ0IRFQM6mPaP3OASHUumTGbZ4FOhL2lomi 6wqWVaa0qu/eVRgLq/bDk8jOi5a9i5eiXPpG0dixtsGA/TJDrXflTW31ANgqv/HRu6Su DNGg== X-Gm-Message-State: AKGB3mKSCEaROhrhmS4LPTi8tMzSVxhTR7QrzvUl+JcC3R4bddwkPVdB vi7N0v4CiaecIiqr7t5klLL60atR50E= X-Received: by 10.80.159.141 with SMTP id c13mr17221847edf.12.1515433015264; Mon, 08 Jan 2018 09:36:55 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:54 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:25 +0000 Message-Id: <1515433001-13857-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 08/24] arm: imx: hab: Add IVT header definitions X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The various i.MX BootROMs containing the High Assurance Boot (HAB) block rely on a data structure called the Image Vector Table (IVT) to describe to the BootROM where to locate various data-structures used by HAB during authentication. This patch adds a definition of the IVT header for use in later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index b2a8031..28cde38 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -10,6 +10,34 @@ #include +/* + * IVT header definitions + * Security Reference Manual for i.MX 7Dual and 7Solo Applications Processors, + * Rev. 0, 03/2017 + * Section : 6.7.1.1 + */ +#define IVT_HEADER_MAGIC 0xD1 +#define IVT_TOTAL_LENGTH 0x20 +#define IVT_HEADER_V1 0x40 +#define IVT_HEADER_V2 0x41 + +struct ivt_header { + uint8_t magic; + uint16_t length; + uint8_t version; +} __attribute__((packed)); + +struct ivt { + struct ivt_header hdr; /* IVT header above */ + uint32_t entry; /* Absolute address of first instruction */ + uint32_t reserved1; /* Reserved should be zero */ + uint32_t dcd; /* Absolute address of the image DCD */ + uint32_t boot; /* Absolute address of the boot data */ + uint32_t self; /* Absolute address of the IVT */ + uint32_t csf; /* Absolute address of the CSF */ + uint32_t reserved2; /* Reserved should be zero */ +}; + /* -------- start of HAB API updates ------------*/ /* The following are taken from HAB4 SIS */ From patchwork Mon Jan 8 17:36:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123772 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3013278qgn; Mon, 8 Jan 2018 09:44:33 -0800 (PST) X-Google-Smtp-Source: ACJfBosPf7vKd00FzdM3R7yWt7CEXOuhIGsEhzb8jww0D3PYmdEfmeZKxMqnzVW9LGSS/aAjAVSk X-Received: by 10.80.149.180 with SMTP id w49mr17582580eda.255.1515433473543; Mon, 08 Jan 2018 09:44:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433473; cv=none; d=google.com; s=arc-20160816; b=xFxGgBjbIKcPlRrQJW4LYTX64nh9KWhz+MX+i8nhmz8X4ozjfE7fTzc7zY8RJs9kP+ ih0SVgD6Ol5h8Js1DTdSEVEaxMN1MoiP/BKaEMeFsAMf2uhecIbYo6A+tPD4uwGndXCB mgURt3zjXQX58ZC1HmbyTk+/yKqgucyARomtBBqJohbCUNHuMwEwoYWsYl8XwZ65rHe3 wHRbQ4QZ4U8GA2+FqTY0eBRTjfjaroattXRZ3fsGM0b3+BmqM45gg5LqFxWHK6JDlECT g81Og1c8a/RdnTXpCkUMGocuFYtFXkS+c7nIS6qxezgd3GR31mp89Lyh64y8xg6maar1 JeIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=wtBLTlfoJBvhf/eOuuvxQm98vTWQo0EbMS443rcgN7o=; b=u1ypsgjClMRZ8UnNVixoosZPzAmBgA6xY3lpC0ldnUnRFdkHR5/Oio3Lm1sC/FuO/R jrF0Ct0fNMQwOVuUQ6pylDRb4Pu1kc0ZcXoCGvc8erZXWxkKdvvovsDQLIEV9FHDn5Tn HYFQsJGvqIdpB5gs2CciK8LZEcR3ghL9HpPp1IC6ni6k8sE7ofukup07euIH4X8Zrbn6 GLwRlNbsHUxJToJWkAmRAtv4NZNQv7L7ThxB+krccWSg2kJ/NinIarj6Uhm3vRqWLdPb EHUiRtRTFdsO0rrY2lP6wG9gt1G6GPKEq+akVN/dkG1yVKk3SfpvCpXEP7AFhmZHSyKP GZBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f+gzlwCM; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id m33si4585012ede.418.2018.01.08.09.44.33; Mon, 08 Jan 2018 09:44:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f+gzlwCM; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 27E74C21F67; Mon, 8 Jan 2018 17:39:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5F3D7C21F84; Mon, 8 Jan 2018 17:37:14 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7A70AC21FB1; Mon, 8 Jan 2018 17:37:01 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 0FC48C21F8F for ; Mon, 8 Jan 2018 17:36:57 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id f140so15701447wmd.2 for ; Mon, 08 Jan 2018 09:36:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=R5DGvu8umvQQ/Yfvy/bdkA5glsJAQteZ8b5bHF8jCQ0=; b=f+gzlwCMC7oO7FXpOw2tXP9KkN4lipyhk2n3PvR9J3Xl8LTZGbwBr6b8s9VuAvjiu5 j3UtOChTyel9neItbWDPTehbhDFvFygcQ4umdWHgCgvF1CpMJCPvlnsN5aleyAhoSza+ WRlxGM89brYIrRos+2fMJYLwm1Pyz/J7RCBHs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=R5DGvu8umvQQ/Yfvy/bdkA5glsJAQteZ8b5bHF8jCQ0=; b=U+LEmQGHhAy+eNnOM5Cwyk6UFAkIOmAiF3FXz42O9Ig/P8AvHL50CzpNm87q5f9+1R ZxM9dUxJKoH6kFl8OabOEW9qJ8cdae2RoPp6eAW0pbY0tGu/OFAXAvYAgD4GP33U7/aR vsR8ZPb2n7wZnYvUWVHPGOEE/GcTi7Eys0SV7VuboXl8pdPYFA20Plqom2abuo4BxzyQ H2Mx9MyH8nCBqlSJXQo95dsa+LlCxeglNKC+7ympZcyGLT214Gi+IGYEhwWQwyyHxzeb BoGJZfArvciR9rXQX9+C4M5Hf+/ciNFvtiObK+oYgZ3Pqo4UAGjtcnAOJ2ENpcFV5yOm nwMw== X-Gm-Message-State: AKGB3mKh+bJYLIMcFdKANlfU5qxx7yZbSqWTiIwtqoChDO/s2SY2e7eP vOWVWerkZ4tXKM+6fi/7I2VIIYYbAdA= X-Received: by 10.80.182.229 with SMTP id f34mr17601774ede.150.1515433016439; Mon, 08 Jan 2018 09:36:56 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:55 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:26 +0000 Message-Id: <1515433001-13857-10-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 09/24] arm: imx: hab: Add IVT header verification X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 2a40d06..998d253 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -80,6 +80,31 @@ static bool is_hab_enabled(void); +static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) +{ + printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, + ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version); + + return 1; +} + +static int verify_ivt_header(struct ivt_header *ivt_hdr) +{ + int result = 0; + + if (ivt_hdr->magic != IVT_HEADER_MAGIC) + result = ivt_header_error("bad magic", ivt_hdr); + + if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH) + result = ivt_header_error("bad length", ivt_hdr); + + if (ivt_hdr->version != IVT_HEADER_V1 && + ivt_hdr->version != IVT_HEADER_V2) + result = ivt_header_error("bad version", ivt_hdr); + + return result; +} + #if !defined(CONFIG_SPL_BUILD) #define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */ @@ -394,6 +419,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + struct ivt *ivt; + struct ivt_header *ivt_hdr; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; @@ -416,6 +443,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, /* Calculate IVT address header */ ivt_addr = ddr_start + ivt_offset; + ivt = (struct ivt *)ivt_addr; + ivt_hdr = &ivt->hdr; + + /* Verify IVT header bugging out on error */ + if (verify_ivt_header(ivt_hdr)) + goto hab_caam_clock_disable; + start = ddr_start; bytes = image_size; #ifdef DEBUG @@ -435,8 +469,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, printf("\tivt_offset = 0x%x\n", ivt_offset); printf("\tstart = 0x%08lx\n", start); printf("\tbytes = 0x%x\n", bytes); -#else - (void)ivt_addr; #endif /* * If the MMU is enabled, we have to notify the ROM From patchwork Mon Jan 8 17:36:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123765 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3008922qgn; Mon, 8 Jan 2018 09:39:54 -0800 (PST) X-Google-Smtp-Source: ACJfBouH5zvkdXkwmAvnuoVb3sxXcLiUxoMxHCTRonajtkZAuBscCZ9jrwKtLbQJe7SwSJ6HGyIn X-Received: by 10.80.146.117 with SMTP id j50mr17579648eda.45.1515433193990; Mon, 08 Jan 2018 09:39:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433193; cv=none; d=google.com; s=arc-20160816; b=cZOJW+IY5I+x3+bBW03/V2N4XVRPFSHPrKrsvR7331dMYQNaVHHaQnzXihFZMhWcKv 3nR8pb3zpNXuoS8agWjxEdRLAeMOAziezOwpcgxNg7Fp+NmRwP6mxNesVYuAaDdvs6+I Nys72RBiqVtBKFMSV2YBYhioxc/G8je3oY/Q21JGbzrprlRLitc4wzlaYsR781BYYTbN NgolR/NRN51EURE61h5pdO2M5hUrSlAaZavDqF78yNeErxAyXwPwVR6tzgQMJ0g5vorm YFxgcoU+ag4K2f0sIMK87+yUT56gLeX3Ds+119nxi7hHDWiWhv+pw9pFwdVRR0BDima1 IF4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=tgWKR2MZ+R3WBrJi+Aj/5jRuBjQ63xdG3SSf7yXTmKI=; b=hERF3Vtb17tXAmKocoLqlab1PiA8XTEQjoW71sfK+WTfGxHw/LyboUydwXGU5m/QHr eODwUZideCMrtXXlPIQFq5IFNLXXqOFy3sGO/LNYqYJ2zEMfxumYUbqcXp30Lrkx+AjX KlEHWLgn+dpGbpjtFNX/zmDGSYqFu4inkQWFw8YXdm5khyuw3B8dfdjT5BR4ZTeuhgVk kEBe+DCfJ0oNGfKqXcGOQ6oxtBwlt0eNJv8HP0lizMSCGKFvyQUAY1aMT7mDy7iII69q 9yT69apEEZvFI8liopWPaLndmCIZtTKLKxtOHMqJFBXFLnS+YnmmfGekb8WKRb1yV+RX P46g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JiOTCNG2; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id a34si821593ede.278.2018.01.08.09.39.53; Mon, 08 Jan 2018 09:39:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JiOTCNG2; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 89C2AC21FBE; Mon, 8 Jan 2018 17:38:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EFC3CC21FB0; Mon, 8 Jan 2018 17:37:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 64B96C21F74; Mon, 8 Jan 2018 17:37:01 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 3D9D6C21F7E for ; Mon, 8 Jan 2018 17:36:58 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id n138so15605892wmg.2 for ; Mon, 08 Jan 2018 09:36:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2A7Qg7hL1w61tBCXGh393HAJ6eSTFQCDCTJeq3SjqoE=; b=JiOTCNG2yQ/nZcxmXUdpSU4SDL91sdbIHdaJOcv2Gx3V3n9K4p6nHnD/zTx7lSYZb3 IN9PCPl6EaxuOuBsZwX7rfZu5u8utF8o0tsIhtpo1Lt/sm4DvrbHYyNXFxGhLlAH+gmV XgSz9gicjIy4cH7bv8RatnCNifsuOYZtWz0vk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2A7Qg7hL1w61tBCXGh393HAJ6eSTFQCDCTJeq3SjqoE=; b=de4fCwoLg8vLQztvg3jG/x13xS99ltHWK4NoIGMGIw3wKGqSMQGZYfmo8OjxO7Erm1 7jH8DzVOAjWAKX0UdAkQuy/xXvjYmxl9qRujQk+kdnLAgfsqvPotAoindq8ukrI4adbS ina2gsBYVJ4UDvns8FSrSUzVQ5A3vVkXsqcYSBl4ogBKSChI07RC0YEc7wfw3fNpzxux Z957J1sspRuA+U7N6L0EXOTKL/w1ywY5S5kY/U6km9IP1HeK24l/igPA26p+nwOlNhRF lkhU3sppuMvLi9EFDa/529ypuEywyP5D6hM/XAWPIzJB8vsGVlZuS4IJRq75t954WK4W enCQ== X-Gm-Message-State: AKGB3mIPqOrE8koXAHRZfnJDTTREojXjQHVLwtT0g4w1LDtH04wNpZ3P 0udIcSs3riTCIIzYEXmjsN4+uCt6q5E= X-Received: by 10.80.173.163 with SMTP id a32mr17849613edd.114.1515433017640; Mon, 08 Jan 2018 09:36:57 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:56 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:27 +0000 Message-Id: <1515433001-13857-11-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 10/24] arm: imx: hab: Verify IVT self matches calculated address X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 998d253..39f8f2d 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -450,6 +450,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, if (verify_ivt_header(ivt_hdr)) goto hab_caam_clock_disable; + /* Verify IVT body */ + if (ivt->self != ivt_addr) { + printf("ivt->self 0x%08x pointer is 0x%08x\n", + ivt->self, ivt_addr); + goto hab_caam_clock_disable; + } + start = ddr_start; bytes = image_size; #ifdef DEBUG From patchwork Mon Jan 8 17:36:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123773 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3014139qgn; Mon, 8 Jan 2018 09:45:29 -0800 (PST) X-Google-Smtp-Source: ACJfBouBnnLGk7zwhMmjl2SDS8k3NQhud7fYAUNZAPrVh/4HVaXKoaoiqAQ8elD9Z8wQd39Z2ZaP X-Received: by 10.80.205.15 with SMTP id z15mr18028731edi.83.1515433529401; Mon, 08 Jan 2018 09:45:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433529; cv=none; d=google.com; s=arc-20160816; b=oFGlwXvld4AvQWMiBOuMrPf62uY4jkFcqWik1R8JEqAzX0WFdK/Z+dYDy9VHvM45Pk 2/LM5Sx6g4oK7sY8raspcqn3FnEEJFzb3uVUKA/Kg3GTqjUgzhX1L9ksVLvzNOxKTFe4 m5D0yJrfYG66bOhmJ9MwJ52Q28FmAuMsMcVY+RgeSEbwsIwh60GvXQ8/lDW0kdUlch5R lTje0QAnjV9j4nRVaXa3vKK6wxR5g09TkmBjZqSHzBAj6jNEk4BK4Ur8GUwnNjBQuAzf kx82fgzBgnkK5RkSGrE9EzE06OgrNvDdP/g8UI5hmlNUVacZ+bJb13ytI0FBSa32vWRC rr8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=LBvBL24hJqc5Kgpwvc0yr71J+jcm1Apkk501EePYMuw=; b=HEnHfs46BexrhfKDfjzg0Xn71cgundTsrEK9Dwb86K5cISYbqHKzAnt9tfaqAIFgZ7 ikQnpkMLWODmGzdoV/8kTU+qkVPG1sz8HQ53RSheqFdTD/3g4tUN41dC6o+ZfEpSzGqa xgQiYfG41H6nkqcQTEAbwbUBcMXATPQl8H+CjrjxSo9JJ0YG1DrzYFT64iu9kGY8ZObB +/b+Mx41mxmLbfcrYZPo9Gzrg/Hqw2ahbQFLroUmlepkIvQ8iRDsPzmXmzb28nabyHkz AZOB8NW4wVwv56HYOTcPyfY3JmIol+goFCaRf1Fl2tklD00wu+ZnjYJoLG6IgNMnp+hg opWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dCWBR32B; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id o6si231402eda.245.2018.01.08.09.45.29; Mon, 08 Jan 2018 09:45:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dCWBR32B; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id F267EC21FC9; Mon, 8 Jan 2018 17:39:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 566F3C21FB5; Mon, 8 Jan 2018 17:37:12 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 660B9C21FBB; Mon, 8 Jan 2018 17:37:03 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 5A86FC21FC6 for ; Mon, 8 Jan 2018 17:36:59 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id i11so15692422wmf.4 for ; Mon, 08 Jan 2018 09:36:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=6OXj4fYFmVFuO0qKIl71ylmFylGW614qWO7jXCXWQJ4=; b=dCWBR32BXyJVJHY80vMSQHq7MMwP8yPY2YmvuWBa9nBeV/hjs1quAvQ+TBJrZaqWB9 fr7fTvXI7to3/o3ZDoLX9iSOBsHqGQu1uhdEY68nRT+DHlscrt03+18VSlCEnvkZ2jPa FWCFH22YWSRvH8SIjC+s5qqRGqXeTOGAQjl7I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=6OXj4fYFmVFuO0qKIl71ylmFylGW614qWO7jXCXWQJ4=; b=NmcyVuaVENMg66ei57j+lePV1MSLy+EdCsLhSDoJp2I24cZj+YPACsOXbuE6TKY1N8 i+O3MRxsplx0ZOqG09zhHiSFYGORoP00TiPhnbcExMX4Ac9WqvDLxjwCKtG+wW/ltcMp LpFSaEIQgZ3DjLFDih/sIgXqvtYZgYetQQdzZ5yuUkn1YSTHo5lqO2dnECOMo/n8zdf7 ihGP+3uX9/OHR86Unj6VApokPwAiRpbfXyr5Y7/SJ2BNJMxelHDensRMB16ZG1YOl9Yz NqaepRyuk5tsr0LlDEDzM6KbaKAR43Gda0CypSY5eJkdhncZkS1DCWPQe7jl5fAYgNLq TjKg== X-Gm-Message-State: AKGB3mLAnNXVy8GYy1aT9J0hYKIVpMxcnp0wHhTfDoAJj//N/Xlf5IhK XEFhJTkRPiyczeQhWX/p7j98VwHt6WM= X-Received: by 10.80.170.157 with SMTP id q29mr18074900edc.180.1515433018788; Mon, 08 Jan 2018 09:36:58 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.57 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:58 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:28 +0000 Message-Id: <1515433001-13857-12-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 11/24] arm: imx: hab: Only call ROM once headers are verified X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Previous patches added IVT header verification steps. We shouldn't call hab_rvt_entry() until we have done the basic header verification steps. This patch changes the time we make the hab_rvt_entry() call so that it only takes place if we are happy with the IVT header sanity checks. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 39f8f2d..a8e3e79 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -436,11 +436,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_caam_clock_enable(1); - if (hab_rvt_entry() != HAB_SUCCESS) { - puts("hab entry function fail\n"); - goto hab_caam_clock_disable; - } - /* Calculate IVT address header */ ivt_addr = ddr_start + ivt_offset; ivt = (struct ivt *)ivt_addr; @@ -459,6 +454,12 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, start = ddr_start; bytes = image_size; + + if (hab_rvt_entry() != HAB_SUCCESS) { + puts("hab entry function fail\n"); + goto hab_caam_clock_disable; + } + #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); puts("Dumping IVT\n"); From patchwork Mon Jan 8 17:36:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123769 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3011591qgn; Mon, 8 Jan 2018 09:42:41 -0800 (PST) X-Google-Smtp-Source: ACJfBosAqnNh96O5QoCsN+hHSUbTs2ovpg3MDcWpt5MmqOIU0CLI4P+MgxBgjAtpsHgHJZXQyRsQ X-Received: by 10.80.213.154 with SMTP id v26mr17509019edi.170.1515433361196; Mon, 08 Jan 2018 09:42:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433361; cv=none; d=google.com; s=arc-20160816; b=nIa/iX1HgNdJDpxz+HnLD2g584viUGyC1sJc6mr6gmCrKsztWr/CSj3q+My2clQ9Sn kCiY9Ab+Bq0NeC9uxZupJMof27uXxpU55TDOMmLuTOsDLnK0kFaqmQWyR/VKTaBcDRl8 2HxJLrzKFnv3DFMXFKBm7VMKnm61vbUqgYbPn/67bGFnaVym0fsyBKLquZYjBJiYEUTD a8iYf8hAO2gQpEMKivCbbzF53kr7LAUDXOjx9jRDnrXJQ5F9RklX9Py3B6Ip46U198F6 k/cSnae5lPGc+rXUW1oSmPZnbedrsM7H2t45NIrlWPJXN12c1zBsEPRCdiXeeGJaaNi1 YoCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Ex9jjPdOvMueVc2ICBiWVPqKNBgc7BXKvnegujq47/o=; b=Bk/ZzzUyRnSauG2wpTxLBl9Y9tP6Y1Z8ogwtIWG3IJE7aRtRnwcq8TQXfw7PadGhCF 6t++2ShcscN692C2DtPsaH6bb2UcO6g2+e20iMG8X0QI2hDWrYfo8JKBmFtp9HkobavI yZLfUhoemWIbP2ow2V3CaJgpLl9LxfIYsDhKv/GawNYyshKyqcROr7Vdhvljo9rmNE65 2LNfp0BWTDtVFQqiuuavhKQ6dK9sBWIRLtsEfI1KXbh6tVTeV64S2C8zHa9PMM8w+9NI 9Td2qwW2Hm4QQIGGs9ekx9Aww6V/BsgS9Y3qitDL+DnVFIW+VoD6cRyrdBiPgzqSJitZ ioxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HZhjHD0x; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id m33si4582809ede.418.2018.01.08.09.42.40; Mon, 08 Jan 2018 09:42:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HZhjHD0x; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 9DB58C21FCA; Mon, 8 Jan 2018 17:40:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9EC4AC21FC3; Mon, 8 Jan 2018 17:37:23 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 9BC08C21FD6; Mon, 8 Jan 2018 17:37:04 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 9A7ECC21FB0 for ; Mon, 8 Jan 2018 17:37:00 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id 64so15709206wme.3 for ; Mon, 08 Jan 2018 09:37:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GW5xpnE8MJlwtaddL6aqi2WY9NSQY8NpVz9n6hXPDpk=; b=HZhjHD0xdqNAKoMxl8Dui6EmeU+7FrQZm/KdbprIA42Ef+DdMU+GowtFflBbqgVPHE uI94agZFWK8D/oF+4J/7N6QKmk3McR7bK10aXxQgg1xH3+n8rO3KZnYh3dJ3aKUBoS8g TqXqnNqepRDcBWwaPds4V1Ki6xZqFcu+VLEzM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GW5xpnE8MJlwtaddL6aqi2WY9NSQY8NpVz9n6hXPDpk=; b=hIfBDfBXG83VxE++bQu9rcGYfUpzOqCzqaTxHAhezboeYFYWnZgOEfdzQMwg+Tb8GW ntE4z89eOWBi/+3AZ7aE8GsbZGMLQOp0Yp/mJ+0wjSdPvq4IRjeHYXsG77ldmcuseVVu U9U33RADRitf9fiLFjZGjsnul8ZMD8cSVaIXrRgF7pIT9LYps2mG/l4LyKio37jY9MZO 6eKCKBhpMhKT35KPoMUIs0eRe/rw7c2rR3YYT3rp5tNWq3x6AS7ocxsaqckR0WqrE17j ZtkB3XgnZ1rn+8vrcWnNekrA4pjXWVzbbtVpWFRHpIhqo069QGli43YaN+tlnmbw3TiS cmdQ== X-Gm-Message-State: AKGB3mKaXdE4jLq4Vre1bpv11ISfcQpO7uIFaG2W5LIa/Mr2XY6FJHaT dQDwqfg0Ii39FYF5J73DkUTtGQN6KFA= X-Received: by 10.80.241.217 with SMTP id y25mr17963358edl.204.1515433020033; Mon, 08 Jan 2018 09:37:00 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.36.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:36:59 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:29 +0000 Message-Id: <1515433001-13857-13-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 12/24] arm: imx: hab: Print CSF based on IVT descriptor X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index a8e3e79..229c723 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -466,8 +466,7 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); puts("Dumping CSF Header\n"); - print_buffer(ivt_addr + IVT_SIZE, (void *)(ivt_addr + IVT_SIZE), 4, - 0x10, 0); + print_buffer(ivt->csf, (void *)(ivt->csf), 4, 0x10, 0); #if !defined(CONFIG_SPL_BUILD) get_hab_status(); From patchwork Mon Jan 8 17:36:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123786 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3021629qgn; Mon, 8 Jan 2018 09:53:09 -0800 (PST) X-Google-Smtp-Source: ACJfBot5rrJL/4h8F8EI/4eLHZqyxqIJxOtvid7TcMasKr1goo2siikdTghp1kPsSkeC925xES5c X-Received: by 10.80.245.134 with SMTP id u6mr16875642edm.163.1515433989349; Mon, 08 Jan 2018 09:53:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433989; cv=none; d=google.com; s=arc-20160816; b=C8T71WRXMLPYrn6ye+cIqb/h/wqe1vInf1tc6fJSoLMtfLsT8njm22h63ShfrAy+d8 fgbjfcsxAqKBLCi4TM910aypPTrdTT/J9jLTl39cxP2S8TQH3C0BW9/BMQlQQsTtjs14 c7X77h5qcWQl7OYBmdXORrWssGZXkdWFLy2mmYtpNUHwkosXL3ARfJeQVUmTfwIY9DdD lWqRf0Q9NNdtfYyZ6nhsZn0A7p0DOIUp6q8PN6rMzq3K7ki8xLA+pO5yeaGfobZF8b+r cct/8T6B61BbtzoH3zPGvV/UwC7tMMVW62g2S0myF8/qOi8mExmFUnGpWthyKaP6d2K6 gwSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=PGSCLjv5LWGk14Ui7kF9Uwp1zp4zH1+BcTD2UPtDRPY=; b=BDsVx6K0lS+gncWakPCFpQjRAxVuAFMEz9EV3l7xaHnPtgtZ38pOeiaqdedEkZkSEu EYmKNUDfaErP5JL1bFqKZmKWlkamMIx7roPSSLqjZ1UH+jF1Ai3qR7E757zlYlKJ/F7k 6U1y4gmHId7KwhjcaxHSepSpjttXd51i1dgHpZ5kVdN0eAR/7UISLl9I1oGv/IgtKGaW zvRaRgIKTpbZ10nGZQAFLMwPVTVP0uMGgQbfeVjrxjQCyjXP6rSSe6hVt+9otmUoU1k1 6KEFlB74zkMSIzsUHLEot8sd02IYMAHXRbOjlNXV4owGRbXjMDE/kxfLj4zk4r0hCV0U rXDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TveSY3rO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 7si2335135edj.364.2018.01.08.09.53.08; Mon, 08 Jan 2018 09:53:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TveSY3rO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C6625C21FCA; Mon, 8 Jan 2018 17:44:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 903BCC21FBB; Mon, 8 Jan 2018 17:39:23 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C5995C21FAB; Mon, 8 Jan 2018 17:37:05 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id CA7D7C21FA5 for ; Mon, 8 Jan 2018 17:37:01 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id t8so15600328wmc.3 for ; Mon, 08 Jan 2018 09:37:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HRqlpCkWGUfqh336BQqIYXvKtkM0Rxk4QH4BzP5ngE8=; b=TveSY3rO6RmKrxN3kuHMY9DFSsMdsXqDWdgMDCxsQXb1i+dpm5jnR6jqDCMpX25zNM tkjuv3s0c7veBa6iV1EWqKbOthUvBMfKlSjlt8tEqhsFeNXzbb2PSvsrnIyZSSSqdkLL eLwKg1WIV+PDBfzDDjh+B8eIfFqac1xWx0tsE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HRqlpCkWGUfqh336BQqIYXvKtkM0Rxk4QH4BzP5ngE8=; b=to0K5qEmK2vUc7MgmDHV6CibcfxHnOZi2Qyc6dhizaoNGdCq711fvC2HC6ztajOgPA BNVmse6fsXvSHfQdW1P7zD3LSDaxw/PJ6ZoOyguRPDMWdaYQg0DJ1wKovRTs1szfe8uq Ee5HEzw6Ee32oZLGuaOwAQyskC8yjW8TjwAdU/jbALKdTsnlwecYUGbudB9kedfsGtR3 iNboKyVM8DDjeqUUKtWLzobydFNNeLmv9J9RRuJGKqUOEFe1KQLZ3z7Sprp7tOTFBQju mxBb/HwNq89xqJzbvq59zHbeNy6z5Jt7K0ZFO3OnL4MVGnmpM5SDSdt0dFygR3Uz/7B3 kpUA== X-Gm-Message-State: AKGB3mJWxrAUqjGFfiKIzWQNQkEtjJgjk33a3xqSrS4h0oeuSfNGlF+U UFB4MBU0taQYHDqksgNNoSv89bCpDvI= X-Received: by 10.80.177.28 with SMTP id k28mr17272578edd.124.1515433021223; Mon, 08 Jan 2018 09:37:01 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:00 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:30 +0000 Message-Id: <1515433001-13857-14-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 13/24] arm: imx: hab: Print additional IVT elements during debug X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 229c723..364bd6b 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -462,6 +462,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); + printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, + ivt->dcd, ivt->csf); puts("Dumping IVT\n"); print_buffer(ivt_addr, (void *)(ivt_addr), 4, 0x8, 0); From patchwork Mon Jan 8 17:36:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123783 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3018598qgn; Mon, 8 Jan 2018 09:49:58 -0800 (PST) X-Google-Smtp-Source: ACJfBotDwBre7WfVjlgGLAykWJMNRWn6lNsxKn2AubrAjH6FUnTJHLNRfHazgSSzP7svqUKXZbu0 X-Received: by 10.80.245.92 with SMTP id w28mr17305458edm.297.1515433798277; Mon, 08 Jan 2018 09:49:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433798; cv=none; d=google.com; s=arc-20160816; b=BUn3Aa3stMvTvGzTgeOVJbTdzYZODoXLOZN+ob/+tH1MhN7ql4+eLISXOiEcxpUP6i t40RT544CAkzc1CJs8ekh7KtmqCSCDM4f/LFeoXgcrJthhGVjsn1CVGsdVISvSZyfJXQ qEaDkL7VS6niEz8p1HvbSAMTiDDc+Q1VPfYIqvdQCeeluZblwsGeFRUjTR2TJDLkXFR7 y6Vhc1ugj02JNWLjzJn42bVGKhi2tjag3JpTaZ3oIrFyVABcuNbhYYEmtYEB4vJfDrIR VZnUcqSWlOMhH7rIywZ/L/4I/CX8FVpzmkFFpGnRxGWRad/6OmHmSRepUKSAWRc834ob bsAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=k5X/ItTmKzhWMdp0uZ8EBVqBbJj/pKMrT4QgVq8r6rY=; b=GvZ3c54tKFHfLhQHHbgwxqA7geb4/ukDv21NGOmWbMTfCSDtgNNJm9vv/fthW5Pv1g gqMv4IKkQ5rdXFj/8X60NuqwOR+b4fyJmVfvfLl8m2vVStHDTanaUbdf/e7GFWKlcMr+ Dxup4itI5u29U8UzkdmsrTrRVtTYvQOLIzNzI81RJMG3xM1jO/Lbg/3e3nwlwVeKepEk UReDd7qEvw9s3P6wZ2gyOoRZL7IrXWlekg84x6CssUn8oz7ccv566bwvxHGoDUcal6sN NwAhmecD4tJ+c5LNLCnMcRMasX6rB9hHyNstSPAOvWcOy47Mzh82QUGHR5Z/QZSr1lWv ab0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NwuZOSSF; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id l88si3096337edl.104.2018.01.08.09.49.58; Mon, 08 Jan 2018 09:49:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=NwuZOSSF; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E1D15C21FFF; Mon, 8 Jan 2018 17:44:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 6D11CC21FC0; Mon, 8 Jan 2018 17:39:22 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 63C97C21FC0; Mon, 8 Jan 2018 17:37:06 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id EC1CAC21F1D for ; Mon, 8 Jan 2018 17:37:02 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id y82so16765862wmg.1 for ; Mon, 08 Jan 2018 09:37:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GOymI+l1h69sKsRpkjL0ZhctMF1/wS3/aTxVjfkswBY=; b=NwuZOSSFudZC3SOAab4jAhhqJS0VzPG981cdAeHTOZy/F4vq2Bi/PEYe7xr9x/NT+r 2onkMZCUM0MtGi4P49cKwTGCjmO5O0XYLaNjF2Ec5HjMxKxMUhcRe6jDoAnVFd44eclj ZF1Jkcw2wcm5l8ncbMnWa62/kZtPdi5jmqcT8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GOymI+l1h69sKsRpkjL0ZhctMF1/wS3/aTxVjfkswBY=; b=r0cT0O5Ygv8DP6HSxX7fzFtWf+B4fiq0Li7C+lqJ7XIyvSTykmXmoP1Y5gRJnRcDer niLoylPb6i30B1NuCw0891rPQvTHXeGFe/W+yY9Mmvc/ILg496AgInLZYvVcGNvVRs5p SBqC4fcQ29ufNLXgCdDtSy2nM5Vc9Th4rKfg2m1TJbGC2bNnb3ARgi4g4X8R2C5l9MV7 JoDDYE1D2CzEe5k3thZ9ZLHh9z+JWz5ZJ/lYcdooAq0MgMXZWGzf4r9asyxnEfQeTcir nWsYfwg8imZiiww7bLMVvYUdHzogyMBCBjbXje1zzOGMHPeukRDb+jtnbcFv7l7/QThV yTUw== X-Gm-Message-State: AKGB3mKODxE39HvINLCKr2G82BKk3lYZl7HpNVquCPYenUUb0SN+wh8w 1uGMFKq32vXdzM4nmon2z7iyJrv/MaM= X-Received: by 10.80.186.207 with SMTP id x73mr17829026ede.67.1515433022370; Mon, 08 Jan 2018 09:37:02 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:01 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:31 +0000 Message-Id: <1515433001-13857-15-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 14/24] arm: imx: hab: Define rvt_check_target() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_check_target() callback according to the HABv4 documentation: "This function reports whether or not a given target region is allowed for either peripheral configuration or image loading in memory. It is intended for use by post-ROM boot stage components, via the ROM Vector Table, in order to avoid configuring security-sensitive peripherals, or loading images over sensitive memory regions or outside recognized memory devices in the address map." It is a useful function to support as a precursor to calling into authenticate_image() to validate the target memory region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 28cde38..14e1220 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -113,6 +113,12 @@ enum hab_context { HAB_CTX_MAX }; +enum hab_target { + HAB_TGT_MEMORY = 0x0f, + HAB_TGT_PERIPHERAL = 0xf0, + HAB_TGT_ANY = 0x55, +}; + struct imx_sec_config_fuse_t { int bank; int word; @@ -132,6 +138,8 @@ typedef enum hab_status hab_rvt_entry_t(void); typedef enum hab_status hab_rvt_exit_t(void); typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); +typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, + size_t); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -158,6 +166,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_ENTRY (*(uint32_t *)(HAB_RVT_BASE + 0x04)) #define HAB_RVT_EXIT (*(uint32_t *)(HAB_RVT_BASE + 0x08)) +#define HAB_RVT_CHECK_TARGET (*(uint32_t *)(HAB_RVT_BASE + 0x0C)) #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) From patchwork Mon Jan 8 17:36:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123771 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3012441qgn; Mon, 8 Jan 2018 09:43:37 -0800 (PST) X-Google-Smtp-Source: ACJfBosMUGkooDMsJLU8P2SW/FfuwFECcgMxoF3dsZ9aEtml3iITqthLiH0rsStghpqKuFmab8ij X-Received: by 10.80.184.161 with SMTP id l30mr17337239ede.294.1515433417888; Mon, 08 Jan 2018 09:43:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433417; cv=none; d=google.com; s=arc-20160816; b=Y9sZfeGajrjeeID+5huNESNQPoBoFY6ZfCNaLZe0E8+U0n/jaHM3WQbFuaEyr+atiC Af9X9531xCy2YA67VAi6QY0HmIfxA0JcBvNC0eR2vlBH7c24LbDSz8lukgSVKSue1I+q dzQUVZTiRKL2l1Dy51cjEDws+/nqgtRDzWXLruKZGNcXmNdwGvDvI3LQJYaJo1RcM2U+ grfbXcyQw6Anq/SVMk5cyD4Fj6xSU5OsqbB5/q1u3mmcBMbmfcXVwGBOimnH8M8kewLW R1Tbly5bHwMH1R/jEciy6LtkHzawBIgcWQ5YuxU2zX0AHM/It5mbz+J2EW7Kaoi3twIb nyLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=rdCW4iaGjwAadrs97TWdl05GWDF5RHsXhRJtD6Vt4Ns=; b=NijKlWBDgiUgYnmLQojRlhEt9chbhCat9JM+XF+0qViqgMK0tu/IB/e/SoypWVEJXn jCBhR2UQWuvyu4EeKxtCsw+jt92wl0PXYOc3pZGC6M9IX7f/sxfunfwpzdDGt5gX+BrK rFkcXr92GtJHl6pufWNQp5ZNIwSetBOFQQzKokxMLl/Bzb0zHpZ0nXSICaNilbQFesk/ wWLGWc9WbUAEQ7MnxTZB6u99zym4IRK2jG9QgQEixtJws0+IrZJea77wOhwd1AMTGIte NzVfoA4dm/egDvRLU5s6wBjYlYDOsmWeEVJMFLfvtKRC0rU40SgDhSpu4vFhMQS88Cw0 UQ9w== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fRuYki2P; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id i47si2867147ede.137.2018.01.08.09.43.37; Mon, 08 Jan 2018 09:43:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fRuYki2P; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 7B83DC21FBA; Mon, 8 Jan 2018 17:41:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 413B9C21F77; Mon, 8 Jan 2018 17:37:49 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E2077C21FAA; Mon, 8 Jan 2018 17:37:08 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 29C97C21FBB for ; Mon, 8 Jan 2018 17:37:04 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id r78so15702167wme.5 for ; Mon, 08 Jan 2018 09:37:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3KJQ1cxQQFrK7N3Layy0yFtQqztfXHTo400v35Khoss=; b=fRuYki2PPujr+gnrTczu8ty8tSGZiGJDMPm7RivP0luHfm32zgb/o8/dOt+8sMC7Eq XiXq7Ubi+/r4YdkuwOiO6nhOUpMxfH+Mkhql9+JKwGUZnWSiQrQK8auG1stTRfaFulf3 bp5JeeTeGGFA9BSkTJuygst3Gpx19uQyne8ME= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3KJQ1cxQQFrK7N3Layy0yFtQqztfXHTo400v35Khoss=; b=E7Mr3dI+zu04SOQwLEuZn3soUD+3EpDL5GaDJLRX2NQbzFJSI+Z9hJXrjOmztRndkl GNDMqcVc6eVvCLHZHJB6iQLlMLderuT1qa69uS/p6bekb3AgNZIWbOknV24gXcLvZrpp XF8FB/QzcCie1uvLo1173EmrjorIWBUmr8EsT0jSacy9CLh4qpetCnEW5PaTPLtqFjtd nHnnFNwzdVe0rtK2zr2U1m82A6G20NLueBPIvLA/TGXMEEHuaP3QN2C00FvbZjCk7LOK Nl44ndI9YB/8v/KMdapgdyQ7kwS0NeLGqQM7vA7/zHjQlykF1y1SNQhrIYyoQy47NLxv whsg== X-Gm-Message-State: AKGB3mLJ0kARUerizuhAbNe+YKOP2NkJUnUwtu6I79ZBuSGB9WfdlNEo 30t1yMbNhr74HfrOAp0PrK66vPOaVKE= X-Received: by 10.80.186.3 with SMTP id g3mr17254030edc.25.1515433023549; Mon, 08 Jan 2018 09:37:03 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:02 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:32 +0000 Message-Id: <1515433001-13857-16-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 15/24] arm: imx: hab: Implement hab_rvt_check_target X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_target() for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just have HAB_SUCCESS as a result code. Adding support for the new BootROM callbacks is a TODO. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 364bd6b..2a18ea2 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,24 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, + const void *start, + size_t bytes) +{ + return HAB_SUCCESS; +} + +#define hab_rvt_check_target_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_check_target_t *)hab_rvt_check_target_new) : \ + ((hab_rvt_check_target_t *)HAB_RVT_CHECK_TARGET) \ +) + #define ALIGN_SIZE 0x1000 #define MX6DQ_PU_IROM_MMU_EN_VAR 0x009024a8 #define MX6DLS_PU_IROM_MMU_EN_VAR 0x00901dd0 From patchwork Mon Jan 8 17:36:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123776 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3015178qgn; Mon, 8 Jan 2018 09:46:28 -0800 (PST) X-Google-Smtp-Source: ACJfBovyi/s9jJ2OeHErNt7wrA/Os40Z7USRv3J9NFvwWzffFCDiRonBoq2RDIp0J71JeKpfm6cS X-Received: by 10.80.216.205 with SMTP id y13mr18160874edj.173.1515433588685; Mon, 08 Jan 2018 09:46:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433588; cv=none; d=google.com; s=arc-20160816; b=WVFLyC7VfQ1NuvqqEr5ceJkMdtyklKcAvKnF3JNRK758BJhdgzIL1Pz1bgk2Ow6BGX iO/6PZQV2L+0Oo/M7m8V2Ls6jM9FMtZMXnokDZ2V25iE/RtNiz1Pg/iMJLYlYSAox8zp 1ux6IXks5FuLRtTqyrm0xRYyWpk6ZO7dqiqVMKWJ1O/7uuJ5u/HUJL8JS4vTLY0btiLB oTfnD20RpnIXFvDWAL/QeCNYkclT7l0VyBBAixhkNzfxUmr0XteIrumlUDPNVnExKAv6 r9Zlf3mxKfTDh6kOZOHlLp8Bkm+5T4owArkMwMEvOdjDJ1vFCSo+LMdhPluj/X35MQsR nGeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=8TlqsH4mVjKUXbN6goMg8HZn3xnxG6Nk47gpESUU2iY=; b=WwWMnHhq4HTTOA6nCZNFfd72UPy2oabOjhHchNceEeesjo7dEvA5wK2/8l2W3FB5Xl Q1ahtoIvKmaxh5F1PRgUA8+6BwnrBweFfMF5KPByZlE5UedqomOprPjXiHTx+3XKEuYP 8Sdekc9DL1DwOgMSONEaBvMBoFkcnTgvfivM9zhJ5jzYFY6aVRByKUO4E57fKi09eS5O 3+m6J3YFR2Zez3THzklg0UsRRgmUxMMtPA1d7DSH+8XqTmF77yv6u1VDNq551C+NQCWr IARLpRaYqSL1zc99TRVWQ+P3RWu3+UcqmIJmGiQXMUOzI4Glez9vj3nA8QJNg8fWII65 iyjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=GCp8XVkO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id x43si4389678edx.227.2018.01.08.09.46.28; Mon, 08 Jan 2018 09:46:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=GCp8XVkO; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 506EDC21F98; Mon, 8 Jan 2018 17:41:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 3C103C21FB8; Mon, 8 Jan 2018 17:37:48 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 83AF0C21FC9; Mon, 8 Jan 2018 17:37:09 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 66913C21F77 for ; Mon, 8 Jan 2018 17:37:05 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id a79so15702943wma.0 for ; Mon, 08 Jan 2018 09:37:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=bDGiXyeGrstKzpxh4dz8o4SVfHf4OFCJ2mDeVzNoIdA=; b=GCp8XVkOGBTTlTt3e/x7RQREa0EzjdT1QiPv/47ml8Wrwt/9MH83G75955N5RWeBvK Wwit/1xzIfq9+yds1CNeue6QCXg7F/BYyUdwSIzjF+T5sBjnfdbTlWDnQ5AiZgCuPvgi 8tCCdpZ5v1j5yXR3KcrMid4e7WrQ8Oge2vl78= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=bDGiXyeGrstKzpxh4dz8o4SVfHf4OFCJ2mDeVzNoIdA=; b=Yd4EOXc1sAZlbmnTpOJfPErbWFdROH4U8BKC36sFk7BPIDowqIIPvHKpiQsP+7YvfU /yFD4oQxZ1Cvftlom84qahY/rjdu9EiYlRDMVJHjNGF6Zr0nHfudfpmor6VpHZJU6DjS er55pAx/t4jjTWrF1UrgSzvu+ZZ3it/pdFAfUFuCbO9pSHC729xX4NXqSdnw60HAs2FI WmCvoQ07M6lGbjoc7Nil5zDzy0A9IP51qRycihSHIyXo7MF4b5CnzUha0sgDIkVeW+ii LSvGILhs4D9yIFQBNXh6AYjWEFLNGbbrbX6iFc2fLrfn3a0290W0ewiM7s2sCBk1NuP3 sxDQ== X-Gm-Message-State: AKGB3mJWvqgZqW/f+hSqfHWeGGHcHXAmFroc9XIhOsyNyoMHwJFfv63L ZD+1n2E77DDvqtrbzOdAP3f2HBZvSP4= X-Received: by 10.80.213.154 with SMTP id v26mr17488917edi.170.1515433024730; Mon, 08 Jan 2018 09:37:04 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:04 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:33 +0000 Message-Id: <1515433001-13857-17-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 16/24] arm: imx: hab: Add a hab_rvt_check_target to image auth X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 2a18ea2..079423a 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -437,12 +437,15 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; + enum hab_status status; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; + hab_rvt_check_target = hab_rvt_check_target_p; if (!is_hab_enabled()) { puts("hab fuse not enabled\n"); @@ -478,6 +481,12 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, goto hab_caam_clock_disable; } + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + if (status != HAB_SUCCESS) { + printf("HAB check target 0x%08x-0x%08x fail\n", + ddr_start, ddr_start + bytes); + goto hab_caam_clock_disable; + } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry, From patchwork Mon Jan 8 17:36:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123787 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3021881qgn; Mon, 8 Jan 2018 09:53:28 -0800 (PST) X-Google-Smtp-Source: ACJfBotk826ZIk4hOeqnddiFgGYsqDT8mCBUwkl58NEP6iGBNmPr81SK477rTws/0ingBZrb87BV X-Received: by 10.80.151.10 with SMTP id c10mr17689614edb.82.1515434008489; Mon, 08 Jan 2018 09:53:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515434008; cv=none; d=google.com; s=arc-20160816; b=PGh64yDS72NqkKh9glweCgQqqmSc6leMy/G2GHKl/q5KkDPevauwBdyCfjVkaW0La+ WLdJnj7TMKJO2IS4B9CB2Ov6Yct9Z+fIg3yVbV+W7ChteYZAQ1VSbSeKFSVlSfNEw2ac sD7xtvUkpR+/8xHlNFQQJmlDDNQGItbNGwOn1xJLsEjcQRPbm3t5IOBI9mro4/jQUdwz 5viorUdmkOOXUjCP3/Eg0lAc1rtP5byZgTGwTHZG8GMBqeE+kAWrPmaJ/tY2jAvt+1ae s580XjAvKxdJJUsRpPT0qP1i65MyGiEtoLOr4vbR8wCU0IYlO9w12yYP8FYvppYEru+h s3hA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=+7z7a6ttdAHkaJawnLoFtuGoWZ5zyvJMogjwP0K2kZs=; b=gNdd1orl1SkgrAo4IU5+4fnR32mKDJQR8TpMH0HeLoDj3hFRqbBTt+98PFMUt3Vt70 jPYQPlMLaSLso9homhPNEeeYPVPZhhdlhpfqWNp3n2YrAjC9S50QTEmnxRXFXMYNUHUv Af0+iBZqgO9fbawI9lBYpiho7fvZyygT1JvvakzguXbDwS5uFIFhzFSYL9NEYz8f2HY1 nrJUhXoC6o4WRLWif5abU7rOUkn4LlFw18/NKVA0ArXQ64NvYzKagr7LxL1MIR3E8oeA TxVzzR9eAEgTkUqB+5FUbKyILhvzlK1/SbOgEnqN4foTp0GonkSDu29Bf7drGNi945rB g6JQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f9KHRAA5; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id 5si552679edo.441.2018.01.08.09.53.28; Mon, 08 Jan 2018 09:53:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=f9KHRAA5; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id ED11BC22028; Mon, 8 Jan 2018 17:42:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1229DC21FAE; Mon, 8 Jan 2018 17:38:46 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E8E07C21FE6; Mon, 8 Jan 2018 17:37:10 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 9AA09C21FAD for ; Mon, 8 Jan 2018 17:37:06 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id 9so15582756wme.4 for ; Mon, 08 Jan 2018 09:37:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Crzcl5vGLNTooJvTdxZP5MJU1CXxtX02gxTf9jN3CPc=; b=f9KHRAA5UpiuxnPQV4XBXrIFhxNORbduWh1/vjDZjJ8cd4/QA+HG/BTgluou/qrHjQ eMsCT8uwSzqI6sg3KEccz3uiF1gtQNPhXdRcDKZfzlurB8DXVefGenMuYTNLOJJdYaLC 7pQLbrpiCpbe80eu8aRw0i4e2ljVh9hif18qQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Crzcl5vGLNTooJvTdxZP5MJU1CXxtX02gxTf9jN3CPc=; b=a86bFN31qAiFD81jYGutjkKIlDAlXYtTfspwEODzc0/iNzcaeEMnMo8vaTZlWkgetK LPdEzY5slHI3FkVtZaEglwP69VMBuqc983E/S7WLgA6pwF+3tO5C1q1jT/crczVbo4Pf nJU3wiNXQQhAYwghoCMVfaZ4xsXRP52eWdQWgNRmlJao2pQivon4k7qf+mnp8oh2rBPS Izf7ih4yw8eAwLJ1iM2mX7D1wWRpFuR+Pu/Wic7OK8MwYX0riQj4aYbZce4wZpCLJRPy lZWFRiiWFyt61vov6xLnMTG90/8EgIOpojUrRXjG2D2X5U/FXcSxMDWVieJwrqpbnSnz fqNg== X-Gm-Message-State: AKGB3mJTw08YKsmg7i+eGswNYDcLxElHAOI0GLmVYkngKPFmrrlQEhBN VI5VVtUpyiX3KWoIIfKEXsKYFuqUF+U= X-Received: by 10.80.153.93 with SMTP id l29mr17300699edb.245.1515433026006; Mon, 08 Jan 2018 09:37:06 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:05 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:34 +0000 Message-Id: <1515433001-13857-18-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 17/24] arm: imx: hab: Print HAB event log only after calling ROM X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The current flow of authenticate_image() will print the HAB event log even if we reject an element of the IVT header before ever calling into the ROM. This can be confusing. This patch changes the flow of the code so that the HAB event log is only printed out if we have called into the ROM and received some sort of status code. Signed-off-by: Bryan O'Donoghue Suggested-by: Cc: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister --- arch/arm/mach-imx/hab.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 079423a..3ae88a4 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -478,14 +478,14 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, if (hab_rvt_entry() != HAB_SUCCESS) { puts("hab entry function fail\n"); - goto hab_caam_clock_disable; + goto hab_exit_failure_print_status; } status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); if (status != HAB_SUCCESS) { printf("HAB check target 0x%08x-0x%08x fail\n", ddr_start, ddr_start + bytes); - goto hab_caam_clock_disable; + goto hab_exit_failure_print_status; } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); @@ -543,12 +543,14 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, load_addr = 0; } -hab_caam_clock_disable: - hab_caam_clock_enable(0); - +hab_exit_failure_print_status: #if !defined(CONFIG_SPL_BUILD) get_hab_status(); #endif + +hab_caam_clock_disable: + hab_caam_clock_enable(0); + if (load_addr != 0) result = 0; From patchwork Mon Jan 8 17:36:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123781 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3017882qgn; Mon, 8 Jan 2018 09:49:11 -0800 (PST) X-Google-Smtp-Source: ACJfBotLOZQ4Li/GecpwgzkVKuDN1DnztynVyDX/sbBGGNLydr2vmRbEqWvhYi+8YJUvDSxc/kkH X-Received: by 10.80.172.77 with SMTP id w13mr16454351edc.185.1515433751620; Mon, 08 Jan 2018 09:49:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433751; cv=none; d=google.com; s=arc-20160816; b=FzvSyqbkCLN3Hhrecj/imJOMwwcw4CjmKJ+vhK5FCpAaLSsgdqLh5noEunUKA5bMxr bcLUzdcyHlMaeu98HjAhTUTPrkeMTGL46UGOi0SP50UqOS0/YvSlwQ/UNmofk7SRMtMq o35tnzkee/KNxjo6Pj9DO99/O8fs3QRIGyuBFVfpUEgD7W9iN4VzE5Xj0/vmiAt/D4aQ sNXMGMIaINV8RWXzyK/NaXq6gug1ueSnEMRjp0yXvjNN/vnvtC/hCbj+66GlvOSxZDQr Y9SwnVpW1jnwHVTGuh7w3oPECr3rEd/jM7LnB9TZzesXsmhHk66t4jBvhOiFMWFdFE04 riWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=hJgTN9Obn9Kz/BSJtw3RokrkXl4IMdhB8bv38G/MnBU=; b=MRIprpHUJ+ECgfmVFSvMaGTG7NxCbqPx0zc+hsNmhupspKm+0xzSmBcmUpjh9cg1+x v++idLfsxLqIC7r+mbdHlnSWA4w0Fun6sGckkNdqKBXl3FXHh+rE3MBdKisFzWZxeQ6I yAsqEOBUwtkEMjYr8XFLm6ticXjdMRZRXJTzWAU0ngG9iFhe1Sh3C625y/AT1JkpPZx3 t3gTkIX1QfoXUqC7UKpE1H8npK2wR+0oE8ZxuRp4eT1L60pwP+aIU06dSWAbPiXiPgtU 8EGBccbMl2n4F9RL0JcRdu7ybzdCzexK1l/yQv3EX67+EzyFu2j5CuODka3WdntP1tDK 7Lww== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JcXoHGAt; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id t35si3234529edm.171.2018.01.08.09.49.11; Mon, 08 Jan 2018 09:49:11 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JcXoHGAt; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 3FCC5C21FED; Mon, 8 Jan 2018 17:43:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E20FCC21FAD; Mon, 8 Jan 2018 17:39:08 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 9DB27C22016; Mon, 8 Jan 2018 17:37:12 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id D34B5C21FA5 for ; Mon, 8 Jan 2018 17:37:07 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id 9so15582870wme.4 for ; Mon, 08 Jan 2018 09:37:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=J6g0TJXnxWDKdPRjk56Dmjx/loJB4rCHXG0Seegucjk=; b=JcXoHGAtk4ibxunfsan1foTRuNWgBiwj7l7bXg+546v+pQcD6sF4wt/Z+CvviWKCpR 8ozvY9vVus1eLzTqxucUhluUnKno5l11hHjSqq7PXPGveP3f9J8K0pemMoPgHarNa5ps a3QCE0O1iiDGm6vmtLeR28SJ+Uex4tDqrUZNc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=J6g0TJXnxWDKdPRjk56Dmjx/loJB4rCHXG0Seegucjk=; b=N1iQLy+RN/bvfIuHHxiCsgVKFrDu8W+SukSdKLZLAfohUfKbdBwE1GQuBlu5LXM+EW CdQweU1XfXzO75mnwRkJ3yb/t0jrGdE9HRkhUVNamQnhj1oIKq58408k28IoQeitfokJ ZRI6ycKKpuwMNljAFsVr16OJPAeNy7I9B5BnPX2aqm9VOu0vRA8oOoYSdJQwIsL9zEBp 3IOHLcx1J+oX7U+KZy32CLmyrGQ8FfnyJkPDRgoho1xbKpEh5j3IE0hEV93kTBr/PVhS 0k9lffxFDaf4dsaWuY1qGBYoKPA1wHEgfVulFHISz8idsr041X4oGdC3yT+eNWNlNKLl fdLw== X-Gm-Message-State: AKGB3mKljn3VoYppq6ml9EJyjAFsZtfut4twzx4CfnrV4ASXP+JerlMX OY9ASz8CjMcPdM/G8k34TlK+bId2xpI= X-Received: by 10.80.164.197 with SMTP id x5mr16969288edb.53.1515433027195; Mon, 08 Jan 2018 09:37:07 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:06 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:35 +0000 Message-Id: <1515433001-13857-19-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 18/24] arm: imx: hab: Make internal functions and data static X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 159 +++++++++++++++++++++++++----------------------- 1 file changed, 84 insertions(+), 75 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 3ae88a4..ec85548 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -135,73 +135,81 @@ struct record { bool any_rec_flag; }; -char *rsn_str[] = {"RSN = HAB_RSN_ANY (0x00)\n", - "RSN = HAB_ENG_FAIL (0x30)\n", - "RSN = HAB_INV_ADDRESS (0x22)\n", - "RSN = HAB_INV_ASSERTION (0x0C)\n", - "RSN = HAB_INV_CALL (0x28)\n", - "RSN = HAB_INV_CERTIFICATE (0x21)\n", - "RSN = HAB_INV_COMMAND (0x06)\n", - "RSN = HAB_INV_CSF (0x11)\n", - "RSN = HAB_INV_DCD (0x27)\n", - "RSN = HAB_INV_INDEX (0x0F)\n", - "RSN = HAB_INV_IVT (0x05)\n", - "RSN = HAB_INV_KEY (0x1D)\n", - "RSN = HAB_INV_RETURN (0x1E)\n", - "RSN = HAB_INV_SIGNATURE (0x18)\n", - "RSN = HAB_INV_SIZE (0x17)\n", - "RSN = HAB_MEM_FAIL (0x2E)\n", - "RSN = HAB_OVR_COUNT (0x2B)\n", - "RSN = HAB_OVR_STORAGE (0x2D)\n", - "RSN = HAB_UNS_ALGORITHM (0x12)\n", - "RSN = HAB_UNS_COMMAND (0x03)\n", - "RSN = HAB_UNS_ENGINE (0x0A)\n", - "RSN = HAB_UNS_ITEM (0x24)\n", - "RSN = HAB_UNS_KEY (0x1B)\n", - "RSN = HAB_UNS_PROTOCOL (0x14)\n", - "RSN = HAB_UNS_STATE (0x09)\n", - "RSN = INVALID\n", - NULL}; - -char *sts_str[] = {"STS = HAB_SUCCESS (0xF0)\n", - "STS = HAB_FAILURE (0x33)\n", - "STS = HAB_WARNING (0x69)\n", - "STS = INVALID\n", - NULL}; - -char *eng_str[] = {"ENG = HAB_ENG_ANY (0x00)\n", - "ENG = HAB_ENG_SCC (0x03)\n", - "ENG = HAB_ENG_RTIC (0x05)\n", - "ENG = HAB_ENG_SAHARA (0x06)\n", - "ENG = HAB_ENG_CSU (0x0A)\n", - "ENG = HAB_ENG_SRTC (0x0C)\n", - "ENG = HAB_ENG_DCP (0x1B)\n", - "ENG = HAB_ENG_CAAM (0x1D)\n", - "ENG = HAB_ENG_SNVS (0x1E)\n", - "ENG = HAB_ENG_OCOTP (0x21)\n", - "ENG = HAB_ENG_DTCP (0x22)\n", - "ENG = HAB_ENG_ROM (0x36)\n", - "ENG = HAB_ENG_HDCP (0x24)\n", - "ENG = HAB_ENG_RTL (0x77)\n", - "ENG = HAB_ENG_SW (0xFF)\n", - "ENG = INVALID\n", - NULL}; - -char *ctx_str[] = {"CTX = HAB_CTX_ANY(0x00)\n", - "CTX = HAB_CTX_FAB (0xFF)\n", - "CTX = HAB_CTX_ENTRY (0xE1)\n", - "CTX = HAB_CTX_TARGET (0x33)\n", - "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", - "CTX = HAB_CTX_DCD (0xDD)\n", - "CTX = HAB_CTX_CSF (0xCF)\n", - "CTX = HAB_CTX_COMMAND (0xC0)\n", - "CTX = HAB_CTX_AUT_DAT (0xDB)\n", - "CTX = HAB_CTX_ASSERT (0xA0)\n", - "CTX = HAB_CTX_EXIT (0xEE)\n", - "CTX = INVALID\n", - NULL}; - -uint8_t hab_statuses[5] = { +static char *rsn_str[] = { + "RSN = HAB_RSN_ANY (0x00)\n", + "RSN = HAB_ENG_FAIL (0x30)\n", + "RSN = HAB_INV_ADDRESS (0x22)\n", + "RSN = HAB_INV_ASSERTION (0x0C)\n", + "RSN = HAB_INV_CALL (0x28)\n", + "RSN = HAB_INV_CERTIFICATE (0x21)\n", + "RSN = HAB_INV_COMMAND (0x06)\n", + "RSN = HAB_INV_CSF (0x11)\n", + "RSN = HAB_INV_DCD (0x27)\n", + "RSN = HAB_INV_INDEX (0x0F)\n", + "RSN = HAB_INV_IVT (0x05)\n", + "RSN = HAB_INV_KEY (0x1D)\n", + "RSN = HAB_INV_RETURN (0x1E)\n", + "RSN = HAB_INV_SIGNATURE (0x18)\n", + "RSN = HAB_INV_SIZE (0x17)\n", + "RSN = HAB_MEM_FAIL (0x2E)\n", + "RSN = HAB_OVR_COUNT (0x2B)\n", + "RSN = HAB_OVR_STORAGE (0x2D)\n", + "RSN = HAB_UNS_ALGORITHM (0x12)\n", + "RSN = HAB_UNS_COMMAND (0x03)\n", + "RSN = HAB_UNS_ENGINE (0x0A)\n", + "RSN = HAB_UNS_ITEM (0x24)\n", + "RSN = HAB_UNS_KEY (0x1B)\n", + "RSN = HAB_UNS_PROTOCOL (0x14)\n", + "RSN = HAB_UNS_STATE (0x09)\n", + "RSN = INVALID\n", + NULL +}; + +static char *sts_str[] = { + "STS = HAB_SUCCESS (0xF0)\n", + "STS = HAB_FAILURE (0x33)\n", + "STS = HAB_WARNING (0x69)\n", + "STS = INVALID\n", + NULL +}; + +static char *eng_str[] = { + "ENG = HAB_ENG_ANY (0x00)\n", + "ENG = HAB_ENG_SCC (0x03)\n", + "ENG = HAB_ENG_RTIC (0x05)\n", + "ENG = HAB_ENG_SAHARA (0x06)\n", + "ENG = HAB_ENG_CSU (0x0A)\n", + "ENG = HAB_ENG_SRTC (0x0C)\n", + "ENG = HAB_ENG_DCP (0x1B)\n", + "ENG = HAB_ENG_CAAM (0x1D)\n", + "ENG = HAB_ENG_SNVS (0x1E)\n", + "ENG = HAB_ENG_OCOTP (0x21)\n", + "ENG = HAB_ENG_DTCP (0x22)\n", + "ENG = HAB_ENG_ROM (0x36)\n", + "ENG = HAB_ENG_HDCP (0x24)\n", + "ENG = HAB_ENG_RTL (0x77)\n", + "ENG = HAB_ENG_SW (0xFF)\n", + "ENG = INVALID\n", + NULL +}; + +static char *ctx_str[] = { + "CTX = HAB_CTX_ANY(0x00)\n", + "CTX = HAB_CTX_FAB (0xFF)\n", + "CTX = HAB_CTX_ENTRY (0xE1)\n", + "CTX = HAB_CTX_TARGET (0x33)\n", + "CTX = HAB_CTX_AUTHENTICATE (0x0A)\n", + "CTX = HAB_CTX_DCD (0xDD)\n", + "CTX = HAB_CTX_CSF (0xCF)\n", + "CTX = HAB_CTX_COMMAND (0xC0)\n", + "CTX = HAB_CTX_AUT_DAT (0xDB)\n", + "CTX = HAB_CTX_ASSERT (0xA0)\n", + "CTX = HAB_CTX_EXIT (0xEE)\n", + "CTX = INVALID\n", + NULL +}; + +static uint8_t hab_statuses[5] = { HAB_STS_ANY, HAB_FAILURE, HAB_WARNING, @@ -209,7 +217,7 @@ uint8_t hab_statuses[5] = { -1 }; -uint8_t hab_reasons[26] = { +static uint8_t hab_reasons[26] = { HAB_RSN_ANY, HAB_ENG_FAIL, HAB_INV_ADDRESS, @@ -238,7 +246,7 @@ uint8_t hab_reasons[26] = { -1 }; -uint8_t hab_contexts[12] = { +static uint8_t hab_contexts[12] = { HAB_CTX_ANY, HAB_CTX_FAB, HAB_CTX_ENTRY, @@ -253,7 +261,7 @@ uint8_t hab_contexts[12] = { -1 }; -uint8_t hab_engines[16] = { +static uint8_t hab_engines[16] = { HAB_ENG_ANY, HAB_ENG_SCC, HAB_ENG_RTIC, @@ -284,7 +292,7 @@ static inline uint8_t get_idx(uint8_t *list, uint8_t tgt) return -1; } -void process_event_record(uint8_t *event_data, size_t bytes) +static void process_event_record(uint8_t *event_data, size_t bytes) { struct record *rec = (struct record *)event_data; @@ -294,7 +302,7 @@ void process_event_record(uint8_t *event_data, size_t bytes) printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]); } -void display_event(uint8_t *event_data, size_t bytes) +static void display_event(uint8_t *event_data, size_t bytes) { uint32_t i; @@ -313,7 +321,7 @@ void display_event(uint8_t *event_data, size_t bytes) process_event_record(event_data, bytes); } -int get_hab_status(void) +static int get_hab_status(void) { uint32_t index = 0; /* Loop index */ uint8_t event_data[128]; /* Event data buffer */ @@ -358,7 +366,8 @@ int get_hab_status(void) return 0; } -int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +static int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { if ((argc != 1)) { cmd_usage(cmdtp); @@ -371,7 +380,7 @@ int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) } static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, - char * const argv[]) + char * const argv[]) { ulong addr, length, ivt_offset; int rcode = 0; From patchwork Mon Jan 8 17:36:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123784 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3019782qgn; Mon, 8 Jan 2018 09:51:12 -0800 (PST) X-Google-Smtp-Source: ACJfBossixDNb7Jgrr8H2D0m4wjDOii7IIvchKHCc8bA769+x+W5w6tQJ5oTSXOfEzMLjqp4c/1t X-Received: by 10.80.152.44 with SMTP id g41mr17477649edb.247.1515433872859; Mon, 08 Jan 2018 09:51:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433872; cv=none; d=google.com; s=arc-20160816; b=ZZsE2thnxfyoGkfsBT00T+nadvJiaJCMHXjnKS1gTUEltPSPswx/OLEkZHBfSsO0tL tT3dOiharsFZQ+Kk/JdUo35EZaUHEvwANMKHOSi5Bnqe+ymDp4/QzZTHVELhxFUg8X2z 8oLIYZ/z1Rugrx4aT2oK7KWGGL94Il7BW1K6TRKMgQKsqhcpgF9aWca6k6vKBHLzgX66 C3dcRVrVFKXCu4VQFskQYQtEBnPK33HZSh9BerNXJlcihK8lFkt2uRp0zYlisy5d7zRS cbUk6aWjOc9m4CaL3Ha9v16yu74NNxFLtbecnT0hgEJnt8r1f8NLtJryMxBaEKZLe/v8 dvvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=DXkR2j1oxNcWeIl+xs1+0ETHBzZ+ilAQwMDO/taxzy0=; b=OJ3737Q5hbW7WFv2IAIcQhJM3cp12+YUEgEj0FcXxirjD1HyYd0Zhv9ufMODRymNhY LgfUjkcjXTtJcXMSjSjR1IHClLLB+GHEJc1/qM9xHHfgZKtYC9L4Lk4W/jeXXpss7dm4 P4f/2T+qlb2njDY9yz4EznwFxRhd6oiVUp47ogmqCa/IC/OIOcvYhNTb/zfvX5MwmPxm nLy0eA55XbDEZk6LoaycS/U3PF60Iur/P1rpfdpKnutJk4WSHvshGg1NPr/VuMb2eMBg CAe6OilQdJ66V+C5nQy00ONTMYxtwDhCD2YbZK/G0ezdtuikV00YVVKjuLJ56YTx2vDW eWOA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JEcvS+Bg; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id d93si4578401edc.431.2018.01.08.09.51.12; Mon, 08 Jan 2018 09:51:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=JEcvS+Bg; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 6509AC22010; Mon, 8 Jan 2018 17:41:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0458EC21F34; Mon, 8 Jan 2018 17:37:51 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 67FA1C21FEA; Mon, 8 Jan 2018 17:37:13 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 25615C21FB2 for ; Mon, 8 Jan 2018 17:37:09 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id r78so15702662wme.5 for ; Mon, 08 Jan 2018 09:37:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0v85GZrGCitCwBATqD5yxfGjXAWTdFERjIXWxnVLUy8=; b=JEcvS+Bg/ozZ1v2+xb0yMIesO49+ESDXeyw8bepHjVZQ+3VN4+yYf7mpeleVqZy+sj ORHwy+dzIvT1rKLlk80lBAPxwJEpVgl5cP5eoi8yElSp/BTeMKa6YmboCnYscv/unStq Vd+AssTtXIKx8Ecc3pQZRWb0akHxJzqnRvM5Q= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0v85GZrGCitCwBATqD5yxfGjXAWTdFERjIXWxnVLUy8=; b=Prtye+TmfSltvCZTaazL7i0LdpsKLgP28IgC8SOnu6xiWzcvNEtdy93hYkyi3I66+Z lMENWEoMlfEICXMIci2pPcmhZD026Ok1QgrAMI/AAaQOnxB7EskYPl/XtL5hbnwt7xdI vXdThfpjhCHUDh84tiLGsjxrR9+Aw7GsL9uEbDVp2SsAXS27q9nxn0CZ9ZH9Npybs44Y MlStAdRV/fXZG1rE+o9KcGB7TtKqfd3DbLVOPqd/U0TDVFtjKZStNByRYSjvZ5WfvVkA 32IlqUt+TlYEAItYQ+5Z/VvPIgLCIhau4lBNDJp68F0X1Vq40ENREwJrxRcqfGtIUNXv nVtQ== X-Gm-Message-State: AKGB3mL2nT+l3NfkT54B7T39oKO3QDQ6q4WH0OtjweyLHDBVGtM3VOTx aLuXXZSvpyGwAi1KkcN+ocecl7EI03o= X-Received: by 10.80.148.163 with SMTP id s32mr17636203eda.164.1515433028533; Mon, 08 Jan 2018 09:37:08 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:07 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:36 +0000 Message-Id: <1515433001-13857-20-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 19/24] arm: imx: hab: Prefix authenticate_image with imx_hab X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Tidy up the HAB namespace a bit by prefixing external functions with imx_hab. All external facing functions past this point will be prefixed in the same way to make the fact we are doing IMX HAB activities clear from reading the code. authenticate_image() could mean anything imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/hab.c | 6 +++--- arch/arm/mach-imx/spl.c | 5 +++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 14e1220..98bc1bd 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -185,7 +185,7 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset); +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index ec85548..7c2f828 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -392,7 +392,7 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, length = simple_strtoul(argv[2], NULL, 16); ivt_offset = simple_strtoul(argv[3], NULL, 16); - rcode = authenticate_image(addr, length, ivt_offset); + rcode = imx_hab_authenticate_image(addr, length, ivt_offset); if (rcode == 0) rcode = CMD_RET_SUCCESS; else @@ -435,8 +435,8 @@ static bool is_hab_enabled(void) return (reg & IS_HAB_ENABLED_BIT) == IS_HAB_ENABLED_BIT; } -int authenticate_image(uint32_t ddr_start, uint32_t image_size, - uint32_t ivt_offset) +int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, + uint32_t ivt_offset) { uint32_t load_addr = 0; size_t bytes; diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index e5d0c35..a5478ce 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -196,8 +196,9 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) /* HAB looks for the CSF at the end of the authenticated data therefore, * we need to subtract the size of the CSF from the actual filesize */ offset = spl_image->size - CONFIG_CSF_SIZE; - if (!authenticate_image(spl_image->load_addr, - offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { + if (!imx_hab_authenticate_image(spl_image->load_addr, + offset + IVT_SIZE + CSF_PAD_SIZE, + offset)) { image_entry(); } else { puts("spl: ERROR: image authentication unsuccessful\n"); From patchwork Mon Jan 8 17:36:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123789 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3022345qgn; Mon, 8 Jan 2018 09:53:57 -0800 (PST) X-Google-Smtp-Source: ACJfBou+F255TYN8mIN45TggydGUKdDK4ziP5HSwr7CXnXRfEot+EVBU6BWWUCxBJKXopO80jeIS X-Received: by 10.80.177.228 with SMTP id n33mr17609559edd.24.1515434037702; Mon, 08 Jan 2018 09:53:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515434037; cv=none; d=google.com; s=arc-20160816; b=be/S72AwxbG88ov98mTk5t1gwsNKtiFOi6yDuVWcpm+K1y9+eZgx8uxlKM+y1SY2Fb bOr7qTCB+8cfy99L6zDJ8ETd+xfd/fk1mWKpyN0a5oD9mNOsQiNfucLUePBWJm+NkO4Y ATFZgtPN7baEzV97N5Ao0QTytuxPAL+Dbcl4Il7cL2cydhrxewdvKkF448JWElCy24Vq wo8OtVVUOjJXjv1/tYnPJ6WJVtSbq/jMjMbv1pI5s5nG8qTSkvhr4DZdqlKwyHvQypnJ m/WTkT6QOZEN8SHZFZGRvhOxJmf8jPQVcqLWmw5QJ30w3F4S+MHSlctktZjcftDaOz5c DTPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=GVaImeKQv8c9HURJ1MbdFJk5KU94mHN3MRWj7q5n7WI=; b=hKpSF9Ux0smBEpuN/IIeLddZUe8/npuGAw7ukw7fhMYrv8fM76zXFvyh0EsN0OqK+W 01FApJic3rr+Tx7Qw36Pn7yzmchd9I/8W6y1xfplzEpJqMd3yJEGxBtCzkA4C4H61UN7 iPFOgH4zM7kmxJEeqlZSU56+9kPERPYs8535Hsxs1dD0m1eYHAHy6OrlaJSNsCglw11q cSOHdNQ6pS1RwaxlaBCKOEBtBWDGifhf5pEbH6Qb097R9EUOJmW4GNrzg2iYvBIHQR9l WujrNzwLHzRt4bAorxhMWr5Zc6lNRvzBvUjWa6d+hhICu4CzkHfyBmTAdYHPUtZjD04U a/bg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=bEju57T+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id c30si5669757edd.323.2018.01.08.09.53.57; Mon, 08 Jan 2018 09:53:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=bEju57T+; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 53FA2C22019; Mon, 8 Jan 2018 17:43:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 35CCCC21FC2; Mon, 8 Jan 2018 17:39:16 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id DC36AC21FB1; Mon, 8 Jan 2018 17:37:15 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 5CA19C21FB3 for ; Mon, 8 Jan 2018 17:37:10 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id f140so15702721wmd.2 for ; Mon, 08 Jan 2018 09:37:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nGIEjc2a9GAls5q7sRPcFfII761Ac+TZJbzZmKFmiRE=; b=bEju57T+daNKYoDYDGmaxdElEDIsDrs8J21Is3Ihw6KSHD1paKznkD2NMOnfhZfrnN G3VXTkFsv/KplsIvM1/0B3ob3kOaWtSeXhLeP6Kowwlqi4CtO9fD6HJB/M+fZ7nGYWsS lj4qyPddMp0htFg+TXGHSRGx8QNoTdtDqQc2E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nGIEjc2a9GAls5q7sRPcFfII761Ac+TZJbzZmKFmiRE=; b=HRR53+lwKQeZZwtPVmpwZ8+2QNEYdEp5eDhmJcJ1WaAOzCGrPHOULPU+g106756Epm tuW1i4vDZxnNupf9Gq6dxvUWN1glWvLQLIpS9B4F+TjrZezGzj7XWSd0LYYs3yAqqT94 3aLOYLzsNnp1UQz+n6qQ0AoxS4HqQWk/bkE6On+1AO5xpro39QP+y3igZVc3BTmZhL7q fLMm0inkIw0oPw+u0CMYigvxNEmgsZgJEgKWRdQtXGgvgpKB8PpZwQY5lrrhifFW6TlE xcv5bPKj93sB0lq3Kc+DNtpIa4L16ih8uuA310if5b2W5w+kwAUo6ean/pWhnQGUww00 G1wQ== X-Gm-Message-State: AKGB3mLKACdNKDanA7vCHm3YJLR+X8DP4ED7PHKV9PSBUorTAJ6Ai5dc RW6MdjMlK6S7Gn5PVREVTXxYkON11tc= X-Received: by 10.80.217.76 with SMTP id u12mr17367083edj.171.1515433029730; Mon, 08 Jan 2018 09:37:09 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:09 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:37 +0000 Message-Id: <1515433001-13857-21-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 20/24] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Understanding if the HAB is enabled is something that we want to interrogate and report on outside of the HAB layer. First step to that is renaming the relevant function to match the previously introduced external naming convention imx_hab_function() The name imx_hab_is_hab_enabled() is a tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 7c2f828..d917ac3 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,7 +96,7 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool is_hab_enabled(void); +static bool imx_hab_is_enabled(void); static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { @@ -334,7 +334,7 @@ static int get_hab_status(void) hab_rvt_report_event = hab_rvt_report_event_p; hab_rvt_report_status = hab_rvt_report_status_p; - if (is_hab_enabled()) + if (imx_hab_is_enabled()) puts("\nSecure boot enabled\n"); else puts("\nSecure boot disabled\n"); @@ -419,7 +419,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool is_hab_enabled(void) +static bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; @@ -456,7 +456,7 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_exit = hab_rvt_exit_p; hab_rvt_check_target = hab_rvt_check_target_p; - if (!is_hab_enabled()) { + if (!imx_hab_is_enabled()) { puts("hab fuse not enabled\n"); return result; } From patchwork Mon Jan 8 17:36:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123780 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3016966qgn; Mon, 8 Jan 2018 09:48:15 -0800 (PST) X-Google-Smtp-Source: ACJfBou+LZekq0rwpLvd8qhGRbYga3fFy9Ucsp7l9zUO2Fylqnq67+2oI2fvEa5B27wLk501mGcP X-Received: by 10.80.164.169 with SMTP id w38mr17232883edb.154.1515433695090; Mon, 08 Jan 2018 09:48:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433695; cv=none; d=google.com; s=arc-20160816; b=rWWqPLXmVE3JKZMWA2jAgtY7D7O4PszYZSvuPfrx1cHvKNxXziiINveyglVYHghSaO ixM2JfI7378PliNgNYrxiXUMEfYLkV1Ce8EfPuvBoIrd/ZMIRZLvn9wOYakMxryi68XG qB9I+TbcadirT7g6vvy5qiAwUeUtA0PZz7oTrUPLbG6Q3c853T8t1i8GAiX9Vc3u/Cuh CsLjec1IB3jNM3w2oiDH9PzYNjx9KgqQkLDtnjkjyd7lZ1z/RiIpcZVCbdUKU+fXoMZJ co1+DU0Yb0wzTUxKKrn6lz/q2x8khJ7XMY3knLbM7kIPggXoEtFiVEuJYydyjgeN6aTD XNMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=R1sTE8ZbVOpiILZyGlQKjH9kno3AWVf2RTC/Po96NK0=; b=tN5jVDfQYiTRw3LAD0+nj+e+ltzU6ce/W+yk2+zeCzdLDHFVcRsP8PxEVKLOGPOBik ibx7/ZL+1Q+5Xw22zaOjD1U4bJc5lfVjnyfUG4sUjoUddWTIALRfhCRAMwCB1g6b2++D m7d77PKBvtqZLDxeu2ya+hil7YYU4PISHbi2rp6OiNlc1KWl2fz3OWmj1Le6fkF+4Zfx 8owqKQlLwTDwzIUBaPVtpLX7mCgyjSc2oZw22rZI0LeFSQ2Pny5/Y+jpEINVTI5W5Bfo 5EFQNSnbt4dhxE+ymvEUqqaG+CflkI56AF22GfH4BuG/yw8OtWcKC4MTuTAELU/1DuJ0 01Tg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Jy96ZZEQ; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id i93si2229368edi.281.2018.01.08.09.48.14; Mon, 08 Jan 2018 09:48:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Jy96ZZEQ; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id A0125C21FC7; Mon, 8 Jan 2018 17:42:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 30211C21FE6; Mon, 8 Jan 2018 17:38:47 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 607DFC21F74; Mon, 8 Jan 2018 17:37:15 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id 7EB23C21FA6 for ; Mon, 8 Jan 2018 17:37:11 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id b141so15724457wme.1 for ; Mon, 08 Jan 2018 09:37:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=umGmZEjot344qOI5ziRpJJ80+Fs+00BhzDmOISm0mco=; b=Jy96ZZEQKlO+R+8Q7mzYscBjY18yJoFCa+O0DLaVWBBcca1YPx7r84jhS4PkuVCRSg nqy6BPvZVMKXF/vyRyNHw8zj/S8Q23MoTPEmzIVarhNAdQV7+zO4HmS480b7UAHves/4 FMxO2MYtFxTwfLqhIhLOjg03i3kBwMb3uOIy0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=umGmZEjot344qOI5ziRpJJ80+Fs+00BhzDmOISm0mco=; b=Ni4hX9nMMuoHIzS082og689c5Z4wS6rNScjf2tihViLb1Z3RR39axgV1+gsdx6wpIR hzsvQX4YqzF+yhXIQioeve0iJIjubxsp57/kkZDQ55fkeXY9Aq3PkRGVFSPY9cKCoRLX glQOo+3uHng9sgBuxDxY97Z2vgikZVWhWnvSEuLNQq18qTZNhfN8dTPH2PPQe7lgUHSc aDlH/qiuJZwA5RmqZPQeLAyyA0clx+OQriKX+b6xh0aY5yQ7EVBx632tAX3JR0hD7TJG B8Iefub6hULkv/ZG9mItJJZDr/2kpWFza3jlP1y6TE98ws6iWX47Rx9dyiItHcZqlrk8 HXPg== X-Gm-Message-State: AKGB3mItAL3pUX2TY4NUffgzwzV9455gEqz5/YTdcxyvvNmBmJaNtJfi HgS30bcNXm/x78LhJuT/wlMqEG7bKW8= X-Received: by 10.80.145.252 with SMTP id h57mr17264572eda.19.1515433030888; Mon, 08 Jan 2018 09:37:10 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:10 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:38 +0000 Message-Id: <1515433001-13857-22-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 21/24] arm: imx: hab: Make imx_hab_is_enabled global X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 + arch/arm/mach-imx/hab.c | 4 +--- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 98bc1bd..5c13aff 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -187,5 +187,6 @@ typedef void hapi_clock_init_t(void); int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, uint32_t ivt_offset); +bool imx_hab_is_enabled(void); #endif diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index d917ac3..86b4018 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -96,8 +96,6 @@ static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, (is_soc_type(MXC_SOC_MX7ULP) ? 0x80000000 : \ (is_soc_type(MXC_SOC_MX7) ? 0x2000000 : 0x2)) -static bool imx_hab_is_enabled(void); - static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr) { printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str, @@ -419,7 +417,7 @@ U_BOOT_CMD( #endif /* !defined(CONFIG_SPL_BUILD) */ -static bool imx_hab_is_enabled(void) +bool imx_hab_is_enabled(void) { struct imx_sec_config_fuse_t *fuse = (struct imx_sec_config_fuse_t *)&imx_sec_config_fuse; From patchwork Mon Jan 8 17:36:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123788 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3022247qgn; Mon, 8 Jan 2018 09:53:50 -0800 (PST) X-Google-Smtp-Source: ACJfBou5kQznhiuvL28Kugp7kQ8F6mjvKlSHJYzEYewG36raG5Jdi/CefaJdKcv17XUbPtPcd5ke X-Received: by 10.80.244.195 with SMTP id v3mr17369722edm.165.1515434030732; Mon, 08 Jan 2018 09:53:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515434030; cv=none; d=google.com; s=arc-20160816; b=FGduv15hrwDyvzYFOIuunmuKrdfzInrPoILOUn5QjJG+Jvz6WrXu3n1M+VQKhIkoKo IbDi2Ho/z4E7Cr4WYX9Zptg9GRhmkqvWzZEfzlPRnosP5r4UrwsaKjb+TOGs/AWQKpPx H+Kk+BEuyWyx+4BmeX26hYeDNgWM3GcarAYz8SL825NrEBuhv9b1qg+R/pf3mdxxfJ/+ SQR3vHWIt3hZa4Dtxgzxn4VEjXKolsazJlqjDX5Dd2nqarz2M8DLpkBSBvM6GrrOxcgZ jXTvBqyW1bus2EGK6zpF6FyhI1pN2yEBjTkvoBUBv/kM4F9ujLIhJkEmQzeQVP1InW7K u35Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=nEiq0xect4AoWDmrA6PY0pIBd0aNAXXS+iZ9gzfxaCI=; b=yX9+mpED5ph5EMHNbM+A2VANQ1iZA+XVGVb0QCELmbHn6BAn04s6bZkrHyNU7PTvPQ 75oH2thnIqMyBFm9NDYvQs6Remc2YqopBdROb3AVzMI2iL3dRPsnoEYmR9B/+IEVJX94 CCw896JEBj2pM8DzHbbRn95CkayVxBwNl/rjKskQnfUN9kvqtf1mDDoRe+uuYx1bGmq4 XfCCoL1mIP/6Y6TXFuXTF0X4CutVOUh+IovIZ8FJfdKa03hxuZRmaHcnzR0Q8fmTZK1W P4xTBWm7QA3me5EP+HYWrpUXrhd+Ir0liHunKwa3vOfIihrtXNazAR76Bi75NXLbmHGQ 73kw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dDHefnh8; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id n11si273880edi.134.2018.01.08.09.53.50; Mon, 08 Jan 2018 09:53:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=dDHefnh8; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 029D1C21F7E; Mon, 8 Jan 2018 17:42:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 74AF8C21F7E; Mon, 8 Jan 2018 17:38:54 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3DFC1C21FC9; Mon, 8 Jan 2018 17:37:17 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id A0AE1C21FD4 for ; Mon, 8 Jan 2018 17:37:12 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id y82so16766486wmg.1 for ; Mon, 08 Jan 2018 09:37:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=cYwMYV7HIFFPZjWLmuiyD2xuH7kQg/RPLyU9z34NM2o=; b=dDHefnh8kFxSCWT9sfNJKHCIJDl+/VHYIAsZ1CqqNBtvHGRbMNKYDuW6N2vX8nGxZi f+9uwEHtS/liviBQo6dXjxSPkALOTUPIS22FETub3Bo8WnBHg20D6OUisUgcmazdtsRE 6G3xT4CL7WskQetHQDjKA8SLCd8VNVoeBUo/A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=cYwMYV7HIFFPZjWLmuiyD2xuH7kQg/RPLyU9z34NM2o=; b=cdQGfKn+Z2qlXXxWQQJGnEEj9KMkZ/ki2SZUJ+frxDUVawTrQy0r2QpSQrXbIkC6QC vSDSll9vQjjid3ERCCTrkSVBzGsrPEPdDRX6vZcMewGKMJA7eTcw0JVnaZwulun4/H0R m67BcXIElOHcLFxqeBZbS3si33RapOGenlz/ZPSUs7LEyupyYvWixsKAJVfhxWYwv6jK nYoMsU/tvqG/vSG3LnBW2+qB4RONnJoRpkOY/vJB22YzzHJUnw/SzvoLq9WHvf3sugtE iE9iLmlNXKq23fQB6HFb8nPiEsTbUX9BDBc0hVb6CsG7CgXmsw3bn/9WyV2lNVWTAaSh m8Hg== X-Gm-Message-State: AKGB3mJWygKTIV3dwmUU+hGfVTp25Dg+F7Iu7IxUgkTtMkMhBhJ/qmAI +skGJoEdx2rqqpsmynNRlefCrmG9IyI= X-Received: by 10.80.173.163 with SMTP id a32mr17850453edd.114.1515433032052; Mon, 08 Jan 2018 09:37:12 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:11 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:39 +0000 Message-Id: <1515433001-13857-23-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 22/24] arm: imx: hab: Define rvt_failsafe() X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" The hab_rvt_failsafe() callback according to the HABv4 documentation: "This function provides a safe path when image authentication has failed and all possible boot paths have been exhausted. It is intended for use by post-ROM boot stage components, via the ROM Vector Table." Once invoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h index 5c13aff..a0cb19d 100644 --- a/arch/arm/include/asm/mach-imx/hab.h +++ b/arch/arm/include/asm/mach-imx/hab.h @@ -140,6 +140,7 @@ typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, void **, size_t *, hab_loader_callback_f_t); typedef enum hab_status hab_rvt_check_target_t(enum hab_target, const void *, size_t); +typedef void hab_rvt_failsafe_t(void); typedef void hapi_clock_init_t(void); #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ @@ -170,6 +171,7 @@ typedef void hapi_clock_init_t(void); #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) +#define HAB_RVT_FAILSAFE (*(uint32_t *)(HAB_RVT_BASE + 0x28)) #define HAB_RVT_REPORT_EVENT_NEW (*(uint32_t *)0x000000B8) #define HAB_RVT_REPORT_STATUS_NEW (*(uint32_t *)0x000000BC) From patchwork Mon Jan 8 17:36:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123779 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3016783qgn; Mon, 8 Jan 2018 09:48:05 -0800 (PST) X-Google-Smtp-Source: ACJfBosStZa716HxX9nshdt272Ra5U7ssEuuq2DtPVMDQeYZFW4dbgegT3g9E/x8kSvmLm4c/ODt X-Received: by 10.80.206.67 with SMTP id k3mr17834106edj.153.1515433685500; Mon, 08 Jan 2018 09:48:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433685; cv=none; d=google.com; s=arc-20160816; b=rFDH1efV0T+CWtQSeNxXXNXBiHnQHRoGHfPQxc2l++Fp5PBapbpt4ezWTzKMltwgFJ QCSDqiWdCY3Li07INSwnakm9BdqLEkLt78EfvXU9AOfraLKtbEbpeqvi0DsV/1FP+Mj/ q6UX7WjtcscwxKVWM5HSgRPpGrIAG8Qk2LkgXXCAeEtyBKafsOo2tV0VJW7/21ww59Pg I/343EZRrlbK5s9CHQHGQM3+i28va2zR14L4HCKPn0O8zLD1OIdbREssRjvjQAJSPiwC UTviP4nZYujjHoNlA37DEnJqaqG366Zy0DEXFWf/Lnx6oscwOdd0Nm7BNXYCRjoJxvjc jicA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=eXf0F++sFkX9bibDnkJMGNjK/ieleo7zAYXOYOoof3s=; b=i1OkHKVobei5lPFXzq3BK6a299nXXCjZCwyx95l3j7jFVtysn9SxCIctinTRX4IHi1 Ir+Ph8K4/E8wSXT2AgvMpZWiZHYOiCb5BtQjJGPaQuS/GZsH7rhbRjCE2JH6fMMBU44z ahtZQJKUnjcBlWBbynhGaoMXFUZk//O2MjcFKbxm7ODWuuwAlm22+PWGZKOs+n/XNfSc uFBCZM2URGhv7aMBWfQKhZ4q2uezec+wpb3YY0gb3zJXw5di1EBe8Y2+RgqPa3Hpfvqp /HRPRgJbUJgdmWorG7i6e6wosgTrkc560iM6hOwTDmjEaK7uaAq/9eDYQNGhPXDGBpzq iWUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ijd0a1np; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id v24si8821759edb.215.2018.01.08.09.48.05; Mon, 08 Jan 2018 09:48:05 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Ijd0a1np; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id F2A8FC21FD5; Mon, 8 Jan 2018 17:42:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 4F96FC21F1D; Mon, 8 Jan 2018 17:38:48 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id D90B4C21FCF; Mon, 8 Jan 2018 17:37:17 +0000 (UTC) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by lists.denx.de (Postfix) with ESMTPS id D384CC21F68 for ; Mon, 8 Jan 2018 17:37:13 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id y82so16766557wmg.1 for ; Mon, 08 Jan 2018 09:37:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ZDXvNopNZ3MxjDFrb4STkYo1ABudP+GjI7TZyqjNaD0=; b=Ijd0a1npwEDMPrkZg0HRKxachy81uWftgSq43rMDSDT4tx+1X92ze7GU/CqEZBSDnG 2CC3b4oluCj4foCVTkkJxsEJk2UBTdZPAShvOp4k7VxW4cssUIxxA3Jkkq1/Ya6quvuD X6UCnI5SodxXHMs36vaPd7nc5gmNcBgopdgSk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ZDXvNopNZ3MxjDFrb4STkYo1ABudP+GjI7TZyqjNaD0=; b=Rjy4TZfVkfVabv0ShRun/+DC7rwVmUzU3PCUROL4kj+N4fizuM201YbfaczhCf7vGe G1NR2sUOYgl42ucwvWEkAb/YYIP9ZaencBXtKIvt11fkLZQam7Ygytj7Df47LRHXx/kL /Q7koYpVrUQdREhpnsclVP1ybHwA9oMX5VYf+D3I8z7P00PhFDdQDEQ5KDwIK5AB+BVU MiWbxgWatOjvg6XqYhcUJg0SC6QUvN20MsS/GCCFwh/BIfCIM/zsUBfpWulXVnt4ri/3 8Noz88OWL+NQ6Bg8Fqypkllq1sdRh/cw4OBregi7dLTZ7uiL1WM6mj0hzQWy/FbPS/ju fgdg== X-Gm-Message-State: AKGB3mI/y7npOKI6vSTuWrzQuexgZJodoZB4jeofAaKaIYte0yNiPSFS ggayJQlz1hue5Ifl7EjtNXsu9id72fU= X-Received: by 10.80.222.66 with SMTP id a2mr16939742edl.236.1515433033220; Mon, 08 Jan 2018 09:37:13 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:12 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:40 +0000 Message-Id: <1515433001-13857-24-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 23/24] arm: imx: hab: Implement hab_rvt_failsafe X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch implements the basic callback hooks for hab_rvt_check_failsafe for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just do nothing and there's definitely a TODO to implement that extra functionality on the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index 86b4018..f39b320 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -70,6 +70,21 @@ ((hab_rvt_exit_t *)HAB_RVT_EXIT) \ ) +static inline void hab_rvt_failsafe_new(void) +{ +} + +#define hab_rvt_failsafe_p \ +( \ + (is_mx6dqp()) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6dq() && (soc_rev() >= CHIP_REV_1_5)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + (is_mx6sdl() && (soc_rev() >= CHIP_REV_1_2)) ? \ + ((hab_rvt_failsafe_t *)hab_rvt_failsafe_new) : \ + ((hab_rvt_failsafe_t *)HAB_RVT_FAILSAFE) \ +) + static inline enum hab_status hab_rvt_check_target_new(enum hab_target target, const void *start, size_t bytes) From patchwork Mon Jan 8 17:36:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 123785 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3021264qgn; Mon, 8 Jan 2018 09:52:45 -0800 (PST) X-Google-Smtp-Source: ACJfBovs5yWMouO2XTa2sw4bcmTGmZRIPlmg1kAJelsCKbVAa+IUqLz7LI/RfBtlA6DP8V1NRRWK X-Received: by 10.80.157.6 with SMTP id v6mr17406655ede.123.1515433965353; Mon, 08 Jan 2018 09:52:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515433965; cv=none; d=google.com; s=arc-20160816; b=SB2oTJGdwbnzZHB44CWP7z0juICmaOom5ul46iW8ul5ml1Ol2KQ03jE8spncUC5x+w jZWyikfcYO+nA5yRyk3+XS5z1Txw8dI6LFRl/ZGN5IZ2HMCO+maCTTN8VmCcGTDWtxBY Qqk//HbCYJ9CJ5IRTsmMWma+4DgG8qCoSZ4qaiQG2tGGq6utKHYJJNvg6r4Q7BQL6IRi oPnZC4M7qMoJOmXXrsQEVBefdhVXSayK80PpglU1BA7n/hFVRk+8S3ifqn56KunBAuwn 5mMwWhxvaGGkjk5kYb6h7veIM9NNnmcZRpF+IEvsjIK1d1gnj1/1FzTWlU2mpoIQziH4 JJyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Kh1JVvbV5u5re8Xyjinh6kTc3ldPklrZjbDvdfaPwbw=; b=JcDwVPy7lfiFz2W7T5sUAQpMBweTw9zYYqcyuFWKixbiWrIk2F/n/JqgJAq1HrIZxa 4iiYXK8nDr1PgYKyeVoPFRKzcKK26y8Q9TwhkBEc5GYdhNWK5SQadOfukA9Irza9qgJe ZgAsHwpI9Do7SyJSmp6TDX3znaOcSMJCa+4yEa2SvQKK2doagU/Uwae0+nBz7zmOPPSp d27JSVMUNRuH761HmGZUOnSwn9ulTXXhzsHvfYbUHtoUgjfGsx/qAheMgGo5752GnIf8 YJubwjKGiqAMRJJ7yhJg+Ens9c0RS2K11SkbZF2IGTIWp9lRdh4BCuLHqdObks0UZYDJ tl5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=L0ZHRShF; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id g61si6646818ede.22.2018.01.08.09.52.45; Mon, 08 Jan 2018 09:52:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=L0ZHRShF; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id E40ECC2201B; Mon, 8 Jan 2018 17:43:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C4BA6C21FCE; Mon, 8 Jan 2018 17:39:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A79BEC21FC2; Mon, 8 Jan 2018 17:37:19 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id 362ADC21FB2 for ; Mon, 8 Jan 2018 17:37:15 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id f140so15703238wmd.2 for ; Mon, 08 Jan 2018 09:37:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=hGYAUC2um2TiGg7s7kWhfUsqjvwOv2BiNEaLB1KTxA4=; b=L0ZHRShFa7NKMMB4MkapUlEzgZod+7ir7KRhSAydKPWQcfrbkR03JftN1rb0BF1/5t 04AZSu0B5SkKFqbjfzxlrFJC6XKZDwcPtWL9MabhbDHy616jk7qc7GoutpbU4c0Z1D6q QFAKNrSKNxh+Z1ALgD469yU1tvXN829hFpm7U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=hGYAUC2um2TiGg7s7kWhfUsqjvwOv2BiNEaLB1KTxA4=; b=t4qw/QxLS8esaF/q00Lr9KNm4kE0kE5QttSvTDdRlzVuCYgrKWNNG1fPtWR6rkw+o1 mw4X+mmWST0DlW74px3Uy/K6m18DlEmyd1a0nWfKsWTH2IjlVQV+LtKpTGBukkNUgKHw 5SyycfhMGLZ44MCsNCfcSCS18rqfA4YyNm7tvRNbYCQEzWwDBDklXS8X4ciBhIEmjp5k 68endERLzHhExaF9l1NDTqHMncdXu5zHZKekB2Qh4dghoZYTmO5WbTlO1fVkXepnYF+p vz19aiJrzj0DrfkBjosjIX0U17Uh2Ie2CMImL0sX5zuoW5G0mREzizphg+1wLvpaijcp tisA== X-Gm-Message-State: AKGB3mJfU94kEIE9oE0/qQc5q8Ppeq8St+NNYPxvQTmxPmvsVo9QLex0 0ewBOrV0Y78CY1SQmEXwh6tyfaNMbyY= X-Received: by 10.80.202.135 with SMTP id x7mr17881945edh.30.1515433034581; Mon, 08 Jan 2018 09:37:14 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id a38sm7160033edf.3.2018.01.08.09.37.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 08 Jan 2018 09:37:13 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Mon, 8 Jan 2018 17:36:41 +0000 Message-Id: <1515433001-13857-25-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> References: <1515433001-13857-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v5 24/24] arm: imx: hab: Add hab_failsafe console command X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" hab_failsafe when called puts the part into BootROM recovery mode. This will allow u-boot scripts to script the dropping down into recovery mode. => hab_failsafe Shows the i.MX7 appear as "hiddev0,hidraw5: USB HID v1.10 Device [Freescale SemiConductor Inc SP Blank ULT1] " in a Linux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index f39b320..c0e04fa 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -414,6 +414,22 @@ static int do_authenticate_image(cmd_tbl_t *cmdtp, int flag, int argc, return rcode; } +static int do_hab_failsafe(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + hab_rvt_failsafe_t *hab_rvt_failsafe; + + if (argc != 1) { + cmd_usage(cmdtp); + return 1; + } + + hab_rvt_failsafe = hab_rvt_failsafe_p; + hab_rvt_failsafe(); + + return 0; +} + U_BOOT_CMD( hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, "display HAB status", @@ -429,6 +445,11 @@ U_BOOT_CMD( "ivt_offset - hex offset of IVT in the image" ); +U_BOOT_CMD( + hab_failsafe, CONFIG_SYS_MAXARGS, 1, do_hab_failsafe, + "run BootROM failsafe routine", + "" + ); #endif /* !defined(CONFIG_SPL_BUILD) */