Commit 85bb38965431424d4e4a7b5030cc589a3401a988
Committed by
York Sun
1 parent
c4666cf695
Exists in
v2017.01-smarct4x
and in
29 other branches
SECURE BOOT: Change fsl_secboot_validate func to pass image addr
Use a pointer to pass image address to fsl_secboot_validate(), instead of using environmental variable "img_addr". Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Saksham Jain <saksham.jain@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
Showing 3 changed files with 28 additions and 14 deletions Side-by-side Diff
board/freescale/common/cmd_esbc_validate.c
... | ... | @@ -29,6 +29,8 @@ |
29 | 29 | char *hash_str = NULL; |
30 | 30 | uintptr_t haddr; |
31 | 31 | int ret; |
32 | + uintptr_t img_addr = 0; | |
33 | + char buf[20]; | |
32 | 34 | |
33 | 35 | if (argc < 2) |
34 | 36 | return cmd_usage(cmdtp); |
... | ... | @@ -43,7 +45,15 @@ |
43 | 45 | * part of header. So, the function is called |
44 | 46 | * by passing this argument as 0. |
45 | 47 | */ |
46 | - ret = fsl_secboot_validate(haddr, hash_str, 0); | |
48 | + ret = fsl_secboot_validate(haddr, hash_str, &img_addr); | |
49 | + | |
50 | + /* Need to set "img_addr" even if validation failure. | |
51 | + * Required when SB_EN in RCW set and non-fatal error | |
52 | + * to continue U-Boot | |
53 | + */ | |
54 | + sprintf(buf, "%lx", img_addr); | |
55 | + setenv("img_addr", buf); | |
56 | + | |
47 | 57 | if (ret) |
48 | 58 | return 1; |
49 | 59 |
board/freescale/common/fsl_validate.c
... | ... | @@ -570,7 +570,7 @@ |
570 | 570 | |
571 | 571 | /* Update hash for actual Image */ |
572 | 572 | ret = algo->hash_update(algo, ctx, |
573 | - (u8 *)img->img_addr, img->img_size, 1); | |
573 | + (u8 *)(*(img->img_addr_ptr)), img->img_size, 1); | |
574 | 574 | if (ret) |
575 | 575 | return ret; |
576 | 576 | |
... | ... | @@ -646,7 +646,6 @@ |
646 | 646 | */ |
647 | 647 | static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) |
648 | 648 | { |
649 | - char buf[20]; | |
650 | 649 | struct fsl_secboot_img_hdr *hdr = &img->hdr; |
651 | 650 | void *esbc = (u8 *)(uintptr_t)img->ehdrloc; |
652 | 651 | u8 *k, *s; |
653 | 652 | |
654 | 653 | |
655 | 654 | |
... | ... | @@ -661,17 +660,14 @@ |
661 | 660 | /* If Image Address is not passed as argument to function, |
662 | 661 | * then Address and Size must be read from the Header. |
663 | 662 | */ |
664 | - if (img->img_addr == 0) { | |
663 | + if (*(img->img_addr_ptr) == 0) { | |
665 | 664 | #ifdef CONFIG_ESBC_ADDR_64BIT |
666 | - img->img_addr = hdr->pimg64; | |
665 | + *(img->img_addr_ptr) = hdr->pimg64; | |
667 | 666 | #else |
668 | - img->img_addr = hdr->pimg; | |
667 | + *(img->img_addr_ptr) = hdr->pimg; | |
669 | 668 | #endif |
670 | 669 | } |
671 | 670 | |
672 | - sprintf(buf, "%lx", img->img_addr); | |
673 | - setenv("img_addr", buf); | |
674 | - | |
675 | 671 | if (!hdr->img_size) |
676 | 672 | return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; |
677 | 673 | |
678 | 674 | |
... | ... | @@ -814,9 +810,17 @@ |
814 | 810 | |
815 | 811 | return 0; |
816 | 812 | } |
817 | - | |
813 | +/* haddr - Address of the header of image to be validated. | |
814 | + * arg_hash_str - Option hash string. If provided, this | |
815 | + * overides the key hash in the SFP fuses. | |
816 | + * img_addr_ptr - Optional pointer to address of image to be validated. | |
817 | + * If non zero addr, this overides the addr of image in header, | |
818 | + * otherwise updated to image addr in header. | |
819 | + * Acts as both input and output of function. | |
820 | + * This pointer shouldn't be NULL. | |
821 | + */ | |
818 | 822 | int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, |
819 | - uintptr_t img_addr) | |
823 | + uintptr_t *img_addr_ptr) | |
820 | 824 | { |
821 | 825 | struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); |
822 | 826 | ulong hash[SHA256_BYTES/sizeof(ulong)]; |
... | ... | @@ -869,7 +873,7 @@ |
869 | 873 | /* Update the information in Private Struct */ |
870 | 874 | hdr = &img->hdr; |
871 | 875 | img->ehdrloc = haddr; |
872 | - img->img_addr = img_addr; | |
876 | + img->img_addr_ptr = img_addr_ptr; | |
873 | 877 | esbc = (u8 *)img->ehdrloc; |
874 | 878 | |
875 | 879 | memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); |
include/fsl_validate.h
... | ... | @@ -238,7 +238,7 @@ |
238 | 238 | |
239 | 239 | struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */ |
240 | 240 | uintptr_t ehdrloc; /* ESBC Header location */ |
241 | - uintptr_t img_addr; /* ESBC Image Location */ | |
241 | + uintptr_t *img_addr_ptr; /* ESBC Image Location */ | |
242 | 242 | uint32_t img_size; /* ESBC Image Size */ |
243 | 243 | }; |
244 | 244 | |
... | ... | @@ -246,7 +246,7 @@ |
246 | 246 | char * const argv[]); |
247 | 247 | |
248 | 248 | int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, |
249 | - uintptr_t img_loc); | |
249 | + uintptr_t *img_addr_ptr); | |
250 | 250 | int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc, |
251 | 251 | char * const argv[]); |
252 | 252 | int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, |