SECURE BOOT: Change fsl_secboot_validate func to pass image addr

Use a pointer to pass image address to fsl_secboot_validate(), instead of using environmental variable "img_addr". Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Saksham Jain <saksham.jain@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>

SECURE BOOT: Change fsl_secboot_validate func to pass image addr
Use a pointer to pass image address to fsl_secboot_validate(), instead of using environmental variable "img_addr". Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Saksham Jain <saksham.jain@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
Saksham Jain · York Sun
1 parent c4666cf695
Showing 3 changed files with 28 additions and 14 deletions Side-by-side Diff
board/freescale/common/cmd_esbc_validate.c
board/freescale/common/fsl_validate.c
include/fsl_validate.h
@@ -29,6 +29,8 @@
 	char *hash_str = NULL;
 	uintptr_t haddr;
 	int ret;
+	uintptr_t img_addr = 0;
+	char buf[20];
  
 	if (argc < 2)
 		return cmd_usage(cmdtp);
@@ -43,7 +45,15 @@
 	 * part of header. So, the function is called
 	 * by passing this argument as 0.
 	 */
-	ret = fsl_secboot_validate(haddr, hash_str, 0);
+	ret = fsl_secboot_validate(haddr, hash_str, &img_addr);
+
+	/* Need to set "img_addr" even if validation failure.
+	 * Required when SB_EN in RCW set and non-fatal error
+	 * to continue U-Boot
+	 */
+	sprintf(buf, "%lx", img_addr);
+	setenv("img_addr", buf);
+
 	if (ret)
 		return 1;
  
@@ -570,7 +570,7 @@
  
 	/* Update hash for actual Image */
 	ret = algo->hash_update(algo, ctx,
-		(u8 *)img->img_addr, img->img_size, 1);
+		(u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
 	if (ret)
 		return ret;
  
@@ -646,7 +646,6 @@
  */
 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
 {
-	char buf[20];
 	struct fsl_secboot_img_hdr *hdr = &img->hdr;
 	void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
 	u8 *k, *s;
  
  
  
@@ -661,17 +660,14 @@
 	/* If Image Address is not passed as argument to function,
 	 * then Address and Size must be read from the Header.
 	 */
-	if (img->img_addr == 0) {
+	if (*(img->img_addr_ptr) == 0) {
 	#ifdef CONFIG_ESBC_ADDR_64BIT
-		img->img_addr = hdr->pimg64;
+		*(img->img_addr_ptr) = hdr->pimg64;
 	#else
-		img->img_addr = hdr->pimg;
+		*(img->img_addr_ptr) = hdr->pimg;
 	#endif
 	}
  
-	sprintf(buf, "%lx", img->img_addr);
-	setenv("img_addr", buf);
-
 	if (!hdr->img_size)
 		return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
  
  
@@ -814,9 +810,17 @@
  
 	return 0;
 }
-
+/* haddr - Address of the header of image to be validated.
+ * arg_hash_str - Option hash string. If provided, this
+ * overides the key hash in the SFP fuses.
+ * img_addr_ptr - Optional pointer to address of image to be validated.
+ * If non zero addr, this overides the addr of image in header,
+ * otherwise updated to image addr in header.
+ * Acts as both input and output of function.
+ * This pointer shouldn't be NULL.
+ */
 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
-			uintptr_t img_addr)
+			uintptr_t *img_addr_ptr)
 {
 	struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
 	ulong hash[SHA256_BYTES/sizeof(ulong)];
@@ -869,7 +873,7 @@
 	/* Update the information in Private Struct */
 	hdr = &img->hdr;
 	img->ehdrloc = haddr;
-	img->img_addr = img_addr;
+	img->img_addr_ptr = img_addr_ptr;
 	esbc = (u8 *)img->ehdrloc;
  
 	memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
@@ -238,7 +238,7 @@
  
 	struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES];	/* SG table */
 	uintptr_t ehdrloc;	/* ESBC Header location */
-	uintptr_t img_addr;	/* ESBC Image Location */
+	uintptr_t *img_addr_ptr;	/* ESBC Image Location */
 	uint32_t img_size;	/* ESBC Image Size */
 };
  
@@ -246,7 +246,7 @@
 				char * const argv[]);
  
 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
-	uintptr_t img_loc);
+	uintptr_t *img_addr_ptr);
 int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
 	char * const argv[]);
 int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,
...	...	@@ -29,6 +29,8 @@
29	29	char *hash_str = NULL;
30	30	uintptr_t haddr;
31	31	int ret;
	32	+ uintptr_t img_addr = 0;
	33	+ char buf[20];
32	34
33	35	if (argc < 2)
34	36	return cmd_usage(cmdtp);
...	...	@@ -43,7 +45,15 @@
43	45	* part of header. So, the function is called
44	46	* by passing this argument as 0.
45	47	*/
46		- ret = fsl_secboot_validate(haddr, hash_str, 0);
	48	+ ret = fsl_secboot_validate(haddr, hash_str, &img_addr);
	49	+
	50	+ /* Need to set "img_addr" even if validation failure.
	51	+ * Required when SB_EN in RCW set and non-fatal error
	52	+ * to continue U-Boot
	53	+ */
	54	+ sprintf(buf, "%lx", img_addr);
	55	+ setenv("img_addr", buf);
	56	+
47	57	if (ret)
48	58	return 1;
49	59
...	...	@@ -570,7 +570,7 @@
570	570
571	571	/* Update hash for actual Image */
572	572	ret = algo->hash_update(algo, ctx,
573		- (u8 *)img->img_addr, img->img_size, 1);
	573	+ (u8 )((img->img_addr_ptr)), img->img_size, 1);
574	574	if (ret)
575	575	return ret;
576	576
...	...	@@ -646,7 +646,6 @@
646	646	*/
647	647	static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
648	648	{
649		- char buf[20];
650	649	struct fsl_secboot_img_hdr *hdr = &img->hdr;
651	650	void esbc = (u8 )(uintptr_t)img->ehdrloc;
652	651	u8 k, s;
653	652
654	653
655	654
...	...	@@ -661,17 +660,14 @@
661	660	/* If Image Address is not passed as argument to function,
662	661	* then Address and Size must be read from the Header.
663	662	*/
664		- if (img->img_addr == 0) {
	663	+ if (*(img->img_addr_ptr) == 0) {
665	664	#ifdef CONFIG_ESBC_ADDR_64BIT
666		- img->img_addr = hdr->pimg64;
	665	+ *(img->img_addr_ptr) = hdr->pimg64;
667	666	#else
668		- img->img_addr = hdr->pimg;
	667	+ *(img->img_addr_ptr) = hdr->pimg;
669	668	#endif
670	669	}
671	670
672		- sprintf(buf, "%lx", img->img_addr);
673		- setenv("img_addr", buf);
674		-
675	671	if (!hdr->img_size)
676	672	return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
677	673
678	674
...	...	@@ -814,9 +810,17 @@
814	810
815	811	return 0;
816	812	}
817		-
	813	+/* haddr - Address of the header of image to be validated.
	814	+ * arg_hash_str - Option hash string. If provided, this
	815	+ * overides the key hash in the SFP fuses.
	816	+ * img_addr_ptr - Optional pointer to address of image to be validated.
	817	+ * If non zero addr, this overides the addr of image in header,
	818	+ * otherwise updated to image addr in header.
	819	+ * Acts as both input and output of function.
	820	+ * This pointer shouldn't be NULL.
	821	+ */
818	822	int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
819		- uintptr_t img_addr)
	823	+ uintptr_t *img_addr_ptr)
820	824	{
821	825	struct ccsr_sfp_regs sfp_regs = (void )(CONFIG_SYS_SFP_ADDR);
822	826	ulong hash[SHA256_BYTES/sizeof(ulong)];
...	...	@@ -869,7 +873,7 @@
869	873	/* Update the information in Private Struct */
870	874	hdr = &img->hdr;
871	875	img->ehdrloc = haddr;
872		- img->img_addr = img_addr;
	876	+ img->img_addr_ptr = img_addr_ptr;
873	877	esbc = (u8 *)img->ehdrloc;
874	878
875	879	memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
...	...	@@ -238,7 +238,7 @@
238	238
239	239	struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */
240	240	uintptr_t ehdrloc; /* ESBC Header location */
241		- uintptr_t img_addr; /* ESBC Image Location */
	241	+ uintptr_t img_addr_ptr; / ESBC Image Location */
242	242	uint32_t img_size; /* ESBC Image Size */
243	243	};
244	244
...	...	@@ -246,7 +246,7 @@
246	246	char * const argv[]);
247	247
248	248	int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
249		- uintptr_t img_loc);
	249	+ uintptr_t *img_addr_ptr);
250	250	int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
251	251	char * const argv[]);
252	252	int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,