Commit f29a143cdb8c74566113737e9be7e1bcd8c625f4
1 parent
bca4e251b6
Exists in
smarc-imx_v2017.03_o8.1.0_1.3.0_8m
and in
1 other branch
MLK-17044-3 booti: Add kernel image authentication for secure boot
When secure boot is enabled, add authenticate_image in booti to authenticate kernel image. Signed-off-by: Ye Li <ye.li@nxp.com>
Showing 1 changed file with 11 additions and 1 deletions Side-by-side Diff
cmd/booti.c
... | ... | @@ -42,13 +42,23 @@ |
42 | 42 | puts("Bad Linux ARM64 Image magic!\n"); |
43 | 43 | return 1; |
44 | 44 | } |
45 | - | |
45 | + | |
46 | 46 | if (ih->image_size == 0) { |
47 | 47 | puts("Image lacks image_size field, assuming 16MiB\n"); |
48 | 48 | image_size = 16 << 20; |
49 | 49 | } else { |
50 | 50 | image_size = le64_to_cpu(ih->image_size); |
51 | 51 | } |
52 | + | |
53 | +#ifdef CONFIG_SECURE_BOOT | |
54 | + extern uint32_t authenticate_image( | |
55 | + uint32_t ddr_start, uint32_t image_size); | |
56 | + if (authenticate_image(images->ep, image_size) == 0) { | |
57 | + printf("Authenticate Image Fail, Please check\n"); | |
58 | + return 1; | |
59 | + } | |
60 | + | |
61 | +#endif | |
52 | 62 | |
53 | 63 | /* |
54 | 64 | * If we are not at the correct run-time location, set the new |
-
mentioned in commit 1e33f4
-
mentioned in commit 1e33f4
-
mentioned in commit 1e33f4
-
mentioned in commit 1e33f4
-
mentioned in commit 1e33f4
-
mentioned in commit 677c33
-
mentioned in commit 1e33f4
-
mentioned in commit 677c33
-
mentioned in commit a20a5e
-
mentioned in commit a20a5e
-
mentioned in commit a20a5e
-
mentioned in commit a20a5e
-
mentioned in commit 2cd26c
-
mentioned in commit 2cd26c
-
mentioned in commit a20a5e
-
mentioned in commit 2cd26c
-
mentioned in commit 2cd26c
-
mentioned in commit 2cd26c
-
mentioned in commit 2cd26c
-
mentioned in commit 15ccbe