From patchwork Thu Dec 28 18:49:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 122859 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3804803qgn; Thu, 28 Dec 2017 11:00:10 -0800 (PST) X-Google-Smtp-Source: ACJfBotlKmfD36IXwlL2iMIqOAfwyD1NA84UhiwChez9m7e2lewGVeP8MtADPv8ocSjUj5W+MZBO X-Received: by 10.80.216.202 with SMTP id y10mr41453233edj.221.1514487610642; Thu, 28 Dec 2017 11:00:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514487610; cv=none; d=google.com; s=arc-20160816; b=QhqM8QPbC3U4bjik0vteWbf9caarPNFiZJw6t10RdtJs9qDdEgBMjgRBANeZI4h0AN 9mIBZ+qHQrbPI8UkYN52TbnAIdU0BIMEl8DlnqGFs7olV+2nSBCkVrgs0IzlHt2e7Fry 7Ab1y0Vf9C3YWXDmcwgeEwbM5kWgdEyGmaQp3cDaQYmhGRwT9E0jcCCEbNUbjl0FPtTS 3KMNtGdWFpvRF3YbabNsv05J+M7+gHm+EyiFNqh/DGdkWM1Fg8N5t4aRwo4kSQ3l6p9J BfPfMa9iu9whTuqn8cbovWi61XMNbQHKYN6dhphKffOf4nal4jYkzI7YRePw59p9MmDw 16HA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=R2+TZ+v4yR2DXBKlTas+o5ku3idhzEGhzE7XxUmKuFk=; b=Tnr1Yvc6P3hST70a8kFzPdVn5jMYsmxo63+oe42sFeDey9H3k1WQh279H2k96UanxC eNIHbwGhmFrI3F1Iid/fqTZ/CvtM8LtySoAR70plZyJlvNBXATCQsawg9waooPK7/7IT Q3iLkwbc0IEH2zYay32IDj8Py6cGFSnyHPAOYzuAv7XjHTGlmVycfWr6wLz4kgh/x3ZO l38bM7Hk8lLKsXEWgy0SX8hzQutXLToNY5zJq5ZPS2XznGSdJvEuShR/3boct7TvEowa 3knbovsDnWRhykM7Im3IcZTYC/KYs00cdo9+3AdynqsoBdsyYEppyTD05oF3IOmRiMje c6IA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N0C5BkER; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id p63si3884729edp.537.2017.12.28.11.00.09; Thu, 28 Dec 2017 11:00:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=N0C5BkER; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id C1C83C21DE9; Thu, 28 Dec 2017 18:55:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 621AAC21E63; Thu, 28 Dec 2017 18:51:04 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3B41FC21DA6; Thu, 28 Dec 2017 18:50:08 +0000 (UTC) Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68]) by lists.denx.de (Postfix) with ESMTPS id EE027C21C34 for ; Thu, 28 Dec 2017 18:50:03 +0000 (UTC) Received: by mail-wm0-f68.google.com with SMTP id 9so45242662wme.4 for ; Thu, 28 Dec 2017 10:50:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qITMAZB0kBEBYVD0jg4YEIDgGAySjZ7YlWDixrrLCXg=; b=N0C5BkER2phf7xjKF2rRB9w5a53OQsxx4zSAZK7WED5sjiXUPzA4fs8GgqBKgsSoEO Xp3rYEp7thSlW/qCxkZfkSJfuIo/Ae8kKeylApj+I71YbvC/EuA+YUKAWc8jjLePrOVI mvx82M0yfiUxvZEiSs17XslvR/QLcvz0Mo6rQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qITMAZB0kBEBYVD0jg4YEIDgGAySjZ7YlWDixrrLCXg=; b=icww/2bdgOTUkm9hoUTvCBpRCHqUcLutDLkCI+7+vCIB2JUhvvSos/G1TG3ytmj9ln uh9fVnDuiNHqeZhxXjlwrLrkJTj1ByDwsg8Hyy7P5zsP+p0hdtBqmtN09Qens/CKi//O bZohMTj+j8fvt/96u86E1p7ysEn6Qb8cmCinF9Qas9aiq7SGl0ZQOcu7KeulwfPqmKAh XcGRfuinAfvK3ppqx4deRLXkX8DN8br3wI8Po+ZlWBYEkGXCsVqYjGeozSkqul3D7ttJ AYSvlLXeIzI4M9aPxg6yWTOk7fszq2DYJWqkbHhosDxoLj22/bck5nN5IUbqgcPO699i ogmQ== X-Gm-Message-State: AKGB3mKyqJNIFPCr+3e6Pcy6FcAESRt4LEo9fWp05VIUD0CtJ5TfQrTX /1VACD6WEqdQ3UL9Wd1lb59XO9qJPtA= X-Received: by 10.80.142.239 with SMTP id x44mr41242789edx.13.1514487003377; Thu, 28 Dec 2017 10:50:03 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id x28sm35246579edd.0.2017.12.28.10.50.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Dec 2017 10:50:02 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, brenomatheus@gmail.com Date: Thu, 28 Dec 2017 18:49:35 +0000 Message-Id: <1514486982-19059-17-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> References: <1514486982-19059-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Fabio Estevam Subject: [U-Boot] [PATCH v2 16/23] arm: imx: hab: Add a hab_rvt_check_target to image auth X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index eb18f76..864b1e2 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -437,12 +437,15 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, hab_rvt_authenticate_image_t *hab_rvt_authenticate_image; hab_rvt_entry_t *hab_rvt_entry; hab_rvt_exit_t *hab_rvt_exit; + hab_rvt_check_target_t *hab_rvt_check_target; struct ivt *ivt; struct ivt_header *ivt_hdr; + enum hab_status status; hab_rvt_authenticate_image = hab_rvt_authenticate_image_p; hab_rvt_entry = hab_rvt_entry_p; hab_rvt_exit = hab_rvt_exit_p; + hab_rvt_check_target = hab_rvt_check_target_p; if (!is_hab_enabled()) { puts("hab fuse not enabled\n"); @@ -477,6 +480,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size, start = ddr_start; bytes = image_size; + + status = hab_rvt_check_target(HAB_TGT_MEMORY, (void *)ddr_start, bytes); + if (status != HAB_SUCCESS) { + printf("HAB check target 0x%08x-0x%08x fail\n", + ddr_start, ddr_start + bytes); + goto hab_caam_clock_disable; + } #ifdef DEBUG printf("\nivt_offset = 0x%x, ivt addr = 0x%x\n", ivt_offset, ivt_addr); printf("ivt entry = 0x%08x, dcd = 0x%08x, csf = 0x%08x\n", ivt->entry,