From patchwork Fri Mar 9 13:07:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 131104 Delivered-To: patch@linaro.org Received: by 10.80.194.209 with SMTP id u17csp1001505edf; Fri, 9 Mar 2018 05:08:50 -0800 (PST) X-Google-Smtp-Source: AG47ELuZg1lUo/MmPHgV6+A2j1AXguubb9TMiEIS5fJEk+2r6tVrIuQH+jV4AIVEE1LR/FanMBP8 X-Received: by 10.80.149.132 with SMTP id w4mr11195222eda.229.1520600930338; Fri, 09 Mar 2018 05:08:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520600930; cv=none; d=google.com; s=arc-20160816; b=D0KFGp3+KwWyELT38Np+V3fH6FtsuMf3kMzxas+8K3tZFP7v7zstH9WaseeqK0aq3H 6ZKfgl+XBRtYfDBc4U1ZIo2YXOtDXcsvJfkuyfKmbec+k6MZqFwV0s6KKyZFxA0ocNVN 0xEDU0OsP2zvESJqtFq2HJ1NzuDpcHXlZcUI0dm9lKsAvrYiXDYJlKOES4iepdxgxYPQ MONvAvbaUaM90xol6fblx9tYVuNVTznY/dkFdTYHDxtSle0C92nAGK6dLw8+QAex745x B8Zd64YdNboHGeYMIuah77lcdiswIM9hbgEiKdrQkEvQMhPR0Oy8EmTDdlPrsM9+PQvU 6QQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Z7E3+HAP7Pf7VNc8XbQIFZDky2qOxAtMmIPdx3JN1n0=; b=RxJSjiBOlOb1vGhig/M11yvoy4+ewe4t3XkEO64de9pXCG6Yk6NavyflU3vXBHcniN V/AfpW7y8cQX3VLetGic9o25/un4QkUbgp7cjDSD3ys2RkbVdrAaxYosa3Xo8whYegBa 2k8gtboAvQvTRtfC4xn1RMnDRPQxm7BU4acIWVebL2+SWQwG9G0RNwMmMZuN6Awt8W91 EkUcXMST/92fZ9k4ACdLKb0+sG0d1GzcXewlbevig5maBjl5W6V4cxoi0eTisA9XDI6f VF1OHjsUZafA3s+8Oc11UE/IPFu9aBopdbz5GAShKEBUeNpARBJUXzY2Ap1nb67U959f +zEA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fkN7EiMo; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id l20si1100780edb.145.2018.03.09.05.08.49; Fri, 09 Mar 2018 05:08:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=fkN7EiMo; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id D81F7C21DF8; Fri, 9 Mar 2018 13:08:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 9CAACC21E1D; Fri, 9 Mar 2018 13:07:41 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 63867C21C6A; Fri, 9 Mar 2018 13:07:30 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 7ABE3C21DE8 for ; Fri, 9 Mar 2018 13:07:27 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id t6so3783554wmt.5 for ; Fri, 09 Mar 2018 05:07:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=wcT3Hi0y95zdBQHuKUxC+VLHFQAgQ6JAHlIkkK1cyls=; b=fkN7EiMoZPyzz8eDEFFAvRlMtwL3oZ6RMtW6pfhQKX6uVtyrXfWCj2Hs4dlVDgdKcA BYb31OBVOuDFOCKB0a5lYx+4oh4lKj1WXeNZPalh/T6EcPAurfrp5BdgeWaCDI7zDcLW DQTdtcPhQYlb+2xdYFZrf+LG7T0nNkgAxS0bk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=wcT3Hi0y95zdBQHuKUxC+VLHFQAgQ6JAHlIkkK1cyls=; b=MGmreYD421vLOxE3PUfU/4pTIKM3Gt8wXx07KL9FW5TYIHOoR2oCHRNODGAKxrrdZW eITzPWh+tu+F85/oD9IUYH3n3N1QOrKryEuEYn6ZZE5p/YZxfJstVTGYWS6N9yyd0671 1GUPlFTYP6hAiUvsPChJySxZQA9RZZsTeLHLAs5jOtEgIsMLd9UDtBwOM3gATLRtEKpo 6bjvr0K8SJhdooRLXsrWHvOAp0IRRX3LPo1sB0FmkwE3b2VBHz1IPzjK3hq7pnkDVCJl rHBMWz+5pM49Xpa29Q3kaB84O2OEmdaRUeHbpZGr1AO+/eSDEiF/U8cLcXhTOrNHdfgp uwwQ== X-Gm-Message-State: APf1xPCnUohQVOgS1CK5ambypSPmuAOv7uFH1ouaheZPxKML8FSSubpE 3zEG2q7QSENGdOja+UnAY1Le0VW8v+E= X-Received: by 10.80.153.56 with SMTP id k53mr35801677edb.312.1520600846735; Fri, 09 Mar 2018 05:07:26 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id b11sm827527edc.10.2018.03.09.05.07.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 09 Mar 2018 05:07:26 -0800 (PST) From: Bryan O'Donoghue To: U-Boot@lists.denx.de Date: Fri, 9 Mar 2018 13:07:21 +0000 Message-Id: <1520600841-8810-4-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520600841-8810-1-git-send-email-bryan.odonoghue@linaro.org> References: <1520600841-8810-1-git-send-email-bryan.odonoghue@linaro.org> Cc: Breno Lima , Fabio Estevam , Utkarsh Gupta Subject: [U-Boot] [PATCH 3/3] imx: hab: Convert DCD non-NULL error to warning X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" commit 8c4037a09a5c ("imx: hab: Ensure the IVT DCD pointer is Null prior to calling HAB authenticate function.") makes the DCD field being NULL a dependency. This change though will break loading and executing of existing pre-signed binaries on a u-boot update i.e. if this change is deployed on a board you will be forced to redo all images on that board to NULL out the DCD. There is no prior guidance from NXP that the DCD must be NULL similarly public guidance on usage of the HAB doesn't call out this NULL dependency (see boundary devices link). Since later SoCs will reject a non-NULL DCD there's no reason to make a NULL DCD a requirement, however if there is an actual dependency for later SoCs the appropriate fix would be to do SoC version checking. Earlier SoCs are capable (and happy) to authenticate images with non-NULL DCDs, we should not be forcing this change on downstream users - particularly if it means those users now must rewrite their build systems and/or redeploy signed images in the field. Fixes: 8c4037a09a5c ("imx: hab: Ensure the IVT DCD pointer is Null prior to calling HAB authenticate function.") Signed-off-by: Bryan O'Donoghue Cc: Utkarsh Gupta Cc: Breno Lima Cc: Fabio Estevam Link: https://boundarydevices.com/high-assurance-boot-hab-dummies Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/hab.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c index c3fc699..c730c8f 100644 --- a/arch/arm/mach-imx/hab.c +++ b/arch/arm/mach-imx/hab.c @@ -526,10 +526,8 @@ int imx_hab_authenticate_image(uint32_t ddr_start, uint32_t image_size, } /* Verify if IVT DCD pointer is NULL */ - if (ivt->dcd) { - puts("Error: DCD pointer must be NULL\n"); - goto hab_authentication_exit; - } + if (ivt->dcd) + puts("Warning: DCD pointer should be NULL\n"); start = ddr_start; bytes = image_size;