MA-20303-1 Support rollback index check for single bootloader

Add support to check the rollback index of next stage images (ATF, TEE, u-boot proper) in SPL to harden the security. And because there is no backup bootloader image to fall back to so the board would hang in SPL if rollback index is rejected. Change-Id: I4c7d1f084dd5b3d37899a9e4c4755c03145542c7 Signed-off-by: Ji Luo <ji.luo@nxp.com>
author: Ji Luo <ji.luo@nxp.com> 2022-05-24 17:02:56 +0800
committer: Ji Luo <ji.luo@nxp.com> 2022-05-25 12:00:49 +0800
commit: 587c0e19a32ac49e681c8e05926e10cb9a9a43a7 (patch)
tree: 867a0313c67fa75d491b019e3ab63dd4f52fa0f6 /arch/arm/mach-imx/spl.c
parent: 6c10cfe481c32cec642a2e09a8cece25982915aa (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c
index 2995ba4281..ea709d15a5 100644
--- a/arch/arm/mach-imx/spl.c
+++ b/arch/arm/mach-imx/spl.c
@@ -458,10 +458,15 @@ void board_spl_fit_post_load(const void *fit, struct spl_image_info *spl_image)
 }
 
 #ifdef CONFIG_IMX_TRUSTY_OS
+int check_rollback_index(struct spl_image_info *spl_image, struct mmc *mmc);
 int check_rpmb_blob(struct mmc *mmc);
 
-int mmc_image_load_late(struct mmc *mmc)
+int mmc_image_load_late(struct spl_image_info *spl_image, struct mmc *mmc)
 {
+	/* Check the rollback index of next stage image */
+	if (check_rollback_index(spl_image, mmc) < 0)
+		return -1;
+
 	/* Check the rpmb key blob for trusty enabled platfrom. */
 	return check_rpmb_blob(mmc);
 }
author	Ji Luo <ji.luo@nxp.com>	2022-05-24 17:02:56 +0800
committer	Ji Luo <ji.luo@nxp.com>	2022-05-25 12:00:49 +0800
commit	587c0e19a32ac49e681c8e05926e10cb9a9a43a7 (patch)
tree	867a0313c67fa75d491b019e3ab63dd4f52fa0f6 /arch/arm/mach-imx/spl.c
parent	6c10cfe481c32cec642a2e09a8cece25982915aa (diff)