diff options
| author | Ye Li <ye.li@nxp.com> | 2017-11-08 23:23:04 -0600 |
|---|---|---|
| committer | Ye Li <ye.li@nxp.com> | 2017-11-13 01:11:05 -0600 |
| commit | 078dd4eed6a04c3db7ec49a1bd1fbc63ebb82e1b (patch) | |
| tree | 80463e9f01d32a36062579108fb815101221a826 /arch | |
| parent | f1baf7a661e7c7969f1929871d5e1d1b5268ba04 (diff) | |
MLK-16758-4 SPL: Add HAB image authentication to FIT
Introduce two board level callback functions to FIT image loading process, and
a SPL_FIT_FOUND flag to differentiate FIT image or RAW image.
Implement functions in imx common SPL codes to call HAB funtion
to authenticate the FIT image. Generally, we have to sign multiple regions
in FIT image:
1. Sign FIT FDT data (configuration)
2. Sign FIT external data (Sub-images)
Because the CSF supports to sign multiple memory blocks, so that we can use one
signature to cover all regions in FIT image and only authenticate once.
The authentication should be done after the entire FIT image is loaded into
memory including all sub-images.
We use "-p" option to generate FIT image to reserve a space for FIT IVT
and FIT CSF, also this help to fix the offset of the external data (u-boot-nodtb.bin,
ATF, u-boot DTB).
The signed FIT image layout is as below:
--------------------------------------------------
| | | | | | | |
| FIT | FIT | FIT | | U-BOOT | ATF | U-BOOT |
| FDT | IVT | CSF | | nodtb.bin | | DTB |
| | | | | | | |
--------------------------------------------------
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/arm/imx-common/spl.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/arch/arm/imx-common/spl.c b/arch/arm/imx-common/spl.c index 486f0f0ac4..df8513732c 100644 --- a/arch/arm/imx-common/spl.c +++ b/arch/arm/imx-common/spl.c @@ -161,15 +161,37 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) debug("image entry point: 0x%lX\n", spl_image->entry_point); - /* HAB looks for the CSF at the end of the authenticated data therefore, - * we need to subtract the size of the CSF from the actual filesize */ - if (authenticate_image(spl_image->load_addr, - spl_image->size - CONFIG_CSF_SIZE)) { + if (spl_image->flags & SPL_FIT_FOUND) { image_entry(); } else { + /* HAB looks for the CSF at the end of the authenticated data therefore, + * we need to subtract the size of the CSF from the actual filesize */ + if (authenticate_image(spl_image->load_addr, + spl_image->size - CONFIG_CSF_SIZE)) { + image_entry(); + } else { + puts("spl: ERROR: image authentication unsuccessful\n"); + hang(); + } + } +} + +ulong board_spl_fit_size_align(ulong size) +{ + /* HAB authenticate_image requests the IVT offset is aligned to 0x1000 */ +#define ALIGN_SIZE 0x1000 + + size = ALIGN(size, ALIGN_SIZE); + size += CONFIG_CSF_SIZE; + + return size; +} + +void board_spl_fit_post_load(ulong load_addr, size_t length) +{ + if (!authenticate_image(load_addr, length - CONFIG_CSF_SIZE)) { puts("spl: ERROR: image authentication unsuccessful\n"); hang(); } } - #endif |