diff options
| -rw-r--r-- | arch/arm/mach-imx/Kconfig | 9 | ||||
| -rw-r--r-- | arch/arm/mach-imx/spl.c | 25 | ||||
| -rw-r--r-- | arch/arm/mach-imx/spl_imx_romapi.c | 2 |
3 files changed, 30 insertions, 6 deletions
diff --git a/arch/arm/mach-imx/Kconfig b/arch/arm/mach-imx/Kconfig index 0616b05a05..b51a0464bf 100644 --- a/arch/arm/mach-imx/Kconfig +++ b/arch/arm/mach-imx/Kconfig @@ -81,6 +81,14 @@ config IMX_HAB This option enables the support for secure boot (HAB). See doc/imx/habv4/* for more details. +config IMX_SPL_FIT_FDT_SIGNATURE + bool "Enable to verify signature of FIT FDT" + depends on IMX_HAB + depends on ARCH_IMX8M + help + Enable SPL to verify signature of FIT FDT during FIT loading. + This needs additional signing to FIT FDT part. + config CSF_SIZE hex "Maximum size for Command Sequence File (CSF) binary" depends on IMX_HAB @@ -275,6 +283,7 @@ config ANDROID_SUPPORT select SUPPORT_RAW_INITRD select LIBAVB select AVB_SUPPORT + imply IMX_SPL_FIT_FDT_SIGNATURE config ANDROID_AUTO_SUPPORT bool "Android Automotive features support" diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 26b3d00387..62888a4729 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -316,7 +316,7 @@ ulong board_spl_fit_size_align(ulong size) */ size = ALIGN(size, 0x1000); - size += CONFIG_CSF_SIZE; + size += 2 * CONFIG_CSF_SIZE; if (size > CONFIG_SYS_BOOTM_LEN) panic("spl: ERROR: image too big\n"); @@ -402,12 +402,27 @@ void *spl_load_simple_fit_fix_load(const void *fit) u8 *tmp = (u8 *)fit; if (IS_ENABLED(CONFIG_IMX_HAB)) { - int ret = spl_verify_fit_hash(fit); + if (IS_ENABLED(CONFIG_IMX_SPL_FIT_FDT_SIGNATURE)) { + u32 offset = ALIGN(fdt_totalsize(fit), 0x1000); + + if (imx_hab_authenticate_image((uintptr_t)fit, + offset + 2 * CSF_PAD_SIZE, + offset + CSF_PAD_SIZE)) { +#ifdef CONFIG_ANDROID_SUPPORT + printf("spl: ERROR: FIT FDT authentication unsuccessful\n"); + return NULL; +#else + panic("spl: ERROR: FIT FDT authentication unsuccessful\n"); +#endif + } + } else { + int ret = spl_verify_fit_hash(fit); - if (ret && imx_hab_is_enabled()) - panic("spl: ERROR: FIT hash verify unsuccessful\n"); + if (ret && imx_hab_is_enabled()) + panic("spl: ERROR: FIT hash verify unsuccessful\n"); - debug("spl_verify_fit_hash %d\n", ret); + debug("spl_verify_fit_hash %d\n", ret); + } } offset = ALIGN(fdt_totalsize(fit), 0x1000); diff --git a/arch/arm/mach-imx/spl_imx_romapi.c b/arch/arm/mach-imx/spl_imx_romapi.c index d619f1e5d9..c0e8bed958 100644 --- a/arch/arm/mach-imx/spl_imx_romapi.c +++ b/arch/arm/mach-imx/spl_imx_romapi.c @@ -263,7 +263,7 @@ static u32 img_header_size(void) static int img_info_size(void *img_hdr) { #ifdef CONFIG_SPL_LOAD_FIT - return fit_get_size(img_hdr); + return board_spl_fit_size_align(fit_get_size(img_hdr)); #elif defined CONFIG_SPL_LOAD_IMX_CONTAINER struct container_hdr *container = img_hdr; |