Re: [U-Boot] [PATCH 00/23] Fix and extend i.MX HAB layer
On 28/12/17 17:54, Breno Matheus Lima wrote: Hi Bryan, 2017-12-27 10:25 GMT-02:00 Bryan O'Donoghue : This patchset updates the i.MX HAB layer in u-boot to fix a list of identified issues and then to add and extend existing functionality. The first block of patches 0001-0006 deal with fixing existing code, - Fixes indentation - Fixes the treatment of input parameters to hab_auth_image. The second block of patches 0007-0013 are about tidying up the HAB code - Remove reliance on hard-coding to specific offsets - IVT header drives locating CSF - Continue to support existing boards Patches 0014 onwards extend out the HAB functionality. - hab_rvt_check_target is a recommended check in the NXP documents to perform prior to hab_rvt_authenticate_image - hab_rvt_failsafe is a useful function to set the board into BootROM USB recovery mode. Bryan O'Donoghue (23): arm: imx: hab: Make authenticate_image return int arm: imx: hab: Fix authenticate_image result code arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail arm: imx: hab: Fix authenticate_image input parameters After applying "[PATCH 05/23] arm: imx: hab: Fix authenticate_image input parameters" I'm getting the following error when building mx6sabreauto: That's funny. I just build mx6sabreauto_config + CONFIG_SECURE_BOOT and it works. I'll rebase and build each patch incrementally - obviously there's some breakage with your configuration. Thanks for testing ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH 00/23] Fix and extend i.MX HAB layer
Hi Bryan,
2017-12-27 10:25 GMT-02:00 Bryan O'Donoghue :
> This patchset updates the i.MX HAB layer in u-boot to fix a list of
> identified issues and then to add and extend existing functionality.
>
> The first block of patches 0001-0006 deal with fixing existing code,
>
> - Fixes indentation
> - Fixes the treatment of input parameters to hab_auth_image.
>
> The second block of patches 0007-0013 are about tidying up the HAB code
>
> - Remove reliance on hard-coding to specific offsets
> - IVT header drives locating CSF
> - Continue to support existing boards
>
> Patches 0014 onwards extend out the HAB functionality.
>
> - hab_rvt_check_target is a recommended check in the NXP documents to
> perform prior to hab_rvt_authenticate_image
> - hab_rvt_failsafe is a useful function to set the board into BootROM
> USB recovery mode.
>
> Bryan O'Donoghue (23):
> arm: imx: hab: Make authenticate_image return int
> arm: imx: hab: Fix authenticate_image result code
> arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail
> arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail
> arm: imx: hab: Fix authenticate_image input parameters
After applying "[PATCH 05/23] arm: imx: hab: Fix authenticate_image
input parameters" I'm getting the following error when building
mx6sabreauto:
arch/arm/mach-imx/spl.c: In function 'jump_to_image_no_args':
arch/arm/mach-imx/spl.c:200:14: error: 'IVT_SIZE' undeclared (first
use in this function)
offset + IVT_SIZE + CSF_PAD_SIZE, offset)) {
^
arch/arm/mach-imx/spl.c:200:14: note: each undeclared identifier is
reported only once for each function it appears in
arch/arm/mach-imx/spl.c:200:25: error: 'CSF_PAD_SIZE' undeclared
(first use in this function)
offset + IVT_SIZE + CSF_PAD_SIZE, offset)) {
^
arch/arm/mach-imx/spl.c:206:1: warning: 'noreturn' function does return
}
^
scripts/Makefile.build:280: recipe for target
'spl/arch/arm/mach-imx/spl.o' failed
make[2]: *** [spl/arch/arm/mach-imx/spl.o] Error 1
make[2]: *** Waiting for unfinished jobs
> arm: imx: hab: Fix authenticate image lockup on MX7
> arm: imx: hab: Move IVT_SIZE to hab.h
> arm: imx: hab: Move CSF_PAD_SIZE to hab.h
I believe patches "[PATCH 07/23] arm: imx: hab: Move IVT_SIZE to
hab.h" and "[PATCH 08/23] arm: imx: hab: Move CSF_PAD_SIZE to hab.h"
have to be applied before the [PATCH 05/23] to avoid this build error.
Can you please check if it's possible to move these patches?
Thanks,
Breno Lima
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH 00/23] Fix and extend i.MX HAB layer
This patchset updates the i.MX HAB layer in u-boot to fix a list of identified issues and then to add and extend existing functionality. The first block of patches 0001-0006 deal with fixing existing code, - Fixes indentation - Fixes the treatment of input parameters to hab_auth_image. The second block of patches 0007-0013 are about tidying up the HAB code - Remove reliance on hard-coding to specific offsets - IVT header drives locating CSF - Continue to support existing boards Patches 0014 onwards extend out the HAB functionality. - hab_rvt_check_target is a recommended check in the NXP documents to perform prior to hab_rvt_authenticate_image - hab_rvt_failsafe is a useful function to set the board into BootROM USB recovery mode. Bryan O'Donoghue (23): arm: imx: hab: Make authenticate_image return int arm: imx: hab: Fix authenticate_image result code arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail arm: imx: hab: Fix authenticate_image input parameters arm: imx: hab: Fix authenticate image lockup on MX7 arm: imx: hab: Move IVT_SIZE to hab.h arm: imx: hab: Move CSF_PAD_SIZE to hab.h arm: imx: hab: Add IVT header definitions arm: imx: hab: Add IVT header verification arm: imx: hab: Verify IVT self matches calculated address arm: imx: hab: Print CSF based on IVT descriptor arm: imx: hab: Print additional IVT elements during debug arm: imx: hab: Define rvt_check_target() arm: imx: hab: Implement hab_rvt_check_target arm: imx: hab: Add a hab_rvt_check_target to image auth arm: imx: hab: Make internal functions and data static arm: imx: hab: Prefix authenticate_image with imx_hab arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled arm: imx: hab: Make imx_hab_is_enabled global arm: imx: hab: Define rvt_failsafe() arm: imx: hab: Implement hab_rvt_failsafe arm: imx: hab: Add hab_failsafe console command arch/arm/include/asm/mach-imx/hab.h | 46 +++- arch/arm/mach-imx/hab.c | 480 ++-- arch/arm/mach-imx/spl.c | 38 ++- 3 files changed, 370 insertions(+), 194 deletions(-) -- 2.7.4 ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
