[U-Boot] [PATCH v2 05/23] arm: imx: hab: Move IVT_SIZE to hab.h

The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v2 13/23] arm: imx: hab: Print additional IVT elements during debug

This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file chang

[U-Boot] [PATCH v2 03/23] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail

There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Es

[U-Boot] [PATCH v2 09/23] arm: imx: hab: Add IVT header definitions

later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc:

[U-Boot] [PATCH v2 18/23] arm: imx: hab: Prefix authenticate_image with imx_hab

imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/

[U-Boot] [PATCH v2 10/23] arm: imx: hab: Add IVT header verification

The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: G

[U-Boot] [PATCH v2 20/23] arm: imx: hab: Make imx_hab_is_enabled global

It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebe

[U-Boot] [PATCH v2 12/23] arm: imx: hab: Print CSF based on IVT descriptor

it now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/arm/mac

[U-Boot] [PATCH v2 23/23] arm: imx: hab: Add hab_failsafe console command

ux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/m

[U-Boot] [PATCH v2 19/23] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled

tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 1 file changed, 4 insertions(

[U-Boot] [PATCH v2 21/23] arm: imx: hab: Define rvt_failsafe()

nvoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng

[U-Boot] [PATCH v2 11/23] arm: imx: hab: Verify IVT self matches calculated address

The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v2 06/23] arm: imx: hab: Move CSF_PAD_SIZE to hab.h

CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 +

[U-Boot] [PATCH v2 15/23] arm: imx: hab: Implement hab_rvt_check_target

. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v2 22/23] arm: imx: hab: Implement hab_rvt_failsafe

n the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++ 1 file changed, 15 insertions(+) diff --git

[U-Boot] [PATCH v2 04/23] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail

The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v2 16/23] arm: imx: hab: Add a hab_rvt_check_target to image auth

and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 10 ++ 1 file changed, 10 insertions(+) diff --

[U-Boot] [PATCH v2 14/23] arm: imx: hab: Define rvt_check_target()

region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 + 1 file changed, 9 insertions(+) diff --git a/arch/

[U-Boot] [PATCH v2 17/23] arm: imx: hab: Make internal functions and data static

There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mac

Re: [U-Boot] [PATCH v2 04/23] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail

On 29/12/17 16:36, Breno Matheus Lima wrote: Secure boot enabled HAB Configuration: 0xcc, HAB State: 0x99 No HAB Events Found! => In this situation the "hab_rvt_authenticate_image()" is not executed, It's a bit confusing to receive a "No HAB Events Found!" message after running hab_auth_img

Re: [U-Boot] [PATCH v2 12/23] arm: imx: hab: Print CSF based on IVT descriptor

On 29/12/17 16:42, Breno Matheus Lima wrote: The hab_rvt_authenticate_image() is usually executed for extending the root of trust beyond the initial boot image (zImage, u-boot-ivt.img), in my understanding the layout described on the NXP documentation " | IVT | BINARY | CSF | " just applies for

[U-Boot] [PATCH v3 00/25] Fix and extend i.MX HAB layer

check in the NXP documents to perform prior to hab_rvt_authenticate_image - hab_rvt_failsafe is a useful function to set the board into BootROM USB recovery mode. Bryan O'Donoghue (25): arm: imx: hab: Make authenticate_image return int arm: imx: hab: Fix authenticate_image result

[U-Boot] [PATCH v3 03/25] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail

There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Es

[U-Boot] [PATCH v3 18/25] arm: imx: hab: Make internal functions and data static

There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mac

[U-Boot] [PATCH v3 02/25] arm: imx: hab: Fix authenticate_image result code

: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 ++--- ar

[U-Boot] [PATCH v3 15/25] arm: imx: hab: Define rvt_check_target()

region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 + 1 file changed, 9 insertions(+) diff --git a/arch/

[U-Boot] [PATCH v3 16/25] arm: imx: hab: Implement hab_rvt_check_target

. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v3 13/25] arm: imx: hab: Print CSF based on IVT descriptor

The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc:

[U-Boot] [PATCH v3 04/25] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail

The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v3 18/25] arm: imx: hab: Print HAB event log only after calling ROM

received some sort of status code. Signed-off-by: Bryan O'Donoghue Suggested-by: Cc: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister --- arch/arm/mach-imx/hab.c | 12 +++- 1 file changed, 7 inser

[U-Boot] [PATCH v3 01/25] arm: imx: hab: Make authenticate_image return int

first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v3 17/25] arm: imx: hab: Add a hab_rvt_check_target to image auth

and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 + 1 file changed, 9 insertions(+) diff --

[U-Boot] [PATCH v3 05/25] arm: imx: hab: Move IVT_SIZE to hab.h

The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v3 19/25] arm: imx: hab: Make internal functions and data static

There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mac

[U-Boot] [PATCH v3 12/25] arm: imx: hab: Only call ROM once headers are verified

d-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v3 11/25] arm: imx: hab: Verify IVT self matches calculated address

The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v3 07/25] arm: imx: hab: Fix authenticate_image input parameters

mage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Alb

[U-Boot] [PATCH v3 24/25] arm: imx: hab: Implement hab_rvt_failsafe

n the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++ 1 file changed, 15 insertions(+) diff --git

[U-Boot] [PATCH v3 06/25] arm: imx: hab: Move CSF_PAD_SIZE to hab.h

CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 +

[U-Boot] [PATCH v3 08/25] arm: imx: hab: Fix authenticate image lockup on MX7

performance impact with dcache switched off so this fix is relatively pain-free. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +

[U-Boot] [PATCH v3 09/25] arm: imx: hab: Add IVT header definitions

later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc:

[U-Boot] [PATCH v3 20/25] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled

tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 1 file changed, 4 insertions(

[U-Boot] [PATCH v3 24/25] arm: imx: hab: Add hab_failsafe console command

ux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/m

[U-Boot] [PATCH v3 25/25] arm: imx: hab: Add hab_failsafe console command

ux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/m

[U-Boot] [PATCH v3 22/25] arm: imx: hab: Define rvt_failsafe()

nvoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng

[U-Boot] [PATCH v3 10/25] arm: imx: hab: Add IVT header verification

The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: G

[U-Boot] [PATCH v3 22/25] arm: imx: hab: Make imx_hab_is_enabled global

It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebe

[U-Boot] [PATCH v3 25/25] arm: imx: hab: Print HAB event log only after calling ROM

received some sort of status code. Signed-off-by: Bryan O'Donoghue Suggested-by: Cc: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister --- arch/arm/mach-imx/hab.c | 12 +++- 1 file changed, 7 inser

[U-Boot] [PATCH v3 19/25] arm: imx: hab: Prefix authenticate_image with imx_hab

imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/

[U-Boot] [PATCH v3 20/25] arm: imx: hab: Prefix authenticate_image with imx_hab

imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/

[U-Boot] [PATCH v3 23/25] arm: imx: hab: Implement hab_rvt_failsafe

n the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++ 1 file changed, 15 insertions(+) diff --git

[U-Boot] [PATCH v3 21/25] arm: imx: hab: Make imx_hab_is_enabled global

It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebe

[U-Boot] [PATCH v3 14/25] arm: imx: hab: Print additional IVT elements during debug

This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file chang

[U-Boot] [PATCH v3 21/25] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled

tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 1 file changed, 4 insertions(

[U-Boot] [PATCH v3 23/25] arm: imx: hab: Define rvt_failsafe()

nvoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng

Re: [U-Boot] [PATCH v3 00/25] Fix and extend i.MX HAB layer

On 02/01/18 13:30, Breno Matheus Lima wrote: Hi Bryan, 2017-12-29 23:08 GMT-02:00 Bryan O'Donoghue : v3: - Only call into ROM if headers are verified. - Bryan - Print HAB event log if and only if a call was made to HAB and a meaningful status code has been obtained. - Breno v2:

[U-Boot] [PATCH v4 00/25] Fix and extend i.MX HAB layer

onwards extend out the HAB functionality. - hab_rvt_check_target is a recommended check in the NXP documents to perform prior to hab_rvt_authenticate_image - hab_rvt_failsafe is a useful function to set the board into BootROM USB recovery mode. Bryan O'Donoghue (25): arm: imx: hab:

[U-Boot] [PATCH v4 04/25] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail

The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v4 02/25] arm: imx: hab: Fix authenticate_image result code

: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 ++--- ar

[U-Boot] [PATCH v4 01/25] arm: imx: hab: Make authenticate_image return int

first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v4 08/25] arm: imx: hab: Fix authenticate image lockup on MX7

performance impact with dcache switched off so this fix is relatively pain-free. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +

[U-Boot] [PATCH v4 03/25] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail

There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Es

[U-Boot] [PATCH v4 11/25] arm: imx: hab: Verify IVT self matches calculated address

The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v4 05/25] arm: imx: hab: Move IVT_SIZE to hab.h

The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v4 07/25] arm: imx: hab: Fix authenticate_image input parameters

mage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Alb

[U-Boot] [PATCH v4 10/25] arm: imx: hab: Add IVT header verification

The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: G

[U-Boot] [PATCH v4 09/25] arm: imx: hab: Add IVT header definitions

later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc:

[U-Boot] [PATCH v4 20/25] arm: imx: hab: Prefix authenticate_image with imx_hab

imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 4 ++-- arch/arm/mach-imx/

[U-Boot] [PATCH v4 23/25] arm: imx: hab: Define rvt_failsafe()

nvoked the part will drop down to its BootROM USB recovery mode. Should it be the case that the part is in secure boot mode - only an appropriately signed binary will be accepted by the ROM and subsequently executed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng

[U-Boot] [PATCH v4 19/25] arm: imx: hab: Make internal functions and data static

There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mac

[U-Boot] [PATCH v4 06/25] arm: imx: hab: Move CSF_PAD_SIZE to hab.h

CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 +

[U-Boot] [PATCH v4 17/25] arm: imx: hab: Add a hab_rvt_check_target to image auth

and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 + 1 file changed, 9 insertions(+) diff --

[U-Boot] [PATCH v4 12/25] arm: imx: hab: Only call ROM once headers are verified

d-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v4 24/25] arm: imx: hab: Implement hab_rvt_failsafe

n the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++ 1 file changed, 15 insertions(+) diff --git

[U-Boot] [PATCH v4 15/25] arm: imx: hab: Define rvt_check_target()

region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 + 1 file changed, 9 insertions(+) diff --git a/arch/

[U-Boot] [PATCH v4 13/25] arm: imx: hab: Print CSF based on IVT descriptor

The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc:

[U-Boot] [PATCH v4 18/25] arm: imx: hab: Print HAB event log only after calling ROM

received some sort of status code. Signed-off-by: Bryan O'Donoghue Suggested-by: Cc: Breno Matheus Lima Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister --- arch/arm/mach-imx/hab.c | 12 +++- 1 file changed, 7 inser

[U-Boot] [PATCH v4 16/25] arm: imx: hab: Implement hab_rvt_check_target

. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v4 25/25] arm: imx: hab: Add hab_failsafe console command

ux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/m

[U-Boot] [PATCH v4 14/25] arm: imx: hab: Print additional IVT elements during debug

This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file chang

[U-Boot] [PATCH v4 22/25] arm: imx: hab: Make imx_hab_is_enabled global

It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebe

[U-Boot] [PATCH v4 21/25] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled

tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 1 file changed, 4 insertions(

Re: [U-Boot] [PATCH v4 08/25] arm: imx: hab: Fix authenticate image lockup on MX7

On 03/01/18 01:25, Breno Matheus Lima wrote: Hi Bryan, 2018-01-02 14:43 GMT-02:00 Bryan O'Donoghue : The i.MX6 has some pretty explicit code associated with informing the IROM about flushing caches during authenticate_image(). Looking at various pieces of documentation its pretty clea

[U-Boot] [PATCH v5 00/24] Fix and extend i.MX HAB layer

ecommended check in the NXP documents to perform prior to hab_rvt_authenticate_image - hab_rvt_failsafe is a useful function to set the board into BootROM USB recovery mode. Bryan O'Donoghue (24): arm: imx: hab: Make authenticate_image return int arm: imx: hab: Fix authenticate_image re

[U-Boot] [PATCH v5 01/24] arm: imx: hab: Make authenticate_image return int

first step is fixing the return type in authenticate_image() so do that now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.

[U-Boot] [PATCH v5 04/24] arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail

The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v5 02/24] arm: imx: hab: Fix authenticate_image result code

: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot authentication") Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 ++--- ar

[U-Boot] [PATCH v5 11/24] arm: imx: hab: Only call ROM once headers are verified

d-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v5 03/24] arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail

There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Es

[U-Boot] [PATCH v5 08/24] arm: imx: hab: Add IVT header definitions

later patches, where we will break the current incorrect dependence on fixed offsets in favour of an IVT described parsing of incoming binaries. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc:

[U-Boot] [PATCH v5 10/24] arm: imx: hab: Verify IVT self matches calculated address

The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue Cc: St

[U-Boot] [PATCH v5 06/24] arm: imx: hab: Move CSF_PAD_SIZE to hab.h

CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 1 +

[U-Boot] [PATCH v5 12/24] arm: imx: hab: Print CSF based on IVT descriptor

The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc:

[U-Boot] [PATCH v5 14/24] arm: imx: hab: Define rvt_check_target()

region is good. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/include/asm/mach-imx/hab.h | 9 + 1 file changed, 9 insertions(+) diff --git a/arch/

[U-Boot] [PATCH v5 20/24] arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled

tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 8 1 file changed, 4 insertions(

[U-Boot] [PATCH v5 13/24] arm: imx: hab: Print additional IVT elements during debug

This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 2 ++ 1 file chang

[U-Boot] [PATCH v5 15/24] arm: imx: hab: Implement hab_rvt_check_target

. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/mach-imx/ha

[U-Boot] [PATCH v5 23/24] arm: imx: hab: Implement hab_rvt_failsafe

n the alternative BootROM API. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 15 +++ 1 file changed, 15 insertions(+) diff --git

[U-Boot] [PATCH v5 24/24] arm: imx: hab: Add hab_failsafe console command

ux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/m

[U-Boot] [PATCH v5 16/24] arm: imx: hab: Add a hab_rvt_check_target to image auth

and perform that check as directed. Signed-off-by: Bryan O'Donoghue Cc: Stefano Babic Cc: Fabio Estevam Cc: Peng Fan Cc: Albert Aribaud Cc: Sven Ebenfeld Cc: George McCollister Cc: Breno Matheus Lima --- arch/arm/mach-imx/hab.c | 9 + 1 file changed, 9 insertions(+) diff --

<    1   2   3   4   5   6   >