diff mbox series

[U-Boot] armv8: Secure Boot: Modify boot_a_script definition

Message ID 1541740459-32162-1-git-send-email-vinitha.pillai@nxp.com
State Changes Requested
Delegated to: Prabhakar Kushwaha
Headers show
Series [U-Boot] armv8: Secure Boot: Modify boot_a_script definition | expand

Commit Message

Vinitha V Pillai Nov. 9, 2018, 5:23 a.m. UTC 
boot_script_hdr does not exist, it should not continue to
boot. So adding separate validation after loading boot_script

Signed-off-by: Vinitha V Pillai <vinitha.pillai@nxp.com>
---
 include/configs/ls1012afrwy.h    | 3 ++-
 include/configs/ls1012ardb.h     | 3 ++-
 include/configs/ls1021atwr.h     | 3 ++-
 include/configs/ls1043a_common.h | 3 ++-
 include/configs/ls1046a_common.h | 5 +++--
 include/configs/ls1088ardb.h     | 3 ++-
 include/configs/ls2080ardb.h     | 3 ++-
 7 files changed, 15 insertions(+), 8 deletions(-)

Comments

York Sun Dec. 12, 2018, 9:27 p.m. UTC | #1 
On 11/8/18 9:23 PM, Vinitha V Pillai wrote:
> boot_script_hdr does not exist, it should not continue to
> boot. So adding separate validation after loading boot_script

If boot_script_hdr doesn't exist, the "load" command will fail. Why do
you expect "esbc_validate" command to run without loading script header?

York
diff mbox series

Patch

diff --git a/include/configs/ls1012afrwy.h b/include/configs/ls1012afrwy.h
index ebb1df41c7..12e6437a05 100644
--- a/include/configs/ls1012afrwy.h
+++ b/include/configs/ls1012afrwy.h
@@ -98,7 +98,8 @@ 
 			"${scriptaddr} ${prefix}${script}; "    \
 		"env exists secureboot && load ${devtype} "     \
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} " \
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
 			"&& esbc_validate ${scripthdraddr};"    \
 		"source ${scriptaddr}\0"	  \
 	"installer=load mmc 0:2 $load_addr "	\
diff --git a/include/configs/ls1012ardb.h b/include/configs/ls1012ardb.h
index f149a604cf..f6640fa499 100644
--- a/include/configs/ls1012ardb.h
+++ b/include/configs/ls1012ardb.h
@@ -98,7 +98,8 @@ 
 			"${scriptaddr} ${prefix}${script}; "    \
 		"env exists secureboot && load ${devtype} "     \
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} " \
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
 			"&& esbc_validate ${scripthdraddr};"    \
 		"source ${scriptaddr}\0"	  \
 	"installer=load mmc 0:2 $load_addr "	\
diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h
index ddd024e8c0..70af3ebb8f 100644
--- a/include/configs/ls1021atwr.h
+++ b/include/configs/ls1021atwr.h
@@ -364,7 +364,8 @@ 
 			"${scriptaddr} ${prefix}${script}; "    \
 		"env exists secureboot && load ${devtype} "     \
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} " \
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
 			"&& esbc_validate ${scripthdraddr};"    \
 		"source ${scriptaddr}\0"	  \
 	"installer=load mmc 0:2 $load_addr "	\
diff --git a/include/configs/ls1043a_common.h b/include/configs/ls1043a_common.h
index 7875bf4bba..3d6ce2cafb 100644
--- a/include/configs/ls1043a_common.h
+++ b/include/configs/ls1043a_common.h
@@ -294,7 +294,8 @@ 
 			"${scriptaddr} ${prefix}${script}; "	\
 		"env exists secureboot && load ${devtype} "	\
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} "	\
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
 			"&& esbc_validate ${scripthdraddr};"	\
 		"source ${scriptaddr}\0"			\
 	"qspi_bootcmd=echo Trying load from qspi..;"	\
diff --git a/include/configs/ls1046a_common.h b/include/configs/ls1046a_common.h
index 6e36c9339b..4ac31c59dd 100644
--- a/include/configs/ls1046a_common.h
+++ b/include/configs/ls1046a_common.h
@@ -271,8 +271,9 @@ 
 			"${scriptaddr} ${prefix}${script}; "    \
 		"env exists secureboot && load ${devtype} "     \
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} " \
-			"&& esbc_validate ${scripthdraddr};"    \
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
+			"&& esbc_validate ${scripthdraddr};"	\
 		"source ${scriptaddr}\0"	  \
 	"qspi_bootcmd=echo Trying load from qspi..;"      \
 		"sf probe && sf read $load_addr "         \
diff --git a/include/configs/ls1088ardb.h b/include/configs/ls1088ardb.h
index 2391a7cc05..b5a9f68dda 100644
--- a/include/configs/ls1088ardb.h
+++ b/include/configs/ls1088ardb.h
@@ -407,7 +407,8 @@ 
 		"${scriptaddr} ${prefix}${script}; "		\
 	"env exists secureboot && load ${devtype} "		\
 		"${devnum}:${distro_bootpart} "			\
-		"${scripthdraddr} ${prefix}${boot_script_hdr} " \
+		"${scripthdraddr} ${prefix}${boot_script_hdr}; "\
+		"env exists secureboot "			\
 		"&& esbc_validate ${scripthdraddr};"		\
 		"source ${scriptaddr}\0"			\
 	"installer=load mmc 0:2 $load_addr "			\
diff --git a/include/configs/ls2080ardb.h b/include/configs/ls2080ardb.h
index a8e872ebd5..f6aa4ed2e8 100644
--- a/include/configs/ls2080ardb.h
+++ b/include/configs/ls2080ardb.h
@@ -511,7 +511,8 @@  unsigned long get_board_sys_clk(void);
 			"${scriptaddr} ${prefix}${script}; "	\
 		"env exists secureboot && load ${devtype} "	\
 			"${devnum}:${distro_bootpart} "		\
-			"${scripthdraddr} ${prefix}${boot_script_hdr} "	\
+			"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
+			"env exists secureboot "	\
 			"&& esbc_validate ${scripthdraddr};"	\
 		"source ${scriptaddr}\0"			\
 	"qspi_bootcmd=echo Trying load from qspi..;"		\