From patchwork Fri Nov 9 05:23:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinitha V Pillai X-Patchwork-Id: 995312 X-Patchwork-Delegate: prabhakar@freescale.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="SmmyjGvQ"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 42rpV017Xgz9s8T for ; Fri, 9 Nov 2018 16:23:48 +1100 (AEDT) Received: by lists.denx.de (Postfix, from userid 105) id D5570C22036; Fri, 9 Nov 2018 05:23:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 63070C21FFC; Fri, 9 Nov 2018 05:23:38 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5E3EDC21FFC; Fri, 9 Nov 2018 05:23:36 +0000 (UTC) Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40041.outbound.protection.outlook.com [40.107.4.41]) by lists.denx.de (Postfix) with ESMTPS id C1FDBC21F00 for ; Fri, 9 Nov 2018 05:23:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IgMi4DSu6jTKtw2Z4NK2zUJ+xZ65C+I9BWL5Xiou9dU=; b=SmmyjGvQ1keMfyPMh5b/xq1Zoo8e9374CTM6kpLz/ku5AoOln9nHI3ZV0ACgtLAAZ8qtZW5001v/IcEuquf+XJ3iBwCDWLNfRU8IRGUXHFW9sYAZL4mPwow/Zv8vUsZyNcIUwWurd/Owi3bR/ULd1oynFDX088JxNMicM1Fj6mg= Received: from AM0PR0402MB3347.eurprd04.prod.outlook.com (52.133.44.156) by AM0PR0402MB3890.eurprd04.prod.outlook.com (52.133.39.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.27; Fri, 9 Nov 2018 05:23:33 +0000 Received: from AM0PR0402MB3347.eurprd04.prod.outlook.com ([fe80::15c2:1d94:d057:51d9]) by AM0PR0402MB3347.eurprd04.prod.outlook.com ([fe80::15c2:1d94:d057:51d9%4]) with mapi id 15.20.1294.034; Fri, 9 Nov 2018 05:23:33 +0000 From: Vinitha V Pillai To: "u-boot@lists.denx.de" Thread-Topic: [PATCH] armv8: Secure Boot: Modify boot_a_script definition Thread-Index: AQHUd+xb1ktTPrYyBEGfQvEcQo0A3A== Date: Fri, 9 Nov 2018 05:23:33 +0000 Message-ID: <1541740459-32162-1-git-send-email-vinitha.pillai@nxp.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 1.9.1 x-clientproxiedby: BM1PR01CA0103.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00::19) To AM0PR0402MB3347.eurprd04.prod.outlook.com (2603:10a6:208:19::28) authentication-results: spf=none (sender IP is ) smtp.mailfrom=vinitha.pillai@nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [14.143.30.134] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM0PR0402MB3890; 6:/+r52aQHEApc+Ix3W8UvphGdDbcO3IO2zbwgwo2Vmk7Q9XENjVGwq1RapFvvUH05gWDvbwKxOLHM52wbmVpjpsP82qtMwNyyGXw6luH1A2mkwKvnW3vxEY0KehOb79t7Kd7Eh3OLeGPIekuYMNUfI+WMOojWjP8q55TCy+81JPd35vuCRyXj6UFXenljH+ZQ/wFouc41tPqjswYQiI7fstk+8no18+tPJUMIOmO1KLDrI1iXMTeD5QWwWHpPc1lJan/oHqz+KjPwsABZMZu7FVJFppY+eKzs/vUVPBwqvxT3wALCxUXrPL9wjLdg8VioKBGq3mySnrNeCmt2x256LOAWx1/H1VqH0JxRwxnE2ZeJrHoLJWiOyIgm1j2RhFpa4MbxnDvu6JtTpr+dY4jWiNWOsDC5HICohGNYMXz8pxQcy/4fgBHVXQWJ9A05mP/HvSJUVk1qIIl9vlZg+kB+Bg==; 5:+VlCdNgts1dhsUPrkw19qb6K/Zp5peJKpLmuiJ0wmRAzHAdeulFabYHb6zVWqYGyJaP0Xo8HHlfylrMEigUB3PzhmazNWHgaCSpPSKUPVrCVUrUdwJc5JhE85oeMcmS1+QyA5W3TqssKvB6YToMLUV4VRqM+BHEPD8X2Msojx1s=; 7:nWsWvOxSHNw5Zr7/lZ5sVmzYkTLnlHZUFyGsBcKZkHP/o/gQ9CLRppTSMQdYxr2UnbuXtwjxm+VR9yc/fnAdF6wp0CihjmDmSJ0nRXbRdiJdB2HRFbWfBpe3XVJECwE6ZTPz+dm8MfYccz9qdMRzQw== x-ms-office365-filtering-correlation-id: b518231f-b1e2-4d35-0bc3-08d646037dd3 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:AM0PR0402MB3890; x-ms-traffictypediagnostic: AM0PR0402MB3890: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(185117386973197); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231382)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(20161123562045)(201708071742011)(7699051)(76991095); SRVR:AM0PR0402MB3890; BCL:0; PCL:0; RULEID:; SRVR:AM0PR0402MB3890; x-forefront-prvs: 08512C5403 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(136003)(346002)(396003)(376002)(199004)(189003)(81166006)(81156014)(2906002)(53936002)(2616005)(2351001)(105586002)(2501003)(6512007)(78486014)(50226002)(36756003)(256004)(71200400001)(6486002)(3846002)(6916009)(4326008)(8676002)(14444005)(25786009)(316002)(54906003)(8936002)(2900100001)(71190400001)(6436002)(5640700003)(6116002)(14454004)(99286004)(478600001)(186003)(6506007)(97736004)(1857600001)(26005)(55236004)(386003)(86362001)(66066001)(305945005)(68736007)(106356001)(5660300001)(486006)(102836004)(476003)(7736002)(52116002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR0402MB3890; H:AM0PR0402MB3347.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: 7aDeZ8fc2Q8y/FFUCiV9pko3tyvPIECKSjwg37nUOp8YaJ9gfdZZRxz4OEauGqZ6YEJpUzE6dAdvH+Psw6XksmUnqHD29H2oHKgTHkrAVAbt5Pl35k6bOKuMKt664zRgG+yobZemfIG12gGMb1WCfQdPCEmwXzta1et7BPG6gXiDuXBjmJYj1BYA1pvtrw3Bc0iMMeCftlLr+Xk6F6xU+1/fWzLC4dJqH2oiC+PIA2ETnbnn7tlqAbEH+Cx63piVNaz+gtYqPz6CMnDGUNzYyDWPqeCx5c8cQl9/HM6DkNXslpFW0Lp4ZVfURslJEezh6rjsCPQIQU0dvQtRNaW/bRSNynI/4taNVWNx6R5sOjg= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: b518231f-b1e2-4d35-0bc3-08d646037dd3 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Nov 2018 05:23:33.2458 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0402MB3890 Cc: Ruchika Gupta , Vinitha V Pillai Subject: [U-Boot] [PATCH] armv8: Secure Boot: Modify boot_a_script definition X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" boot_script_hdr does not exist, it should not continue to boot. So adding separate validation after loading boot_script Signed-off-by: Vinitha V Pillai --- include/configs/ls1012afrwy.h | 3 ++- include/configs/ls1012ardb.h | 3 ++- include/configs/ls1021atwr.h | 3 ++- include/configs/ls1043a_common.h | 3 ++- include/configs/ls1046a_common.h | 5 +++-- include/configs/ls1088ardb.h | 3 ++- include/configs/ls2080ardb.h | 3 ++- 7 files changed, 15 insertions(+), 8 deletions(-) diff --git a/include/configs/ls1012afrwy.h b/include/configs/ls1012afrwy.h index ebb1df41c7..12e6437a05 100644 --- a/include/configs/ls1012afrwy.h +++ b/include/configs/ls1012afrwy.h @@ -98,7 +98,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "installer=load mmc 0:2 $load_addr " \ diff --git a/include/configs/ls1012ardb.h b/include/configs/ls1012ardb.h index f149a604cf..f6640fa499 100644 --- a/include/configs/ls1012ardb.h +++ b/include/configs/ls1012ardb.h @@ -98,7 +98,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "installer=load mmc 0:2 $load_addr " \ diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h index ddd024e8c0..70af3ebb8f 100644 --- a/include/configs/ls1021atwr.h +++ b/include/configs/ls1021atwr.h @@ -364,7 +364,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "installer=load mmc 0:2 $load_addr " \ diff --git a/include/configs/ls1043a_common.h b/include/configs/ls1043a_common.h index 7875bf4bba..3d6ce2cafb 100644 --- a/include/configs/ls1043a_common.h +++ b/include/configs/ls1043a_common.h @@ -294,7 +294,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "qspi_bootcmd=echo Trying load from qspi..;" \ diff --git a/include/configs/ls1046a_common.h b/include/configs/ls1046a_common.h index 6e36c9339b..4ac31c59dd 100644 --- a/include/configs/ls1046a_common.h +++ b/include/configs/ls1046a_common.h @@ -271,8 +271,9 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ - "&& esbc_validate ${scripthdraddr};" \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ + "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "qspi_bootcmd=echo Trying load from qspi..;" \ "sf probe && sf read $load_addr " \ diff --git a/include/configs/ls1088ardb.h b/include/configs/ls1088ardb.h index 2391a7cc05..b5a9f68dda 100644 --- a/include/configs/ls1088ardb.h +++ b/include/configs/ls1088ardb.h @@ -407,7 +407,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; "\ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "installer=load mmc 0:2 $load_addr " \ diff --git a/include/configs/ls2080ardb.h b/include/configs/ls2080ardb.h index a8e872ebd5..f6aa4ed2e8 100644 --- a/include/configs/ls2080ardb.h +++ b/include/configs/ls2080ardb.h @@ -511,7 +511,8 @@ unsigned long get_board_sys_clk(void); "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "qspi_bootcmd=echo Trying load from qspi..;" \