From patchwork Sat May 30 18:29:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marek Vasut X-Patchwork-Id: 1301254 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=denx.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=denx.de header.i=@denx.de header.a=rsa-sha256 header.s=phobos-20191101 header.b=fCiclnO2; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49Z9270QPsz9sSk for ; Sun, 31 May 2020 04:29:18 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 86C7B80680; Sat, 30 May 2020 20:29:09 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=denx.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=denx.de; s=phobos-20191101; t=1590863349; bh=CveG7CQ3/OprWreSVtBxHWQimH9AyG0Bd+P5Qb9HEWU=; h=From:To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From; b=fCiclnO2Zb1irY+NYpPGTLcR7fpoGRrEHk1ECkotECA8YnPL04Wpe3Oj1P5Q/j/fV CxFw0qmTFoXRR9NeTzuyx3dyg9D837Ntcbk5Hp8tMMnGPyM6Mc7j1Knr+uIuEDBqE1 Jfyj/ksu2gQ3mU96kaMJes0j7eu7ZFwdut108a0K13LCISLZj2pBOZDH/+45Ds6VtJ j/nnNRpX/Tp7ee0wqfJsogeHSDUpuciurUKka4J5BsUwgXt+mzbA3+F9omAxfD6/xx Z2XukxizWhjNckxKpYdU9lQUI1zNf/7EjsWrT8WKnbEDRu5K0to31dN38ULrxBmaM8 EzLNC413S12OQ== Received: by phobos.denx.de (Postfix, from userid 109) id AD00C80825; Sat, 30 May 2020 20:29:07 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id BD74280670 for ; Sat, 30 May 2020 20:29:04 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=denx.de Authentication-Results: phobos.denx.de; spf=none smtp.mailfrom=marex@denx.de Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 49Z91r08vRz1qqks; Sat, 30 May 2020 20:29:04 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 49Z91q6qPnz1qtx7; Sat, 30 May 2020 20:29:03 +0200 (CEST) Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id SRv6h2noK1HL; Sat, 30 May 2020 20:29:02 +0200 (CEST) X-Auth-Info: JZLoF4Sr0N+xZapCoVpsjUc8kcCUX7zb4ZYJNDBq1HI= Received: from desktop.lan (ip-86-49-35-8.net.upcbroadband.cz [86.49.35.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Sat, 30 May 2020 20:29:02 +0200 (CEST) From: Marek Vasut To: u-boot@lists.denx.de Cc: Marek Vasut , Fabio Estevam , "NXP i . MX U-Boot Team" , Peng Fan , Stefano Babic Subject: [PATCH] ARM: imx: hab: panic on authentication failure Date: Sat, 30 May 2020 20:29:00 +0200 Message-Id: <20200530182900.159874-1-marex@denx.de> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.30rc1 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.2 at phobos.denx.de X-Virus-Status: Clean Instead of hang()ing the system and thus disallowing any automated recovery possibility from a HAB authentication failure, panic() . The panic() function can be configured to hang() the system after printing an error message, however the default is to reset the system instead. This allows redundant boot to work correctly. In case the primary or secondary image cannot be authenticated, the system reboots and bootrom can try to start the other one. Signed-off-by: Marek Vasut Cc: Fabio Estevam Cc: NXP i.MX U-Boot Team Cc: Peng Fan Cc: Stefano Babic Reviewed-by: Fabio Estevam --- arch/arm/mach-imx/spl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 1a231c67f5..76a5f7aca6 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -293,8 +293,7 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image) CSF_PAD_SIZE, offset)) { image_entry(); } else { - puts("spl: ERROR: image authentication fail\n"); - hang(); + panic("spl: ERROR: image authentication fail\n"); } } } @@ -320,8 +319,7 @@ void board_spl_fit_post_load(ulong load_addr, size_t length) if (imx_hab_authenticate_image(load_addr, offset + IVT_SIZE + CSF_PAD_SIZE, offset)) { - puts("spl: ERROR: image authentication unsuccessful\n"); - hang(); + panic("spl: ERROR: image authentication unsuccessful\n"); } } #endif