mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-14 00:47:26 +00:00
armv8: Secure Boot: Modify boot_a_script definition
esbc_validate command will not be executed if “load” command for its header fails and will further execute the source command for bootscript, without its validation and boot process continues. To halt the boot process in case secure boot header is not loaded successfully, esbc_validate command is invoked separately after “load” command. The secure boot validation of the bootscript header will fail (if header is not loaded) and halts the boot process, which prevent source command from execution. Signed-off-by: Vinitha V Pillai <vinitha.pillai@nxp.com> Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
This commit is contained in:
parent
4dde343d7e
commit
78c58082a9
7 changed files with 15 additions and 8 deletions
|
@ -98,7 +98,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"installer=load mmc 0:2 $load_addr " \
|
"installer=load mmc 0:2 $load_addr " \
|
||||||
|
|
|
@ -98,7 +98,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"installer=load mmc 0:2 $load_addr " \
|
"installer=load mmc 0:2 $load_addr " \
|
||||||
|
|
|
@ -363,7 +363,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"installer=load mmc 0:2 $load_addr " \
|
"installer=load mmc 0:2 $load_addr " \
|
||||||
|
|
|
@ -273,7 +273,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"qspi_bootcmd=echo Trying load from qspi..;" \
|
"qspi_bootcmd=echo Trying load from qspi..;" \
|
||||||
|
|
|
@ -253,7 +253,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"qspi_bootcmd=echo Trying load from qspi..;" \
|
"qspi_bootcmd=echo Trying load from qspi..;" \
|
||||||
|
|
|
@ -398,7 +398,8 @@
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; "\
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"installer=load mmc 0:2 $load_addr " \
|
"installer=load mmc 0:2 $load_addr " \
|
||||||
|
|
|
@ -495,7 +495,8 @@ unsigned long get_board_sys_clk(void);
|
||||||
"${scriptaddr} ${prefix}${script}; " \
|
"${scriptaddr} ${prefix}${script}; " \
|
||||||
"env exists secureboot && load ${devtype} " \
|
"env exists secureboot && load ${devtype} " \
|
||||||
"${devnum}:${distro_bootpart} " \
|
"${devnum}:${distro_bootpart} " \
|
||||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
"${scripthdraddr} ${prefix}${boot_script_hdr}; " \
|
||||||
|
"env exists secureboot " \
|
||||||
"&& esbc_validate ${scripthdraddr};" \
|
"&& esbc_validate ${scripthdraddr};" \
|
||||||
"source ${scriptaddr}\0" \
|
"source ${scriptaddr}\0" \
|
||||||
"qspi_bootcmd=echo Trying load from qspi..;" \
|
"qspi_bootcmd=echo Trying load from qspi..;" \
|
||||||
|
|
Loading…
Reference in a new issue