mirror of
https://github.com/AsahiLinux/u-boot
synced 2025-01-12 13:18:52 +00:00
85bb389654
Use a pointer to pass image address to fsl_secboot_validate(), instead of using environmental variable "img_addr". Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Saksham Jain <saksham.jain@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
84 lines
2 KiB
C
84 lines
2 KiB
C
/*
|
|
* Copyright 2015 Freescale Semiconductor, Inc.
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
*/
|
|
|
|
#include <common.h>
|
|
#include <command.h>
|
|
#include <fsl_validate.h>
|
|
|
|
int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
|
|
char * const argv[])
|
|
{
|
|
if (fsl_check_boot_mode_secure() == 0) {
|
|
printf("Boot Mode is Non-Secure. Not entering spin loop.\n");
|
|
return 0;
|
|
}
|
|
|
|
printf("Core is entering spin loop.\n");
|
|
loop:
|
|
goto loop;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc,
|
|
char * const argv[])
|
|
{
|
|
char *hash_str = NULL;
|
|
uintptr_t haddr;
|
|
int ret;
|
|
uintptr_t img_addr = 0;
|
|
char buf[20];
|
|
|
|
if (argc < 2)
|
|
return cmd_usage(cmdtp);
|
|
else if (argc > 2)
|
|
/* Second arg - Optional - Hash Str*/
|
|
hash_str = argv[2];
|
|
|
|
/* First argument - header address -32/64bit */
|
|
haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);
|
|
|
|
/* With esbc_validate command, Image address must be
|
|
* part of header. So, the function is called
|
|
* by passing this argument as 0.
|
|
*/
|
|
ret = fsl_secboot_validate(haddr, hash_str, &img_addr);
|
|
|
|
/* Need to set "img_addr" even if validation failure.
|
|
* Required when SB_EN in RCW set and non-fatal error
|
|
* to continue U-Boot
|
|
*/
|
|
sprintf(buf, "%lx", img_addr);
|
|
setenv("img_addr", buf);
|
|
|
|
if (ret)
|
|
return 1;
|
|
|
|
printf("esbc_validate command successful\n");
|
|
return 0;
|
|
}
|
|
|
|
/***************************************************/
|
|
static char esbc_validate_help_text[] =
|
|
"esbc_validate hdr_addr <hash_val> - Validates signature using\n"
|
|
" RSA verification\n"
|
|
" $hdr_addr Address of header of the image\n"
|
|
" to be validated.\n"
|
|
" $hash_val -Optional\n"
|
|
" It provides Hash of public/srk key to be\n"
|
|
" used to verify signature.\n";
|
|
|
|
U_BOOT_CMD(
|
|
esbc_validate, 3, 0, do_esbc_validate,
|
|
"Validates signature on a given image using RSA verification",
|
|
esbc_validate_help_text
|
|
);
|
|
|
|
U_BOOT_CMD(
|
|
esbc_halt, 1, 0, do_esbc_halt,
|
|
"Put the core in spin loop (Secure Boot Only)",
|
|
""
|
|
);
|