u-boot.lists.denx.de archive mirror
 help / color / mirror / Atom feed
From: Peng Fan (OSS) <peng.fan@oss.nxp.com>
To: u-boot@lists.denx.de
Subject: [PATCH 07/37] imx: hab: Add function to authenticate kernel image
Date: Thu, 25 Mar 2021 17:30:06 +0800	[thread overview]
Message-ID: <20210325093036.3270101-8-peng.fan@oss.nxp.com> (raw)
In-Reply-To: <20210325093036.3270101-1-peng.fan@oss.nxp.com>

From: Ye Li <ye.li@nxp.com>

When loading kernel image, the image size is parsed from header, so it
does not include the CSF and IVT.

Add back the authenticate_image function to wrap the imx_hab_authenticate_image
with calculating IVT offset and full image size.

Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
---
 arch/arm/mach-imx/hab.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c
index d0757d8b66..66ac440349 100644
--- a/arch/arm/mach-imx/hab.c
+++ b/arch/arm/mach-imx/hab.c
@@ -698,3 +698,15 @@ hab_authentication_exit:
 
 	return result;
 }
+
+int authenticate_image(u32 ddr_start, u32 raw_image_size)
+{
+	u32 ivt_offset;
+	size_t bytes;
+
+	ivt_offset = (raw_image_size + ALIGN_SIZE - 1) &
+					~(ALIGN_SIZE - 1);
+	bytes = ivt_offset + IVT_SIZE + CSF_PAD_SIZE;
+
+	return imx_hab_authenticate_image(ddr_start, bytes, ivt_offset);
+}
-- 
2.25.1

  parent reply	other threads:[~2021-03-25  9:30 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-25  9:29 [PATCH 00/37] imx: hab/caam new feature and update Peng Fan
2021-03-25  9:30 ` [PATCH 01/37] imx8mn: evk: update MAINTAINERS Peng Fan
2021-03-25  9:30 ` [PATCH 02/37] imx8m: add regs used by CAAM Peng Fan
2021-03-25  9:30 ` [PATCH 03/37] imx: imx7 Support for Manufacturing Protection Peng Fan
2021-03-25  9:30 ` [PATCH 04/37] imx: Avoid hardcoded output ring size register offset (ORSR) Peng Fan
2021-03-25  9:30 ` [PATCH 05/37] imx: Ensure CAAM clock is enabled prior getting out_jr_size Peng Fan
2021-03-25  9:30 ` [PATCH 06/37] imx: Avoid hardcoded Job Ring Max size Peng Fan
2021-03-25  9:30 ` Peng Fan [this message]
2021-03-25  9:30 ` [PATCH 08/37] imx: HAB: Update hab codes to support ARM64 and i.MX8M Peng Fan
2021-03-25  9:30 ` [PATCH 09/37] imx: HAB: Validate IVT before authenticating image Peng Fan
2021-03-25  9:30 ` [PATCH 10/37] hab: Change calling to ROM API failsafe Peng Fan
2021-03-25  9:30 ` [PATCH 11/37] imx: hab: Enable hab.c to authenticate additional images in open configuration Peng Fan
2021-03-25  9:30 ` [PATCH 12/37] imx: hab: Display All HAB events via hab_status command Peng Fan
2021-03-25  9:30 ` [PATCH 13/37] imx: hab: Check if IVT header is HABv4 Peng Fan
2021-03-25  9:30 ` [PATCH 14/37] mx7ulp: hab: Add hab_status command for HABv4 M4 boot Peng Fan
2021-03-25  9:30 ` [PATCH 15/37] imx: hab: Fix build warnings in 32-bit targets Peng Fan
2021-03-25  9:30 ` [PATCH 16/37] imx: HAB: Add support for iMX8MM Peng Fan
2021-03-25  9:30 ` [PATCH 17/37] crypto: fsl: blob: Flush dcache range for destination address Peng Fan
2021-03-25  9:30 ` [PATCH 18/37] iMX8M: Add support to enable CONFIG_IMX_HAB Peng Fan
2021-03-25  9:30 ` [PATCH 19/37] imx: cmd_dek: Enable DEK only for chips supporting CAAM Peng Fan
2021-03-25  9:30 ` [PATCH 20/37] mx6dq: hab: Fix chip version in hab.h code Peng Fan
2021-03-25  9:30 ` [PATCH 21/37] cmd: blob: Add IMX_HAB and CAAM supported SoCs as dependency Peng Fan
2021-03-25  9:30 ` [PATCH 22/37] cmd: blob: Instantiate RNG before running CMD_BLOB Peng Fan
2021-03-25  9:30 ` [PATCH 23/37] crypto: caam: change JR running loop Peng Fan
2021-03-25  9:30 ` [PATCH 24/37] caam: enable support for iMX7ULP Peng Fan
2021-03-25  9:30 ` [PATCH 25/37] imx7ulp: Enable support for cmd blob Peng Fan
2021-03-25  9:30 ` [PATCH 26/37] crypto: caam: Add CAAM support to i.MX8M platforms Peng Fan
2021-03-25  9:30 ` [PATCH 27/37] crypto: caam: Fix build warnings pointer casting Peng Fan
2021-03-25  9:30 ` [PATCH 28/37] crypto: Add blob command support for i.MX8M platforms Peng Fan
2021-03-25  9:30 ` [PATCH 29/37] crypto: caam: Fix pointer size to 32bit for i.MX8M Peng Fan
2021-03-25  9:30 ` [PATCH 30/37] crypto: caam: Add secure memory vid 3 support Peng Fan
2021-03-25  9:30 ` [PATCH 31/37] crypto: caam: Add fsl caam driver Peng Fan
2021-04-08 18:24   ` Stefano Babic
2021-07-08  8:02     ` Peng Fan (OSS)
2021-07-08  8:28       ` Stefano Babic
2021-03-25  9:30 ` [PATCH 32/37] crypto: caam: RNG4 TRNG errata Peng Fan
2021-03-25  9:30 ` [PATCH 33/37] imx: caam: new u-boot command to set PRIBLOB bitfield from CAAM SCFGR register to 0x3 Peng Fan
2021-03-25  9:30 ` [PATCH 34/37] imx8m: Add DEK blob encapsulation for imx8m Peng Fan
2021-03-25  9:30 ` [PATCH 35/37] imx8: Add DEK blob encapsulation Peng Fan
2021-03-25  9:30 ` [PATCH 36/37] fsl_mfgprot: Fix typo in sign_mppubk() Peng Fan
2021-03-25  9:30 ` [PATCH 37/37] crypto: fsl: refactor for 32 bit version CAAM support on ARM64 Peng Fan
2021-03-31 12:32 ` [PATCH 00/37] imx: hab/caam new feature and update Horia Geantă

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210325093036.3270101-8-peng.fan@oss.nxp.com \
    --to=peng.fan@oss.nxp.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).