From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.9 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MSGID_FROM_MTA_HEADER,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0819FC4338F for ; Fri, 6 Aug 2021 05:56:55 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id ECBC8611BF for ; Fri, 6 Aug 2021 05:56:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org ECBC8611BF Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=oss.nxp.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 77D8E82C2C; Fri, 6 Aug 2021 07:56:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=oss.nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=NXP1.onmicrosoft.com header.i=@NXP1.onmicrosoft.com header.b="Xa26r/vJ"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 6B10582C6D; Fri, 6 Aug 2021 07:56:49 +0200 (CEST) Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20630.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id B88F482C2C for ; Fri, 6 Aug 2021 07:56:45 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=oss.nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=peng.fan@oss.nxp.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CtMMfChItxbVDi/eyUbi9B/zpVOUSE8rmxh6G7XXJS7Iz7eJEgEiX/E+Qj8KLhFNtmPIKGji3y3+XMpUTR5m+lYJI99GJ0uEPIuOUX9zecjaxjRWsiypJtb2kPxyjQVGuINzwPhPKK49qkMz03atOmISQkAuKTVkNjDb1ZtDzTho/G7I4pV843FMsnzdHJp2pRkMo7TTT13jIynrGoCAe/dFsnRpxIIPEBxhKyZqR8E7S2PB2zVpcdOkDNfjLzb35/SpI92YGoyddAa0Yn8hnX6ga9tteiG8NH38GhApAKB7x0caUOg36Mb8XrvrAV4G1DdgMxBOKPpQx0/n6eRNeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i7NQ/h534uns1ndpfVp9AcpS6VDOoSFbL+MBlXdHP4g=; b=RneaPDVL+0jzyVdkCjvI/FW/bee9cWkyOit9wgqYB3mpcLbPno2nJmKfles3SQNh6w1G+KoCiBdP5Sfk6GpmOlobgOk+X+UOhX3fTnpIysHsbdu+o/xDUYvBJ2/HWaRN8+k5CwxdoMFhz2LafQNinUH1XyRmhD524AYumNE/WSzT+525lvz0fzSCuRkaQMUzrJb9jDz/7ZmrAjOHrr4CJRJdf9ORs29ggALiucIXvdgq3gOPJEtk53P6t7VwY8CowjXyTPp4pHmu3HlPhfzWYcnHp+qN8n6JyV/Tf2zocVZaEjchSsee+3QHg8NYK4DCr9Ey0uRn/flVuQpyvEcYuw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oss.nxp.com; dmarc=pass action=none header.from=oss.nxp.com; dkim=pass header.d=oss.nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NXP1.onmicrosoft.com; s=selector2-NXP1-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i7NQ/h534uns1ndpfVp9AcpS6VDOoSFbL+MBlXdHP4g=; b=Xa26r/vJyuzs2jInKYznp3pEgTDc/516uptNm73qquGwXxgFBnaT5Kzz8BFGMPJ+1R0lyiugTO7IVHwk/Ms/fTPS4OkM+/G8lbcYZjMaSOFvPhgIywPBlchACAwF6iGuB3NM5QGvTV6A3vGoeYiMDf7Lux0qoMm/pbr/8YqVRSU= Authentication-Results: phytec.de; dkim=none (message not signed) header.d=none;phytec.de; dmarc=none action=none header.from=oss.nxp.com; Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com (10.172.251.142) by DB7PR04MB4092.eurprd04.prod.outlook.com (52.135.131.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.21; Fri, 6 Aug 2021 05:56:42 +0000 Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::c445:d742:eb76:86dd]) by DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::c445:d742:eb76:86dd%9]) with mapi id 15.20.4394.019; Fri, 6 Aug 2021 05:56:42 +0000 Subject: Re: [PATCH v1 0/2] imx8m: fix secure boot To: Heiko Schocher , "u-boot@lists.denx.de" , Stefano Babic Cc: "tharvey@gateworks.com" , Alexandru Gagniuc , Fabio Estevam , Faiz Abbas , Jaehoon Chung , Marek Vasut , Michael Walle , Michal Simek , dl-uboot-imx , =?UTF-8?Q?Pali_Roh=c3=a1r?= , Philippe Reynes , Simon Glass , Stefan Roese , "t.remmet@phytec.de" References: <20210806044427.1958686-1-hs@denx.de> From: "Peng Fan (OSS)" Message-ID: <3a0116de-b73e-274f-5d40-def37bfdea17@oss.nxp.com> Date: Fri, 6 Aug 2021 13:56:30 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: <20210806044427.1958686-1-hs@denx.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-ClientProxiedBy: SGAP274CA0003.SGPP274.PROD.OUTLOOK.COM (2603:1096:4:b6::15) To DB6PR0402MB2760.eurprd04.prod.outlook.com (2603:10a6:4:a1::14) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.193.102.209] (119.31.174.71) by SGAP274CA0003.SGPP274.PROD.OUTLOOK.COM (2603:1096:4:b6::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.16 via Frontend Transport; Fri, 6 Aug 2021 05:56:36 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4592befe-6214-4297-975c-08d9589ef6a5 X-MS-TrafficTypeDiagnostic: DB7PR04MB4092: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-LD-Processed: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635,ExtAddr X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tnceFJ3Et0hx2xYUQbgMKhpZHQ/YJIvv1WAGEVBjerMSjM23IhaofqGj8n4qKbwHtnaJJIcW2ZDMnLr/t78zDH5jUfc0n/O/C/M/OlESTFdVdcLh3zjnMdLlFKltiRPVe0q82VQqNhHB0l8IDY3Yv1VTVcSkKbu07PSgL07lb6j/fhQP/qMdtWmr3erAIalFbJZwQBrO1NejkICA/h2MgrZWOvsdNaSRB2bGM/yfOEQMmdLmPe5EmKrGLNfVuIKyRFMTN86bu0DPorZ99QyVBN0V9rG2ETHf5s4B1QjQKckuGRN12g6Jk+VXAOl+evJ9sqW8vft6CBipIF3fIUfjZ0yWIDWFCVF8xw5BkOy4DS4R8uDVK0gsSfOqrHdmHzuMATP3gT+sFpYtadU7tBcvvJdfH0GbVGY7PnDeli63JizjAAMEx9Lc21FqDlJNrVsq59uJft/A9uTvVX8a27r4YEZzs96LvqGaulFlcSrtCRyG2sUQ+UEf9II+9a9tGmSC7jQnw1Y+nP8LEWDJf3Y9ouks2QTtz4MoX2sdQP0USmkzf8xAS/c43WUZ9asBDvFztT+WhQDhK8b7lpCXL7etP0wkc2+8tF9WQ7Uxct2lsf/nCAEmIYRiU93sfW8AA71xSP1CAS5wx8IA3FQnNO6VWozxf5JoarH2E+MESP9NZok/cdhaz+JHO7/hmtPvfudDNrxVtPvbHq/3WVJF7aWe/8karaU1HHUEyPxpl8PL+fMhkXi2QvzUWpi33tbtYGIYapjZvZuiMOdDCH7LgYnp6OmsjPDKVpzX7aN+1r2BTE5DmWxITDP6OFeqQ2pqMqLR6pUmQYhDT9dmxHI+1v22wMAwE98F6ouExLemY+6spcGEV/DlS8gh/CS8o1YJqdie X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR0402MB2760.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(366004)(396003)(376002)(136003)(39860400002)(5660300002)(45080400002)(966005)(66556008)(4326008)(53546011)(52116002)(54906003)(16576012)(66476007)(110136005)(6486002)(66946007)(26005)(316002)(956004)(83380400001)(31686004)(8676002)(8936002)(31696002)(7416002)(478600001)(38100700002)(38350700002)(2906002)(186003)(2616005)(86362001)(6666004)(32563001)(43740500002)(45980500001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?elltTXJQTkYzemtEdElxempVUjkyTWcrZG13c3VwNE9OaytrNjdlRmxOSksx?= =?utf-8?B?cWJxVVMxMzlwb256OFQ5MCtiL08zU01XMHNVUW41U3ZLbE1RMFJaTHhpNmtB?= =?utf-8?B?dFZhTjBwTHpSNFB5eUxXNGJqcExzM09LampnOUZJbHR5aDdNM3lRYm5lZjBo?= =?utf-8?B?cDBMY0c4M2dWdVV0d0xWdXBVbGtGd0V2NlYzUTMxeGd1bzRIbEVTQSs0cmdW?= =?utf-8?B?cGlCdlZMUTZHU25pL1EvdjJyWnIraFY2QklYRlhKakd2QzN0ejRPNXljNTdq?= =?utf-8?B?N3piMDdWcDdIOGdkbEdRd3BUSlB6ekJZb3FtODliOWkwMFdCVFZaSVp4RVov?= =?utf-8?B?K3pPVUhGNlJEMGl6MktUR2E2aGV3QzcxN0EwTWRGMFpzbFkvU0dIeVZVa1JV?= =?utf-8?B?SHpEMTRvbVR6QmYwUm8rR1ZHS0JNNzd6R1ZYVzhGaGcyb2QwcTRLYVdHbTAr?= =?utf-8?B?Vmt3UUEvVUcvUURFcUVQcmI3MGFGbUtVZ3h4ZnM0NExINllpcU9IbzNvN3Az?= =?utf-8?B?V0JQL1BuNk1EMlVDR3lvb3R2YS9iZkdrYjdzazJxS3p4K1dJeDBEMGxoTkIx?= =?utf-8?B?cE5hcHpzT0hsSERnYnlCN09GOS9Jclh2UGU1Q1p5enY0cXIyMDBtcmg4Rmp0?= =?utf-8?B?YzBPb2xBOXJCdWgyd1FRcm5ySUNrcUwzSk9RcjFaS1VyeURXOS91VlE4VHAv?= =?utf-8?B?c3cvM0ZISTNqdnpRMHVwOXNhSkFrVDdlQkRhaEtkZGRZcDI1VFRJZ2JQa0ZR?= =?utf-8?B?ckVreTJHR0JVZVVwZHZOYkQ4RXc3Ujd0OHNFTEtlWUx1NVlzNms5WE5Pd3hT?= =?utf-8?B?dVBTZVJzVDNlSW5CYmEzVS9wbitFUExmZitiSFpOL3d5c1dLTXV1VkxKUTlG?= =?utf-8?B?WmloQ0JDekNJRC9zZXozYXhnN3p1bXgzLzFkSlVQL2tWZ3NORFQwMnNqbVhX?= =?utf-8?B?NDEzVEtQbkF3YW1BblpIK2RoSHc5MGNaaXBnOVkwbjF6dW91RXBPY1g2TjRj?= =?utf-8?B?cW5CcmZDQjJsWG5NREdkSVVwWko0NzhubFduaXFxanY3OGpKZDBWT3NuUkxH?= =?utf-8?B?SDJROGM5UEpMbFhsVHVCSFRFTFpndDFYVkVlM3RCSkxLOFZkL1U5NDA4YlBl?= =?utf-8?B?eWFIbFFCODQ2SGxpbVZzMmcwdXVic3VBREc2TEcySy9lMEFyWmdtL1NmZkVh?= =?utf-8?B?bW14eklENXVrZi92SjJTcDlTbGY0a094aWs0SXNZSkliNUYzUjk3N2tXRTBu?= =?utf-8?B?UGN1Vkpkc2tYN2cyZEk5Q1IwWU1zemVac3pQYjZnd2RyeWwvcnEwTUp2S2FY?= =?utf-8?B?cVJNUkRYRHpYR1V2bmplZzNzQUZMQjVCMXpOVnJuRWkxZXQ1eG1oblRQSG12?= =?utf-8?B?UDc0cVVTSnZiaFQrbzZiQmFRWXdEZkVWcThjZmpNSi9wNVM0Wjc3RXRPOStG?= =?utf-8?B?L0hjVTZleDFoMGl5alYyb1lWUUw0QjF0K3I0YnVXWGdWUWM2MEw1Q3AwRVNy?= =?utf-8?B?eFcydXd1SVk4YWNUWEZUZjdESzFNZkN0WEFzdFhTdEJBMlNCcWtPNjAvNWlh?= =?utf-8?B?b1NsN2p2Rm8rWUZBNmlyQS96aVVnQnU5TGhNenFKYlAzSlduZU0ycmRRY0RN?= =?utf-8?B?UmVLYUlxK2EzR01aOHVLUGhXeUVkdUdyKzFYdlpjckJzY2crTVcxUEh6WUFL?= =?utf-8?B?THFwWnJWL2wzT29DWkovS05mNWYwQ3FUcHdidGZzZGI2a0JlNFhQK296Nk5B?= =?utf-8?Q?D+xVAjgTyeIBeOceBLpiEPFzCOpil+rnK1NeIwm?= X-OriginatorOrg: oss.nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4592befe-6214-4297-975c-08d9589ef6a5 X-MS-Exchange-CrossTenant-AuthSource: DB6PR0402MB2760.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Aug 2021 05:56:42.0378 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 0QYyWMFHZGh796sg03qQICGljjznkvkoARKslD5kmSIjHj1KiEFNPcoOaPEF+ZtgeqQe2R41aE9rzojlbs68pQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR04MB4092 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On 2021/8/6 12:44, Heiko Schocher wrote: > > This series fixes secure boot on imx8m based boards. Tim > also detected this issue and the patches fixed on his hardware > also the problem, see discussion here: > > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.denx.de%2Fpipermail%2Fu-boot%2F2021-July%2F454351.html&data=04%7C01%7Cpeng.fan%40nxp.com%7C60053de52160416b6d9608d95894ead0%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C637638218882598843%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ZF%2FCsb%2FdBiLKHa5o6wRmAsQOIduZHhFI5MC%2BuIB0Vz4%3D&reserved=0 > > Problem is that the IVT header gets loaded to a memallocated > buffer, but it needs to sit on memaddress coded in IVT header > itself. This patchseries adds a weak function spl_load_simple_fit() > in common spl code, which does not change current code behaviour. > > Second patch than implements this weak function for imx based > boards (if no IVT header is found on address which is passed > to it, it does nothing). > > I am not sure if this is the best solution, but it fixes a real > bug, and may could be made clearer, if possible. NXP downstream dropped malloc, with buf = board_spl_fit_buffer_addr(size, sectors, info->bl_len); And this will use previous fixed address. Regards, Peng. > > > Heiko Schocher (2): > spl_fit. add hook to make fixes after fit header is loaded > imx: spl: implement spl_load_simple_fit_fix_load > > arch/arm/mach-imx/spl.c | 33 +++++++++++++++++++++++++++++++++ > common/spl/spl_fit.c | 11 +++++++++++ > include/spl.h | 8 ++++++++ > 3 files changed, 52 insertions(+) >