[U-Boot] [PATCH v5 00/24] Fix and extend i.MX HAB layer

Bryan O'Donoghue bryan.odonoghue at linaro.org
Tue Jan 9 16:50:48 UTC 2018 


On 09/01/18 15:53, Breno Matheus Lima wrote:
> Hi Bryan,
> 
> 2018-01-08 15:36 GMT-02:00 Bryan O'Donoghue <bryan.odonoghue at linaro.org>:
>> v5:
>> - Drop dcache disable across HAB call.
>>    We can't replicate this error on the current codebase and the available
>>    images. We'll have to wait for the error to crop up again before pushing
>>    that patch any further.
>>
>> v4:
>> - No change mixed extra patches @ v3 unnoticed with previous
>>    git-send
>>
>> v3:
>> - Only call into ROM if headers are verified. - Bryan
>>
>> - Print HAB event log if and only if a call was made to HAB
>>    and a meaningful status code has been obtained. - Breno
>>
>> v2:
>> - Fix compilation warnings and errors in SPL highlighted by
>>    Breno Matheus Lima
>>
>> - Add CC: Breno Matheus Lima <brenomatheus at gmail.com> to all patches
>>
>> v1:
>> This patchset updates the i.MX HAB layer in u-boot to fix a list of
>> identified issues and then to add and extend existing functionality.
>>
>> The first block of patches 0001-0006 deal with fixing existing code,
>>
>> - Fixes indentation
>> - Fixes the treatment of input parameters to hab_auth_image.
>>
>> The second block of patches 0007-0013 are about tidying up the HAB code
>>
>> - Remove reliance on hard-coding to specific offsets
>> - IVT header drives locating CSF
>> - Continue to support existing boards
>>
>> Patches 0014 onwards extend out the HAB functionality.
>>
>> - hab_rvt_check_target is a recommended check in the NXP documents to
>>    perform prior to hab_rvt_authenticate_image
>> - hab_rvt_failsafe is a useful function to set the board into BootROM
>>    USB recovery mode.
>>
>>
>> Bryan O'Donoghue (24):
>>    arm: imx: hab: Make authenticate_image return int
>>    arm: imx: hab: Fix authenticate_image result code
>>    arm: imx: hab: Optimise flow of authenticate_image on is_enabled fail
>>    arm: imx: hab: Optimise flow of authenticate_image on hab_entry fail
>>    arm: imx: hab: Move IVT_SIZE to hab.h
>>    arm: imx: hab: Move CSF_PAD_SIZE to hab.h
>>    arm: imx: hab: Fix authenticate_image input parameters
>>    arm: imx: hab: Add IVT header definitions
>>    arm: imx: hab: Add IVT header verification
>>    arm: imx: hab: Verify IVT self matches calculated address
>>    arm: imx: hab: Only call ROM once headers are verified
>>    arm: imx: hab: Print CSF based on IVT descriptor
>>    arm: imx: hab: Print additional IVT elements during debug
>>    arm: imx: hab: Define rvt_check_target()
>>    arm: imx: hab: Implement hab_rvt_check_target
>>    arm: imx: hab: Add a hab_rvt_check_target to image auth
>>    arm: imx: hab: Print HAB event log only after calling ROM
>>    arm: imx: hab: Make internal functions and data static
>>    arm: imx: hab: Prefix authenticate_image with imx_hab
>>    arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabled
>>    arm: imx: hab: Make imx_hab_is_enabled global
>>    arm: imx: hab: Define rvt_failsafe()
>>    arm: imx: hab: Implement hab_rvt_failsafe
>>    arm: imx: hab: Add hab_failsafe console command
> 
> For the entire series:
> 
> Tested-by: Breno Lima <breno.lima at nxp.com>
> 
> Thanks,
> Breno Lima
> 

Cool.

Thank you very much for your testing/review and associated time.

---
bod

More information about the U-Boot mailing list