[U-Boot] [PATCH 3/4] imx6: spl: Reduce SPL limit size in case CONFIG_SECURE_BOOT is enabled

Breno Matheus Lima breno.lima at nxp.com
Thu Jul 18 12:34:23 UTC 2019


In case CONFIG_SECURE_BOOT is enabled we need to limit the SPL size to
avoid a possible HAB failure event:

--------- HAB Event 1 -----------------
event data:
        0xdb 0x00 0x14 0x42 0x33 0x22 0x33 0x00
        0x00 0x00 0x00 0x0f 0x00 0x90 0x70 0x00
        0x00 0x01 0x10 0x00
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ADDRESS (0x22)
CTX = HAB_CTX_TARGET (0x33)
ENG = HAB_ENG_ANY (0x00)

As explained in Commit 23612534fe0f ("spl: imx6: Provide a SPL_SIZE_LIMIT
default") the i.MX6 SPL size limit is 68KB.

The ROM code is copying the image size defined in boot data to its
respective load address, in case we exceed the OCRAM free region a
HAB invalid address failure event is generated.

The maximum CSF size is defined in CONFIG_CSF_SIZE, reduce SPL size
limit based on this configuration.

Signed-off-by: Breno Lima <breno.lima at nxp.com>
---
 tools/spl_size_limit.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tools/spl_size_limit.c b/tools/spl_size_limit.c
index 98ff491867..8902e30129 100644
--- a/tools/spl_size_limit.c
+++ b/tools/spl_size_limit.c
@@ -14,6 +14,9 @@ int main(int argc, char *argv[])
 
 #ifdef CONFIG_SPL_SIZE_LIMIT
 	spl_size_limit = CONFIG_SPL_SIZE_LIMIT;
+#if defined(CONFIG_SECURE_BOOT) && defined(CONFIG_CSF_SIZE)
+	spl_size_limit -= CONFIG_CSF_SIZE;
+#endif
 #ifdef CONFIG_SPL_SIZE_LIMIT_SUBTRACT_GD
 	spl_size_limit -= GENERATED_GBL_DATA_SIZE;
 #endif
-- 
2.17.1



More information about the U-Boot mailing list