[PATCH v3 1/4] ARM: stm32: Fix ECDSA authentication with Dcache enabled

Marek Vasut marex at denx.de
Wed Dec 7 20:24:23 CET 2022


In case Dcache is enabled while the ECDSA authentication function is
called via BootROM ROM API, the MMU tables are set up and the BootROM
region is not marked as executable, so an attempt to run code from it
results in a hang. Mark the BootROM region as executable as suggested
by Patrick to prevent the hang.

Signed-off-by: Marek Vasut <marex at denx.de>
---
Cc: Alexandru Gagniuc <mr.nuke.me at gmail.com>
Cc: Patrice Chotard <patrice.chotard at foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay at foss.st.com>
---
V2: - Initialize reenable_dcache variable
V3: - Mark BootROM as executable instead
---
 arch/arm/mach-stm32mp/ecdsa_romapi.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm/mach-stm32mp/ecdsa_romapi.c b/arch/arm/mach-stm32mp/ecdsa_romapi.c
index a2f63ff879f..6156526253c 100644
--- a/arch/arm/mach-stm32mp/ecdsa_romapi.c
+++ b/arch/arm/mach-stm32mp/ecdsa_romapi.c
@@ -81,6 +81,10 @@ static int romapi_ecdsa_verify(struct udevice *dev,
 	memcpy(raw_key + 32, pubkey->y, 32);
 
 	stm32mp_rom_get_ecdsa_functions(&rom);
+
+	/* Mark BootROM region as executable. */
+	mmu_set_region_dcache_behaviour(0, SZ_2M, DCACHE_DEFAULT_OPTION);
+
 	rom_ret = rom.ecdsa_verify_signature(hash, raw_key, signature, algo);
 
 	return rom_ret == ROM_API_SUCCESS ? 0 : -EPERM;
-- 
2.35.1



More information about the U-Boot mailing list