[PATCH v4 1/4] ARM: stm32: Fix ECDSA authentication with Dcache enabled

Marek Vasut marex at denx.de
Thu Jan 12 18:58:39 CET 2023

In case Dcache is enabled while the ECDSA authentication function is
called via BootROM ROM API, the MMU tables are set up and the BootROM
region is not marked as executable, so an attempt to run code from it
results in a hang. Mark the BootROM region as executable as suggested
by Patrick to prevent the hang.

Reviewed-by: Patrice Chotard <patrice.chotard at foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay at foss.st.com>
Signed-off-by: Marek Vasut <marex at denx.de>
Cc: Alexandru Gagniuc <mr.nuke.me at gmail.com>
Cc: Patrice Chotard <patrice.chotard at foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay at foss.st.com>
V2: - Initialize reenable_dcache variable
V3: - Mark BootROM as executable instead
V4: - Add RB from Patrick
 arch/arm/mach-stm32mp/ecdsa_romapi.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm/mach-stm32mp/ecdsa_romapi.c b/arch/arm/mach-stm32mp/ecdsa_romapi.c
index a2f63ff879f..6156526253c 100644
--- a/arch/arm/mach-stm32mp/ecdsa_romapi.c
+++ b/arch/arm/mach-stm32mp/ecdsa_romapi.c
@@ -81,6 +81,10 @@ static int romapi_ecdsa_verify(struct udevice *dev,
 	memcpy(raw_key + 32, pubkey->y, 32);
+	/* Mark BootROM region as executable. */
+	mmu_set_region_dcache_behaviour(0, SZ_2M, DCACHE_DEFAULT_OPTION);
 	rom_ret = rom.ecdsa_verify_signature(hash, raw_key, signature, algo);
 	return rom_ret == ROM_API_SUCCESS ? 0 : -EPERM;

More information about the U-Boot mailing list