[PATCH 01/18] arch: mach-k3: security: fix the check for authentication

Andrew Davis afd at ti.com
Fri Jul 14 16:22:07 CEST 2023


On 7/14/23 12:52 AM, Manorit Chawdhry wrote:
> Fix regression occurred during refactoring for the mentioned commit.
> 
> Fixes: bd6a24759374 ("arm: mach-k3: security: separate out validating binary logic")
> 
> Signed-off-by: Manorit Chawdhry <m-chawdhry at ti.com>
> ---
>   arch/arm/mach-k3/security.c | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
> index 02a2c12dbd6f..6038c9665ecb 100644
> --- a/arch/arm/mach-k3/security.c
> +++ b/arch/arm/mach-k3/security.c
> @@ -91,8 +91,9 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size)
>   		return;
>   	}
>   
> -	if (get_device_type() != K3_DEVICE_TYPE_HS_SE &&
> -	    get_device_type() != K3_DEVICE_TYPE_HS_FS)
> +	if (get_device_type() == K3_DEVICE_TYPE_GP &&
> +	    (get_device_type() != K3_DEVICE_TYPE_HS_SE &&

Why check for both == GP and != HS-SE? Seems like this logic could still
be buggy. Could you explain here exactly what you are trying to do here.

Andrew

> +	     !ti_secure_cert_detected(*p_image)))
>   		return;
>   
>   	/* Clean out image so it can be seen by system firmware */
> 


More information about the U-Boot mailing list