[PATCH] Add ahab_commit command for imx8

Peng Fan peng.fan at oss.nxp.com
Tue Jul 15 05:47:58 CEST 2025 

Nit: subject: imx8: Add ahab_commit command

On Mon, Jul 14, 2025 at 10:07:29PM +0000, John Ripple wrote:
>The ahab_commit command allows the user to commit into the SECO fuses
>that control the SRK key revocation information. This is used to Revoke
>compromised SRK keys.
>
>To use ahab_commit, the boot container must be built with an SRK
>revocation bit mask that is not 0x0. For the SPSDK provided by NXP, this
>means setting the 'srk_revoke_mask' option in the config file used to
>sign the boot container. The 'ahab_commit 0x10' can then be used to commit
>the SRK revocation information into the SECO fuses.
>
>Signed-off-by: John Ripple <john.ripple at keysight.com>
>---
>
> arch/arm/mach-imx/imx8/ahab.c  | 27 +++++++++++++++++++++++++++
> drivers/misc/imx8/scu_api.c    | 29 +++++++++++++++++++++++++++++
> include/firmware/imx/sci/sci.h |  6 ++++++
> 3 files changed, 62 insertions(+)
>
>diff --git a/arch/arm/mach-imx/imx8/ahab.c b/arch/arm/mach-imx/imx8/ahab.c
>index 324e010bb2c..f9a425c899c 100644
>--- a/arch/arm/mach-imx/imx8/ahab.c
>+++ b/arch/arm/mach-imx/imx8/ahab.c
>@@ -401,6 +401,27 @@ static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc,
> 	return 0;
> }
> 
>+static int do_ahab_commit(struct cmd_tbl *cmdtp, int flag, int argc,
>+			  char *const argv[])
>+{
>+	u32 info;
>+
>+	if (argc < 2)
>+		return CMD_RET_USAGE;
>+
>+	info = simple_strtoul(argv[1], NULL, 16);
>+	printf("Commit index is 0x%x\n", info);
>+
>+	if (sc_seco_commit(-1, &info)) {
>+		printf("Error in AHAB commit\n");
>+		return -EIO;
>+	}
>+
>+	printf("AHAB commit succeeded.\n");
>+
>+	return CMD_RET_SUCCESS;
>+}
>+
> U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
> 	   "autenticate OS container via AHAB",
> 	   "addr\n"
>@@ -416,3 +437,9 @@ U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close,
> 	   "Change AHAB lifecycle to OEM closed",
> 	   ""
> );
>+
>+U_BOOT_CMD(ahab_commit, CONFIG_SYS_MAXARGS, 1, do_ahab_commit,
>+	   "commit into the fuses any new SRK revocation information that have been found\n"
>+	   "into the NXP (SECO FW) and OEM containers. For SRK revocation use 0x10 for the value.",
>+	   ""
>+);
>diff --git a/drivers/misc/imx8/scu_api.c b/drivers/misc/imx8/scu_api.c
>index a40c8badf9a..ba93ff9bd74 100644
>--- a/drivers/misc/imx8/scu_api.c
>+++ b/drivers/misc/imx8/scu_api.c
>@@ -1287,3 +1287,32 @@ int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data)
> 
> 	return ret;
> }
>+
>+int sc_seco_commit(sc_ipc_t ipc, u32 *info)
>+{
>+	struct udevice *dev = gd->arch.scu_dev;
>+	struct sc_rpc_msg_s msg;
>+	int size = sizeof(struct sc_rpc_msg_s);
>+	int ret;
>+
>+	/* Fill in header */
>+	RPC_VER(&msg) = SC_RPC_VERSION;
>+	RPC_SIZE(&msg) = 2U;
>+	RPC_SVC(&msg) = (u8)SC_RPC_SVC_SECO;
>+	RPC_FUNC(&msg) = (u8)SECO_FUNC_COMMIT;
>+
>+	/* Fill in send message */
>+	RPC_U32(&msg, 0U) = info;

This should be '*info';

>+
>+	/* Call RPC */
>+	ret = misc_call(dev, SC_FALSE, &msg, size, &msg, size);
>+
>+	/* Copy out result */
>+	ret = (int)RPC_R8(&msg);
>+
>+	/* Copy out receive message */
>+	*info = RPC_U32(&msg, 0U);

	if (!ret)
		*info = RPC_U32(&msg, 0U);

>+
>+	/* Return result */
>+	return ret;
>+}

Regards,
Peng

More information about the U-Boot mailing list