]> git.dujemihanovic.xyz Git - u-boot.git/commit
arm: imx: add HAB authentication of image to SPL boot
authorSven Ebenfeld <sven.ebenfeld@gmail.com>
Sun, 6 Nov 2016 15:37:55 +0000 (16:37 +0100)
committerStefano Babic <sbabic@denx.de>
Mon, 2 Jan 2017 16:04:38 +0000 (17:04 +0100)
commit15b505b0553da2d8a99ae5c1d14968e87f5c6bef
treede3258a8a9b86e1d4cdb2e7d879bdf7d207d16dc
parent99f49fdd5dcdd1930e1f7b469ab6882c92a0ce4b
arm: imx: add HAB authentication of image to SPL boot

When using HAB as secure boot mechanism on Wandboard, the chain of
trust breaks immediately after the SPL. As this is not checking
the authenticity of the loaded image before jumping to it.

The HAB status output will not be implemented in SPL as it adds
a lot of strings that are only required in debug cases. With those
it exceeds the maximum size of the available OCRAM (69 KiB).

The SPL MISC driver support must be enabled, so that the driver can use OTP fuse
to check if HAB is enabled.

Cc: sbabic@denx.de
v2-Changes: None

Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
arch/arm/imx-common/hab.c
arch/arm/imx-common/spl.c
arch/arm/imx-common/spl_sd.cfg
arch/arm/include/asm/imx-common/hab.h
include/configs/mx6_common.h