ARM: imx: hab: panic on authentication failure

Instead of hang()ing the system and thus disallowing any automated
recovery possibility from a HAB authentication failure, panic() .
The panic() function can be configured to hang() the system after
printing an error message, however the default is to reset the
system instead.

This allows redundant boot to work correctly. In case the primary
or secondary image cannot be authenticated, the system reboots and
bootrom can try to start the other one.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: NXP i.MX U-Boot Team <uboot-imx@nxp.com>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Reviewed-by: Fabio Estevam <festevam@gmail.com>

diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c
index 1a231c67f5accb032a6a691d9b2ad2c07229f33d..76a5f7aca6136e54aa835cae165c68657ce58a2e 100644 (file)
--- a/arch/arm/mach-imx/spl.c
+++ b/arch/arm/mach-imx/spl.c
@@ -293,8 +293,7 @@ __weak void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image)
                                                CSF_PAD_SIZE, offset)) {
                        image_entry();
                } else {
-                       puts("spl: ERROR:  image authentication fail\n");
-                       hang();
+                       panic("spl: ERROR:  image authentication fail\n");
                }
        }
 }
@@ -320,8 +319,7 @@ void board_spl_fit_post_load(ulong load_addr, size_t length)
        if (imx_hab_authenticate_image(load_addr,
                                       offset + IVT_SIZE + CSF_PAD_SIZE,
                                       offset)) {
-               puts("spl: ERROR:  image authentication unsuccessful\n");
-               hang();
+               panic("spl: ERROR:  image authentication unsuccessful\n");
        }
 }
 #endif