SECURE BOOT: Halt execution when secure boot fail

author Saksham Jain <saksham.jain@nxp.com>

Wed, 23 Mar 2016 10:54:44 +0000 (16:24 +0530)

committer York Sun <york.sun@nxp.com>

Tue, 29 Mar 2016 15:46:23 +0000 (08:46 -0700)
author Saksham Jain <saksham.jain@nxp.com>
Wed, 23 Mar 2016 10:54:44 +0000 (16:24 +0530)
committer York Sun <york.sun@nxp.com>
Tue, 29 Mar 2016 15:46:23 +0000 (08:46 -0700)
diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c

index dfa3e2100edf06cb65cb1e3c4996ab207af4fcc5..375bc24968522f32fb5b94f42f634da4cbacec50 100644 (file)
--- a/board/freescale/common/cmd_esbc_validate.c
+++ b/board/freescale/common/cmd_esbc_validate.c
@@ -8,7 +8,7 @@
  #include <command.h>
  #include <fsl_validate.h>
  
-static int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
                                 char * const argv[])
  {
         if (fsl_check_boot_mode_secure() == 0) {
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c

index c12b9c927e46a02369c08dadeed6553cae3d717a..95059c771fc05af32aedef94a4f2391e50099ed9 100644 (file)
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -325,6 +325,8 @@ static void fsl_secboot_header_verification_failure(void)
  
         printf("Generating reset request\n");
         do_reset(NULL, 0, 0, NULL);
+       /* If reset doesn't coocur, halt execution */
+       do_esbc_halt(NULL, 0, 0, NULL);
  }
  
  /*
@@ -355,6 +357,9 @@ static void fsl_secboot_image_verification_failure(void)
  
                         printf("Generating reset request\n");
                         do_reset(NULL, 0, 0, NULL);
+                       /* If reset doesn't coocur, halt execution */
+                       do_esbc_halt(NULL, 0, 0, NULL);
+
                 } else {
                         change_sec_mon_state(HPSR_SSM_ST_TRUST,
                                              HPSR_SSM_ST_NON_SECURE);
diff --git a/include/fsl_validate.h b/include/fsl_validate.h

index f812c1a1fd03109a983f9e0c4345769a84e29372..ff6f6b75522a60a3bf46b7b1da8943117c8017bd 100644 (file)
--- a/include/fsl_validate.h
+++ b/include/fsl_validate.h
@@ -242,6 +242,9 @@ struct fsl_secboot_img_priv {
         uint32_t img_size;      /* ESBC Image Size */
  };
  
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+                               char * const argv[]);
+
  int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
         uintptr_t img_loc);
  int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
author	Saksham Jain <saksham.jain@nxp.com>
	Wed, 23 Mar 2016 10:54:44 +0000 (16:24 +0530)
committer	York Sun <york.sun@nxp.com>
	Tue, 29 Mar 2016 15:46:23 +0000 (08:46 -0700)
board/freescale/common/cmd_esbc_validate.c		patch \| blob \| history
board/freescale/common/fsl_validate.c		patch \| blob \| history
include/fsl_validate.h		patch \| blob \| history