diff options
| author | Sven Ebenfeld | 2016-11-06 16:37:55 +0100 |
|---|---|---|
| committer | Stefano Babic | 2017-01-02 17:04:38 +0100 |
| commit | 15b505b0553da2d8a99ae5c1d14968e87f5c6bef (patch) | |
| tree | de3258a8a9b86e1d4cdb2e7d879bdf7d207d16dc /arch/arm/include | |
| parent | 99f49fdd5dcdd1930e1f7b469ab6882c92a0ce4b (diff) | |
arm: imx: add HAB authentication of image to SPL boot
When using HAB as secure boot mechanism on Wandboard, the chain of
trust breaks immediately after the SPL. As this is not checking
the authenticity of the loaded image before jumping to it.
The HAB status output will not be implemented in SPL as it adds
a lot of strings that are only required in debug cases. With those
it exceeds the maximum size of the available OCRAM (69 KiB).
The SPL MISC driver support must be enabled, so that the driver can use OTP fuse
to check if HAB is enabled.
Cc: sbabic@denx.de
v2-Changes: None
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Diffstat (limited to 'arch/arm/include')
| -rw-r--r-- | arch/arm/include/asm/imx-common/hab.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/arm/include/asm/imx-common/hab.h b/arch/arm/include/asm/imx-common/hab.h index dab6789b101..e0ff459d53f 100644 --- a/arch/arm/include/asm/imx-common/hab.h +++ b/arch/arm/include/asm/imx-common/hab.h @@ -145,4 +145,6 @@ typedef void hapi_clock_init_t(void); /* ----------- end of HAB API updates ------------*/ +uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size); + #endif |