aboutsummaryrefslogtreecommitdiff
path: root/tools/default_image.c
diff options
context:
space:
mode:
authorBreno Matheus Lima2019-09-23 18:39:47 +0000
committerStefano Babic2019-10-08 16:36:36 +0200
commit5b20d141f209a62596f38ee42b0622280636a7ae (patch)
treebf886025165c0299c299f21705d1bd4d9e318631 /tools/default_image.c
parent2845f86d951b1ffa3916e2ed7a6b5eed8d8d735a (diff)
imx: Kconfig: Reduce default CONFIG_CSF_SIZE
The default CSF_SIZE defined in Kconfig is too high and SPL cannot fit into the OCRAM in certain cases. The CSF cannot achieve 0x2000 length when using RSA 4K key which is the largest key size supported by HABv4. According to AN12056 "Encrypted Boot on HABv4 and CAAM Enabled Devices" it's recommended to pad CSF binary to 0x2000 and append DEK blob to deploy encrypted boot images. As the maximum DEK blob size is 0x58 we can reduce CSF_SIZE to 0x2060 which should cover both CSF and DEK blob length. Update default_image.c and image.c to align with this change and avoid a U-Boot proper authentication failure in HAB closed devices: Authenticate image from DDR location 0x877fffc0... bad magic magic=0x32 length=0x6131 version=0x38 bad length magic=0x32 length=0x6131 version=0x38 bad version magic=0x32 length=0x6131 version=0x38 spl: ERROR: image authentication fail Fixes: 96d27fb218 (Revert "habv4: tools: Avoid hardcoded CSF size for SPL targets") Reported-by: Jagan Teki <jagan@amarulasolutions.com> Signed-off-by: Breno Lima <breno.lima@nxp.com>
Diffstat (limited to 'tools/default_image.c')
-rw-r--r--tools/default_image.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/tools/default_image.c b/tools/default_image.c
index 4b7d1ed4a1a..f7990e28c06 100644
--- a/tools/default_image.c
+++ b/tools/default_image.c
@@ -19,6 +19,7 @@
#include <image.h>
#include <tee/optee.h>
#include <u-boot/crc.h>
+#include <imximage.h>
static image_header_t header;
@@ -106,7 +107,9 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd,
if (params->type == IH_TYPE_FIRMWARE_IVT)
/* Add size of CSF minus IVT */
- imagesize = sbuf->st_size - sizeof(image_header_t) + 0x1FE0;
+ imagesize = sbuf->st_size - sizeof(image_header_t)
+ + 0x2060 - sizeof(flash_header_v2_t);
+
else
imagesize = sbuf->st_size - sizeof(image_header_t);