diff options
| author | Evert Pap <evert.pap@sintecs.nl> | 2016-09-16 13:16:50 (GMT) |
|---|---|---|
| committer | vojo <joris.van.vossen@sintecs.nl> | 2017-08-23 08:07:14 (GMT) |
| commit | 91259b783fb00422df6157b85317bf5035c72ed4 (patch) | |
| tree | 2922ed570d93d45741573e20ef62053e0cc8adea /board/scalys/common/cmd_esbc_validate.c | |
| parent | 82a006ca2df310164bb48c36a793d1b733cf4af8 (diff) | |
| download | u-boot-fsl-qoriq-91259b783fb00422df6157b85317bf5035c72ed4.tar.xz | |
merge with master
Diffstat (limited to 'board/scalys/common/cmd_esbc_validate.c')
| -rw-r--r-- | board/scalys/common/cmd_esbc_validate.c | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/board/scalys/common/cmd_esbc_validate.c b/board/scalys/common/cmd_esbc_validate.c new file mode 100644 index 0000000..cefe3cc --- /dev/null +++ b/board/scalys/common/cmd_esbc_validate.c @@ -0,0 +1,84 @@ +/* + * Copyright 2015 Freescale Semiconductor, Inc. + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include <common.h> +#include <command.h> +#include <fsl_validate.h> + +int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + if (fsl_check_boot_mode_secure() == 0) { + printf("Boot Mode is Non-Secure. Not entering spin loop.\n"); + return 0; + } + + printf("Core is entering spin loop.\n"); +loop: + goto loop; + + return 0; +} + +static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + char *hash_str = NULL; + uintptr_t haddr; + int ret; + uintptr_t img_addr = 0; + char buf[20]; + + if (argc < 2) + return cmd_usage(cmdtp); + else if (argc > 2) + /* Second arg - Optional - Hash Str*/ + hash_str = argv[2]; + + /* First argument - header address -32/64bit */ + haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); + + /* With esbc_validate command, Image address must be + * part of header. So, the function is called + * by passing this argument as 0. + */ + ret = fsl_secboot_validate(haddr, hash_str, &img_addr); + + /* Need to set "img_addr" even if validation failure. + * Required when SB_EN in RCW set and non-fatal error + * to continue U-Boot + */ + sprintf(buf, "%lx", img_addr); + setenv("img_addr", buf); + + if (ret) + return 1; + + printf("esbc_validate command successful\n"); + return 0; +} + +/***************************************************/ +static char esbc_validate_help_text[] = + "esbc_validate hdr_addr <hash_val> - Validates signature using\n" + " RSA verification\n" + " $hdr_addr Address of header of the image\n" + " to be validated.\n" + " $hash_val -Optional\n" + " It provides Hash of public/srk key to be\n" + " used to verify signature.\n"; + +U_BOOT_CMD( + esbc_validate, 3, 0, do_esbc_validate, + "Validates signature on a given image using RSA verification", + esbc_validate_help_text +); + +U_BOOT_CMD( + esbc_halt, 1, 0, do_esbc_halt, + "Put the core in spin loop (Secure Boot Only)", + "" +); |