[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[Aneesh Bansal]

The workaround for IFC errata A003399 was not enabled
in case of secure boot. So, secure boot from NOR was not
working.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
---
 include/configs/P1010RDB.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h
index c21cf07..b0e51fb 100644
--- a/include/configs/P1010RDB.h
+++ b/include/configs/P1010RDB.h
@@ -455,8 +455,7 @@ extern unsigned long get_sdram_size(void);
 #endif
 
 #ifdef CONFIG_SYS_FSL_ERRATUM_IFC_A003399
-#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)\
-	&& !defined(CONFIG_SECURE_BOOT)
+#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)
 #define CONFIG_A003399_NOR_WORKAROUND
 #endif
 #endif
-- 
1.8.1.4

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[Scott Wood]

On Mon, 2014-01-20 at 14:57 +0530, Aneesh Bansal wrote:
> The workaround for IFC errata A003399 was not enabled
> in case of secure boot. So, secure boot from NOR was not
> working.
> 
> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
> ---
>  include/configs/P1010RDB.h | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h
> index c21cf07..b0e51fb 100644
> --- a/include/configs/P1010RDB.h
> +++ b/include/configs/P1010RDB.h
> @@ -455,8 +455,7 @@ extern unsigned long get_sdram_size(void);
>  #endif
>  
>  #ifdef CONFIG_SYS_FSL_ERRATUM_IFC_A003399
> -#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)\
> -	&& !defined(CONFIG_SECURE_BOOT)
> +#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)
>  #define CONFIG_A003399_NOR_WORKAROUND
>  #endif
>  #endif

Why do you need the workaround?  Doesn't secure boot involve the bootrom
loading U-Boot into SRAM, rather than execute-in-place from NOR?

-Scott

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[aneesh.bansal at freescale.com]

>> The workaround for IFC errata A003399 was not enabled
>> in case of secure boot. So, secure boot from NOR was not
>> working.
>>
>> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
>> ---
>>  include/configs/P1010RDB.h | 3 +--
>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h
>> index c21cf07..b0e51fb 100644
>> --- a/include/configs/P1010RDB.h
>> +++ b/include/configs/P1010RDB.h
>> @@ -455,8 +455,7 @@ extern unsigned long get_sdram_size(void);
>>  #endif
>>
>>  #ifdef CONFIG_SYS_FSL_ERRATUM_IFC_A003399
>> -#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)\
>> -     && !defined(CONFIG_SECURE_BOOT)
>> +#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)
>>  #define CONFIG_A003399_NOR_WORKAROUND
>>  #endif
>>  #endif
>
>Why do you need the workaround?  Doesn't secure boot involve the bootrom
>loading U-Boot into SRAM, rather than execute-in-place from NOR?
>
>-Scott

The Boot ROM code does not copy the U-boot from NOR into SRAM. In case of secure boot from NOR, it is executed as an execute-in-place memory and so this workaround is required.

Regards,
Aneesh Bansal

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[Scott Wood]

On Sun, 2014-01-26 at 23:27 -0600, Bansal Aneesh-B39320 wrote:
> > -----Original Message-----
> > From: Wood Scott-B07421
> > Sent: Tuesday, January 21, 2014 3:36 AM
> > To: Bansal Aneesh-B39320
> > Cc: u-boot at lists.denx.de; Sun York-R58495
> > Subject: Re: [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround
> > for IFC errata A003399
> > 
> > On Mon, 2014-01-20 at 14:57 +0530, Aneesh Bansal wrote:
> > > The workaround for IFC errata A003399 was not enabled in case of
> > > secure boot. So, secure boot from NOR was not working.
> > >
> > > Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
> > > ---
> > >  include/configs/P1010RDB.h | 3 +--
> > >  1 file changed, 1 insertion(+), 2 deletions(-)
> > >
> > > diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h
> > > index c21cf07..b0e51fb 100644
> > > --- a/include/configs/P1010RDB.h
> > > +++ b/include/configs/P1010RDB.h
> > > @@ -455,8 +455,7 @@ extern unsigned long get_sdram_size(void);  #endif
> > >
> > >  #ifdef CONFIG_SYS_FSL_ERRATUM_IFC_A003399
> > > -#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)\
> > > -	&& !defined(CONFIG_SECURE_BOOT)
> > > +#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)
> > >  #define CONFIG_A003399_NOR_WORKAROUND  #endif  #endif
> > 
> > Why do you need the workaround?  Doesn't secure boot involve the bootrom
> > loading U-Boot into SRAM, rather than execute-in-place from NOR?
> > 
> > -Scott
> > 
> The Boot ROM code does not copy the U-boot from NOR into SRAM. In case of secure
> boot from NOR, it is executed as an execute-in-place memory and so this workaround
> is required.

That doesn't sound very secure.

-Scott

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[aneesh.bansal at freescale.com]

> -----Original Message-----
> From: Wood Scott-B07421
> Sent: Wednesday, January 29, 2014 2:38 AM
> To: Bansal Aneesh-B39320
> Cc: u-boot at lists.denx.de; Sun York-R58495
> Subject: Re: [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround
> for IFC errata A003399
> 
> On Sun, 2014-01-26 at 23:27 -0600, Bansal Aneesh-B39320 wrote:
> > > -----Original Message-----
> > > From: Wood Scott-B07421
> > > Sent: Tuesday, January 21, 2014 3:36 AM
> > > To: Bansal Aneesh-B39320
> > > Cc: u-boot at lists.denx.de; Sun York-R58495
> > > Subject: Re: [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable
> > > workaround for IFC errata A003399
> > >
> > > On Mon, 2014-01-20 at 14:57 +0530, Aneesh Bansal wrote:
> > > > The workaround for IFC errata A003399 was not enabled in case of
> > > > secure boot. So, secure boot from NOR was not working.
> > > >
> > > > Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
> > > > ---
> > > >  include/configs/P1010RDB.h | 3 +--
> > > >  1 file changed, 1 insertion(+), 2 deletions(-)
> > > >
> > > > diff --git a/include/configs/P1010RDB.h
> > > > b/include/configs/P1010RDB.h index c21cf07..b0e51fb 100644
> > > > --- a/include/configs/P1010RDB.h
> > > > +++ b/include/configs/P1010RDB.h
> > > > @@ -455,8 +455,7 @@ extern unsigned long get_sdram_size(void);
> > > > #endif
> > > >
> > > >  #ifdef CONFIG_SYS_FSL_ERRATUM_IFC_A003399
> > > > -#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)\
> > > > -	&& !defined(CONFIG_SECURE_BOOT)
> > > > +#if !defined(CONFIG_SPL) && !defined(CONFIG_SYS_RAMBOOT)
> > > >  #define CONFIG_A003399_NOR_WORKAROUND  #endif  #endif
> > >
> > > Why do you need the workaround?  Doesn't secure boot involve the
> > > bootrom loading U-Boot into SRAM, rather than execute-in-place from
> NOR?
> > >
> > > -Scott
> > >
> > The Boot ROM code does not copy the U-boot from NOR into SRAM. In case
> > of secure boot from NOR, it is executed as an execute-in-place memory
> > and so this workaround is required.
> 
> That doesn't sound very secure.
> 
> -Scott
> 
Can you please elaborate on the kind of security threats that you see with this approach.
If you are concerned about someone replacing the NOR flash at runtime, then we have the
Hardware Tamper detect mechanism to deal with that.
So, currently the bootROM code does not copy from NOR to SRAM.

[U-Boot] [PATCH 2/3] powerpc/p1010rdb: SECURE BOOT- enable workaround for IFC errata A003399

[York Sun]

On 01/20/2014 01:27 AM, Aneesh Bansal wrote:
> The workaround for IFC errata A003399 was not enabled
> in case of secure boot. So, secure boot from NOR was not
> working.
> 
> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
> ---

Applied to u-boot-mpc85xx/master, thanks.

York