From: York Sun <york.sun@nxp.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v5 13/14] SECURE BOOT: Halt execution when secure boot fail
Date: Tue, 29 Mar 2016 08:58:33 -0700 [thread overview]
Message-ID: <56FAA629.5030705@nxp.com> (raw)
In-Reply-To: <1458730485-447-14-git-send-email-saksham.jain@nxp.com>
On 03/22/2016 10:43 PM, Saksham Jain wrote:
> In case of fatal failure during secure boot execution (e.g. header not
> found), it is needed that the execution stops. Earlier, we assert reset
> request in case in case of failure. But if the RESET_REQ is not tied off
> to HRESET, this allows the execution to continue.
>
> This can either be taken care in bootscript (Execute esbc_halt command
> in case of image verification process) or it can be taken care in Uboot
> Code. In this commit, doing the latter via esbc_halt().
>
> Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
> Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
> ---
> Changes for v2:
> - No changes
> Changes for v3:
> - No changes
> Chnages for v4:
> - Cleaned up commit message
> Changes for v5:
> - Cleaned up commit message
>
> board/freescale/common/cmd_esbc_validate.c | 2 +-
> board/freescale/common/fsl_validate.c | 5 +++++
> include/fsl_validate.h | 3 +++
> 3 files changed, 9 insertions(+), 1 deletion(-)
>
Minor change to commit message.
Applied to u-boot-fsl-qoriq master. Awaiting upstream.
Thanks.
York
next prev parent reply other threads:[~2016-03-29 15:58 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-23 10:54 [U-Boot] [PATCH v5 00/14] Add Support for Secure Boot on LS2080 Saksham Jain
2016-03-23 10:54 ` [U-Boot] [PATCH v5 01/14] armv8: ls2080: Add SFP Configs for LS2080 Saksham Jain
2016-03-29 15:47 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 02/14] ls2080: Add configs for SEC, SecMon, SRK and DCFG Saksham Jain
2016-03-29 15:48 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 03/14] fsl: ls-ch3: Add new header for Secure Boot Saksham Jain
2016-03-29 15:49 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 04/14] ls2080: Add Secure Boot support Saksham Jain
2016-03-29 15:50 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 05/14] Add bootscript header addr for ls2080a secure boot Saksham Jain
2016-03-29 15:52 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 06/14] fsl: ls-ch3: Copy Bootscript and header from NOR to DDR Saksham Jain
2016-03-29 15:53 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 07/14] ls2080: Change env variable "fdt_high" Saksham Jain
2016-03-29 15:54 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 08/14] ls2080: Add config for endianess of CCSR GUR Saksham Jain
2016-03-29 15:55 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 09/14] armv8: fsl-lsch3: Disable SMMU during Secure Boot Saksham Jain
2016-03-29 15:55 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 10/14] crypto/fsl: Correct 64-bit Write when MMU disabled Saksham Jain
2016-03-29 15:56 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 11/14] crypto/fsl: Make CAAM transactions cacheable Saksham Jain
2016-03-29 15:57 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 12/14] SECURE_BOOT: Use default bootargs Saksham Jain
2016-03-29 15:57 ` York Sun
2016-03-23 10:54 ` [U-Boot] [PATCH v5 13/14] SECURE BOOT: Halt execution when secure boot fail Saksham Jain
2016-03-29 15:58 ` York Sun [this message]
2016-03-23 10:54 ` [U-Boot] [PATCH v5 14/14] SECURE BOOT: Change fsl_secboot_validate func to ret image addr Saksham Jain
2016-03-29 15:59 ` York Sun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56FAA629.5030705@nxp.com \
--to=york.sun@nxp.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox