SECURE BOOT: Halt execution when secure boot fail
In case of fatal failure during secure boot execution (e.g. header
not found), reset is asserted to stop execution. If the RESET_REQ
is not tied to HRESET, this allows the execution to continue.
Add esbh_halt() after the reset to make sure execution stops.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c
index dfa3e21..375bc24 100644
--- a/board/freescale/common/cmd_esbc_validate.c
+++ b/board/freescale/common/cmd_esbc_validate.c
@@ -8,7 +8,7 @@
#include <command.h>
#include <fsl_validate.h>
-static int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
if (fsl_check_boot_mode_secure() == 0) {
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index c12b9c9..95059c7 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -325,6 +325,8 @@
printf("Generating reset request\n");
do_reset(NULL, 0, 0, NULL);
+ /* If reset doesn't coocur, halt execution */
+ do_esbc_halt(NULL, 0, 0, NULL);
}
/*
@@ -355,6 +357,9 @@
printf("Generating reset request\n");
do_reset(NULL, 0, 0, NULL);
+ /* If reset doesn't coocur, halt execution */
+ do_esbc_halt(NULL, 0, 0, NULL);
+
} else {
change_sec_mon_state(HPSR_SSM_ST_TRUST,
HPSR_SSM_ST_NON_SECURE);
diff --git a/include/fsl_validate.h b/include/fsl_validate.h
index f812c1a..ff6f6b7 100644
--- a/include/fsl_validate.h
+++ b/include/fsl_validate.h
@@ -242,6 +242,9 @@
uint32_t img_size; /* ESBC Image Size */
};
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[]);
+
int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
uintptr_t img_loc);
int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,