From: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Date: Sat, 18 Nov 2017 01:23:08 +0000 (-0600)
Subject: MLK-14945 HAB: Check if IVT valid before authenticating image
X-Git-Tag: rel_imx_4.9.88_2.0.0_ga~171
X-Git-Url: https://git.somdevices.com/?a=commitdiff_plain;h=0088d127;p=u-boot.git

MLK-14945 HAB: Check if IVT valid before authenticating image

For proper authentication users must check the IVT before authenticating the
kernel image. If the IVT DCD pointer is not 0, display an error as shown below
and return a boot failure.

	Authenticate image from DDR location 0x12000000...
	Error: DCD pointer must be 0

	Authenticate zImage Fail, Please check

Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
---

diff --git a/arch/arm/imx-common/hab.c b/arch/arm/imx-common/hab.c
index 0747e499b1..62c51c37f8 100644
--- a/arch/arm/imx-common/hab.c
+++ b/arch/arm/imx-common/hab.c
@@ -671,6 +671,18 @@ uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size)
 				}
 			}
 #endif
+
+			/* Report boot failure if DCD pointer is found in IVT */
+			unsigned char *dcd_ptr = (unsigned char *)(ddr_start + ivt_offset + 0xC);
+
+			do {
+				if (*dcd_ptr) {
+					puts("Error: DCD pointer must be 0\n");
+					return result;
+				}
+				dcd_ptr++;
+			} while (dcd_ptr < (unsigned char *)(ddr_start + ivt_offset + 0x10));
+
 			load_addr = (ulong)hab_rvt_authenticate_image(
 					HAB_CID_UBOOT,
 					ivt_offset, (void **)&start,