After we authenticate/decrypt an image we need to flush the caches
as they may still contain bits of the encrypted image. This will
cause failures if we attempt to jump to this image.

Reported-by: Yogesh Siraswar<yoge...@ti.com>
Signed-off-by: Andrew F. Davis <a...@ti.com>
---
 arch/arm/mach-omap2/sec-common.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/arm/mach-omap2/sec-common.c b/arch/arm/mach-omap2/sec-common.c
index c5a000ac3a..0fa8db05fe 100644
--- a/arch/arm/mach-omap2/sec-common.c
+++ b/arch/arm/mach-omap2/sec-common.c
@@ -120,6 +120,12 @@ int secure_boot_verify_image(void **image, size_t *size)
        result = secure_rom_call(
                API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
                4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
+
+       /* Perform cache writeback on output buffer */
+       flush_dcache_range(
+               (u32)*image,
+               (u32)*image + roundup(*size, ARCH_DMA_MINALIGN));
+
 auth_exit:
        if (result != 0) {
                printf("Authentication failed!\n");
-- 
2.11.0

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot

Reply via email to