On 04/19/2017 05:16 AM, Sumit Garg wrote:
Signed-off-by: Sumit Garg <sumit.g...@nxp.com>
Signed-off-by: Udit Agarwal <udit.agar...@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pil...@nxp.com>
---
Changes in v2:
Changed order of patch 1 & 2. Also moved assignment of ppa_esbc_hdr to
CONFIG_SYS_LS_PPA_ESBC_ADDR in XIP space as it's not required in case of
SD/NAND.
arch/arm/cpu/armv8/fsl-layerscape/ppa.c | 72 ++++++++++++++++++++++++++++++++-
1 file changed, 70 insertions(+), 2 deletions(-)
<snip>
#ifdef CONFIG_CHAIN_OF_TRUST
ppa_img_addr = (uintptr_t)ppa_fit_addr;
if (fsl_check_boot_mode_secure() != 0) {
+ /*
+ * In case of failure in validation, fsl_secboot_validate
+ * would not return back in case of Production environment
+ * with ITS=1. In Development environment (ITS=0 and
+ * SB_EN=1), the function may return back in case of
+ * non-fatal failures.
+ */
ret = fsl_secboot_validate(ppa_esbc_hdr,
PPA_KEY_HASH,
&ppa_img_addr);
@@ -185,6 +249,10 @@ int ppa_init(void)
else
printf("PPA validation Successful\n");
}
+#if defined(CONFIG_SYS_LS_PPA_FW_IN_MMC) || \
+ defined(CONFIG_SYS_LS_PPA_FW_IN_NAND)
+ free(ppa_hdr_ddr);
+#endif
#endif
#ifdef CONFIG_FSL_LSCH3
Do we want to return from this function if any error happens with
CONFIG_CHAIN_OF_TRUST enabled?
York
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
