The current code works by sheer coincidence, because (see HABv4 API documentation, section 3.4) the RVT authenticate_image call updates the size that is passed in with the actual size ROM code pulls from IVT/CSF . So if the input size is larger, that is "fine" . Pass in size instead to make this really correct.
Signed-off-by: Marek Vasut <ma...@denx.de> --- NOTE: Rasmus, can you please double-check this one ? Thanks --- Cc: "NXP i.MX U-Boot Team" <uboot-...@nxp.com> Cc: Fabio Estevam <feste...@denx.de> Cc: Peng Fan <peng....@nxp.com> Cc: Rasmus Villemoes <rasmus.villem...@prevas.dk> Cc: Stefano Babic <sba...@denx.de> Cc: Tim Harvey <thar...@gateworks.com> --- arch/arm/mach-imx/spl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 6c13b00ef10..b30cd962553 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -353,7 +353,7 @@ void *spl_load_simple_fit_fix_load(const void *fit) debug("%s: ivt: %p offset: %lx size: %lx\n", __func__, ivt, offset, size); debug("%s: ivt self: %x\n", __func__, ivt->self); - if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)ivt, offset)) + if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)size, offset)) panic("spl: ERROR: image authentication unsuccessful\n"); return (void *)fit; -- 2.40.1