The current code works by sheer coincidence, because (see HABv4 API
documentation, section 3.4) the RVT authenticate_image call updates
the size that is passed in with the actual size ROM code pulls from
IVT/CSF . So if the input size is larger, that is "fine" . Pass in
size instead to make this really correct.

Signed-off-by: Marek Vasut <ma...@denx.de>
---
NOTE: Rasmus, can you please double-check this one ? Thanks
---
Cc: "NXP i.MX U-Boot Team" <uboot-...@nxp.com>
Cc: Fabio Estevam <feste...@denx.de>
Cc: Peng Fan <peng....@nxp.com>
Cc: Rasmus Villemoes <rasmus.villem...@prevas.dk>
Cc: Stefano Babic <sba...@denx.de>
Cc: Tim Harvey <thar...@gateworks.com>
---
 arch/arm/mach-imx/spl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c
index 6c13b00ef10..b30cd962553 100644
--- a/arch/arm/mach-imx/spl.c
+++ b/arch/arm/mach-imx/spl.c
@@ -353,7 +353,7 @@ void *spl_load_simple_fit_fix_load(const void *fit)
        debug("%s: ivt: %p offset: %lx size: %lx\n", __func__, ivt, offset, 
size);
        debug("%s: ivt self: %x\n", __func__, ivt->self);
 
-       if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)ivt, offset))
+       if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)size, offset))
                panic("spl: ERROR: image authentication unsuccessful\n");
 
        return (void *)fit;
-- 
2.40.1

Reply via email to