The current code works by sheer coincidence, because (see HABv4 API documentation, section 3.4) the RVT authenticate_image call updates the size that is passed in with the actual size ROM code pulls from IVT/CSF . So if the input size is larger, that is "fine" . Pass in size instead to make this really correct.
Signed-off-by: Marek Vasut marex@denx.de --- NOTE: Rasmus, can you please double-check this one ? Thanks --- Cc: "NXP i.MX U-Boot Team" uboot-imx@nxp.com Cc: Fabio Estevam festevam@denx.de Cc: Peng Fan peng.fan@nxp.com Cc: Rasmus Villemoes rasmus.villemoes@prevas.dk Cc: Stefano Babic sbabic@denx.de Cc: Tim Harvey tharvey@gateworks.com --- arch/arm/mach-imx/spl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c index 6c13b00ef10..b30cd962553 100644 --- a/arch/arm/mach-imx/spl.c +++ b/arch/arm/mach-imx/spl.c @@ -353,7 +353,7 @@ void *spl_load_simple_fit_fix_load(const void *fit) debug("%s: ivt: %p offset: %lx size: %lx\n", __func__, ivt, offset, size); debug("%s: ivt self: %x\n", __func__, ivt->self);
- if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)ivt, offset)) + if (imx_hab_authenticate_image((uintptr_t)fit, (uintptr_t)size, offset)) panic("spl: ERROR: image authentication unsuccessful\n");
return (void *)fit;