From 78c58082a926b4e4c5dda4332bec1016e778f670 Mon Sep 17 00:00:00 2001 From: Vinitha V Pillai Date: Tue, 23 Apr 2019 05:52:17 +0000 Subject: armv8: Secure Boot: Modify boot_a_script definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit esbc_validate command will not be executed if “load” command for its header fails and will further execute the source command for bootscript, without its validation and boot process continues. To halt the boot process in case secure boot header is not loaded successfully, esbc_validate command is invoked separately after “load” command. The secure boot validation of the bootscript header will fail (if header is not loaded) and halts the boot process, which prevent source command from execution. Signed-off-by: Vinitha V Pillai Signed-off-by: Udit Agarwal Reviewed-by: Prabhakar Kushwaha --- include/configs/ls1021atwr.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/configs/ls1021atwr.h') diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h index 7fe7bab8e4..ec0aad5990 100644 --- a/include/configs/ls1021atwr.h +++ b/include/configs/ls1021atwr.h @@ -363,7 +363,8 @@ "${scriptaddr} ${prefix}${script}; " \ "env exists secureboot && load ${devtype} " \ "${devnum}:${distro_bootpart} " \ - "${scripthdraddr} ${prefix}${boot_script_hdr} " \ + "${scripthdraddr} ${prefix}${boot_script_hdr}; " \ + "env exists secureboot " \ "&& esbc_validate ${scripthdraddr};" \ "source ${scriptaddr}\0" \ "installer=load mmc 0:2 $load_addr " \ -- cgit