From: John Ripple Date: Tue, 9 Sep 2025 19:53:22 +0000 (-0600) Subject: imx8: Add ahab_commit command X-Git-Url: https://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b717a4090fb0fda4814bbc9d9a91396710294cfb;p=pandora-u-boot.git imx8: Add ahab_commit command The ahab_commit command allows the user to commit into the SECO fuses that control the SRK key revocation information. This is used to Revoke compromised SRK keys. To use ahab_commit, the boot container must be built with an SRK revocation bit mask that is not 0x0. For the SPSDK provided by NXP, this means setting the 'srk_revoke_mask' option in the config file used to sign the boot container. The 'ahab_commit 0x10' can then be used to commit the SRK revocation information into the SECO fuses. Signed-off-by: John Ripple --- diff --git a/arch/arm/mach-imx/imx8/ahab.c b/arch/arm/mach-imx/imx8/ahab.c index 324e010bb2c..f13baa871cc 100644 --- a/arch/arm/mach-imx/imx8/ahab.c +++ b/arch/arm/mach-imx/imx8/ahab.c @@ -401,6 +401,29 @@ static int do_ahab_close(struct cmd_tbl *cmdtp, int flag, int argc, return 0; } +static int do_ahab_commit(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + u32 info; + int ret; + + if (argc < 2) + return CMD_RET_USAGE; + + info = simple_strtoul(argv[1], NULL, 16); + printf("Commit index is 0x%x\n", info); + + ret = sc_seco_commit(-1, &info); + if (ret) { + printf("Error in AHAB commit\n"); + return ret; + } + + printf("AHAB commit succeeded.\n"); + + return CMD_RET_SUCCESS; +} + U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate, "autenticate OS container via AHAB", "addr\n" @@ -416,3 +439,9 @@ U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1, do_ahab_close, "Change AHAB lifecycle to OEM closed", "" ); + +U_BOOT_CMD(ahab_commit, CONFIG_SYS_MAXARGS, 1, do_ahab_commit, + "commit into the fuses any new SRK revocation information that have been found\n" + "into the NXP (SECO FW) and OEM containers. For SRK revocation use 0x10 for the value.", + "" +); diff --git a/drivers/misc/imx8/scu_api.c b/drivers/misc/imx8/scu_api.c index 8985ab6584d..d9cc7acb970 100644 --- a/drivers/misc/imx8/scu_api.c +++ b/drivers/misc/imx8/scu_api.c @@ -1286,3 +1286,34 @@ int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data) return ret; } + +int sc_seco_commit(sc_ipc_t ipc, u32 *info) +{ + struct udevice *dev = gd->arch.scu_dev; + struct sc_rpc_msg_s msg; + int size = sizeof(struct sc_rpc_msg_s); + int ret; + + /* Fill in header */ + RPC_VER(&msg) = SC_RPC_VERSION; + RPC_SIZE(&msg) = 2U; + RPC_SVC(&msg) = (u8)SC_RPC_SVC_SECO; + RPC_FUNC(&msg) = (u8)SECO_FUNC_COMMIT; + + /* Fill in send message */ + RPC_U32(&msg, 0U) = *info; + + /* Call RPC */ + ret = misc_call(dev, SC_FALSE, &msg, size, &msg, size); + if (ret) + return ret; + + /* Copy out result */ + ret = (int)RPC_R8(&msg); + + /* Copy out receive message */ + if (!ret) + *info = RPC_U32(&msg, 0U); + + return ret; +} diff --git a/include/firmware/imx/sci/sci.h b/include/firmware/imx/sci/sci.h index 588f3671103..876d52cac35 100644 --- a/include/firmware/imx/sci/sci.h +++ b/include/firmware/imx/sci/sci.h @@ -144,6 +144,7 @@ int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data); int sc_seco_secvio_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data0, u32 *data1, u32 *data2, u32 *data3, u32 *data4, u8 size); +int sc_seco_commit(sc_ipc_t ipc, u32 *info); #else /* PM API*/ static inline int sc_pm_set_resource_power_mode(sc_ipc_t ipc, sc_rsrc_t resource, @@ -383,6 +384,11 @@ static inline int sc_seco_secvio_config(sc_ipc_t ipc, u8 id, u8 access, u32 *dat return -EOPNOTSUPP; } +static inline int sc_seco_commit(sc_ipc_t ipc, u32 *info) +{ + return -EOPNOTSUPP; +} + static inline void sc_pm_reboot(sc_ipc_t ipc, sc_pm_reset_type_t type) { }