Fork: 0
LuminaSensum / arm-trusted-firmware
Browse code
TBB: abort boot if BL3-2 cannot be authenticated
BL3-2 image (Secure Payload) is optional. If the image cannot be
loaded a warning message is printed and the boot process continues.
According to the TBBR document, this behaviour should not apply in
case of an authentication error, where the boot process should be
aborted.

This patch modifies the load_auth_image() function to distinguish
between a load error and an authentication error. The caller uses
the return value to abort the boot process or continue.

In case of authentication error, the memory region used to store
the image is wiped clean.

Change-Id: I534391d526d514b2a85981c3dda00de67e0e7992
WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4 v1.3_rc2 v1.3_rc1 v1.3-rc0 v1.3 v1.2-rc0 v1.2
1 parent aaa0567 commit fedbc0497bb0407fc1d55430eae1938712f1afe8
@Juan Castillo Juan Castillo authored on 17 Aug 2015
Patch
Unified Split
Showing 3 changed files
View
bl2/bl2_main.c
View
common/bl_common.c
View
include/common/bl_common.h