From c4666cf6954a28ade5a8550505d5bc25dc7f92d7 Mon Sep 17 00:00:00 2001
From: Saksham Jain <saksham.jain@nxp.com>
Date: Wed, 23 Mar 2016 16:24:44 +0530
Subject: [PATCH] SECURE BOOT: Halt execution when secure boot fail

In case of fatal failure during secure boot execution (e.g. header
not found), reset is asserted to stop execution. If the RESET_REQ
is not tied to HRESET, this allows the execution to continue.

Add esbh_halt() after the reset to make sure execution stops.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
---
 board/freescale/common/cmd_esbc_validate.c | 2 +-
 board/freescale/common/fsl_validate.c      | 5 +++++
 include/fsl_validate.h                     | 3 +++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c
index dfa3e2100e..375bc24968 100644
--- a/board/freescale/common/cmd_esbc_validate.c
+++ b/board/freescale/common/cmd_esbc_validate.c
@@ -8,7 +8,7 @@
 #include <command.h>
 #include <fsl_validate.h>
 
-static int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
 				char * const argv[])
 {
 	if (fsl_check_boot_mode_secure() == 0) {
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index c12b9c927e..95059c771f 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -325,6 +325,8 @@ static void fsl_secboot_header_verification_failure(void)
 
 	printf("Generating reset request\n");
 	do_reset(NULL, 0, 0, NULL);
+	/* If reset doesn't coocur, halt execution */
+	do_esbc_halt(NULL, 0, 0, NULL);
 }
 
 /*
@@ -355,6 +357,9 @@ static void fsl_secboot_image_verification_failure(void)
 
 			printf("Generating reset request\n");
 			do_reset(NULL, 0, 0, NULL);
+			/* If reset doesn't coocur, halt execution */
+			do_esbc_halt(NULL, 0, 0, NULL);
+
 		} else {
 			change_sec_mon_state(HPSR_SSM_ST_TRUST,
 					     HPSR_SSM_ST_NON_SECURE);
diff --git a/include/fsl_validate.h b/include/fsl_validate.h
index f812c1a1fd..ff6f6b7552 100644
--- a/include/fsl_validate.h
+++ b/include/fsl_validate.h
@@ -242,6 +242,9 @@ struct fsl_secboot_img_priv {
 	uint32_t img_size;	/* ESBC Image Size */
 };
 
+int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
+				char * const argv[]);
+
 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
 	uintptr_t img_loc);
 int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
-- 
2.39.5