arm: mach-omap2: Flush cache after FIT post-processing image

After we authenticate/decrypt an image we need to flush the caches as they may still contain bits of the encrypted image. This will cause failures if we attempt to jump to this image. Reported-by: Yogesh Siraswar<yogeshs@ti.com> Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
author: Andrew F. Davis <afd@ti.com> 2017-02-22 17:46:39 -0600
committer: Tom Rini <trini@konsulko.com> 2017-02-27 12:14:59 -0500
commit: 4f65ee38131a180cc2d8bc2cfe76cca31a9d55a4 (patch)
tree: 392078ba9de55b44f12d3917a68d52a7d085a21b
parent: 7131d2d06ba8ea31eaad2a1bb2765b1fda00a8e3 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/arch/arm/mach-omap2/sec-common.c b/arch/arm/mach-omap2/sec-common.c
index c5a000ac3a..0fa8db05fe 100644
--- a/arch/arm/mach-omap2/sec-common.c
+++ b/arch/arm/mach-omap2/sec-common.c
@@ -120,6 +120,12 @@ int secure_boot_verify_image(void **image, size_t *size)
 	result = secure_rom_call(
 		API_HAL_KM_VERIFYCERTIFICATESIGNATURE_INDEX, 0, 0,
 		4, cert_addr, cert_size, sig_addr, 0xFFFFFFFF);
+
+	/* Perform cache writeback on output buffer */
+	flush_dcache_range(
+		(u32)*image,
+		(u32)*image + roundup(*size, ARCH_DMA_MINALIGN));
+
 auth_exit:
 	if (result != 0) {
 		printf("Authentication failed!\n");
author	Andrew F. Davis <afd@ti.com>	2017-02-22 17:46:39 -0600
committer	Tom Rini <trini@konsulko.com>	2017-02-27 12:14:59 -0500
commit	4f65ee38131a180cc2d8bc2cfe76cca31a9d55a4 (patch)
tree	392078ba9de55b44f12d3917a68d52a7d085a21b
parent	7131d2d06ba8ea31eaad2a1bb2765b1fda00a8e3 (diff)