Nit: subject: imx8: Add ahab_commit command
On Mon, Jul 14, 2025 at 10:07:29PM +0000, John Ripple wrote:
>The ahab_commit command allows the user to commit into the SECO fuses
>that control the SRK key revocation information. This is used to Revoke
>compromised SRK keys.
>
>To use ahab_commit, the boot container must be built with an SRK
>revocation bit mask that is not 0x0. For the SPSDK provided by NXP, this
>means setting the 'srk_revoke_mask' option in the config file used to
>sign the boot container. The 'ahab_commit 0x10' can then be used to commit
>the SRK revocation information into the SECO fuses.
>
>Signed-off-by: John Ripple <john.rip...@keysight.com>
>---
>
> arch/arm/mach-imx/imx8/ahab.c | 27 +++++++++++++++++++++++++++
> drivers/misc/imx8/scu_api.c | 29 +++++++++++++++++++++++++++++
> include/firmware/imx/sci/sci.h | 6 ++++++
> 3 files changed, 62 insertions(+)
>
>diff --git a/arch/arm/mach-imx/imx8/ahab.c b/arch/arm/mach-imx/imx8/ahab.c
>index 324e010bb2c..f9a425c899c 100644
>--- a/arch/arm/mach-imx/imx8/ahab.c
>+++ b/arch/arm/mach-imx/imx8/ahab.c
>@@ -401,6 +401,27 @@ static int do_ahab_close(struct cmd_tbl *cmdtp, int flag,
>int argc,
> return 0;
> }
>
>+static int do_ahab_commit(struct cmd_tbl *cmdtp, int flag, int argc,
>+ char *const argv[])
>+{
>+ u32 info;
>+
>+ if (argc < 2)
>+ return CMD_RET_USAGE;
>+
>+ info = simple_strtoul(argv[1], NULL, 16);
>+ printf("Commit index is 0x%x\n", info);
>+
>+ if (sc_seco_commit(-1, &info)) {
>+ printf("Error in AHAB commit\n");
>+ return -EIO;
>+ }
>+
>+ printf("AHAB commit succeeded.\n");
>+
>+ return CMD_RET_SUCCESS;
>+}
>+
> U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
> "autenticate OS container via AHAB",
> "addr\n"
>@@ -416,3 +437,9 @@ U_BOOT_CMD(ahab_close, CONFIG_SYS_MAXARGS, 1,
>do_ahab_close,
> "Change AHAB lifecycle to OEM closed",
> ""
> );
>+
>+U_BOOT_CMD(ahab_commit, CONFIG_SYS_MAXARGS, 1, do_ahab_commit,
>+ "commit into the fuses any new SRK revocation information that have
>been found\n"
>+ "into the NXP (SECO FW) and OEM containers. For SRK revocation use
>0x10 for the value.",
>+ ""
>+);
>diff --git a/drivers/misc/imx8/scu_api.c b/drivers/misc/imx8/scu_api.c
>index a40c8badf9a..ba93ff9bd74 100644
>--- a/drivers/misc/imx8/scu_api.c
>+++ b/drivers/misc/imx8/scu_api.c
>@@ -1287,3 +1287,32 @@ int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8
>access, u32 *data)
>
> return ret;
> }
>+
>+int sc_seco_commit(sc_ipc_t ipc, u32 *info)
>+{
>+ struct udevice *dev = gd->arch.scu_dev;
>+ struct sc_rpc_msg_s msg;
>+ int size = sizeof(struct sc_rpc_msg_s);
>+ int ret;
>+
>+ /* Fill in header */
>+ RPC_VER(&msg) = SC_RPC_VERSION;
>+ RPC_SIZE(&msg) = 2U;
>+ RPC_SVC(&msg) = (u8)SC_RPC_SVC_SECO;
>+ RPC_FUNC(&msg) = (u8)SECO_FUNC_COMMIT;
>+
>+ /* Fill in send message */
>+ RPC_U32(&msg, 0U) = info;
This should be '*info';
>+
>+ /* Call RPC */
>+ ret = misc_call(dev, SC_FALSE, &msg, size, &msg, size);
>+
>+ /* Copy out result */
>+ ret = (int)RPC_R8(&msg);
>+
>+ /* Copy out receive message */
>+ *info = RPC_U32(&msg, 0U);
if (!ret)
*info = RPC_U32(&msg, 0U);
>+
>+ /* Return result */
>+ return ret;
>+}
Regards,
Peng
