Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for multiple SEC_UNLOCK sections in BD file #76

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for multiple SEC_UNLOCK sections in BD file #76

wants to merge 1 commit into from

Conversation

IgorSukhov
Copy link

Summary
Enable the ability to unlock multiple features from different engines using the boot descriptor (BD) file with multiple SEC_UNLOCK sections

Background
Currently, there is no way to unlock features from different engines simultaneously using the BD file, as only the first SEC_UNLOCK section is processed.

Solution
To unlock several features from different engines, multiple SEC_UNLOCK sections can be used in the BD file:

'section (SEC_UNLOCK; 
    Unlock_Engine = "SNVS",
    Unlock_features = "ZMK WRITE")
{
}

section (SEC_UNLOCK; 
    Unlock_Engine = "OCOTP", 
    Unlock_features = "SRK REVOKE")
{
}

Tested with i.MXRT1061 processor.

@IgorSukhovCplt
Add support for multiple SEC_UNLOCK sections in BD file
15a2265 
Enable the ability to unlock multiple features from different engines using
the boot descriptor (BD) file with multiple SEC_UNLOCK sections
@BohdanMarek
Copy link
Contributor

Hi @IgorSukhov ,
Thank you for the proposal.
When implementing CSF commands processing we expected just one command of given type per BD file. This is a new requirement which is currently not supported.
Your solution solves the issue with multiple commands of same type. There is one downside and that is that the order of commands may not be kept. For example if user inserts one more command between two SEC_UNLOCK commands, the order of commands will be different to the BD file.

BohdanMarek
BohdanMarek reviewed Nov 26, 2024
View reviewed changes
spsdk/image/hab/commands/commands.py
@@ -507,35 +507,40 @@ def __init__(self, cmd: CmdUnlockAbstract) -> None:
super().__init__(cmd)

@classmethod
def load_from_config(cls, config: HabConfig, search_paths: Optional[list[str]] = None) -> Self:
def load_from_config(cls, config: HabConfig, search_paths: Optional[list[str]] = None) -> list[Self]:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In order to parse multiple commands of a same type and keep the order of processed commands, we could perhaps update the API of SecCommandBase(and all its child classes) to something like this:
load_from_config(cls, command_config: CommandConfig, hab_config: HabConfig, search_paths: Optional[list[str]] = None) -> Self

Once this is updated in HabContainer class, we will be able to load multiple commands of the same type keeping the order taken from configuration file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BohdanMarek BohdanMarek BohdanMarek left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@IgorSukhov @BohdanMarek @IgorSukhovCplt