1 files changed, 20 insertions, 10 deletions

diff --git a/arch/arm/mach-tegra/tegra20/bct.c b/arch/arm/mach-tegra/tegra20/bct.c
index 5eb4899..b2c44f3 100644
--- a/arch/arm/mach-tegra/tegra20/bct.c
+++ b/arch/arm/mach-tegra/tegra20/bct.c
@@ -11,6 +11,9 @@
 #include "bct.h"
 #include "uboot_aes.h"
 
+/* Device with "sbk burned: false" will expose zero key */
+const u8 nosbk[AES128_KEY_LENGTH] = { 0 };
+
 /*
  * @param  bct		boot config table start in RAM
  * @param  ect		bootloader start in RAM
@@ -23,22 +26,27 @@ static int bct_patch(u8 *bct, u8 *ebt, u32 ebt_size)
 	u8 ebt_hash[AES128_KEY_LENGTH] = { 0 };
 	u8 sbk[AES128_KEY_LENGTH] = { 0 };
 	u8 *bct_hash = bct;
+	bool encrypted;
 	int ret;
 
 	bct += BCT_HASH;
 
+	ebt_size = roundup(ebt_size, EBT_ALIGNMENT);
+
 	memcpy(sbk, (u8 *)(bct + BCT_LENGTH),
 	       NVBOOT_CMAC_AES_HASH_LENGTH * 4);
 
-	ret = decrypt_data_block(bct, BCT_LENGTH, sbk);
-	if (ret)
-		return 1;
+	encrypted = memcmp(&sbk, &nosbk, AES128_KEY_LENGTH);
 
-	ebt_size = roundup(ebt_size, EBT_ALIGNMENT);
+	if (encrypted) {
+		ret = decrypt_data_block(bct, BCT_LENGTH, sbk);
+		if (ret)
+			return 1;
 
-	ret = encrypt_data_block(ebt, ebt_size, sbk);
-	if (ret)
-		return 1;
+		ret = encrypt_data_block(ebt, ebt_size, sbk);
+		if (ret)
+			return 1;
+	}
 
 	ret = sign_enc_data_block(ebt, ebt_size, ebt_hash, sbk);
 	if (ret)
@@ -52,9 +60,11 @@ static int bct_patch(u8 *bct, u8 *ebt, u32 ebt_size)
 	bct_tbl->bootloader[0].load_addr = CONFIG_SPL_TEXT_BASE;
 	bct_tbl->bootloader[0].length = ebt_size;
 
-	ret = encrypt_data_block(bct, BCT_LENGTH, sbk);
-	if (ret)
-		return 1;
+	if (encrypted) {
+		ret = encrypt_data_block(bct, BCT_LENGTH, sbk);
+		if (ret)
+			return 1;
+	}
 
 	ret = sign_enc_data_block(bct, BCT_LENGTH, bct_hash, sbk);
 	if (ret)