mirror of
https://github.com/brain-hackers/u-boot-brain
synced 2024-06-09 23:36:03 +09:00
imx8qm: mek: add secure boot script
Add secure boot script, use ahab to verify image Signed-off-by: Peng Fan <peng.fan@nxp.com>
This commit is contained in:
parent
7e2db74231
commit
b06ff8f50d
|
@ -54,8 +54,15 @@
|
||||||
|
|
||||||
#define CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
|
#define CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
|
||||||
|
|
||||||
|
#ifdef CONFIG_AHAB_BOOT
|
||||||
|
#define AHAB_ENV "sec_boot=yes\0"
|
||||||
|
#else
|
||||||
|
#define AHAB_ENV "sec_boot=no\0"
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Initial environment variables */
|
/* Initial environment variables */
|
||||||
#define CONFIG_EXTRA_ENV_SETTINGS \
|
#define CONFIG_EXTRA_ENV_SETTINGS \
|
||||||
|
AHAB_ENV \
|
||||||
"script=boot.scr\0" \
|
"script=boot.scr\0" \
|
||||||
"image=Image\0" \
|
"image=Image\0" \
|
||||||
"panel=NULL\0" \
|
"panel=NULL\0" \
|
||||||
|
@ -76,16 +83,27 @@
|
||||||
"source\0" \
|
"source\0" \
|
||||||
"loadimage=fatload mmc ${mmcdev}:${mmcpart} ${loadaddr} ${image}\0" \
|
"loadimage=fatload mmc ${mmcdev}:${mmcpart} ${loadaddr} ${image}\0" \
|
||||||
"loadfdt=fatload mmc ${mmcdev}:${mmcpart} ${fdt_addr} ${fdt_file}\0" \
|
"loadfdt=fatload mmc ${mmcdev}:${mmcpart} ${fdt_addr} ${fdt_file}\0" \
|
||||||
|
"boot_os=booti ${loadaddr} - ${fdt_addr};\0" \
|
||||||
|
"loadcntr=fatload mmc ${mmcdev}:${mmcpart} ${cntr_addr} ${cntr_file}\0" \
|
||||||
|
"auth_os=auth_cntr ${cntr_addr}\0" \
|
||||||
"mmcboot=echo Booting from mmc ...; " \
|
"mmcboot=echo Booting from mmc ...; " \
|
||||||
"run mmcargs; " \
|
"run mmcargs; " \
|
||||||
"if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
|
"if test ${sec_boot} = yes; then " \
|
||||||
"if run loadfdt; then " \
|
"if run auth_os; then " \
|
||||||
"booti ${loadaddr} - ${fdt_addr}; " \
|
"run boot_os; " \
|
||||||
"else " \
|
"else " \
|
||||||
"echo WARN: Cannot load the DT; " \
|
"echo ERR: failed to authenticate; " \
|
||||||
"fi; " \
|
"fi; " \
|
||||||
"else " \
|
"else " \
|
||||||
"echo wait for boot; " \
|
"if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
|
||||||
|
"if run loadfdt; then " \
|
||||||
|
"run boot_os; " \
|
||||||
|
"else " \
|
||||||
|
"echo WARN: Cannot load the DT; " \
|
||||||
|
"fi; " \
|
||||||
|
"else " \
|
||||||
|
"echo wait for boot; " \
|
||||||
|
"fi;" \
|
||||||
"fi;\0" \
|
"fi;\0" \
|
||||||
"netargs=setenv bootargs console=${console} " \
|
"netargs=setenv bootargs console=${console} " \
|
||||||
"root=/dev/nfs " \
|
"root=/dev/nfs " \
|
||||||
|
@ -97,15 +115,24 @@
|
||||||
"else " \
|
"else " \
|
||||||
"setenv get_cmd tftp; " \
|
"setenv get_cmd tftp; " \
|
||||||
"fi; " \
|
"fi; " \
|
||||||
"${get_cmd} ${loadaddr} ${image}; " \
|
"if test ${sec_boot} = yes; then " \
|
||||||
"if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
|
"${get_cmd} ${cntr_addr} ${cntr_file}; " \
|
||||||
"if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
|
"if run auth_os; then " \
|
||||||
"booti ${loadaddr} - ${fdt_addr}; " \
|
"run boot_os; " \
|
||||||
"else " \
|
"else " \
|
||||||
"echo WARN: Cannot load the DT; " \
|
"echo ERR: failed to authenticate; " \
|
||||||
"fi; " \
|
"fi; " \
|
||||||
"else " \
|
"else " \
|
||||||
"booti; " \
|
"${get_cmd} ${loadaddr} ${image}; " \
|
||||||
|
"if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
|
||||||
|
"if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
|
||||||
|
"booti ${loadaddr} - ${fdt_addr}; " \
|
||||||
|
"else " \
|
||||||
|
"echo WARN: Cannot load the DT; " \
|
||||||
|
"fi; " \
|
||||||
|
"else " \
|
||||||
|
"booti; " \
|
||||||
|
"fi;" \
|
||||||
"fi;\0"
|
"fi;\0"
|
||||||
|
|
||||||
#define CONFIG_BOOTCOMMAND \
|
#define CONFIG_BOOTCOMMAND \
|
||||||
|
@ -113,10 +140,17 @@
|
||||||
"if run loadbootscript; then " \
|
"if run loadbootscript; then " \
|
||||||
"run bootscript; " \
|
"run bootscript; " \
|
||||||
"else " \
|
"else " \
|
||||||
"if run loadimage; then " \
|
"if test ${sec_boot} = yes; then " \
|
||||||
"run mmcboot; " \
|
"if run loadcntr; then " \
|
||||||
"else run netboot; " \
|
"run mmcboot; " \
|
||||||
"fi; " \
|
"else run netboot; " \
|
||||||
|
"fi; " \
|
||||||
|
"else " \
|
||||||
|
"if run loadimage; then " \
|
||||||
|
"run mmcboot; " \
|
||||||
|
"else run netboot; " \
|
||||||
|
"fi; " \
|
||||||
|
"fi; " \
|
||||||
"fi; " \
|
"fi; " \
|
||||||
"else booti ${loadaddr} - ${fdt_addr}; fi"
|
"else booti ${loadaddr} - ${fdt_addr}; fi"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user