When using HAB as secure boot mechanism on Wandboard, the chain of
trust breaks immediately after the SPL. As this is not checking
the authenticity of the loaded image before jumping to it.
The HAB status output will not be implemented in SPL as it adds
a lot of strings that are only required in debug cases. With those
it exceeds the maximum size of the available OCRAM (69 KiB).
The SPL MISC driver support must be enabled, so that the driver can use OTP fuse
to check if HAB is enabled.
Cc: sbabic@denx.de
v2-Changes: None
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Add secure boot fuse helper struct to abstract the way
to find out secure boot settings per SoC iMX family
Signed-off-by: Adrian Alonso <aalonso@freescale.com>
Add CONFIG_ROM_UNIFIED_SECTIONS for mx6sx and mx6ul target
platforms to resolve corresponding HAB_RVT_BASE base address,
the RVT table contains pointers to the HAB API functions in
ROM code.
Signed-off-by: Adrian Alonso <aalonso@freescale.com>
Rework secure boot support for imx6, move existing hab support
for imx6 into imx-common for SoC reuse.
Signed-off-by: Adrian Alonso <aalonso@freescale.com>
