brain-hackers_pepepper-mirror/u-boot-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/u-boot-brain synced 2024-07-05 10:46:15 +09:00
Code Issues Projects Releases Wiki Activity
fcfdb6d580
u-boot-brain/arch/arm/include/asm/fsl_secure_boot.h
Saksham Jain fcfdb6d580 armv8: ls2080rdb: ls2080qds: Add secure boot support 
Sec_init has been called at the beginning to initialize SEC Block
(CAAM) which is used by secure boot validation later for both ls2080a
qds and rdb. 64-bit address in ESBC Header has been enabled. Secure
boot defconfigs are created for boards (NOR boot).

Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:20 -07:00

66 lines
1.6 KiB
C
Raw Blame History

/*
* Copyright 2015 Freescale Semiconductor, Inc.
*
* SPDX-License-Identifier: GPL-2.0+
*/
#ifndef __FSL_SECURE_BOOT_H
#define __FSL_SECURE_BOOT_H
#ifdef CONFIG_SECURE_BOOT
#ifndef CONFIG_FIT_SIGNATURE
#define CONFIG_CHAIN_OF_TRUST
#endif
#endif
#ifdef CONFIG_CHAIN_OF_TRUST
#define CONFIG_CMD_ESBC_VALIDATE
#define CONFIG_CMD_BLOB
#define CONFIG_CMD_HASH
#define CONFIG_FSL_SEC_MON
#define CONFIG_SHA_HW_ACCEL
#define CONFIG_SHA_PROG_HW_ACCEL
#define CONFIG_RSA_FREESCALE_EXP
#ifndef CONFIG_FSL_CAAM
#define CONFIG_FSL_CAAM
#endif
#define CONFIG_KEY_REVOCATION
#ifndef CONFIG_SYS_RAMBOOT
/* The key used for verification of next level images
* is picked up from an Extension Table which has
* been verified by the ISBC (Internal Secure boot Code)
* in boot ROM of the SoC.
* The feature is only applicable in case of NOR boot and is
* not applicable in case of RAMBOOT (NAND, SD, SPI).
*/
#ifndef CONFIG_ESBC_HDR_LS
/* Current Key EXT feature not available in LS ESBC Header */
#define CONFIG_FSL_ISBC_KEY_EXT
#endif
#endif
#if defined(CONFIG_LS1043A) || defined(CONFIG_LS2080A) ||\
defined(CONFIG_LS2085A)
/* For LS1043 (ARMv8), ESBC image Address in Header is 64 bit
* Similiarly for LS2080 and LS2085
*/
#define CONFIG_ESBC_ADDR_64BIT
#endif
#define CONFIG_EXTRA_ENV \
"setenv fdt_high 0xcfffffff;" \
"setenv initrd_high 0xcfffffff;" \
"setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
/* The address needs to be modified according to NOR memory map */
#define CONFIG_BOOTSCRIPT_HDR_ADDR 0x600a0000
#include <config_fsl_chain_trust.h>
#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
#endif
Reference in New Issue View Git Blame Copy Permalink