summaryrefslogtreecommitdiff
path: root/arch
diff options
context:
space:
mode:
authorgaurav rana <gaurav.rana@freescale.com>2015-03-10 14:08:50 +0530
committerYork Sun <yorksun@freescale.com>2015-04-21 10:19:19 -0700
commit98cb0efde8aaed200750e6d75fa8e5fc01dcd8f4 (patch)
treebc4bd9462e516ce795e51b633f71f0800f3c4b73 /arch
parent997c67d98b2230d3d17ed8143e490067d640b75b (diff)
Add bootscript support to esbc_validate.
1. Default environment will be used for secure boot flow which can't be edited or saved. 2. Command for secure boot is predefined in the default environment which will run on autoboot (and autoboot is the only option allowed in case of secure boot) and it looks like this: #define CONFIG_SECBOOT \ "setenv bs_hdraddr 0xe8e00000;" \ "esbc_validate $bs_hdraddr;" \ "source $img_addr;" \ "esbc_halt;" #endif 3. Boot Script can contain esbc_validate commands and bootm command. Uboot source command used in default secure boot command will run the bootscript. 4. Command esbc_halt added to ensure either bootm executes after validation of images or core should just spin. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
Diffstat (limited to 'arch')
-rw-r--r--arch/arm/include/asm/fsl_secure_boot.h25
-rw-r--r--arch/powerpc/include/asm/fsl_secure_boot.h19
2 files changed, 44 insertions, 0 deletions
diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h
new file mode 100644
index 0000000000..f097c81a92
--- /dev/null
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2015 Freescale Semiconductor, Inc.
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#ifndef __FSL_SECURE_BOOT_H
+#define __FSL_SECURE_BOOT_H
+
+#ifdef CONFIG_SECURE_BOOT
+#ifndef CONFIG_FIT_SIGNATURE
+
+#define CONFIG_EXTRA_ENV \
+ "setenv fdt_high 0xcfffffff;" \
+ "setenv initrd_high 0xcfffffff;" \
+ "setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
+
+/* The address needs to be modified according to NOR memory map */
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0x600a0000
+
+#include <config_fsl_secboot.h>
+#endif
+#endif
+
+#endif
diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h b/arch/powerpc/include/asm/fsl_secure_boot.h
index 49f6814383..8f794ef381 100644
--- a/arch/powerpc/include/asm/fsl_secure_boot.h
+++ b/arch/powerpc/include/asm/fsl_secure_boot.h
@@ -67,5 +67,24 @@
#define CONFIG_FSL_ISBC_KEY_EXT
#endif
+#ifndef CONFIG_FIT_SIGNATURE
+/* The bootscript header address is different for B4860 because the NOR
+ * mapping is different on B4 due to reduced NOR size.
+ */
+#if defined(CONFIG_B4860QDS)
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0xecc00000
+#elif defined(CONFIG_FSL_CORENET)
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0xe8e00000
+#elif defined(CONFIG_BSC9132QDS)
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0x88020000
+#elif defined(CONFIG_C29XPCIE)
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0xec020000
+#else
+#define CONFIG_BOOTSCRIPT_HDR_ADDR 0xee020000
+#endif
+
+#include <config_fsl_secboot.h>
+#endif
+
#endif
#endif