summaryrefslogtreecommitdiff
path: root/arch/powerpc/include/asm/fsl_secure_boot.h
AgeCommit message (Collapse)Author
2016-01-27secure_boot: enable chain of trust for PowerPC platformsAneesh Bansal
Chain of Trust is enabled for PowerPC platforms for Secure Boot. CONFIG_BOARD_LATE_INIT is defined. In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform the following: - If boot mode is non-secure, return (No Change) - If boot mode is secure, set the following environmet variables: bootdelay = 0 (To disable Boot Prompt) bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script) Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27secure_boot: split the secure boot functionality in two partsAneesh Bansal
There are two phases in Secure Boot 1. ISBC: In BootROM, validate the BootLoader (U-Boot). 2. ESBC: In U-Boot, continuing the Chain of Trust by validating and booting LINUX. For ESBC phase, there is no difference in SoC's based on ARM or PowerPC cores. But the exit conditions after ISBC phase i.e. entry conditions for U-Boot are different for ARM and PowerPC. PowerPC: If Secure Boot is executed, a separate U-Boot target is required which must be compiled with a diffrent Text Base as compared to Non-Secure Boot. There are some LAW and TLB settings which are required specifically for Secure Boot scenario. ARM: ARM based SoC's have a fixed memory map and exit conditions from BootROM are same irrespective of boot mode (Secure or Non-Secure). Thus the current Secure Boot functionlity has been split into two parts: CONFIG_CHAIN_OF_TRUST This will have the following functionality as part of U-Boot: 1. Enable commands like esbc_validate, esbc_halt 2. Change the environment settings based on bootmode, determined at run time: - If bootmode is non-secure, no change - If bootmode is secure, set the following: - bootdelay = 0 (Don't give boot prompt) - bootcmd = Validate and execute the bootscript. CONFIG_SECURE_BOOT This is defined only for creating a different compile time target for secure boot. Traditionally, both these functionalities were defined under CONFIG_SECURE_BOOT. This patch is aimed at removing the requirement for a separate Secure Boot target for ARM based SoC's. CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be determine at run time. Another Security Requirement for running CHAIN_OF_TRUST is that U-Boot environemnt must not be picked from flash/external memory. This cannot be done based on bootmode at run time in current U-Boot architecture. Once this dependency is resolved, no separate SECURE_BOOT target will be required for ARM based SoC's. Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is defining CONFIG_ENV_IS_NOWHERE Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27secure_boot: include/configs: move definition of CONFIG_CMD_BLOBAneesh Bansal
CONFIG_CMD_BLOB must be defined in case of Secure Boot. It was earlier defined in all config files. The definition has been moved to a common file which is included by all configs. Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
2015-09-01SECURE_BOOT: Disable IE Key feature for RAMBOOTAneesh Bansal
ISBC Key Extension feature is not applicable for RAMBOOT as there is no way to retrieve the CSF Header and validated IE Key table from SRAM once CPC has been disabled. The feature is only applicable in case of NOR SECURE BOOT. Code Cleanup: The SECURE_BOOT specific defines have been moved from arch-ls102xa/config.h to arm/include/asm/fsl_secure_boot.h Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-07-31powerpc/mpc85xx: SECURE BOOT-Copy Boot Script on RAMAneesh Bansal
For running Chain of Trust when doing Secure Boot from NAND, the Bootscript header and bootscript must be copied from NAND to RAM(DDR). The addresses and commands for the same have been defined. Signed-off-by: Saksham Jain <saksham@freescale.com> Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-07-31powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041Aneesh Bansal
Secure Boot Target is added for NAND for P3041. For mpc85xx SoCs, the core begins execution from address 0xFFFFFFFC. In case of secure boot, this default address maps to Boot ROM. The Boot ROM code requires that the bootloader(U-boot) must lie in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF. In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is configured as SRAM. U-Boot binary will be located on SRAM configured at address 0xBFF00000. In the U-Boot code, TLB entries are created to map the virtual address 0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM. Signed-off-by: Saksham Jain <saksham@freescale.com> Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-07-28powerpc/T104xD4: Add Secure boot support for T104xD4RDB platformsgaurav rana
defconfig files are added and SFP version for these platforms is updated. Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-04-21Add bootscript support to esbc_validate.gaurav rana
1. Default environment will be used for secure boot flow which can't be edited or saved. 2. Command for secure boot is predefined in the default environment which will run on autoboot (and autoboot is the only option allowed in case of secure boot) and it looks like this: #define CONFIG_SECBOOT \ "setenv bs_hdraddr 0xe8e00000;" \ "esbc_validate $bs_hdraddr;" \ "source $img_addr;" \ "esbc_halt;" #endif 3. Boot Script can contain esbc_validate commands and bootm command. Uboot source command used in default secure boot command will run the bootscript. 4. Command esbc_halt added to ensure either bootm executes after validation of images or core should just spin. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-03-05SECURE_BOOT : enable esbc_validate command for powerpc and arm platforms.gaurav rana
esbc_validate command uses various IP Blocks: Security Monitor, CAAM block and SFP registers. Hence the respective CONFIG's are enabled. Apart from these CONFIG_SHA_PROG_HW_ACCEL and CONFIG_RSA are also enabled. Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2015-01-16powerpc/mpc85xx: Define PBI Flash Base for C29XPCIE Secure BootAneesh Bansal
CONFIG_SYS_PBI_FLASH_BASE is defined for Secure Boot on C29X Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-12-05powerpc/mpc85xx: Add T1024/T1023 SoC supportShengzhou Liu
Add support for Freescale T1024/T1023 SoC. The T1024 SoC includes the following function and features: - Two 64-bit Power architecture e5500 cores, up to 1.4GHz - private 256KB L2 cache each core and shared 256KB CoreNet platform cache (CPC) - 32-/64-bit DDR3L/DDR4 SDRAM memory controller with ECC and interleaving support - Data Path Acceleration Architecture (DPAA) incorporating acceleration - Four MAC for 1G/2.5G/10G network interfaces (RGMII, SGMII, QSGMII, XFI) - High-speed peripheral interfaces - Three PCI Express 2.0 controllers - Additional peripheral interfaces - One SATA 2.0 controller - Two USB 2.0 controllers with integrated PHY - Enhanced secure digital host controller (SD/eSDHC/eMMC) - Enhanced serial peripheral interface (eSPI) - Four I2C controllers - Four 2-pin UARTs or two 4-pin UARTs - Integrated Flash Controller supporting NAND and NOR flash - Two 8-channel DMA engines - Multicore programmable interrupt controller (PIC) - LCD interface (DIU) with 12 bit dual data rate - QUICC Engine block supporting TDM, HDLC, and UART - Deep Sleep power implementaion (wakeup from GPIO/Timer/Ethernet/USB) - Support for hardware virtualization and partitioning enforcement - QorIQ Platform's Trust Architecture 2.0 Differences between T1024 and T1023: Feature T1024 T1023 QUICC Engine: yes no DIU: yes no Deep Sleep: yes no I2C controller: 4 3 DDR: 64-bit 32-bit IFC: 32-bit 28-bit Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-05-13powerpc/mpc85xx: SECURE BOOT- Add secure boot target for T2080RDBAneesh Bansal
Secure Boot Target is added for T2080RDB Changes: For Secure boot, CPC is configured as SRAM and used as house keeping area which needs to be disabled. So CONFIG_SYS_CPC_REINIT_F is defined for CONFIG_T2080RDB. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
2014-05-13powerpc/mpc85xx: SECURE BOOT- secure boot target for t1040rdbAneesh Bansal
T1040RDB.h file is removed and a unified file T104xRDB.h is created. Hence macro CONFIG_T1040 is renamed to CONFIG_T104x. Signed-off-by: Gaurav Kumar Rana <gaurav.rana@freescale.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
2014-04-22powerpc/mpc85xx: SECURE BOOT- Add secure boot target for T1040QDS and T1040RDBAneesh Bansal
Secure Boot Target is added for T1040QDS and T1040RDB Changes: For Secure boot, CPC is configured as SRAM and used as house keeping area which needs to be disabled. So CONFIG_SYS_CPC_REINIT_F is defined for CONFIG_T1040QDS and CONFIG_T1040RDB Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-04-22powerpc/mpc85xx: SECURE BOOT- Add secure boot target for T2080QDSAneesh Bansal
Secure Boot Target is added for T2080QDS Changes: For Secure boot, CPC is configured as SRAM and used as house keeping area which needs to be disabled. So CONFIG_SYS_CPC_REINIT_F is defined for CONFIG_T2080QDS. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-04-22powerpc/mpc85xx: SECURE BOOT- Add secure boot target for T4240QDS and T4160QDSAneesh Bansal
Secure Boot Target is added for T4240QDS and T4160QDS Changes: For Secure boot, CPC is configured as SRAM and used as house keeping area which needs to be disabled. So CONFIG_SYS_CPC_REINIT_F is defined for CONFIG_T4240QDS. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-04-22powerpc/mpc85xx: SECURE BOOT- Add secure boot target for B4860QDSAneesh Bansal
Changes: 1. L2 cache is being invalidated by Boot ROM code for e6500 core. So removing the invalidation from start.S 2. Clear the LAW and corresponding configuration for CPC. Boot ROM code uses it as hosekeeping area. 3. For Secure boot, CPC is configured as SRAM and used as house keeping area. This configuration is to be disabled once in uboot. Earlier this disabling of CPC as SRAM was happening in cpu_init_r. As a result cache invalidation function was getting skipped in case CPC is configured as SRAM.This was causing random crashes. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2014-04-22powerpc/mpc85xx: SECURE BOOT- Add secure boot target for BSC9132QDSAneesh Bansal
Add NOR, SPI and SD secure boot targets for BSC9132QDS. Changes: - Debug TLB entry is not required for Secure Boot Target. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com>
2013-10-16powerpc: add CONFIG_SECURE_BOOT condition into fsl_secure_boot.hPo Liu
This patch is for board config file not to add CONFIG_SECURE_BOOT condition for include the asm/fsl_secure_boot.h. Signed-off-by: Po Liu <Po.Liu@freescale.com>
2013-07-24Add GPL-2.0+ SPDX-License-Identifier to source filesWolfgang Denk
Signed-off-by: Wolfgang Denk <wd@denx.de> [trini: Fixup common/cmd_io.c] Signed-off-by: Tom Rini <trini@ti.com>
2013-05-24SECURE BOOT - Removed deletion of TLB entries codeRuchika Gupta
Boot ROM code creates TLB entries for 3.5G space before entering the u-boot. Earlier we were deleting these entries after early initialization of CPU. In recent past, code has been added to invalidate all these entries before relocation of u-boot code. So this code to delete TLB entries after CPU initialization is no longer required. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Acked-by: Matthew McClintock <msm@freescale.com> Signed-off-by: Andy Fleming <afleming@freescale.com>
2011-10-03powerpc/p4080: Add support for secure boot flowRuchika Gupta
Pre u-boot Flow: 1. User loads the u-boot image in flash 2. PBL/Configuration word is used to create LAW for Flash at 0xc0000000 (Please note that ISBC expects all these addresses, images to be validated, entry point etc within 0 - 3.5G range) 3. ISBC validates the u-boot image, and passes control to u-boot at 0xcffffffc. Changes in u-boot: 1. Temporarily map CONFIG_SYS_MONITOR_BASE to the 1M CONFIG_SYS_PBI_FLASH_WINDOW in AS=1. (The CONFIG_SYS_PBI_FLASH_WINDOW is the address map for the flash created by PBL/configuration word within 0 - 3.5G memory range. The u-boot image at this address has been validated by ISBC code) 2. Remove TLB entries for 0 - 3.5G created by ISBC code 3. Remove the LAW entry for the CONFIG_SYS_PBI_FLASH_WINDOW created by PBL/configuration word after switch to AS = 1 Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Kuldip Giroh <kuldip.giroh@freescale.com> Acked-by: Wood Scott-B07421 <B07421@freescale.com> Signed-off-by: Kumar Gala <galak@kernel.crashing.org>