summaryrefslogtreecommitdiff
path: root/board/freescale/common/fsl_chain_of_trust.c
AgeCommit message (Collapse)Author
2019-08-11env: Move env_set() to env.hSimon Glass
Move env_set() over to the new header file. Acked-by: Joe Hershberger <joe.hershberger@ni.com> Signed-off-by: Simon Glass <sjg@chromium.org>
2019-06-19board/freescale/common: secure_boot: Set bootdelay to -2.Udit Agarwal
Uboot prompt must not be available while running secure boot. TO ensure this bootdelay must be set to -2. Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
2018-05-07SPDX: Convert all of our single license tags to Linux Kernel styleTom Rini
When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com>
2017-08-16env: Rename setenv() to env_set()Simon Glass
We are now using an env_ prefix for environment functions. Rename setenv() for consistency. Also add function comments in common.h. Suggested-by: Wolfgang Denk <wd@denx.de> Signed-off-by: Simon Glass <sjg@chromium.org>
2017-08-01arm64: ls1043ardb: Add distro secure boot supportSumit Garg
Enable validation of boot.scr script prior to its execution dependent on "secureboot" flag in environment. Disable fall back option to nor/qspi boot in case of secure boot. Also enable "secureboot=y" flag in environment for ARM based platforms instead of bootcmd. Signed-off-by: Sumit Garg <sumit.garg@nxp.com> Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
2017-06-01dm: Use dm.h header when driver mode is usedSimon Glass
This header includes things that are needed to make driver build. Adjust existing users to include that always, even if other dm/ includes are present Signed-off-by: Simon Glass <sjg@chromium.org>
2017-04-17armv7: ls1021a: Drop macro CONFIG_LS102XAYork Sun
Use CONFIG_ARCH_LS1021A instead. Signed-off-by: York Sun <york.sun@nxp.com>
2017-01-11SPL: Adjust more debug prints for ulong entry_pointTom Rini
With entry_point now being an unsigned long we need to adapt the last two debug prints to use %lX not %X. Fixes: 11e1479b9e67 ("SPL: make struct spl_image 64-bit safe") Signed-off-by: Tom Rini <trini@konsulko.com>
2016-07-26SECURE_BOOT: Enable chain of trust in SPL frameworkSumit Garg
Override jump_to_image_no_args function to include validation of u-boot image using spl_validate_uboot before jumping to u-boot image. Also define macros in SPL framework to enable crypto operations. Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Sumit Garg <sumit.garg@nxp.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-21powerpc/mpc85xx: SECURE BOOT- Enable chain of trust in SPLSumit Garg
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate the next level U-boot image. Add a new function spl_validate_uboot to perform the validation. Enable hardware crypto operations in SPL using SEC block. In case of Secure Boot, PAMU is not bypassed. For allowing SEC block access to CPC configured as SRAM, configure PAMU. Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Signed-off-by: Sumit Garg <sumit.garg@nxp.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27secure_boot: enable chain of trust for ARM platformsAneesh Bansal
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043). In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform the following: - If boot mode is non-secure, return (No Change) - If boot mode is secure, set the following environmet variables: bootdelay = 0 (To disable Boot Prompt) bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script) Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27secure_boot: create function to determine boot modeAneesh Bansal
A function is created to detrmine if the boot mode is secure or non-secure for differnt SoC's. Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com> Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>