Eric Lee / smarc-uboot | Embedian Git Server

Blame view

include/config_fsl_chain_trust.h 3.14 KB

98cb0efde gaurav rana Add bootscript su...	1 2 3 4 5	/* * Copyright 2015 Freescale Semiconductor, Inc. * * SPDX-License-Identifier: GPL-2.0+ */
bdc22074c Aneesh Bansal secure_boot: spli...	6 7	#ifndef __CONFIG_FSL_CHAIN_TRUST_H #define __CONFIG_FSL_CHAIN_TRUST_H
98cb0efde gaurav rana Add bootscript su...	8
bdc22074c Aneesh Bansal secure_boot: spli...	9 10 11 12	/* For secure boot, since ENVIRONMENT in flash/external memories is * not verified, undef CONFIG_ENV_xxx and set default env * (CONFIG_ENV_IS_NOWHERE) */
98cb0efde gaurav rana Add bootscript su...	13	#ifdef CONFIG_SECURE_BOOT
bdc22074c Aneesh Bansal secure_boot: spli...	14 15 16 17 18 19 20	#undef CONFIG_ENV_IS_IN_EEPROM #undef CONFIG_ENV_IS_IN_NAND #undef CONFIG_ENV_IS_IN_MMC #undef CONFIG_ENV_IS_IN_SPI_FLASH #undef CONFIG_ENV_IS_IN_FLASH #define CONFIG_ENV_IS_NOWHERE
98cb0efde gaurav rana Add bootscript su...	21	#endif
bdc22074c Aneesh Bansal secure_boot: spli...	22	#ifdef CONFIG_CHAIN_OF_TRUST
98cb0efde gaurav rana Add bootscript su...	23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40	#ifndef CONFIG_EXTRA_ENV #define CONFIG_EXTRA_ENV "" #endif /* * Control should not reach back to uboot after validation of images * for secure boot flow and therefore bootscript should have * the bootm command. If control reaches back to uboot anyhow * after validating images, core should just spin. / / * Define the key hash for boot script here if public/private key pair used to * sign bootscript are different from the SRK hash put in the fuse * Example of defining KEY_HASH is * #define CONFIG_BOOTSCRIPT_KEY_HASH \ * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b" */
2bfe48908 Saksham Jain SECURE_BOOT: Use ...	41 42 43 44 45 46	#ifdef CONFIG_BOOTARGS #define CONFIG_SET_BOOTARGS "setenv bootargs \'" CONFIG_BOOTARGS" \';" #else #define CONFIG_SET_BOOTARGS "setenv bootargs \'root=/dev/ram " \ "rw console=ttyS0,115200 ramdisk_size=600000\';" #endif
98cb0efde gaurav rana Add bootscript su...	47 48 49	#ifdef CONFIG_BOOTSCRIPT_KEY_HASH #define CONFIG_SECBOOT \ "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
2bfe48908 Saksham Jain SECURE_BOOT: Use ...	50	CONFIG_SET_BOOTARGS \
98cb0efde gaurav rana Add bootscript su...	51 52 53 54 55 56 57 58	CONFIG_EXTRA_ENV \ "esbc_validate $bs_hdraddr " \ __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \ "source $img_addr;" \ "esbc_halt\0" #else #define CONFIG_SECBOOT \ "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
2bfe48908 Saksham Jain SECURE_BOOT: Use ...	59	CONFIG_SET_BOOTARGS \
98cb0efde gaurav rana Add bootscript su...	60 61 62 63 64	CONFIG_EXTRA_ENV \ "esbc_validate $bs_hdraddr;" \ "source $img_addr;" \ "esbc_halt\0" #endif
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	65 66 67	#ifdef CONFIG_BOOTSCRIPT_COPY_RAM #define CONFIG_BS_COPY_ENV \ "setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
69d4b48c8 Sumit Garg SECURE_BOOT: Enab...	68	"setenv bs_hdr_device " __stringify(CONFIG_BS_HDR_ADDR_DEVICE)";" \
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	69 70	"setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \ "setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
69d4b48c8 Sumit Garg SECURE_BOOT: Enab...	71	"setenv bs_device " __stringify(CONFIG_BS_ADDR_DEVICE)";" \
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	72	"setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
3f701cc50 Saksham Jain armv8: fsl-lsch3:...	73 74	/* For secure boot flow, default environment used will be used */ #if defined(CONFIG_SYS_RAMBOOT)
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	75 76	#if defined(CONFIG_RAMBOOT_NAND) #define CONFIG_BS_COPY_CMD \
69d4b48c8 Sumit Garg SECURE_BOOT: Enab...	77 78	"nand read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \ "nand read $bs_ram $bs_device $bs_size ;"
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	79	#endif /* CONFIG_RAMBOOT_NAND */
69d4b48c8 Sumit Garg SECURE_BOOT: Enab...	80 81 82 83 84	#elif defined(CONFIG_SD_BOOT) #define CONFIG_BS_COPY_CMD \ "mmc read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \ "mmc read $bs_ram $bs_device $bs_size ;" #else /* CONFIG_SD_BOOT */
3f701cc50 Saksham Jain armv8: fsl-lsch3:...	85	#define CONFIG_BS_COPY_CMD \
69d4b48c8 Sumit Garg SECURE_BOOT: Enab...	86 87	"cp.b $bs_hdr_device $bs_hdr_ram $bs_hdr_size ;" \ "cp.b $bs_device $bs_ram $bs_size ;"
98cb0efde gaurav rana Add bootscript su...	88	#endif
3f701cc50 Saksham Jain armv8: fsl-lsch3:...	89	#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
98cb0efde gaurav rana Add bootscript su...	90
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	91 92 93 94 95 96 97	#ifndef CONFIG_BS_COPY_ENV #define CONFIG_BS_COPY_ENV #endif #ifndef CONFIG_BS_COPY_CMD #define CONFIG_BS_COPY_CMD #endif
bdc22074c Aneesh Bansal secure_boot: spli...	98	#define CONFIG_CHAIN_BOOT_CMD CONFIG_BS_COPY_ENV \
5050f6f0e Aneesh Bansal powerpc/mpc85xx: ...	99 100	CONFIG_BS_COPY_CMD \ CONFIG_SECBOOT
98cb0efde gaurav rana Add bootscript su...	101 102 103	#endif #endif