Commit graph

9 commits

Author SHA1 Message Date
Simon Glass
382bee57f1 env: Rename setenv() to env_set()
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.

Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
2017-08-16 08:22:18 -04:00
Sumit Garg
76bbf1c634 arm64: ls1043ardb: Add distro secure boot support
Enable validation of boot.scr script prior to its execution dependent
on "secureboot" flag in environment. Disable fall back option to
nor/qspi boot in case of secure boot. Also enable "secureboot=y"
flag in environment for ARM based platforms instead of bootcmd.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-08-01 08:28:57 -07:00
Simon Glass
9d922450aa dm: Use dm.h header when driver mode is used
This header includes things that are needed to make driver build. Adjust
existing users to include that always, even if other dm/ includes are
present

Signed-off-by: Simon Glass <sjg@chromium.org>
2017-06-01 06:57:52 -06:00
York Sun
73fb583829 armv7: ls1021a: Drop macro CONFIG_LS102XA
Use CONFIG_ARCH_LS1021A instead.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Tom Rini
4386feb73d SPL: Adjust more debug prints for ulong entry_point
With entry_point now being an unsigned long we need to adapt the last
two debug prints to use %lX not %X.

Fixes: 11e1479b9e ("SPL: make struct spl_image 64-bit safe")
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-01-11 10:45:48 -05:00
Sumit Garg
028ac8c733 SECURE_BOOT: Enable chain of trust in SPL framework
Override jump_to_image_no_args function to include validation of
u-boot image using spl_validate_uboot before jumping to u-boot image.
Also define macros in SPL framework to enable crypto operations.

Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-26 09:01:35 -07:00
Sumit Garg
8f01397ba7 powerpc/mpc85xx: SECURE BOOT- Enable chain of trust in SPL
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.

Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.

Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-21 11:09:23 -07:00
Aneesh Bansal
d041288586 secure_boot: enable chain of trust for ARM platforms
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043).
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
   bootdelay = 0 (To disable Boot Prompt)
   bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27 08:12:49 -08:00
Aneesh Bansal
0a6b2714ad secure_boot: create function to determine boot mode
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27 08:12:42 -08:00