ISBC Key Extension feature is not applicable for RAMBOOT
as there is no way to retrieve the CSF Header and validated
IE Key table from SRAM once CPC has been disabled.
The feature is only applicable in case of NOR SECURE BOOT.
Code Cleanup:
The SECURE_BOOT specific defines have been moved from
arch-ls102xa/config.h to
arm/include/asm/fsl_secure_boot.h
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
1. Default environment will be used for secure boot flow
which can't be edited or saved.
2. Command for secure boot is predefined in the default
environment which will run on autoboot (and autoboot is
the only option allowed in case of secure boot) and it
looks like this:
#define CONFIG_SECBOOT \
"setenv bs_hdraddr 0xe8e00000;" \
"esbc_validate $bs_hdraddr;" \
"source $img_addr;" \
"esbc_halt;"
#endif
3. Boot Script can contain esbc_validate commands and bootm command.
Uboot source command used in default secure boot command will
run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
after validation of images or core should just spin.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
