Commit graph

52 commits

Author SHA1 Message Date
Tom Rini
52aaa1840d nxp: config_fsl_chain_trust.h: Clean up and remove unused portions
The way that secure boot is implemented today on NXP ARM platforms does
not reuse the elements found in include/config_fsl_chain_trust.h to
construct CONFIG_SECBOOT but instead board header files have their
environment setup as needed and then fsl_setenv_chain_of_trust() will
set secureboot in the environment.  Remove a large number of unused
defines here.

Cc: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-07-05 17:04:01 -04:00
Tom Rini
5aad0a14ba fsl_validate: Migrate SPL_UBOOT_KEY_HASH to Kconfig
Move setting of SPL_UBOOT_KEY_HASH to a non-NULL value to Kconfig.  As
part of this, change fsl_secboot_validate(...) to check that it is
passed a non-empty string, rather than non-NULL.

Cc: Peng Fan <peng.fan@nxp.com>
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Cc: Kshitiz Varshney <kshitiz.varshney@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-07-05 17:04:01 -04:00
Tom Rini
601483ffd5 Convert CONFIG_SYS_FSL_SFP_BE et al to Kconfig
This converts the following to Kconfig:
   CONFIG_KEY_REVOCATION
   CONFIG_SYS_FSL_SFP_BE
   CONFIG_SYS_FSL_SFP_LE
   CONFIG_SYS_FSL_SFP_VER_3_0
   CONFIG_SYS_FSL_SFP_VER_3_2
   CONFIG_SYS_FSL_SFP_VER_3_4
   CONFIG_SYS_FSL_SRK_LE

This partly means making sure to enable SYS_FSL_ERRATUM_A007186 only for
when CHAIN_OF_TRUST is enabled.

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-07-05 17:04:00 -04:00
Tom Rini
c9f85187e2 Convert CONFIG_SYS_FSL_SEC_MON et al to Kconfig
This converts the following to Kconfig:
   CONFIG_SYS_FSL_SEC_MON
   CONFIG_SYS_FSL_SEC_MON_BE
   CONFIG_SYS_FSL_SEC_MON_LE

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-07-05 17:04:00 -04:00
Tom Rini
2b2817b5c8 Convert CONFIG_ESBC_HDR_LS et al to Kconfig
This converts the following to Kconfig:
   CONFIG_ESBC_HDR_LS
   CONFIG_ESBC_ADDR_64BIT

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-07-05 17:03:02 -04:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Sumit Garg
1cabeb88eb ls1088ardb: Add SD Secure boot target support
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
[YS: run moveconfig.py -s]
Reviewed-by: York Sun <york.sun@nxp.com>
2018-01-10 12:32:45 -08:00
Udit Agarwal
15e7c681e1 LS2080ARDB: QSPI boot: Secure Boot image validation
Adds header address for PPA to be validated during ESBC phase for
ARCH_LS2088 and QSPI_BOOT. Moves sec_init prior to ppa_init(). It
must be initialized before the PPA.

Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
[YS: revised commit message]
Reviewed-by: York Sun <york.sun@nxp.com>
2017-09-11 07:55:36 -07:00
Sumit Garg
06fb06f66c SECURE_BOOT: Unify memory map for Layerscape based platforms
Unify memory map for Layerscape based platforms. This patch includes
changes in bootscript, bootscript header and PPA header addresses
change as per unified memory map.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-09-11 07:55:36 -07:00
Simon Glass
551c393446 Convert CONFIG_CMD_HASH to Kconfig
This converts the following to Kconfig:
   CONFIG_CMD_HASH

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework slightly, enable on some boards again]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 12:38:15 -04:00
Simon Glass
ea7971f705 Convert CONFIG_CMD_ESBC_VALIDATE to Kconfig
This converts the following to Kconfig:
   CONFIG_CMD_ESBC_VALIDATE

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-05-22 09:33:55 -04:00
Tom Rini
089df18bfe lib: move hash CONFIG options to Kconfig
Commit 94e3c8c4fd ("crypto/fsl - Add progressive hashing support
using hardware acceleration.") created entries for CONFIG_SHA1,
CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and CONFIG_SHA_PROG_HW_ACCEL.
However, no defconfig has migrated to it.  Complete the move by first
adding additional logic to various Kconfig files to select this when
required and then use the moveconfig tool.  In many cases we can select
these because they are required to implement other drivers.  We also
correct how we include the various hashing algorithms in SPL.

This commit was generated as follows (after Kconfig additions):

[1] tools/moveconfig.py -y SHA1 SHA256 SHA_HW_ACCEL
[2] tools/moveconfig.py -y SHA_PROG_HW_ACCEL

Note:
We cannot move SHA_HW_ACCEL and SHA_PROG_HW_ACCEL simultaneously
because there is dependency between them.

Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Chander Kashyap <k.chander@samsung.com>
Cc: Steve Rae <steve.rae@raedomain.com>
Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Akshay Saraswat <akshay.s@samsung.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 08:36:58 -04:00
Ley Foon Tan
0680f1b1f7 Convert CONFIG_SPL_BOARD_INIT to Kconfig
This converts the following to Kconfig:
   CONFIG_SPL_BOARD_INIT

Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
[trini: Update the Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 07:29:48 -04:00
Simon Glass
c04b9b3440 Convert CONFIG_CMD_BLOB to Kconfig
This converts the following to Kconfig:
   CONFIG_CMD_BLOB

Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add imply CMD_BLOB under CHAIN_OF_TRUST]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-04-30 10:30:03 -04:00
York Sun
c1303bfd7e armv8: ls1043a: Drop macro CONFIG_LS1043A
Use CONFIG_ARCH_LS1043A instead.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
York Sun
4a3ab19322 armv8: ls2080a: Drop macro CONFIG_LS2080A
Use CONFIG_ARCH_LS2080A instead.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Ruchika Gupta
511fc86d0b arm: ls1046ardb: Add SD secure boot target
- Add SD secure boot target for ls1046ardb.
- Change the u-boot size defined by a macro for copying the main
  U-Boot by SPL to also include the u-boot Secure Boot header size
  as header is appended to u-boot image. So header will also be
  copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90KB. SPL is copied to OCRAM
  (128K) where 32K are reserved for use by boot ROM and 6K for the
  header.
- Reduce the size of CAAM driver for SPL Blobification functions
  and descriptors, that are not required at the time of SPL are
  disabled. Further error code conversion to strings is disabled
  for SPL build.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Ruchika Gupta
762f92a60e arm: ls1043ardb: Add NAND secure boot target
Add NAND secure boot target for ls1043ardb.

- Change the u-boot size defined by a macro for copying the main
  U-Boot by SPL to also include the u-boot Secure Boot header size as
  header is appended to u-boot image. So header will also be copied
  from SD to DDR.
- MACRO for CONFIG_BOOTSCRIPT_COPY_RAM is enabled to copy Bootscript
  from NAND to DDR. Offsets for Bootscript on NAND and DDR have been
  also defined.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Ruchika Gupta
70f9661ca9 arm: ls1043ardb: Add SD secure boot target
- Add SD secure boot target for ls1043ardb.
- Implement FSL_LSCH2 specific spl_board_init() to setup CAAM stream
  ID and corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main
  U-Boot by SPL to also include the u-boot Secure Boot header size as
  header is appended to u-boot image. So header will also be copied
  from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90KB. SPL is copied to OCRAM
  (128K) where 32K are reserved for use by boot ROM and 6K for secure
  boto header.
- Error messages during SPL boot are limited to error code numbers
  instead of strings to reduce the size of SPL image.

Signed-off-by: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Vinitha Pillai-B57223
d2a99502ad armv8: SECURE_BOOT: Enable chain of trust on LS1012A platform
Define bootscript and its header addresses for QSPI target
Also add PPA header address in Kconfig

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Vinitha Pillai-B57223
b3635f57d9 armv8: SECURE_BOOT: Enable chain of trust on LS1046A platform
Define bootscript and its header addresses for QSPI target. Also
define PPA header address to enable PPA validation.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
2017-04-17 09:03:30 -07:00
Vinitha Pillai-B57223
d1a795ace9 armv8: fsl-layerscape: SECURE BOOT: Add header address of PPA in kconfig
The header address of PPA defined in Kconfig.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Udit Agarwal
ac55dadb1c fsl: Secure Boot: Enable IE (Key extention) Feature
For validating images from uboot (Such as Kernel Image), either keys
from SoC fuses can be used or keys from a verified table of public
keys can be used. The latter feature is called IE Key Extension
Feature.

For Layerscape Chasis 3 based platforms, IE table is validated by
Bootrom and address of this table is written in scratch registers 13
and 14 via PBI commands.

Following are the steps describing usage of this feature:

1) Verify IE Table in ISBC phase using keys stored in fuses.
2) Install IE table. (To be used across verification of multiple
   images stored in a static global structure.)
3) Use keys from IE table, to verify further images.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-03-28 09:03:04 -07:00
Udit Agarwal
350e16cfb4 armv8: lsch3: SECURE_BOOT: Define CONFIG_SYS_LS_PPA_ESBC_ADDR for LS2080A
Add header address for PPA to be validated during ESBC phase for LS2080A
platform based on Layescape Chasis 3.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-03-28 08:56:33 -07:00
Vinitha Pillai
9b6639fa85 LS1021ATWR: Modify u-boot size for sd secure boot
Raw uboot image is used in place of FIT image in secure boot.
The maximum allocated size of raw u-boot bin is 1MB in memory map.
Hence , CONFIG_SYS_MONITOR_LEN has been modified to 1 MB.
The bootscript  (BS_ADDR) and its header (BS_HDR_ADDR) offset on
MMC have also been modified to accommodate the increase in uboot size.

Signed-off-by: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com>
Reviewed-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-03-14 08:44:03 -07:00
Tom Rini
285226785e Freescale/NXP: Migrate CONFIG_FSL_CAAM to defconfigs
In some cases this is absolutely required, so select this for some secure
features.  This also requires migration of RSA_FREESCALE_EXP

Cc: Ruchika Gupta <ruchika.gupta@nxp.com>
Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Saksham Jain <saksham.jain@nxp.freescale.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-03-09 11:37:24 -05:00
Tom Rini
88077715d8 NXP: Introduce board/freescale/common/Kconfig and migrate CHAIN_OF_TRUST
Introduce board/freescale/common/Kconfig so that we have a single place
for CONFIG options that are shared between ARM and PowerPC NXP platforms.

Cc: York Sun <york.sun@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-01-24 10:33:59 -05:00
Udit Agarwal
39199356e9 SECURE_BOOT: Update bootscript and its hdr addresses
Update bootscript and its hdr addresses for Layerscape Chasis 3
based platforms instead of individual SoCs.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-01-18 09:28:34 -08:00
Tom Rini
cbe7706ab8 Merge git://git.denx.de/u-boot-fsl-qoriq
trini: Drop local memset() from
examples/standalone/mem_to_mem_idma2intr.c

Signed-off-by: Tom Rini <trini@konsulko.com>
2016-09-26 17:10:56 -04:00
Simon Glass
d3662dff78 Convert CONFIG_SPL_DRIVERS_MISC_SUPPORT to Kconfig
Move this option to Kconfig and tidy up existing uses.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:27:08 -04:00
Simon Glass
d3e7e2b2ce Convert CONFIG_SPL_HASH_SUPPORT to Kconfig
Move this option to Kconfig and tidy up existing uses.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:27:07 -04:00
Simon Glass
dbdaeee43c Convert CONFIG_SPL_CRYPTO_SUPPORT to Kconfig
Move this option to Kconfig and tidy up existing uses.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:27:07 -04:00
Simon Glass
d3c1f46737 Move existing use of CONFIG_SPL_RSA to Kconfig
A few boards define this in a header file which is incorrect. It means that
Kconfig options that rely on this cannot be used. Move it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:03:45 -04:00
Simon Glass
3433a693a9 Move existing use of CONFIG_SPL_DM to Kconfig
A few boards define this in a header file which is incorrect. It means that
Kconfig options that rely on this cannot be used. Move it.

Note that quite a few boards defined this options but do not appear to
actually use SPL:

	BSC9132QDS_NOR_DDRCLK100_SECURE
	BSC9132QDS_NOR_DDRCLK133_SECURE
	BSC9132QDS_SDCARD_DDRCLK100_SECURE
	BSC9132QDS_SDCARD_DDRCLK133_SECURE
	BSC9132QDS_SPIFLASH_DDRCLK100_SECURE
	BSC9132QDS_SPIFLASH_DDRCLK133_SECURE
	C29XPCIE_NOR_SECBOOT
	P1010RDB-PA_36BIT_NAND_SECBOOT
	P1010RDB-PA_36BIT_SPIFLASH_SECBOOT
	P1010RDB-PA_NAND_SECBOOT
	P1010RDB-PA_NOR_SECBOOT
	P1010RDB-PB_36BIT_NOR_SECBOOT
	P1010RDB-PB_36BIT_SPIFLASH_SECBOOT
	P1010RDB-PB_NAND_SECBOOT
	P1010RDB-PB_NOR_SECBOOT
	P3041DS_SECURE_BOOT
	P4080DS_SECURE_BOOT
	P5020DS_NAND_SECURE_BOOT
	P5040DS_SECURE_BOOT
	T1023RDB_SECURE_BOOT
	T1024QDS_DDR4_SECURE_BOOT
	T1024QDS_SECURE_BOOT
	T1024RDB_SECURE_BOOT
	T1040RDB_SECURE_BOOT
	T1042D4RDB_SECURE_BOOT
	T1042RDB_SECURE_BOOT
	T2080QDS_SECURE_BOOT
	T2080RDB_SECURE_BOOT
	T4160QDS_SECURE_BOOT
	T4240QDS_SECURE_BOOT
	ls1021aqds_nor_SECURE_BOOT
	ls1021atwr_nor_SECURE_BOOT
	ls1043ardb_SECURE_BOOT

For these boards CONFIG_SPL_DM will no-longer be defined in SPL. But since
they apparently don't have an SPL, this should not matter.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:03:41 -04:00
Simon Glass
b63f8a4336 arm: fsl: Adjust ordering of #ifndef CONFIG_SPL_BUILD
The secure boot header files incorrectly define SPL options only if
CONFIG_SPL_BUILD is defined. This means that the options are only enabled
in an SPL build, and not with a normal 'make xxx_defconfig'. This means
that moveconfig.py cannot work, since it sees the options as disabled even
when they may be manually enabled in an SPL build.

Fix this by changing the order.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-09-16 17:03:37 -04:00
Sumit Garg
07806e6229 ls1043ardb: PPA: add PPA validation in case of secure boot
As part of Secure Boot Chain of trust, PPA image must be validated
before the image is started.
The code for the same has been added.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-09-14 14:06:39 -07:00
Sumit Garg
69d4b48c84 SECURE_BOOT: Enable SD as a source for bootscript
Add support for reading bootscript and bootscript header from SD. Also
renamed macros *_FLASH to *_DEVICE to represent SD alongwith NAND and
NOR flash.

Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-26 09:01:43 -07:00
Sumit Garg
028ac8c733 SECURE_BOOT: Enable chain of trust in SPL framework
Override jump_to_image_no_args function to include validation of
u-boot image using spl_validate_uboot before jumping to u-boot image.
Also define macros in SPL framework to enable crypto operations.

Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-26 09:01:35 -07:00
York Sun
3c1d218a1d armv8: LS2080A: Consolidate LS2080A and LS2085A
LS2080A is the primary SoC, and LS2085A is a personality with AIOP
and DPAA DDR. The RDB and QDS boards support both personality. By
detecting the SVR at runtime, a single image per board can support
both SoCs. It gives users flexibility to swtich SoC without the need
to reprogram the board.

Signed-off-by: York Sun <york.sun@nxp.com>
CC: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
2016-04-06 10:26:46 -07:00
Saksham Jain
bef238cb1e armv8: ls2080: Change env variable "fdt_high"
"fdt_high" env variable was set to 0xcfffffff for secure boot.
Change it to 0xa0000000 for LS2080 to be consistent with non-secure
boot targets.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:21 -07:00
Saksham Jain
3f701cc50a armv8: fsl-lsch3: Copy Bootscript and header from NOR to DDR
To unify steps for secure boot for xip (eg. NOR) and non-xip memories
(eg. NAND, SD), bootscipts and its header are copied to main memory.
Validation and execution are performed from there.

For other ARM Platforms (ls1043 and ls1020), to avoid disruption of
existing users, this copy step is not used for NOR boot.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:21 -07:00
Saksham Jain
216e93a185 armv8: ls2080: Add bootscript header addr for secure boot
During secure boot, Linux image along with other images are validated
using bootscript. This bootscript also needs to be validated before
it executes. This requires a header for bootscript.

When secure boot is enabled, default bootcmd is changed to first
validate bootscript using the header and then execute the script.

For ls2080, NOR memory map is different from other ARM SoCs. So a new
address on NOR is used for this bootscript header (0x583920000). The
Bootscript address is mentioned in this header along with addresses of
other images.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:21 -07:00
Saksham Jain
fcfdb6d580 armv8: ls2080rdb: ls2080qds: Add secure boot support
Sec_init has been called at the beginning to initialize SEC Block
(CAAM) which is used by secure boot validation later for both ls2080a
qds and rdb. 64-bit address in ESBC Header has been enabled. Secure
boot defconfigs are created for boards (NOR boot).

Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:20 -07:00
Saksham Jain
fd6dbc98a7 armv8: fsl-lsch3: Add new header for secure boot
For secure boot, a header is used to identify key table, signature
and image address. A new header structure is added for lsch3.

Currently key extension (IE) feature is not supported. Single key
feature is not supported. Keys must be in table format. Hence, SRK
(key table) must be present. Max key number has increase from 4 to
8. The 8th key is irrevocable. A new barker Code is used.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:20 -07:00
Simon Glass
73223f0e1b Kconfig: Move CONFIG_FIT and related options to Kconfig
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.

Move these options to Kconfig and tidy up board configuration:

   CONFIG_FIT
   CONFIG_OF_BOARD_SETUP
   CONFIG_OF_SYSTEM_SETUP
   CONFIG_FIT_SIGNATURE
   CONFIG_FIT_BEST_MATCH
   CONFIG_FIT_VERBOSE
   CONFIG_OF_STDOUT_VIA_ALIAS
   CONFIG_RSA

Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.

Note: Masahiro's moveconfig.py script is amazing.

Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
2016-03-14 19:18:07 -04:00
Simon Glass
9e971632cd freescale: Remove CONFIG_DM from header files
Kconfig options must defined in the defconfig files. Since RSA_SOFTWARE_EXP
relies on CONFIG_DM, unless it is set in kconfig we cannot enable RSA.
Remove the hacks which enable CONFIG_DM in header files and update the
defconfig.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-03-14 14:21:27 -04:00
Aneesh Bansal
bdc22074c5 secure_boot: split the secure boot functionality in two parts
There are two phases in Secure Boot
1. ISBC: In BootROM, validate the BootLoader (U-Boot).
2. ESBC: In U-Boot, continuing the Chain of Trust by
         validating and booting LINUX.

For ESBC phase, there is no difference in SoC's based on ARM or
PowerPC cores.

But the exit conditions after ISBC phase i.e. entry conditions for
U-Boot are different for ARM and PowerPC.
PowerPC:

If Secure Boot is executed, a separate U-Boot target is required
which must be compiled with a diffrent Text Base as compared to
Non-Secure Boot. There are some LAW and TLB settings which are
required specifically for Secure Boot scenario.

ARM:
ARM based SoC's have a fixed memory map and exit conditions from
BootROM are same irrespective of boot mode (Secure or Non-Secure).

Thus the current Secure Boot functionlity has been split into
two parts:
CONFIG_CHAIN_OF_TRUST
This will have the following functionality as part of U-Boot:
1. Enable commands like esbc_validate, esbc_halt
2. Change the environment settings based on bootmode, determined
   at run time:
     - If bootmode is non-secure, no change
     - If bootmode is secure, set the following:
         - bootdelay = 0 (Don't give boot prompt)
         - bootcmd = Validate and execute the bootscript.

CONFIG_SECURE_BOOT
This is defined only for creating a different compile time target
for secure boot.

Traditionally, both these functionalities were defined under
CONFIG_SECURE_BOOT. This patch is aimed at removing the requirement
for a separate Secure Boot target for ARM based SoC's.
CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be
determine at run time.

Another Security Requirement for running CHAIN_OF_TRUST is that
U-Boot environemnt must not be picked from flash/external memory.
This cannot be done based on bootmode at run time in current U-Boot
architecture. Once this dependency is resolved, no separate
SECURE_BOOT target will be required for ARM based SoC's.

Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is
defining CONFIG_ENV_IS_NOWHERE

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27 08:12:32 -08:00
Aneesh Bansal
74eecd820f secure_boot: include/configs: move definition of CONFIG_CMD_BLOB
CONFIG_CMD_BLOB must be defined in case of Secure Boot. It was
earlier defined in all config files. The definition has been
moved to a common file which is included by all configs.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27 08:12:26 -08:00
Aneesh Bansal
ef6c55a240 secure_boot: include/configs: make secure boot header file uniform
The file fsl_secure_boot.h must be included in config file for
Secure Boot. This is not required to be protected by any macro.
CONFIG_FSL_CAAM must be defined and CONFIG_CMD_HASH should be
turned on.

The above was missing in some config files and all files have been
made uniform in this respect.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-01-27 08:12:08 -08:00
Aneesh Bansal
9711f52806 armv8/ls1043ardb: add SECURE BOOT target for NOR
LS1043ARDB Secure Boot Target from NOR has been added.
- Configs defined to enable esbc_validate.
- ESBC Address in header is made 64 bit.
- SMMU is re-configured in Bypass mode.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-12-15 08:57:35 +08:00