Commit graph

7 commits

Author SHA1 Message Date
Mario Six
a1b6b0a9c1 arm: mvebu: Implement secure boot
The patch implements secure booting for the mvebu architecture.

This includes:
- The addition of secure headers and all needed signatures and keys in
  mkimage
- Commands capable of writing the board's efuses to both write the
  needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
  commands to write the efuses

The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
2017-02-01 09:04:18 +01:00
Chris Packham
2611c05e84 tools/kwbimage: add DEBUG option
Offset 0x1 in the generated kwb image file is a set of flags, bit 0
enables debug output from the BootROM firmware.  Allow a DEBUG option in
the kwb configuration to request debug output from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
2016-12-01 09:10:49 +01:00
Chris Packham
4bdb547978 tools/kwbimage: add BAUDRATE option
Offset 0x18 in some Marvell datasheets this field is redacted as
"reserved". This offset is actually a set of options and bits 2:0 allow
the selection of the UART baudrate.

Allow a BAUDRATE option to set the UART baudrate for any messages coming
from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
2016-12-01 09:10:43 +01:00
Reinhard Pfau
a8840dced0 tools/kwbimage: fix endianess issue
KWB image header values are in little endian (LE).
So adding appropriate cpu_to_leXX() calls to allow building those images
on BE hosts, too.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
2015-11-29 16:02:44 +01:00
Stefan Roese
e29f1db3dd tools: kwboot: Add support for UART boot mode patching for Armada XP/38x
Currently, kwboot only allows dynamic UART boot mode patching for SoCs
with header version 0 (Orion, Kirkwood). This patch now enables this "-p"
feature also for SoCs with header version 1 (Armada XP / 38x etc). With
this its possible now to use the UART boot mode without on images that
are generated for other boot devices, like SPI. So no need to change
BOOT_FROM to "uart" for UART xmodem booting any more.

Signed-off-by: Stefan Roese <sr@denx.de>
Tested-by: Kevin Smith <kevin.smith@elecsyscorp.com>
Cc: Luka Perkov <luka.perkov@sartura.hr>
Cc: Dirk Eibach <eibach@gdsys.de>
2015-10-01 02:02:06 +02:00
Wolfgang Denk
1a4596601f Add GPL-2.0+ SPDX-License-Identifier to source files
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
2013-07-24 09:44:38 -04:00
Prafulla Wadaskar
aa0c7a86cd mkimage: Add Kirkwood Boot Image support (kwbimage)
This patch adds support for "kwbimage" (Kirkwood Boot Image)
image types to the mkimage code.

For details refer to docs/README.kwbimage

This patch is tested with Sheevaplug board

Signed-off-by: Prafulla Wadaskar <prafulla@marvell.com>
Acked-by: Ron Lee <ron@debian.org>

Signed-off-by: Prafulla Wadaskar <prafulla@marvell.com>
2009-09-10 22:58:48 +02:00