mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-13 14:53:06 +00:00
52aaa1840d
The way that secure boot is implemented today on NXP ARM platforms does not reuse the elements found in include/config_fsl_chain_trust.h to construct CONFIG_SECBOOT but instead board header files have their environment setup as needed and then fsl_setenv_chain_of_trust() will set secureboot in the environment. Remove a large number of unused defines here. Cc: Peng Fan <peng.fan@nxp.com> Signed-off-by: Tom Rini <trini@konsulko.com>
39 lines
1.1 KiB
C
39 lines
1.1 KiB
C
/* SPDX-License-Identifier: GPL-2.0+ */
|
|
/*
|
|
* Copyright 2015 Freescale Semiconductor, Inc.
|
|
* Copyright 2017 NXP
|
|
*/
|
|
|
|
#ifndef __FSL_SECURE_BOOT_H
|
|
#define __FSL_SECURE_BOOT_H
|
|
|
|
#ifdef CONFIG_CHAIN_OF_TRUST
|
|
#ifndef CONFIG_SPL_BUILD
|
|
#ifndef CONFIG_SYS_RAMBOOT
|
|
/* The key used for verification of next level images
|
|
* is picked up from an Extension Table which has
|
|
* been verified by the ISBC (Internal Secure boot Code)
|
|
* in boot ROM of the SoC.
|
|
* The feature is only applicable in case of NOR boot and is
|
|
* not applicable in case of RAMBOOT (NAND, SD, SPI).
|
|
* For LS, this feature is available for all device if IE Table
|
|
* is copied to XIP memory
|
|
* Also, for LS, ISBC doesn't verify this table.
|
|
*/
|
|
#define CONFIG_FSL_ISBC_KEY_EXT
|
|
|
|
#endif
|
|
|
|
#ifdef CONFIG_FSL_LS_PPA
|
|
/* Define the key hash here if SRK used for signing PPA image is
|
|
* different from SRK hash put in SFP used for U-Boot.
|
|
* Example
|
|
* #define PPA_KEY_HASH \
|
|
* "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
|
|
*/
|
|
#define PPA_KEY_HASH NULL
|
|
#endif /* ifdef CONFIG_FSL_LS_PPA */
|
|
|
|
#endif /* #ifndef CONFIG_SPL_BUILD */
|
|
#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
|
|
#endif
|