mirror of
https://github.com/AsahiLinux/u-boot
synced 2025-01-25 11:25:17 +00:00
fa5bde3760
CONFIG_SYS_BOOT_LOCKED means that a restricted boot environment will be used. In this case, hab_auth_img_or_fail should be called to prevent U-Boot to continue running when the fitImage authentication fails. Fix the logic accordingly. Additionally, select CONFIG_SYS_BOOT_LOCKED by default. Signed-off-by: Eduard Strehlau <eduard@lionizers.com> Signed-off-by: Fabio Estevam <festevam@denx.de>
98 lines
2.4 KiB
Bash
98 lines
2.4 KiB
Bash
// SPDX-License-Identifier: GPL-2.0+
|
|
#ifdef CONFIG_SYS_BOOT_LOCKED
|
|
#define SETUP_BOOT_MENU setup_boot_menu=setenv bootmenu_0 eMMC=run bootcmd
|
|
#else
|
|
#define SETUP_BOOT_MENU setup_boot_menu= \
|
|
if test "${mmcdev}" = 1; then \
|
|
setenv emmc_priority 0; \
|
|
setenv sd_priority 1; \
|
|
else setenv emmc_priority 1; \
|
|
setenv sd_priority 0; \
|
|
fi; \
|
|
setenv bootmenu_${emmc_priority} eMMC=run boot_emmc; \
|
|
setenv bootmenu_${sd_priority} SD=run boot_sd;
|
|
#endif
|
|
|
|
altbootcmd=
|
|
echo Performing rollback...;
|
|
if test "${mmcpart_committed}" = 1; then
|
|
setenv mmcpart 2;
|
|
setenv mmcpart_committed 2;
|
|
else
|
|
setenv mmcpart 1;
|
|
setenv mmcpart_committed 1;
|
|
fi;
|
|
setenv bootcount 0;
|
|
setenv upgrade_available;
|
|
setenv ustate 3;
|
|
saveenv;
|
|
run bootcmd;
|
|
boot_emmc=setenv mmcdev_wanted 1; run persist_mmcdev; run bootcmd;
|
|
boot_sd=setenv mmcdev_wanted 0; run persist_mmcdev; run bootcmd;
|
|
bootcmd=
|
|
if test "${bootcount}" -gt "${bootlimit}"; then
|
|
run altbootcmd;
|
|
else
|
|
if test "${ustate}" = 1; then
|
|
setenv upgrade_available 1;
|
|
saveenv;
|
|
fi;
|
|
run mmcboot;
|
|
fi;
|
|
bootdelay=2
|
|
bootlimit=3
|
|
bootm_size=0x10000000
|
|
commit_mmc=
|
|
if test "${ustate}" = 1 -a "${mmcpart}" != "${mmcpart_committed}"; then
|
|
setenv mmcpart_committed ${mmcpart};
|
|
saveenv;
|
|
fi;
|
|
console=ttymxc0
|
|
loadbootpart=mmc partconf 1 boot_part
|
|
loadimage=load mmc ${mmcdev}:${gpt_partition_entry}
|
|
loadpart=gpt setenv mmc ${mmcdev} rootfs-${mmcpart_committed}
|
|
mmcargs=
|
|
setenv bootargs console=${console},${baudrate} root=/dev/mmcblk${mmcdev}p${gpt_partition_entry} rootwait rw SM_ROOT_DEV=${mmcdev} SM_ROOT_PART=${gpt_partition_entry} SM_BOOT_PART=${boot_part}
|
|
mmcboot=
|
|
echo Booting...;
|
|
echo mmcdev: ${mmcdev};
|
|
run commit_mmc;
|
|
echo mmcpart: ${mmcpart_committed};
|
|
run loadpart;
|
|
echo gptpart: ${gpt_partition_entry};
|
|
run loadbootpart;
|
|
if run loadimage; then
|
|
;
|
|
else
|
|
run altbootcmd;
|
|
fi;
|
|
#ifdef CONFIG_SYS_BOOT_LOCKED
|
|
hab_auth_img_or_fail ${fileaddr} ${filesize};
|
|
#else
|
|
hab_auth_img ${fileaddr} ${filesize};
|
|
#endif
|
|
run mmcargs;
|
|
if bootm; then
|
|
;
|
|
else
|
|
run altbootcmd;
|
|
fi;
|
|
mmcdev=1
|
|
mmcpart=1
|
|
mmcpart_committed=1
|
|
persist_mmcdev=
|
|
if test "${mmcdev}" != "${mmcdev_wanted}"; then
|
|
setenv mmcdev "${mmcdev_wanted}";
|
|
saveenv;
|
|
fi;
|
|
setup_boot_menu=
|
|
if test "${mmcdev}" = 1; then
|
|
setenv emmc_priority 0;
|
|
setenv sd_priority 1;
|
|
else
|
|
setenv emmc_priority 1;
|
|
setenv sd_priority 0;
|
|
fi;
|
|
setenv bootmenu_${emmc_priority} eMMC=run boot_emmc;
|
|
setenv bootmenu_${sd_priority} SD=run boot_sd;
|
|
SETUP_BOOT_MENU
|