LXR uboot/include/config_fsl_chain

   1/* SPDX-License-Identifier: GPL-2.0+ */
   2/*
   3 * Copyright 2015 Freescale Semiconductor, Inc.
   4 */
   5
   6#ifndef __CONFIG_FSL_CHAIN_TRUST_H
   7#define __CONFIG_FSL_CHAIN_TRUST_H
   8
   9#ifdef CONFIG_CHAIN_OF_TRUST
  10
  11#ifndef CONFIG_EXTRA_ENV
  12#define CONFIG_EXTRA_ENV        ""
  13#endif
  14
  15/*
  16 * Control should not reach back to uboot after validation of images
  17 * for secure boot flow and therefore bootscript should have
  18 * the bootm command. If control reaches back to uboot anyhow
  19 * after validating images, core should just spin.
  20 */
  21
  22/*
  23 * Define the key hash for boot script here if public/private key pair used to
  24 * sign bootscript are different from the SRK hash put in the fuse
  25 * Example of defining KEY_HASH is
  26 * #define CONFIG_BOOTSCRIPT_KEY_HASH \
  27 *       "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
  28 */
  29
  30#ifdef CONFIG_USE_BOOTARGS
  31#define CONFIG_SET_BOOTARGS     "setenv bootargs \'" CONFIG_BOOTARGS" \';"
  32#else
  33#define CONFIG_SET_BOOTARGS     "setenv bootargs \'root=/dev/ram "      \
  34                                "rw console=ttyS0,115200 ramdisk_size=600000\';"
  35#endif
  36
  37
  38#ifdef CONFIG_BOOTSCRIPT_KEY_HASH
  39#define CONFIG_SECBOOT \
  40        "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
  41        CONFIG_SET_BOOTARGS     \
  42        CONFIG_EXTRA_ENV        \
  43        "esbc_validate $bs_hdraddr " \
  44          __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \
  45        "source $img_addr;"     \
  46        "esbc_halt\0"
  47#else
  48#define CONFIG_SECBOOT \
  49        "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
  50        CONFIG_SET_BOOTARGS     \
  51        CONFIG_EXTRA_ENV        \
  52        "esbc_validate $bs_hdraddr;" \
  53        "source $img_addr;"     \
  54        "esbc_halt\0"
  55#endif
  56
  57#ifdef CONFIG_BOOTSCRIPT_COPY_RAM
  58#define CONFIG_BS_COPY_ENV \
  59        "setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
  60        "setenv bs_hdr_device " __stringify(CONFIG_BS_HDR_ADDR_DEVICE)";" \
  61        "setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \
  62        "setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
  63        "setenv bs_device " __stringify(CONFIG_BS_ADDR_DEVICE)";" \
  64        "setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
  65
  66/* For secure boot flow, default environment used will be used */
  67#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_NAND_BOOT) || \
  68        defined(CONFIG_SD_BOOT)
  69#if defined(CONFIG_RAMBOOT_NAND) || defined(CONFIG_NAND_BOOT)
  70#define CONFIG_BS_COPY_CMD \
  71        "nand read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
  72        "nand read $bs_ram $bs_device $bs_size ;"
  73#elif defined(CONFIG_SD_BOOT)
  74#define CONFIG_BS_COPY_CMD \
  75        "mmc read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
  76        "mmc read $bs_ram $bs_device $bs_size ;"
  77#endif
  78#else
  79#define CONFIG_BS_COPY_CMD \
  80        "cp.b $bs_hdr_device $bs_hdr_ram  $bs_hdr_size ;" \
  81        "cp.b $bs_device $bs_ram  $bs_size ;"
  82#endif
  83#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
  84
  85#ifndef CONFIG_BS_COPY_ENV
  86#define CONFIG_BS_COPY_ENV
  87#endif
  88
  89#ifndef CONFIG_BS_COPY_CMD
  90#define CONFIG_BS_COPY_CMD
  91#endif
  92
  93#define CONFIG_CHAIN_BOOT_CMD   CONFIG_BS_COPY_ENV \
  94                                CONFIG_BS_COPY_CMD \
  95                                CONFIG_SECBOOT
  96
  97#endif
  98#endif
  99