uboot/include/config_fsl_chain_trust.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0+ */
   2/*
   3 * Copyright 2015 Freescale Semiconductor, Inc.
   4 */
   5
   6#ifndef __CONFIG_FSL_CHAIN_TRUST_H
   7#define __CONFIG_FSL_CHAIN_TRUST_H
   8
   9#include <linux/stringify.h>
  10
  11#ifdef CONFIG_CHAIN_OF_TRUST
  12
  13#ifndef CONFIG_EXTRA_ENV
  14#define CONFIG_EXTRA_ENV        ""
  15#endif
  16
  17/*
  18 * Control should not reach back to uboot after validation of images
  19 * for secure boot flow and therefore bootscript should have
  20 * the bootm command. If control reaches back to uboot anyhow
  21 * after validating images, core should just spin.
  22 */
  23
  24/*
  25 * Define the key hash for boot script here if public/private key pair used to
  26 * sign bootscript are different from the SRK hash put in the fuse
  27 * Example of defining KEY_HASH is
  28 * #define CONFIG_BOOTSCRIPT_KEY_HASH \
  29 *       "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
  30 */
  31
  32#ifdef CONFIG_USE_BOOTARGS
  33#define CONFIG_SET_BOOTARGS     "setenv bootargs \'" CONFIG_BOOTARGS" \';"
  34#else
  35#define CONFIG_SET_BOOTARGS     "setenv bootargs \'root=/dev/ram "      \
  36                                "rw console=ttyS0,115200 ramdisk_size=600000\';"
  37#endif
  38
  39
  40#ifdef CONFIG_BOOTSCRIPT_KEY_HASH
  41#define CONFIG_SECBOOT \
  42        "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
  43        CONFIG_SET_BOOTARGS     \
  44        CONFIG_EXTRA_ENV        \
  45        "esbc_validate $bs_hdraddr " \
  46          __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \
  47        "source $img_addr;"     \
  48        "esbc_halt\0"
  49#else
  50#define CONFIG_SECBOOT \
  51        "setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
  52        CONFIG_SET_BOOTARGS     \
  53        CONFIG_EXTRA_ENV        \
  54        "esbc_validate $bs_hdraddr;" \
  55        "source $img_addr;"     \
  56        "esbc_halt\0"
  57#endif
  58
  59#ifdef CONFIG_BOOTSCRIPT_COPY_RAM
  60#define CONFIG_BS_COPY_ENV \
  61        "setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
  62        "setenv bs_hdr_device " __stringify(CONFIG_BS_HDR_ADDR_DEVICE)";" \
  63        "setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \
  64        "setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
  65        "setenv bs_device " __stringify(CONFIG_BS_ADDR_DEVICE)";" \
  66        "setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
  67
  68/* For secure boot flow, default environment used will be used */
  69#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_NAND_BOOT) || \
  70        defined(CONFIG_SD_BOOT)
  71#if defined(CONFIG_RAMBOOT_NAND) || defined(CONFIG_NAND_BOOT)
  72#define CONFIG_BS_COPY_CMD \
  73        "nand read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
  74        "nand read $bs_ram $bs_device $bs_size ;"
  75#elif defined(CONFIG_SD_BOOT)
  76#define CONFIG_BS_COPY_CMD \
  77        "mmc read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
  78        "mmc read $bs_ram $bs_device $bs_size ;"
  79#endif
  80#else
  81#define CONFIG_BS_COPY_CMD \
  82        "cp.b $bs_hdr_device $bs_hdr_ram  $bs_hdr_size ;" \
  83        "cp.b $bs_device $bs_ram  $bs_size ;"
  84#endif
  85#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
  86
  87#ifndef CONFIG_BS_COPY_ENV
  88#define CONFIG_BS_COPY_ENV
  89#endif
  90
  91#ifndef CONFIG_BS_COPY_CMD
  92#define CONFIG_BS_COPY_CMD
  93#endif
  94
  95#define CONFIG_CHAIN_BOOT_CMD   CONFIG_BS_COPY_ENV \
  96                                CONFIG_BS_COPY_CMD \
  97                                CONFIG_SECBOOT
  98
  99#endif
 100#endif
 101
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.