Home Verkennen Help
Inloggen
8516
/
Test
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Aftakking: master
Aftakkingen Labels
Test
/
board-support
/
u-boot-2017.01+gitAUTOINC+340fb36f04-g340fb36f04
/
include
/
config_fsl_chain_trust.h

config_fsl_chain_trust.h 3.1 KB
Permalink Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114 
  1. /*
    2. 

  2.  * Copyright 2015 Freescale Semiconductor, Inc.
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier:	GPL-2.0+
    5. 

  5.  */
    6. 

  6. 

  7. #ifndef __CONFIG_FSL_CHAIN_TRUST_H
    8. 

  8. #define __CONFIG_FSL_CHAIN_TRUST_H
    9. 

  9. 

  10. /* For secure boot, since ENVIRONMENT in flash/external memories is
    11. 

  11.  * not verified, undef CONFIG_ENV_xxx and set default env
    12. 

  12.  * (CONFIG_ENV_IS_NOWHERE)
    13. 

  13.  */
    14. 

  14. #ifdef CONFIG_SECURE_BOOT
    15. 

  15. 

  16. #undef CONFIG_ENV_IS_IN_EEPROM
    17. 

  17. #undef CONFIG_ENV_IS_IN_NAND
    18. 

  18. #undef CONFIG_ENV_IS_IN_MMC
    19. 

  19. #undef CONFIG_ENV_IS_IN_SPI_FLASH
    20. 

  20. #undef CONFIG_ENV_IS_IN_FLASH
    21. 

  21. 

  22. #define CONFIG_ENV_IS_NOWHERE
    23. 

  23. 

  24. #endif
    25. 

  25. 

  26. #ifdef CONFIG_CHAIN_OF_TRUST
    27. 

  27. 

  28. #ifndef CONFIG_EXTRA_ENV
    29. 

  29. #define CONFIG_EXTRA_ENV	""
    30. 

  30. #endif
    31. 

  31. 

  32. /*
    33. 

  33.  * Control should not reach back to uboot after validation of images
    34. 

  34.  * for secure boot flow and therefore bootscript should have
    35. 

  35.  * the bootm command. If control reaches back to uboot anyhow
    36. 

  36.  * after validating images, core should just spin.
    37. 

  37.  */
    38. 

  38. 

  39. /*
    40. 

  40.  * Define the key hash for boot script here if public/private key pair used to
    41. 

  41.  * sign bootscript are different from the SRK hash put in the fuse
    42. 

  42.  * Example of defining KEY_HASH is
    43. 

  43.  * #define CONFIG_BOOTSCRIPT_KEY_HASH \
    44. 

  44.  *	 "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
    45. 

  45.  */
    46. 

  46. 

  47. #ifdef CONFIG_BOOTARGS
    48. 

  48. #define CONFIG_SET_BOOTARGS	"setenv bootargs \'" CONFIG_BOOTARGS" \';"
    49. 

  49. #else
    50. 

  50. #define CONFIG_SET_BOOTARGS	"setenv bootargs \'root=/dev/ram "	\
    51. 

  51. 				"rw console=ttyS0,115200 ramdisk_size=600000\';"
    52. 

  52. #endif
    53. 

  53. 

  54. 

  55. #ifdef CONFIG_BOOTSCRIPT_KEY_HASH
    56. 

  56. #define CONFIG_SECBOOT \
    57. 

  57. 	"setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
    58. 

  58. 	CONFIG_SET_BOOTARGS	\
    59. 

  59. 	CONFIG_EXTRA_ENV	\
    60. 

  60. 	"esbc_validate $bs_hdraddr " \
    61. 

  61. 	  __stringify(CONFIG_BOOTSCRIPT_KEY_HASH)";" \
    62. 

  62. 	"source $img_addr;"	\
    63. 

  63. 	"esbc_halt\0"
    64. 

  64. #else
    65. 

  65. #define CONFIG_SECBOOT \
    66. 

  66. 	"setenv bs_hdraddr " __stringify(CONFIG_BOOTSCRIPT_HDR_ADDR)";" \
    67. 

  67. 	CONFIG_SET_BOOTARGS	\
    68. 

  68. 	CONFIG_EXTRA_ENV	\
    69. 

  69. 	"esbc_validate $bs_hdraddr;" \
    70. 

  70. 	"source $img_addr;"	\
    71. 

  71. 	"esbc_halt\0"
    72. 

  72. #endif
    73. 

  73. 

  74. #ifdef CONFIG_BOOTSCRIPT_COPY_RAM
    75. 

  75. #define CONFIG_BS_COPY_ENV \
    76. 

  76. 	"setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
    77. 

  77. 	"setenv bs_hdr_device " __stringify(CONFIG_BS_HDR_ADDR_DEVICE)";" \
    78. 

  78. 	"setenv bs_hdr_size " __stringify(CONFIG_BS_HDR_SIZE)";" \
    79. 

  79. 	"setenv bs_ram " __stringify(CONFIG_BS_ADDR_RAM)";" \
    80. 

  80. 	"setenv bs_device " __stringify(CONFIG_BS_ADDR_DEVICE)";" \
    81. 

  81. 	"setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
    82. 

  82. 

  83. /* For secure boot flow, default environment used will be used */
    84. 

  84. #if defined(CONFIG_SYS_RAMBOOT)
    85. 

  85. #if defined(CONFIG_RAMBOOT_NAND)
    86. 

  86. #define CONFIG_BS_COPY_CMD \
    87. 

  87. 	"nand read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
    88. 

  88. 	"nand read $bs_ram $bs_device $bs_size ;"
    89. 

  89. #endif /* CONFIG_RAMBOOT_NAND */
    90. 

  90. #elif defined(CONFIG_SD_BOOT)
    91. 

  91. #define CONFIG_BS_COPY_CMD \
    92. 

  92. 	"mmc read $bs_hdr_ram $bs_hdr_device $bs_hdr_size ;" \
    93. 

  93. 	"mmc read $bs_ram $bs_device $bs_size ;"
    94. 

  94. #else /* CONFIG_SD_BOOT */
    95. 

  95. #define CONFIG_BS_COPY_CMD \
    96. 

  96. 	"cp.b $bs_hdr_device $bs_hdr_ram  $bs_hdr_size ;" \
    97. 

  97. 	"cp.b $bs_device $bs_ram  $bs_size ;"
    98. 

  98. #endif
    99. 

  99. #endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
    100. 

  100. 

  101. #ifndef CONFIG_BS_COPY_ENV
    102. 

  102. #define CONFIG_BS_COPY_ENV
    103. 

  103. #endif
    104. 

  104. 

  105. #ifndef CONFIG_BS_COPY_CMD
    106. 

  106. #define CONFIG_BS_COPY_CMD
    107. 

  107. #endif
    108. 

  108. 

  109. #define CONFIG_CHAIN_BOOT_CMD	CONFIG_BS_COPY_ENV \
    110. 

  110. 				CONFIG_BS_COPY_CMD \
    111. 

  111. 				CONFIG_SECBOOT
    112. 

  112. 

  113. #endif
    114. 

  114. #endif
    115.