Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • next
  • WIP/19Aug2019
  • u-boot-2016.09.y
  • u-boot-2013.01.y
  • u-boot-2009.11.y
  • origin
  • v2020.04-rc3
  • v2020.04-rc2
  • v2020.04-rc1
  • v2020.01
  • v2020.01-rc5
  • v2020.01-rc4
  • v2020.01-rc3
  • v2020.01-rc2
  • v2020.01-rc1
  • v2019.10
  • v2019.10-rc4
  • v2019.10-rc3
  • v2019.10-rc2
  • v2019.10-rc1
  • v2019.07
  • v2019.07-rc4
  • v2019.07-rc3
  • v2019.07-rc2
  • v2019.07-rc1
  • v2019.04
27 results
Blame Permalink
  • gaurav rana's avatar
    98cb0efd
    Add bootscript support to esbc_validate. · 98cb0efd
    gaurav rana authored 
    
1. Default environment will be used for secure boot flow
 which can't be edited or saved.
2. Command for secure boot is predefined in the default
 environment which will run on autoboot (and autoboot is
 the only option allowed in case of secure boot) and it
 looks like this:
 #define CONFIG_SECBOOT \
 "setenv bs_hdraddr 0xe8e00000;"                 \
 "esbc_validate $bs_hdraddr;"                    \
 "source $img_addr;"                             \
 "esbc_halt;"
 #endif
3. Boot Script can contain esbc_validate commands and bootm command.
 Uboot source command used in default secure boot command will
 run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
 after validation of images or core should just spin.

Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: default avatarGaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
    98cb0efd
    History
    Add bootscript support to esbc_validate.
    gaurav rana authored 
    
1. Default environment will be used for secure boot flow
 which can't be edited or saved.
2. Command for secure boot is predefined in the default
 environment which will run on autoboot (and autoboot is
 the only option allowed in case of secure boot) and it
 looks like this:
 #define CONFIG_SECBOOT \
 "setenv bs_hdraddr 0xe8e00000;"                 \
 "esbc_validate $bs_hdraddr;"                    \
 "source $img_addr;"                             \
 "esbc_halt;"
 #endif
3. Boot Script can contain esbc_validate commands and bootm command.
 Uboot source command used in default secure boot command will
 run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
 after validation of images or core should just spin.

Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: default avatarGaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
fsl_secure_boot.h 538 B 
/*
 * Copyright 2015 Freescale Semiconductor, Inc.
 *
 * SPDX-License-Identifier:	GPL-2.0+
 */

#ifndef __FSL_SECURE_BOOT_H
#define __FSL_SECURE_BOOT_H

#ifdef CONFIG_SECURE_BOOT
#ifndef CONFIG_FIT_SIGNATURE

#define CONFIG_EXTRA_ENV \
	"setenv fdt_high 0xcfffffff;"	\
	"setenv initrd_high 0xcfffffff;"	\
	"setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"

/* The address needs to be modified according to NOR memory map */
#define CONFIG_BOOTSCRIPT_HDR_ADDR	0x600a0000

#include <config_fsl_secboot.h>
#endif
#endif

#endif