Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / cb167e81c327345e05ae5d9ced956ccd9f384575 / . / arch / arm / include / asm / fsl_secure_boot.h
blob: b0c7599e412b3b894716dcd6e5e426a224baeac5 [file] [log] [blame]
Tom Rini10e47792018-05-06 17:58:06 -0400[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0+ */
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]2/*
3 * Copyright 2015 Freescale Semiconductor, Inc.
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]4 * Copyright 2017 NXP
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]5 */
6
7#ifndef __FSL_SECURE_BOOT_H
8#define __FSL_SECURE_BOOT_H
9
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]10#ifdef CONFIG_CHAIN_OF_TRUST
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]11#define CONFIG_FSL_SEC_MON
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]12
Simon Glass3aa66122016-09-12 23:18:23 -0600[diff] [blame]13#ifdef CONFIG_SPL_BUILD
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]14/*
15 * Define the key hash for U-Boot here if public/private key pair used to
16 * sign U-boot are different from the SRK hash put in the fuse
17 * Example of defining KEY_HASH is
18 * #define CONFIG_SPL_UBOOT_KEY_HASH \
19 * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
20 * else leave it defined as NULL
21 */
22
23#define CONFIG_SPL_UBOOT_KEY_HASH NULL
24#endif /* ifdef CONFIG_SPL_BUILD */
25
Ruchika Guptad6b89202017-04-17 18:07:17 +0530[diff] [blame]26#define CONFIG_KEY_REVOCATION
27
Sumit Garg19ef0352018-01-06 09:04:25 +0530[diff] [blame]28#if defined(CONFIG_FSL_LAYERSCAPE)
29/*
30 * For fsl layerscape based platforms, ESBC image Address in Header
31 * is 64 bit.
32 */
33#define CONFIG_ESBC_ADDR_64BIT
34#endif
35
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]36#ifndef CONFIG_SPL_BUILD
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]37#ifndef CONFIG_SYS_RAMBOOT
38/* The key used for verification of next level images
39 * is picked up from an Extension Table which has
40 * been verified by the ISBC (Internal Secure boot Code)
41 * in boot ROM of the SoC.
42 * The feature is only applicable in case of NOR boot and is
43 * not applicable in case of RAMBOOT (NAND, SD, SPI).
Udit Agarwal990a9972017-02-09 21:36:11 +0530[diff] [blame]44 * For LS, this feature is available for all device if IE Table
45 * is copied to XIP memory
46 * Also, for LS, ISBC doesn't verify this table.
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]47 */
48#define CONFIG_FSL_ISBC_KEY_EXT
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]49
Saksham Jain6121f082016-03-23 16:24:34 +0530[diff] [blame]50#endif
51
York Sun4ce6fbf2017-03-27 11:41:01 -0700[diff] [blame]52#ifdef CONFIG_ARCH_LS2080A
Saksham Jainf0eb2ca2016-03-23 16:24:38 +0530[diff] [blame]53#define CONFIG_EXTRA_ENV \
54 "setenv fdt_high 0xa0000000;" \
55 "setenv initrd_high 0xcfffffff;" \
56 "setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
57#else
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]58#define CONFIG_EXTRA_ENV \
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]59 "setenv fdt_high 0xffffffff;" \
60 "setenv initrd_high 0xffffffff;" \
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]61 "setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
Saksham Jainf0eb2ca2016-03-23 16:24:38 +0530[diff] [blame]62#endif
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]63
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]64/* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from
65 * Non-XIP Memory (Nand/SD)*/
Udit Agarwal6b29d232017-01-06 15:58:56 +0530[diff] [blame]66#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \
Ruchika Guptaba688752017-04-17 18:07:18 +0530[diff] [blame]67 defined(CONFIG_SD_BOOT) || defined(CONFIG_NAND_BOOT)
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]68#define CONFIG_BOOTSCRIPT_COPY_RAM
69#endif
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]70/* The address needs to be modified according to NOR, NAND, SD and
71 * DDR memory map
72 */
Udit Agarwal6b29d232017-01-06 15:58:56 +0530[diff] [blame]73#ifdef CONFIG_FSL_LSCH3
Udit Agarwalc83ea8a2017-08-16 07:13:29 -0400[diff] [blame]74#ifdef CONFIG_QSPI_BOOT
75#define CONFIG_BS_ADDR_DEVICE 0x20600000
76#define CONFIG_BS_HDR_ADDR_DEVICE 0x20640000
77#else /* NOR BOOT */
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]78#define CONFIG_BS_ADDR_DEVICE 0x580600000
79#define CONFIG_BS_HDR_ADDR_DEVICE 0x580640000
Udit Agarwalc83ea8a2017-08-16 07:13:29 -0400[diff] [blame]80#endif /*ifdef CONFIG_QSPI_BOOT */
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]81#define CONFIG_BS_SIZE 0x00001000
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]82#define CONFIG_BS_HDR_SIZE 0x00004000
83#define CONFIG_BS_ADDR_RAM 0xa0600000
84#define CONFIG_BS_HDR_ADDR_RAM 0xa0640000
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]85#else
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]86#ifdef CONFIG_SD_BOOT
87/* For SD boot address and size are assigned in terms of sector
88 * offset and no. of sectors respectively.
89 */
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]90#define CONFIG_BS_ADDR_DEVICE 0x00003000
91#define CONFIG_BS_HDR_ADDR_DEVICE 0x00003200
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]92#define CONFIG_BS_SIZE 0x00000008
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]93#define CONFIG_BS_HDR_SIZE 0x00000010
Ruchika Guptaba688752017-04-17 18:07:18 +0530[diff] [blame]94#elif defined(CONFIG_NAND_BOOT)
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]95#define CONFIG_BS_ADDR_DEVICE 0x00600000
96#define CONFIG_BS_HDR_ADDR_DEVICE 0x00640000
97#define CONFIG_BS_SIZE 0x00001000
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]98#define CONFIG_BS_HDR_SIZE 0x00002000
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]99#elif defined(CONFIG_QSPI_BOOT)
100#define CONFIG_BS_ADDR_DEVICE 0x40600000
101#define CONFIG_BS_HDR_ADDR_DEVICE 0x40640000
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]102#define CONFIG_BS_SIZE 0x00001000
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]103#define CONFIG_BS_HDR_SIZE 0x00002000
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]104#else /* Default NOR Boot */
105#define CONFIG_BS_ADDR_DEVICE 0x60600000
106#define CONFIG_BS_HDR_ADDR_DEVICE 0x60640000
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]107#define CONFIG_BS_SIZE 0x00001000
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]108#define CONFIG_BS_HDR_SIZE 0x00002000
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]109#endif
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]110#define CONFIG_BS_ADDR_RAM 0x81000000
111#define CONFIG_BS_HDR_ADDR_RAM 0x81020000
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]112#endif
113
114#ifdef CONFIG_BOOTSCRIPT_COPY_RAM
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]115#define CONFIG_BOOTSCRIPT_ADDR CONFIG_BS_ADDR_RAM
Sumit Garg666bbd02017-08-16 07:13:28 -0400[diff] [blame]116#define CONFIG_BOOTSCRIPT_HDR_ADDR CONFIG_BS_HDR_ADDR_RAM
Saksham Jain506c2eb2016-03-23 16:24:36 +0530[diff] [blame]117#else
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]118#define CONFIG_BOOTSCRIPT_HDR_ADDR CONFIG_BS_HDR_ADDR_DEVICE
119/* BOOTSCRIPT_ADDR is not required */
Saksham Jain506c2eb2016-03-23 16:24:36 +0530[diff] [blame]120#endif
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]121
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]122#ifdef CONFIG_FSL_LS_PPA
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]123/* Define the key hash here if SRK used for signing PPA image is
124 * different from SRK hash put in SFP used for U-Boot.
125 * Example
Vinitha Pillai-B57223a4b3ded2017-03-23 13:48:14 +0530[diff] [blame]126 * #define PPA_KEY_HASH \
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]127 * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
128 */
Vinitha Pillai-B57223a4b3ded2017-03-23 13:48:14 +0530[diff] [blame]129#define PPA_KEY_HASH NULL
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]130#endif /* ifdef CONFIG_FSL_LS_PPA */
131
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]132#include <config_fsl_chain_trust.h>
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]133#endif /* #ifndef CONFIG_SPL_BUILD */
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]134#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]135#endif