Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / d6b8920dadd0d99ba5d5d06164b8fa08a61c0858 / . / arch / arm / include / asm / fsl_secure_boot.h
blob: 1ca5f42ed61749861aeadae3af0424f5f01c5a8d [file] [log] [blame]
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]1/*
2 * Copyright 2015 Freescale Semiconductor, Inc.
3 *
4 * SPDX-License-Identifier: GPL-2.0+
5 */
6
7#ifndef __FSL_SECURE_BOOT_H
8#define __FSL_SECURE_BOOT_H
9
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]10#ifdef CONFIG_CHAIN_OF_TRUST
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]11#define CONFIG_CMD_ESBC_VALIDATE
12#define CONFIG_FSL_SEC_MON
Saksham Jainc0c38d22016-03-23 16:24:35 +0530[diff] [blame]13#define CONFIG_SHA_HW_ACCEL
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]14#define CONFIG_SHA_PROG_HW_ACCEL
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]15
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]16#define CONFIG_SPL_BOARD_INIT
Simon Glass3aa66122016-09-12 23:18:23 -0600[diff] [blame]17#ifdef CONFIG_SPL_BUILD
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]18/*
19 * Define the key hash for U-Boot here if public/private key pair used to
20 * sign U-boot are different from the SRK hash put in the fuse
21 * Example of defining KEY_HASH is
22 * #define CONFIG_SPL_UBOOT_KEY_HASH \
23 * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
24 * else leave it defined as NULL
25 */
26
27#define CONFIG_SPL_UBOOT_KEY_HASH NULL
28#endif /* ifdef CONFIG_SPL_BUILD */
29
Ruchika Guptad6b89202017-04-17 18:07:17 +0530[diff] [blame^]30#define CONFIG_KEY_REVOCATION
31
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]32#ifndef CONFIG_SPL_BUILD
33#define CONFIG_CMD_BLOB
34#define CONFIG_CMD_HASH
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]35#ifndef CONFIG_SYS_RAMBOOT
36/* The key used for verification of next level images
37 * is picked up from an Extension Table which has
38 * been verified by the ISBC (Internal Secure boot Code)
39 * in boot ROM of the SoC.
40 * The feature is only applicable in case of NOR boot and is
41 * not applicable in case of RAMBOOT (NAND, SD, SPI).
Udit Agarwal990a9972017-02-09 21:36:11 +0530[diff] [blame]42 * For LS, this feature is available for all device if IE Table
43 * is copied to XIP memory
44 * Also, for LS, ISBC doesn't verify this table.
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]45 */
46#define CONFIG_FSL_ISBC_KEY_EXT
Aneesh Bansald31bb3e2015-07-31 14:10:03 +0530[diff] [blame]47
Saksham Jain6121f082016-03-23 16:24:34 +0530[diff] [blame]48#endif
49
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]50#if defined(CONFIG_FSL_LAYERSCAPE)
51/*
52 * For fsl layerscape based platforms, ESBC image Address in Header
53 * is 64 bit.
Saksham Jainc0c38d22016-03-23 16:24:35 +0530[diff] [blame]54 */
Aneesh Bansal962021a2016-01-22 16:37:22 +0530[diff] [blame]55#define CONFIG_ESBC_ADDR_64BIT
56#endif
57
York Suncbe8e1c2016-04-04 11:41:26 -0700[diff] [blame]58#ifdef CONFIG_LS2080A
Saksham Jainf0eb2ca2016-03-23 16:24:38 +0530[diff] [blame]59#define CONFIG_EXTRA_ENV \
60 "setenv fdt_high 0xa0000000;" \
61 "setenv initrd_high 0xcfffffff;" \
62 "setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
63#else
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]64#define CONFIG_EXTRA_ENV \
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]65 "setenv fdt_high 0xffffffff;" \
66 "setenv initrd_high 0xffffffff;" \
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]67 "setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
Saksham Jainf0eb2ca2016-03-23 16:24:38 +0530[diff] [blame]68#endif
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]69
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]70/* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from
71 * Non-XIP Memory (Nand/SD)*/
Udit Agarwal6b29d232017-01-06 15:58:56 +0530[diff] [blame]72#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_FSL_LSCH3) || \
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]73 defined(CONFIG_SD_BOOT)
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]74#define CONFIG_BOOTSCRIPT_COPY_RAM
75#endif
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]76/* The address needs to be modified according to NOR, NAND, SD and
77 * DDR memory map
78 */
Udit Agarwal6b29d232017-01-06 15:58:56 +0530[diff] [blame]79#ifdef CONFIG_FSL_LSCH3
80#define CONFIG_BS_HDR_ADDR_DEVICE 0x580d00000
81#define CONFIG_BS_ADDR_DEVICE 0x580e00000
82#define CONFIG_BS_HDR_ADDR_RAM 0xa0d00000
83#define CONFIG_BS_ADDR_RAM 0xa0e00000
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]84#define CONFIG_BS_HDR_SIZE 0x00002000
85#define CONFIG_BS_SIZE 0x00001000
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]86#else
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]87#ifdef CONFIG_SD_BOOT
88/* For SD boot address and size are assigned in terms of sector
89 * offset and no. of sectors respectively.
90 */
Ruchika Guptad6b89202017-04-17 18:07:17 +0530[diff] [blame^]91#if defined(CONFIG_LS1043A)
92#define CONFIG_BS_HDR_ADDR_DEVICE 0x00000920
93#else
94#define CONFIG_BS_HDR_ADDR_DEVICE 0x00000900
95#endif
Vinitha Pillai31b11c62017-02-01 18:28:53 +0530[diff] [blame]96#define CONFIG_BS_ADDR_DEVICE 0x00000940
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]97#define CONFIG_BS_HDR_SIZE 0x00000010
98#define CONFIG_BS_SIZE 0x00000008
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]99#elif defined(CONFIG_QSPI_BOOT)
100#ifdef CONFIG_ARCH_LS1046A
101#define CONFIG_BS_HDR_ADDR_DEVICE 0x40780000
102#define CONFIG_BS_ADDR_DEVICE 0x40800000
Vinitha Pillai-B572236cb92e72017-03-23 13:48:19 +0530[diff] [blame]103#elif defined(CONFIG_ARCH_LS1012A)
104#define CONFIG_BS_HDR_ADDR_DEVICE 0x400c0000
105#define CONFIG_BS_ADDR_DEVICE 0x40060000
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]106#else
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]107#error "Platform not supported"
108#endif
109#define CONFIG_BS_HDR_SIZE 0x00002000
110#define CONFIG_BS_SIZE 0x00001000
111#else /* Default NOR Boot */
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]112#define CONFIG_BS_HDR_ADDR_DEVICE 0x600a0000
113#define CONFIG_BS_ADDR_DEVICE 0x60060000
114#define CONFIG_BS_HDR_SIZE 0x00002000
115#define CONFIG_BS_SIZE 0x00001000
Vinitha Pillai-B572238a3c6452017-03-23 13:48:16 +0530[diff] [blame]116#endif
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]117#define CONFIG_BS_HDR_ADDR_RAM 0x81000000
118#define CONFIG_BS_ADDR_RAM 0x81020000
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]119#endif
120
121#ifdef CONFIG_BOOTSCRIPT_COPY_RAM
122#define CONFIG_BOOTSCRIPT_HDR_ADDR CONFIG_BS_HDR_ADDR_RAM
Saksham Jain503eab92016-03-23 16:24:37 +0530[diff] [blame]123#define CONFIG_BOOTSCRIPT_ADDR CONFIG_BS_ADDR_RAM
Saksham Jain506c2eb2016-03-23 16:24:36 +0530[diff] [blame]124#else
Sumit Garg45642832016-06-14 13:52:39 -0400[diff] [blame]125#define CONFIG_BOOTSCRIPT_HDR_ADDR CONFIG_BS_HDR_ADDR_DEVICE
126/* BOOTSCRIPT_ADDR is not required */
Saksham Jain506c2eb2016-03-23 16:24:36 +0530[diff] [blame]127#endif
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]128
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]129#ifdef CONFIG_FSL_LS_PPA
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]130/* Define the key hash here if SRK used for signing PPA image is
131 * different from SRK hash put in SFP used for U-Boot.
132 * Example
Vinitha Pillai-B57223a4b3ded2017-03-23 13:48:14 +0530[diff] [blame]133 * #define PPA_KEY_HASH \
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]134 * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
135 */
Vinitha Pillai-B57223a4b3ded2017-03-23 13:48:14 +0530[diff] [blame]136#define PPA_KEY_HASH NULL
Sumit Garge0f9e9b2016-09-01 12:56:44 -0400[diff] [blame]137#endif /* ifdef CONFIG_FSL_LS_PPA */
138
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]139#include <config_fsl_chain_trust.h>
Sumit Gargbdddd6e2016-06-14 13:52:38 -0400[diff] [blame]140#endif /* #ifndef CONFIG_SPL_BUILD */
Aneesh Bansal43104702016-01-22 16:37:24 +0530[diff] [blame]141#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
gaurav ranaf79323c2015-03-10 14:08:50 +0530[diff] [blame]142#endif