diff options
| author | Ye.Li <B37916@freescale.com> | 2015-02-01 23:10:30 +0800 |
|---|---|---|
| committer | Peng Fan <Peng.Fan@freescale.com> | 2015-04-29 14:56:22 +0800 |
| commit | b2e49750bb385dbd248ffb6a0d4e80f6e4a6edb5 (patch) | |
| tree | de377b4335c4e73ea71054de66dc605e59c6ad28 /arch/arm/include | |
| parent | 544b7fcbfb785bc8c6273611e11b7269cfa9d54c (diff) | |
| download | u-boot-imx-b2e49750bb385dbd248ffb6a0d4e80f6e4a6edb5.zip u-boot-imx-b2e49750bb385dbd248ffb6a0d4e80f6e4a6edb5.tar.gz u-boot-imx-b2e49750bb385dbd248ffb6a0d4e80f6e4a6edb5.tar.bz2 | |
MLK-10176-8 imx: mx7: add HAB security support
Add HAB files for secure boot and image athentication.
Signed-off-by: Ye.Li <B37916@freescale.com>
(cherry picked from commit 2447bbcdd4ffcbdbd4ebed1b25e67ea753332d9d)
Signed-off-by: Peng Fan <Peng.Fan@freescale.com>
Diffstat (limited to 'arch/arm/include')
| -rw-r--r-- | arch/arm/include/asm/arch-mx7/hab.h | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/arch/arm/include/asm/arch-mx7/hab.h b/arch/arm/include/asm/arch-mx7/hab.h new file mode 100644 index 0000000..97a2fec --- /dev/null +++ b/arch/arm/include/asm/arch-mx7/hab.h @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2015 Freescale Semiconductor, Inc. All Rights Reserved. + * + * SPDX-License-Identifier: GPL-2.0+ + * +*/ + +#ifndef __SECURE_MX7_H__ +#define __SECURE_MX7_H__ + +#include <linux/types.h> + +/* -------- start of HAB API updates ------------*/ +/* The following are taken from HAB4 SIS */ + +/* Status definitions */ +enum hab_status { + HAB_STS_ANY = 0x00, + HAB_FAILURE = 0x33, + HAB_WARNING = 0x69, + HAB_SUCCESS = 0xf0 +}; + +/* Security Configuration definitions */ +enum hab_config { + HAB_CFG_RETURN = 0x33, /**< Field Return IC */ + HAB_CFG_OPEN = 0xf0, /**< Non-secure IC */ + HAB_CFG_CLOSED = 0xcc /**< Secure IC */ +}; + +/* State definitions */ +enum hab_state { + HAB_STATE_INITIAL = 0x33, /**< Initialising state (transitory) */ + HAB_STATE_CHECK = 0x55, /**< Check state (non-secure) */ + HAB_STATE_NONSECURE = 0x66, /**< Non-secure state */ + HAB_STATE_TRUSTED = 0x99, /**< Trusted state */ + HAB_STATE_SECURE = 0xaa, /**< Secure state */ + HAB_STATE_FAIL_SOFT = 0xcc, /**< Soft fail state */ + HAB_STATE_FAIL_HARD = 0xff, /**< Hard fail state (terminal) */ + HAB_STATE_NONE = 0xf0, /**< No security state machine */ + HAB_STATE_MAX +}; + +/*Function prototype description*/ +typedef enum hab_status hab_rvt_report_event_t(enum hab_status, uint32_t, + uint8_t* , size_t*); +typedef enum hab_status hab_rvt_report_status_t(enum hab_config *, + enum hab_state *); +typedef enum hab_status hab_loader_callback_f_t(void**, size_t*, const void*); +typedef enum hab_status hab_rvt_entry_t(void); +typedef enum hab_status hab_rvt_exit_t(void); +typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, + void **, size_t *, hab_loader_callback_f_t); +typedef void hapi_clock_init_t(void); + +#define HAB_RVT_UNIFIED_BASE 0x00000100 +#define HAB_RVT_ENTRY (*(uint32_t *) (HAB_RVT_UNIFIED_BASE + 0x04)) +#define HAB_RVT_EXIT (*(uint32_t *) (HAB_RVT_UNIFIED_BASE + 0x08)) +#define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *) (HAB_RVT_UNIFIED_BASE + 0x10)) +#define HAB_RVT_REPORT_EVENT (*(uint32_t *) (HAB_RVT_UNIFIED_BASE + 0x20)) +#define HAB_RVT_REPORT_STATUS (*(uint32_t *) (HAB_RVT_UNIFIED_BASE + 0x24)) + +#define HAB_RVT_REPORT_EVENT_NEW (*(uint32_t *) 0x000000B8) +#define HAB_RVT_REPORT_STATUS_NEW (*(uint32_t *) 0x000000BC) +#define HAB_RVT_AUTHENTICATE_IMAGE_NEW (*(uint32_t *) 0x000000A8) +#define HAB_RVT_ENTRY_NEW (*(uint32_t *) 0x0000009C) +#define HAB_RVT_EXIT_NEW (*(uint32_t *) 0x000000A0) + +#define HAB_RVT_CLOCK_INIT ((hapi_clock_init_t *)0x0000024D) + +#define HAB_CID_ROM 0 /**< ROM Caller ID */ +#define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ +/* ----------- end of HAB API updates ------------*/ + +#endif |