diff options
author | Eric Sun <jian.sun@freescale.com> | 2012-07-13 15:27:10 +0800 |
---|---|---|
committer | Eric Sun <jian.sun@freescale.com> | 2012-07-13 15:45:12 +0800 |
commit | db5d1e6606540706e91dec47c78b468c7d94a339 (patch) | |
tree | 1119747233ecb05416adf517bce26c64051b150d /board | |
parent | 86a3cb55b2685aa6cd47adfb1753225e333572e6 (diff) | |
download | u-boot-imx-db5d1e6606540706e91dec47c78b468c7d94a339.zip u-boot-imx-db5d1e6606540706e91dec47c78b468c7d94a339.tar.gz u-boot-imx-db5d1e6606540706e91dec47c78b468c7d94a339.tar.bz2 |
ENGR00217114-1 MX6 U-Boot, Secure Boot, one code base for MX6Q/DL/SL
Move the secure boot related implementation code from mx6q_arm2.c to
mx6/generic.c. In this way the HAB feature can be shared by all MX6
platforms
Signed-off-by: Eric Sun <jian.sun@freescale.com>
Diffstat (limited to 'board')
-rw-r--r-- | board/freescale/mx6q_arm2/flash_header.S | 2 | ||||
-rw-r--r-- | board/freescale/mx6q_arm2/mx6q_arm2.c | 170 | ||||
-rw-r--r-- | board/freescale/mx6sl_arm2/flash_header.S | 8 | ||||
-rw-r--r-- | board/freescale/mx6sl_arm2/mx6sl_arm2.c | 9 | ||||
-rw-r--r-- | board/freescale/mx6sl_arm2/u-boot.lds | 7 |
5 files changed, 25 insertions, 171 deletions
diff --git a/board/freescale/mx6q_arm2/flash_header.S b/board/freescale/mx6q_arm2/flash_header.S index b2e4167..ee67d52 100644 --- a/board/freescale/mx6q_arm2/flash_header.S +++ b/board/freescale/mx6q_arm2/flash_header.S @@ -52,7 +52,7 @@ self_ptr: .word ivt_header #ifdef CONFIG_SECURE_BOOT app_code_csf: .word __hab_data #else -app_code_csf: .word 0 +app_code_csf: .word 0x0 #endif reserv2: .word 0x0 diff --git a/board/freescale/mx6q_arm2/mx6q_arm2.c b/board/freescale/mx6q_arm2/mx6q_arm2.c index fa2b79c..1e0c8a1 100644 --- a/board/freescale/mx6q_arm2/mx6q_arm2.c +++ b/board/freescale/mx6q_arm2/mx6q_arm2.c @@ -1196,176 +1196,6 @@ int board_late_init(void) return 0; } -#ifdef CONFIG_SECURE_BOOT -/* -------- start of HAB API updates ------------*/ -#define hab_rvt_report_event ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT) -#define hab_rvt_report_status ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS) -#define hab_rvt_authenticate_image \ - ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE) -#define hab_rvt_entry ((hab_rvt_entry_t *) HAB_RVT_ENTRY) -#define hab_rvt_exit ((hab_rvt_exit_t *) HAB_RVT_EXIT) -#define hab_rvt_clock_init HAB_RVT_CLOCK_INIT - -/* - * +------------+ 0x0 (0x10800000) - - * | Header | | - * +------------+ 0x40 | - * | | | - * | | | - * | | | - * | | | - * | Image Data | | - * . | | - * . | > Stuff to be authenticated ------+ - * . | | | - * | | | | - * | | | | - * +------------+ | | - * | | | | - * | Fill Data | | | - * | | | | - * +------------+ 0x003F_DFE0 | | - * | IVT | | | - * +------------+ 0x003F_E000 - | - * | | | - * | CSF DATA | <--------------------------------------------------------+ - * | | - * +------------+ - * | | - * | Fill Data | - * | | - * +------------+ 0x0040_0000 - */ - -#define DDR_UIMAGE_START 0x10800000 -#define DDR_UIMAGE_LENGTH 0x400000 -#define DDR_IVT_OFFSET 0x3FDFE0 -#define DDR_UIMAGE_IVT_START (DDR_UIMAGE_START + DDR_IVT_OFFSET) - -#define OCOTP_CFG5_OFFSET 0x460 - -int check_hab_enable(void) -{ - u32 reg = 0; - int result = 0; - - reg = readl(IMX_OTP_BASE + OCOTP_CFG5_OFFSET); - if ((reg & 0x2) == 0x2) - result = 1; - - return result; -} - -void display_event(uint8_t *event_data, size_t bytes) -{ - uint32_t i; - if ((event_data) && (bytes > 0)) { - for (i = 0; i < bytes; i++) { - if (i == 0) - printf("\t0x%02x", event_data[i]); - else if ((i % 8) == 0) - printf("\n\t0x%02x", event_data[i]); - else - printf(" 0x%02x", event_data[i]); - } - } -} - -int get_hab_status(void) -{ - uint32_t index = 0; /* Loop index */ - uint8_t event_data[128]; /* Event data buffer */ - size_t bytes = sizeof(event_data); /* Event size in bytes */ - hab_config_t config = 0; - hab_state_t state = 0; - - /* Check HAB status */ - if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { - printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", - config, state); - - /* Display HAB Error events */ - while (hab_rvt_report_event(HAB_FAILURE, index, event_data, - &bytes) == HAB_SUCCESS) { - printf("\n"); - printf("--------- HAB Event %d -----------------\n", - index + 1); - printf("event data:\n"); - display_event(event_data, bytes); - printf("\n"); - bytes = sizeof(event_data); - index++; - } - } - /* Display message if no HAB events are found */ - else { - printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", - config, state); - printf("No HAB Events Found!\n\n"); - } - return 0; -} - -void hab_caam_clock_enable(void) -{ - u32 reg = 0; - - reg = readl(CCM_BASE_ADDR + CLKCTL_CCGR0); /* CCGR0 */ - reg |= 0x3F00; /*CG4 ~ CG6, enable CAAM clocks*/ - writel(reg, CCM_BASE_ADDR + CLKCTL_CCGR0); -} - - -void hab_caam_clock_disable(void) -{ - u32 reg = 0; - - reg = readl(CCM_BASE_ADDR + CLKCTL_CCGR0); /* CCGR0 */ - reg &= ~0x3F00; /*CG4 ~ CG6, disable CAAM clocks*/ - writel(reg, CCM_BASE_ADDR + CLKCTL_CCGR0); -} - -uint32_t authenticate_image(ulong start) -{ - uint32_t load_addr = 0; - size_t bytes; - ptrdiff_t ivt_offset = DDR_IVT_OFFSET; - int result = 0; - - if (check_hab_enable() == 1) { - printf("\nAuthenticate uImage from DDR location 0x%lx...\n", - start); - - hab_caam_clock_enable(); - - if (hab_rvt_entry() == HAB_SUCCESS) { - start = DDR_UIMAGE_START; - bytes = DDR_UIMAGE_LENGTH; - load_addr = (uint32_t)hab_rvt_authenticate_image( - HAB_CID_UBOOT, - ivt_offset, (void **)&start, - (size_t *)&bytes, NULL); - if (hab_rvt_exit() != HAB_SUCCESS) { - printf("hab exit function fail\n"); - load_addr = 0; - } - } else - printf("hab entry function fail\n"); - - hab_caam_clock_disable(); - - get_hab_status(); - } - - if ((!check_hab_enable()) || (load_addr != 0)) - result = 1; - - return result; -} -/* ----------- end of HAB API updates ------------*/ -#endif - - #ifdef CONFIG_MXC_FEC static int phy_read(char *devname, unsigned char addr, unsigned char reg, unsigned short *pdata) diff --git a/board/freescale/mx6sl_arm2/flash_header.S b/board/freescale/mx6sl_arm2/flash_header.S index 6519511..9421700 100644 --- a/board/freescale/mx6sl_arm2/flash_header.S +++ b/board/freescale/mx6sl_arm2/flash_header.S @@ -49,11 +49,19 @@ reserv1: .word 0x0 dcd_ptr: .word dcd_hdr boot_data_ptr: .word boot_data self_ptr: .word ivt_header +#ifdef CONFIG_SECURE_BOOT +app_code_csf: .word __hab_data +#else app_code_csf: .word 0x0 +#endif reserv2: .word 0x0 boot_data: .word TEXT_BASE +#ifdef CONFIG_SECURE_BOOT +image_len: .word __hab_data_end - TEXT_BASE +#else image_len: .word _end_of_copy - TEXT_BASE + CONFIG_FLASH_HEADER_OFFSET +#endif plugin: .word 0x0 /* !!!! Need update Len field after adding ddr script !!!!!!!!!!!!!!!!!*/ diff --git a/board/freescale/mx6sl_arm2/mx6sl_arm2.c b/board/freescale/mx6sl_arm2/mx6sl_arm2.c index 13428cb..5ccca45 100644 --- a/board/freescale/mx6sl_arm2/mx6sl_arm2.c +++ b/board/freescale/mx6sl_arm2/mx6sl_arm2.c @@ -25,6 +25,9 @@ #include <asm/arch/mx6.h> #include <asm/arch/mx6_pins.h> #include <asm/arch/mx6sl_pins.h> +#if defined(CONFIG_SECURE_BOOT) +#include <asm/arch/mx6_secure.h> +#endif #include <asm/arch/iomux-v3.h> #include <asm/arch/regs-anadig.h> #include <asm/errno.h> @@ -1080,6 +1083,12 @@ int checkboard(void) printf("UNKNOWN\n"); break; } + +#ifdef CONFIG_SECURE_BOOT + if (check_hab_enable() == 1) + get_hab_status(); +#endif + return 0; } diff --git a/board/freescale/mx6sl_arm2/u-boot.lds b/board/freescale/mx6sl_arm2/u-boot.lds index ae64f12..0bd13f6 100644 --- a/board/freescale/mx6sl_arm2/u-boot.lds +++ b/board/freescale/mx6sl_arm2/u-boot.lds @@ -66,6 +66,13 @@ SECTIONS .u_boot_cmd : { *(.u_boot_cmd) } __u_boot_cmd_end = .; + /* Original Size is 0x27..., enlarge to 0x2F000 */ + . = TEXT_BASE + 0x2F000; + __hab_data = .; + . = . + 0x2000; + __hab_data_end = .; + /* End of Hab Data, Place it before BSS section */ + . = ALIGN(4); _end_of_copy = .; /* end_of ROM copy code here */ __bss_start = .; |