From 2ed948f466b2715a82c25ca25f5839c9bbaea6e3 Mon Sep 17 00:00:00 2001 From: Aneesh Bansal Date: Fri, 31 Jul 2015 14:10:03 +0530 Subject: SECURE_BOOT: Disable IE Key feature for RAMBOOT ISBC Key Extension feature is not applicable for RAMBOOT as there is no way to retrieve the CSF Header and validated IE Key table from SRAM once CPC has been disabled. The feature is only applicable in case of NOR SECURE BOOT. Code Cleanup: The SECURE_BOOT specific defines have been moved from arch-ls102xa/config.h to arm/include/asm/fsl_secure_boot.h Signed-off-by: Aneesh Bansal Reviewed-by: York Sun --- arch/powerpc/include/asm/fsl_secure_boot.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'arch/powerpc') diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h b/arch/powerpc/include/asm/fsl_secure_boot.h index d57bb55..87415b1 100644 --- a/arch/powerpc/include/asm/fsl_secure_boot.h +++ b/arch/powerpc/include/asm/fsl_secure_boot.h @@ -65,11 +65,13 @@ #define CONFIG_FSL_TRUST_ARCH_v1 #endif -#if defined(CONFIG_FSL_CORENET) +#if defined(CONFIG_FSL_CORENET) && !defined(CONFIG_SYS_RAMBOOT) /* The key used for verification of next level images * is picked up from an Extension Table which has * been verified by the ISBC (Internal Secure boot Code) - * in boot ROM of the SoC + * in boot ROM of the SoC. + * The feature is only applicable in case of NOR boot and is + * not applicable in case of RAMBOOT (NAND, SD, SPI). */ #define CONFIG_FSL_ISBC_KEY_EXT #endif -- cgit v1.1