@@ -239,15 +239,23 @@ int pamu_init(void)
spaact_size = sizeof(struct paace) * NUM_SPAACT_ENTRIES;
/* Allocate space for Primary PAACT Table */
+#if (defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_PPAACT_ADDR))
+ ppaact = (void *)CONFIG_SPL_PPAACT_ADDR;
+#else
ppaact = memalign(PAMU_TABLE_ALIGNMENT, ppaact_size);
if (!ppaact)
return -1;
+#endif
memset(ppaact, 0, ppaact_size);
/* Allocate space for Secondary PAACT Table */
+#if (defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_SPAACT_ADDR))
+ sec = (void *)CONFIG_SPL_SPAACT_ADDR;
+#else
sec = memalign(PAMU_TABLE_ALIGNMENT, spaact_size);
if (!sec)
return -1;
+#endif
memset(sec, 0, spaact_size);
ppaact_phys = virt_to_phys((void *)ppaact);
@@ -28,6 +28,14 @@ void construct_pamu_addr_table(struct pamu_addr_tbl *tbl, int *num_entries)
i++;
#endif
+#if (defined(CONFIG_SPL_BUILD) && (CONFIG_SYS_INIT_L3_VADDR))
+ tbl->start_addr[i] =
+ (uint64_t)virt_to_phys((void *)CONFIG_SYS_INIT_L3_VADDR);
+ tbl->size[i] = 256 * 1024; /* 256K CPC flash */
+ tbl->end_addr[i] = tbl->start_addr[i] + tbl->size[i] - 1;
+
+ i++;
+#endif
debug("PAMU address\t\t\tsize\n");
for (j = 0; j < i ; j++)
debug("%llx \t\t\t%llx\n", tbl->start_addr[j], tbl->size[j]);
@@ -72,6 +72,30 @@
#ifdef CONFIG_CHAIN_OF_TRUST
+#ifdef CONFIG_SPL_BUILD
+#define CONFIG_SPL_DM 1
+#define CONFIG_SPL_CRYPTO_SUPPORT
+#define CONFIG_SPL_DRIVERS_MISC_SUPPORT
+/*
+ * PPAACT and SPAACT table for PAMU must be placed on DDR after DDR init
+ * due to space crunch on CPC and thus malloc will not work.
+ */
+#define CONFIG_SPL_PPAACT_ADDR 0x2e000000
+#define CONFIG_SPL_SPAACT_ADDR 0x2f000000
+#define CONFIG_SPL_JR0_LIODN_S 454
+#define CONFIG_SPL_JR0_LIODN_NS 458
+/*
+ * Define the key hash for U-Boot here if public/private key pair used to
+ * sign U-boot are different from the SRK hash put in the fuse
+ * Example of defining KEY_HASH is
+ * #define CONFIG_SPL_UBOOT_KEY_HASH \
+ * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
+ * else leave it defined as NULL
+ */
+
+#define CONFIG_SPL_UBOOT_KEY_HASH NULL
+#endif /* ifdef CONFIG_SPL_BUILD */
+
#define CONFIG_CMD_ESBC_VALIDATE
#define CONFIG_CMD_BLOB
#define CONFIG_FSL_SEC_MON
@@ -87,6 +111,7 @@
#define CONFIG_FSL_CAAM
#endif
+#ifndef CONFIG_SPL_BUILD
/* fsl_setenv_chain_of_trust() must be called from
* board_late_init()
*/
@@ -124,5 +149,6 @@
#endif /* #ifdef CONFIG_BOOTSCRIPT_COPY_RAM */
#include <config_fsl_chain_trust.h>
+#endif /* #ifndef CONFIG_SPL_BUILD */
#endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
#endif
@@ -6,7 +6,17 @@
#include <common.h>
#include <fsl_validate.h>
+#include <fsl_secboot_err.h>
#include <fsl_sfp.h>
+#include <dm/root.h>
+
+#ifdef CONFIG_ADDR_MAP
+#include <asm/mmu.h>
+#endif
+
+#ifdef CONFIG_FSL_CORENET
+#include <asm/fsl_pamu.h>
+#endif
#ifdef CONFIG_LS102XA
#include <asm/arch/immap_ls102xa.h>
@@ -52,6 +62,7 @@ int fsl_check_boot_mode_secure(void)
return 0;
}
+#ifndef CONFIG_SPL_BUILD
int fsl_setenv_chain_of_trust(void)
{
/* Check Boot Mode
@@ -68,3 +79,42 @@ int fsl_setenv_chain_of_trust(void)
setenv("bootcmd", CONFIG_CHAIN_BOOT_CMD);
return 0;
}
+#endif
+
+#ifdef CONFIG_SPL_BUILD
+void spl_validate_uboot(uint32_t hdr_addr, uint32_t img_addr)
+{
+ int res;
+
+ /* Check Boot Mode
+ * If Boot Mode is Non-Secure, skip validation
+ */
+ if (fsl_check_boot_mode_secure() == 0)
+ return;
+
+ printf("SPL: Validating U-Boot image\n");
+
+#ifdef CONFIG_ADDR_MAP
+ init_addr_map();
+#endif
+
+#ifdef CONFIG_FSL_CORENET
+ if (pamu_init() < 0)
+ fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT);
+#endif
+
+#ifdef CONFIG_FSL_CAAM
+ if (sec_init() < 0)
+ fsl_secboot_handle_error(ERROR_ESBC_SEC_INIT);
+#endif
+
+#if defined(CONFIG_DM)
+ dm_init_and_scan(false);
+#endif
+ res = fsl_secboot_validate(hdr_addr, CONFIG_SPL_UBOOT_KEY_HASH,
+ img_addr);
+
+ if (res == 0)
+ printf("SPL: Validation of U-boot successful\n");
+}
+#endif
@@ -89,6 +89,8 @@ obj-$(CONFIG_USB_KEYBOARD) += usb_kbd.o
endif # !CONFIG_SPL_BUILD
ifdef CONFIG_SPL_BUILD
+# core
+obj-$(CONFIG_SPL_CRYPTO_SUPPORT) += hash.o
obj-$(CONFIG_ENV_IS_IN_FLASH) += env_flash.o
obj-$(CONFIG_SPL_YMODEM_SUPPORT) += xyzModem.o
obj-$(CONFIG_SPL_NET_SUPPORT) += miiphyutil.o
@@ -36,6 +36,7 @@ obj-$(CONFIG_SPL_WATCHDOG_SUPPORT) += watchdog/
obj-$(CONFIG_SPL_USB_HOST_SUPPORT) += usb/host/
obj-$(CONFIG_OMAP_USB_PHY) += usb/phy/
obj-$(CONFIG_SPL_SATA_SUPPORT) += block/
+obj-$(CONFIG_SPL_CRYPTO_SUPPORT) += crypto/
else
@@ -550,10 +550,26 @@ int sec_init(void)
sec_out32(&sec->mcfgr, mcr);
#ifdef CONFIG_FSL_CORENET
+#ifdef CONFIG_SPL_BUILD
+ /* For SPL Build, Set the Liodns in SEC JR0 for
+ * creating PAMU entries corresponding to these.
+ * For normal build, these are set in set_liodns().
+ */
+ liodn_ns = CONFIG_SPL_JR0_LIODN_NS & JRNSLIODN_MASK;
+ liodn_s = CONFIG_SPL_JR0_LIODN_S & JRSLIODN_MASK;
+
+ liodnr = sec_in32(&sec->jrliodnr[0].ls) &
+ ~(JRNSLIODN_MASK | JRSLIODN_MASK);
+ liodnr = liodnr |
+ (liodn_ns << JRNSLIODN_SHIFT) |
+ (liodn_s << JRSLIODN_SHIFT);
+ sec_out32(&sec->jrliodnr[0].ls, liodnr);
+#else
liodnr = sec_in32(&sec->jrliodnr[0].ls);
liodn_ns = (liodnr & JRNSLIODN_MASK) >> JRNSLIODN_SHIFT;
liodn_s = (liodnr & JRSLIODN_MASK) >> JRSLIODN_SHIFT;
#endif
+#endif
ret = jr_init();
if (ret < 0) {
@@ -11,6 +11,9 @@
#include <asm/io.h>
#include <fsl_ifc.h>
#include <linux/mtd/nand.h>
+#ifdef CONFIG_CHAIN_OF_TRUST
+#include <fsl_validate.h>
+#endif
static inline int is_blank(uchar *addr, int page_size)
{
@@ -268,6 +271,27 @@ void nand_boot(void)
*/
flush_cache(CONFIG_SYS_NAND_U_BOOT_DST, CONFIG_SYS_NAND_U_BOOT_SIZE);
#endif
+
+#ifdef CONFIG_CHAIN_OF_TRUST
+ /*
+ * As U-Boot header is appended at end of U-boot image, so
+ * calculate U-boot header address using U-boot header size.
+ */
+#define CONFIG_U_BOOT_HDR_ADDR \
+ ((CONFIG_SYS_NAND_U_BOOT_START + \
+ CONFIG_SYS_NAND_U_BOOT_SIZE) - \
+ CONFIG_U_BOOT_HDR_SIZE)
+ spl_validate_uboot(CONFIG_U_BOOT_HDR_ADDR,
+ CONFIG_SYS_NAND_U_BOOT_START);
+ /*
+ * In case of failure in validation, spl_validate_uboot would
+ * not return back in case of Production environment with ITS=1.
+ * Thus U-Boot will not start.
+ * In Development environment (ITS=0 and SB_EN=1), the function
+ * may return back in case of non-fatal failures.
+ */
+#endif
+
uboot = (void *)CONFIG_SYS_NAND_U_BOOT_START;
uboot();
}
@@ -207,4 +207,5 @@ int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,
int fsl_check_boot_mode_secure(void);
int fsl_setenv_chain_of_trust(void);
+void spl_validate_uboot(uint32_t hdr_addr, uint32_t img_addr);
#endif