u-boot.git/arch/arm/include/asm/fsl_secure_boot.h, branch v2016.01 Unnamed repository; edit this file 'description' to name the repository. armv8/ls1043ardb: add SECURE BOOT target for NOR 2015-12-15T00:57:35+00:00 Aneesh Bansal aneesh.bansal@freescale.com 2015-12-08T08:24:29+00:00 9711f52806655bcfa28fe5594b91fed430beb72e LS1043ARDB Secure Boot Target from NOR has been added. - Configs defined to enable esbc_validate. - ESBC Address in header is made 64 bit. - SMMU is re-configured in Bypass mode. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
LS1043ARDB Secure Boot Target from NOR has been added.
- Configs defined to enable esbc_validate.
- ESBC Address in header is made 64 bit.
- SMMU is re-configured in Bypass mode.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
SECURE_BOOT: Disable IE Key feature for RAMBOOT 2015-09-02T02:38:02+00:00 Aneesh Bansal aneesh.bansal@freescale.com 2015-07-31T08:40:03+00:00 2ed948f466b2715a82c25ca25f5839c9bbaea6e3 ISBC Key Extension feature is not applicable for RAMBOOT as there is no way to retrieve the CSF Header and validated IE Key table from SRAM once CPC has been disabled. The feature is only applicable in case of NOR SECURE BOOT. Code Cleanup: The SECURE_BOOT specific defines have been moved from arch-ls102xa/config.h to arm/include/asm/fsl_secure_boot.h Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
ISBC Key Extension feature is not applicable for RAMBOOT
as there is no way to retrieve the CSF Header and validated
IE Key table from SRAM once CPC has been disabled.
The feature is only applicable in case of NOR SECURE BOOT.
Code Cleanup:
The SECURE_BOOT specific defines have been moved from
arch-ls102xa/config.h to
arm/include/asm/fsl_secure_boot.h

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Add bootscript support to esbc_validate. 2015-04-21T17:19:19+00:00 gaurav rana gaurav.rana@freescale.com 2015-03-10T08:38:50+00:00 98cb0efde8aaed200750e6d75fa8e5fc01dcd8f4 1. Default environment will be used for secure boot flow which can't be edited or saved. 2. Command for secure boot is predefined in the default environment which will run on autoboot (and autoboot is the only option allowed in case of secure boot) and it looks like this: #define CONFIG_SECBOOT \ "setenv bs_hdraddr 0xe8e00000;" \ "esbc_validate $bs_hdraddr;" \ "source $img_addr;" \ "esbc_halt;" #endif 3. Boot Script can contain esbc_validate commands and bootm command. Uboot source command used in default secure boot command will run the bootscript. 4. Command esbc_halt added to ensure either bootm executes after validation of images or core should just spin. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
1. Default environment will be used for secure boot flow
 which can't be edited or saved.
2. Command for secure boot is predefined in the default
 environment which will run on autoboot (and autoboot is
 the only option allowed in case of secure boot) and it
 looks like this:
 #define CONFIG_SECBOOT \
 "setenv bs_hdraddr 0xe8e00000;"                 \
 "esbc_validate $bs_hdraddr;"                    \
 "source $img_addr;"                             \
 "esbc_halt;"
 #endif
3. Boot Script can contain esbc_validate commands and bootm command.
 Uboot source command used in default secure boot command will
 run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
 after validation of images or core should just spin.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>