armv8: ls1012ardb: Add distro secure boot support
Enable validation of boot.scr script prior to its execution dependent on "secureboot" flag in environment. Enable fall back option to qspi boot in case of secure boot. Signed-off-by: Sumit Garg <sumit.garg@nxp.com> Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
This commit is contained in:
Vinitha Pillai-B57223
committed by
York Sun
York Sun
parent
30cf7f818d
commit
c883f351e6
@@ -63,16 +63,20 @@
|
||||
"initrd_high=0xffffffffffffffff\0" \
|
||||
"fdt_addr=0x00f00000\0" \
|
||||
"kernel_addr=0x01000000\0" \
|
||||
"kernelheader_addr=0x800000\0" \
|
||||
"scriptaddr=0x80000000\0" \
|
||||
"scripthdraddr=0x80080000\0" \
|
||||
"fdtheader_addr_r=0x80100000\0" \
|
||||
"kernelheader_addr_r=0x80200000\0" \
|
||||
"kernel_addr_r=0x81000000\0" \
|
||||
"fdt_addr_r=0x90000000\0" \
|
||||
"load_addr=0xa0000000\0" \
|
||||
"kernel_size=0x2800000\0" \
|
||||
"kernelheader_size=0x40000\0" \
|
||||
"console=ttyS0,115200\0" \
|
||||
BOOTENV \
|
||||
"boot_scripts=ls1012ardb_boot.scr\0" \
|
||||
"boot_script_hdr=hdr_ls1012ardb_bs.out\0" \
|
||||
"scan_dev_for_boot_part=" \
|
||||
"part list ${devtype} ${devnum} devplist; " \
|
||||
"env exists devplist || setenv devplist 1; " \
|
||||
@@ -90,15 +94,27 @@
|
||||
"run scan_dev_for_scripts; " \
|
||||
"done;" \
|
||||
"\0" \
|
||||
"boot_a_script=" \
|
||||
"load ${devtype} ${devnum}:${distro_bootpart} " \
|
||||
"${scriptaddr} ${prefix}${script}; " \
|
||||
"env exists secureboot && load ${devtype} " \
|
||||
"${devnum}:${distro_bootpart} " \
|
||||
"${scripthdraddr} ${prefix}${boot_script_hdr} " \
|
||||
"&& esbc_validate ${scripthdraddr};" \
|
||||
"source ${scriptaddr}\0" \
|
||||
"installer=load mmc 0:2 $load_addr " \
|
||||
"/flex_installer_arm64.itb; " \
|
||||
"bootm $load_addr#$board\0" \
|
||||
"qspi_bootcmd=echo Trying load from qspi..;" \
|
||||
"sf probe && sf read $load_addr " \
|
||||
"$kernel_addr $kernel_size && bootm $load_addr#$board\0"
|
||||
"$kernel_addr $kernel_size; env exists secureboot " \
|
||||
"&& sf read $kernelheader_addr_r $kernelheader_addr " \
|
||||
"$kernelheader_size && esbc_validate ${kernelheader_addr_r}; " \
|
||||
"bootm $load_addr#$board\0"
|
||||
|
||||
#undef CONFIG_BOOTCOMMAND
|
||||
#define CONFIG_BOOTCOMMAND "run distro_bootcmd;run qspi_bootcmd"
|
||||
#define CONFIG_BOOTCOMMAND "run distro_bootcmd; run qspi_bootcmd; " \
|
||||
"env exists secureboot && esbc_halt;"
|
||||
|
||||
#include <asm/fsl_secure_boot.h>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user