fsl_secure_boot.h 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
  1. /*
  2. * Copyright 2010-2011 Freescale Semiconductor, Inc.
  3. *
  4. * SPDX-License-Identifier: GPL-2.0+
  5. */
  6. #ifndef __FSL_SECURE_BOOT_H
  7. #define __FSL_SECURE_BOOT_H
  8. #include <asm/config_mpc85xx.h>
  9. #ifdef CONFIG_SECURE_BOOT
  10. #ifndef CONFIG_FIT_SIGNATURE
  11. #define CONFIG_CHAIN_OF_TRUST
  12. #endif
  13. #if defined(CONFIG_FSL_CORENET)
  14. #define CONFIG_SYS_PBI_FLASH_BASE 0xc0000000
  15. #elif defined(CONFIG_TARGET_BSC9132QDS)
  16. #define CONFIG_SYS_PBI_FLASH_BASE 0xc8000000
  17. #elif defined(CONFIG_TARGET_C29XPCIE)
  18. #define CONFIG_SYS_PBI_FLASH_BASE 0xcc000000
  19. #else
  20. #define CONFIG_SYS_PBI_FLASH_BASE 0xce000000
  21. #endif
  22. #define CONFIG_SYS_PBI_FLASH_WINDOW 0xcff80000
  23. #if defined(CONFIG_TARGET_B4860QDS) || \
  24. defined(CONFIG_TARGET_B4420QDS) || \
  25. defined(CONFIG_TARGET_T4160QDS) || \
  26. defined(CONFIG_TARGET_T4240QDS) || \
  27. defined(CONFIG_T2080QDS) || \
  28. defined(CONFIG_T2080RDB) || \
  29. defined(CONFIG_T1040QDS) || \
  30. defined(CONFIG_T104xD4QDS) || \
  31. defined(CONFIG_TARGET_T1040RDB) || \
  32. defined(CONFIG_TARGET_T1040D4RDB) || \
  33. defined(CONFIG_TARGET_T1042RDB) || \
  34. defined(CONFIG_TARGET_T1042D4RDB) || \
  35. defined(CONFIG_TARGET_T1042RDB_PI) || \
  36. defined(CONFIG_ARCH_T1023) || \
  37. defined(CONFIG_ARCH_T1024)
  38. #ifndef CONFIG_SYS_RAMBOOT
  39. #define CONFIG_SYS_CPC_REINIT_F
  40. #endif
  41. #define CONFIG_KEY_REVOCATION
  42. #undef CONFIG_SYS_INIT_L3_ADDR
  43. #define CONFIG_SYS_INIT_L3_ADDR 0xbff00000
  44. #endif
  45. #if defined(CONFIG_RAMBOOT_PBL)
  46. #undef CONFIG_SYS_INIT_L3_ADDR
  47. #ifdef CONFIG_SYS_INIT_L3_VADDR
  48. #define CONFIG_SYS_INIT_L3_ADDR \
  49. (CONFIG_SYS_INIT_L3_VADDR & ~0xFFF00000) | \
  50. 0xbff00000
  51. #else
  52. #define CONFIG_SYS_INIT_L3_ADDR 0xbff00000
  53. #endif
  54. #endif
  55. #if defined(CONFIG_TARGET_C29XPCIE)
  56. #define CONFIG_KEY_REVOCATION
  57. #endif
  58. #if defined(CONFIG_ARCH_P3041) || \
  59. defined(CONFIG_ARCH_P4080) || \
  60. defined(CONFIG_ARCH_P5020) || \
  61. defined(CONFIG_ARCH_P5040) || \
  62. defined(CONFIG_ARCH_P2041)
  63. #define CONFIG_FSL_TRUST_ARCH_v1
  64. #endif
  65. #if defined(CONFIG_FSL_CORENET) && !defined(CONFIG_SYS_RAMBOOT)
  66. /* The key used for verification of next level images
  67. * is picked up from an Extension Table which has
  68. * been verified by the ISBC (Internal Secure boot Code)
  69. * in boot ROM of the SoC.
  70. * The feature is only applicable in case of NOR boot and is
  71. * not applicable in case of RAMBOOT (NAND, SD, SPI).
  72. */
  73. #define CONFIG_FSL_ISBC_KEY_EXT
  74. #endif
  75. #endif /* #ifdef CONFIG_SECURE_BOOT */
  76. #ifdef CONFIG_CHAIN_OF_TRUST
  77. #ifdef CONFIG_SPL_BUILD
  78. /*
  79. * PPAACT and SPAACT table for PAMU must be placed on DDR after DDR init
  80. * due to space crunch on CPC and thus malloc will not work.
  81. */
  82. #define CONFIG_SPL_PPAACT_ADDR 0x2e000000
  83. #define CONFIG_SPL_SPAACT_ADDR 0x2f000000
  84. #define CONFIG_SPL_JR0_LIODN_S 454
  85. #define CONFIG_SPL_JR0_LIODN_NS 458
  86. /*
  87. * Define the key hash for U-Boot here if public/private key pair used to
  88. * sign U-boot are different from the SRK hash put in the fuse
  89. * Example of defining KEY_HASH is
  90. * #define CONFIG_SPL_UBOOT_KEY_HASH \
  91. * "41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b"
  92. * else leave it defined as NULL
  93. */
  94. #define CONFIG_SPL_UBOOT_KEY_HASH NULL
  95. #endif /* ifdef CONFIG_SPL_BUILD */
  96. #define CONFIG_CMD_ESBC_VALIDATE
  97. #define CONFIG_CMD_BLOB
  98. #define CONFIG_FSL_SEC_MON
  99. #define CONFIG_SHA_PROG_HW_ACCEL
  100. #define CONFIG_RSA_FREESCALE_EXP
  101. #ifndef CONFIG_FSL_CAAM
  102. #define CONFIG_FSL_CAAM
  103. #endif
  104. #ifndef CONFIG_SPL_BUILD
  105. /*
  106. * fsl_setenv_chain_of_trust() must be called from
  107. * board_late_init()
  108. */
  109. #ifndef CONFIG_BOARD_LATE_INIT
  110. #define CONFIG_BOARD_LATE_INIT
  111. #endif
  112. /* If Boot Script is not on NOR and is required to be copied on RAM */
  113. #ifdef CONFIG_BOOTSCRIPT_COPY_RAM
  114. #define CONFIG_BS_HDR_ADDR_RAM 0x00010000
  115. #define CONFIG_BS_HDR_ADDR_DEVICE 0x00800000
  116. #define CONFIG_BS_HDR_SIZE 0x00002000
  117. #define CONFIG_BS_ADDR_RAM 0x00012000
  118. #define CONFIG_BS_ADDR_DEVICE 0x00802000
  119. #define CONFIG_BS_SIZE 0x00001000
  120. #define CONFIG_BOOTSCRIPT_HDR_ADDR CONFIG_BS_HDR_ADDR_RAM
  121. #else
  122. /* The bootscript header address is different for B4860 because the NOR
  123. * mapping is different on B4 due to reduced NOR size.
  124. */
  125. #if defined(CONFIG_TARGET_B4860QDS) || defined(CONFIG_TARGET_B4420QDS)
  126. #define CONFIG_BOOTSCRIPT_HDR_ADDR 0xecc00000
  127. #elif defined(CONFIG_FSL_CORENET)
  128. #define CONFIG_BOOTSCRIPT_HDR_ADDR 0xe8e00000
  129. #elif defined(CONFIG_TARGET_BSC9132QDS)
  130. #define CONFIG_BOOTSCRIPT_HDR_ADDR 0x88020000
  131. #elif defined(CONFIG_TARGET_C29XPCIE)
  132. #define CONFIG_BOOTSCRIPT_HDR_ADDR 0xec020000
  133. #else
  134. #define CONFIG_BOOTSCRIPT_HDR_ADDR 0xee020000
  135. #endif
  136. #endif /* #ifdef CONFIG_BOOTSCRIPT_COPY_RAM */
  137. #include <config_fsl_chain_trust.h>
  138. #endif /* #ifndef CONFIG_SPL_BUILD */
  139. #endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
  140. #endif