env_set("board_rev", "iMX8QXP");
#endif
+ env_set("sec_boot", "no");
+#ifdef CONFIG_AHAB_BOOT
+ env_set("sec_boot", "yes");
+#endif
+
return 0;
}
env_set("board_rev", "iMX8QXP");
#endif
+ env_set("sec_boot", "no");
+#ifdef CONFIG_AHAB_BOOT
+ env_set("sec_boot", "yes");
+#endif
+
return 0;
}
#define CONFIG_MAX7322_I2C_BUS 0 /* I2C1 */
#endif
+#ifdef CONFIG_AHAB_BOOT
+#define AHAB_ENV "sec_boot=yes\0"
+#else
+#define AHAB_ENV "sec_boot=no\0"
+#endif
+
/* Boot M4 */
#define M4_BOOT_ENV \
"m4_0_image=m4_0.bin\0" \
#else
#define CONFIG_EXTRA_ENV_SETTINGS \
M4_BOOT_ENV \
+ AHAB_ENV \
"script=boot.scr\0" \
"image=Image\0" \
"panel=NULL\0" \
"earlycon=lpuart32,0x5a060000\0" \
"fdt_addr=0x83000000\0" \
"fdt_high=0xffffffffffffffff\0" \
+ "cntr_addr=0x98000000\0" \
+ "cntr_file=os_cntr_signed.bin\0" \
"boot_fdt=try\0" \
"fdt_file=" CONFIG_DEFAULT_FDT_FILE "\0" \
"initrd_addr=0x83100000\0" \
"source\0" \
"loadimage=fatload mmc ${mmcdev}:${mmcpart} ${loadaddr} ${image}\0" \
"loadfdt=fatload mmc ${mmcdev}:${mmcpart} ${fdt_addr} ${fdt_file}\0" \
+ "loadcntr=fatload mmc ${mmcdev}:${mmcpart} ${cntr_addr} ${cntr_file}\0" \
+ "auth_os=auth_cntr ${cntr_addr}\0" \
"mmcboot=echo Booting from mmc ...; " \
"run mmcargs; " \
- "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
- "if run loadfdt; then " \
+ "if test ${sec_boot} = yes; then " \
+ "if run auth_os; then " \
"booti ${loadaddr} - ${fdt_addr}; " \
"else " \
- "echo WARN: Cannot load the DT; " \
+ "echo ERR: failed to authenticate; " \
"fi; " \
"else " \
- "echo wait for boot; " \
+ "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
+ "if run loadfdt; then " \
+ "booti ${loadaddr} - ${fdt_addr}; " \
+ "else " \
+ "echo WARN: Cannot load the DT; " \
+ "fi; " \
+ "else " \
+ "echo wait for boot; " \
+ "fi;" \
"fi;\0" \
"netargs=setenv bootargs console=${console},${baudrate} earlycon=${earlycon},${baudrate} " \
"root=/dev/nfs " \
"else " \
"setenv get_cmd tftp; " \
"fi; " \
- "${get_cmd} ${loadaddr} ${image}; " \
- "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
- "if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
+ "if test ${sec_boot} = yes; then " \
+ "${get_cmd} ${cntr_addr} ${cntr_file}; " \
+ "if run auth_os; then " \
"booti ${loadaddr} - ${fdt_addr}; " \
"else " \
- "echo WARN: Cannot load the DT; " \
+ "echo ERR: failed to authenticate; " \
"fi; " \
"else " \
- "booti; " \
+ "${get_cmd} ${loadaddr} ${image}; " \
+ "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
+ "if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
+ "booti ${loadaddr} - ${fdt_addr}; " \
+ "else " \
+ "echo WARN: Cannot load the DT; " \
+ "fi; " \
+ "else " \
+ "booti; " \
+ "fi;" \
"fi;\0"
#endif
"if run loadbootscript; then " \
"run bootscript; " \
"else " \
- "if run loadimage; then " \
- "run mmcboot; " \
- "else run netboot; " \
- "fi; " \
+ "if test ${sec_boot} = yes; then " \
+ "if run loadcntr; then " \
+ "run mmcboot; " \
+ "else run netboot; " \
+ "fi; " \
+ "else " \
+ "if run loadimage; then " \
+ "run mmcboot; " \
+ "else run netboot; " \
+ "fi; " \
+ "fi; " \
"fi; " \
"else booti ${loadaddr} - ${fdt_addr}; fi"
#endif
#define CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG
+#ifdef CONFIG_AHAB_BOOT
+#define AHAB_ENV "sec_boot=yes\0"
+#else
+#define AHAB_ENV "sec_boot=no\0"
+#endif
+
/* Boot M4 */
#define M4_BOOT_ENV \
"m4_0_image=m4_0.bin\0" \
#define CONFIG_EXTRA_ENV_SETTINGS \
M4_BOOT_ENV \
XEN_BOOT_ENV \
+ AHAB_ENV \
"script=boot.scr\0" \
"image=Image\0" \
"panel=NULL\0" \
"earlycon=lpuart32,0x5a060000\0" \
"fdt_addr=0x83000000\0" \
"fdt_high=0xffffffffffffffff\0" \
+ "cntr_addr=0x98000000\0" \
+ "cntr_file=os_cntr_signed.bin\0" \
"boot_fdt=try\0" \
"fdt_file=fsl-imx8qxp-mek.dtb\0" \
"initrd_addr=0x83100000\0" \
"source\0" \
"loadimage=fatload mmc ${mmcdev}:${mmcpart} ${loadaddr} ${image}\0" \
"loadfdt=fatload mmc ${mmcdev}:${mmcpart} ${fdt_addr} ${fdt_file}\0" \
+ "loadcntr=fatload mmc ${mmcdev}:${mmcpart} ${cntr_addr} ${cntr_file}\0" \
+ "auth_os=auth_cntr ${cntr_addr}\0" \
"mmcboot=echo Booting from mmc ...; " \
"run mmcargs; " \
- "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
- "if run loadfdt; then " \
+ "if test ${sec_boot} = yes; then " \
+ "if run auth_os; then " \
"booti ${loadaddr} - ${fdt_addr}; " \
"else " \
- "echo WARN: Cannot load the DT; " \
+ "echo ERR: failed to authenticate; " \
"fi; " \
"else " \
- "echo wait for boot; " \
+ "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
+ "if run loadfdt; then " \
+ "booti ${loadaddr} - ${fdt_addr}; " \
+ "else " \
+ "echo WARN: Cannot load the DT; " \
+ "fi; " \
+ "else " \
+ "echo wait for boot; " \
+ "fi;" \
"fi;\0" \
"netargs=setenv bootargs console=${console},${baudrate} earlycon=${earlycon},${baudrate} " \
"root=/dev/nfs " \
"else " \
"setenv get_cmd tftp; " \
"fi; " \
- "${get_cmd} ${loadaddr} ${image}; " \
- "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
- "if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
+ "if test ${sec_boot} = yes; then " \
+ "${get_cmd} ${cntr_addr} ${cntr_file}; " \
+ "if run auth_os; then " \
"booti ${loadaddr} - ${fdt_addr}; " \
"else " \
- "echo WARN: Cannot load the DT; " \
+ "echo ERR: failed to authenticate; " \
"fi; " \
"else " \
- "booti; " \
+ "${get_cmd} ${loadaddr} ${image}; " \
+ "if test ${boot_fdt} = yes || test ${boot_fdt} = try; then " \
+ "if ${get_cmd} ${fdt_addr} ${fdt_file}; then " \
+ "booti ${loadaddr} - ${fdt_addr}; " \
+ "else " \
+ "echo WARN: Cannot load the DT; " \
+ "fi; " \
+ "else " \
+ "booti; " \
+ "fi;" \
"fi;\0"
#define CONFIG_BOOTCOMMAND \
"if run loadbootscript; then " \
"run bootscript; " \
"else " \
- "if run loadimage; then " \
- "run mmcboot; " \
- "else run netboot; " \
- "fi; " \
+ "if test ${sec_boot} = yes; then " \
+ "if run loadcntr; then " \
+ "run mmcboot; " \
+ "else run netboot; " \
+ "fi; " \
+ "else " \
+ "if run loadimage; then " \
+ "run mmcboot; " \
+ "else run netboot; " \
+ "fi; " \
+ "fi; " \
"fi; " \
"else booti ${loadaddr} - ${fdt_addr}; fi"
projects / u-boot.git / commitdiff