MLK-18129-2 imx8qm/qxp: Add secure boot environment

Add the secure boot relevant environment variables to MEK.
When CONFIG_AHAB_BOOT is enabled, we will switch to boot in this
new way:
1. Load the OS container to address 0x98000000
2. Using auth_cntr to authenticate the OS container. It will load the
   kernel and FDT to destination address.
3. Using booti to boot kernel.

Signed-off-by: Ye Li <ye.li@nxp.com>
Acked-by: Peng Fan <peng.fan@nxp.com>
(cherry picked from commit 545c8fe112244f20377e97921389c86eacc8551f)
(cherry picked from commit cba5acebbe6be0736f229ef719b1a1e5835e1a5f)
(cherry picked from commit 07b9850354b27dafa4cc774c59770931af2ac898)
(cherry picked from commit 149006de99c9c214232d30cc2e9795401766fe4b)

diff --git a/board/freescale/imx8qm_mek/imx8qm_mek.c b/board/freescale/imx8qm_mek/imx8qm_mek.c
index 9543017..b71a753 100644 (file)
--- a/board/freescale/imx8qm_mek/imx8qm_mek.c
+++ b/board/freescale/imx8qm_mek/imx8qm_mek.c
@@ -357,6 +357,11 @@ int board_late_init(void)
        env_set("board_rev", "iMX8QM");
 #endif
 
+       env_set("sec_boot", "no");
+#ifdef CONFIG_AHAB_BOOT
+       env_set("sec_boot", "yes");
+#endif
+
        fdt_file = env_get("fdt_file");
        m4_booted = m4_parts_booted();
 

diff --git a/board/freescale/imx8qxp_mek/imx8qxp_mek.c b/board/freescale/imx8qxp_mek/imx8qxp_mek.c
index 0b33b1e..fdea685 100644 (file)
--- a/board/freescale/imx8qxp_mek/imx8qxp_mek.c
+++ b/board/freescale/imx8qxp_mek/imx8qxp_mek.c
@@ -366,6 +366,10 @@ int board_late_init(void)
        env_set("board_name", "MEK");
        env_set("board_rev", "iMX8QXP");
 #endif
+       env_set("sec_boot", "no");
+#ifdef CONFIG_AHAB_BOOT
+       env_set("sec_boot", "yes");
+#endif
 
        fdt_file = env_get("fdt_file");
        m4_booted = m4_parts_booted();

diff --git a/include/configs/imx8qm_mek.h b/include/configs/imx8qm_mek.h
index 8a3c16f..f66bae6 100644 (file)
--- a/include/configs/imx8qm_mek.h
+++ b/include/configs/imx8qm_mek.h
@@ -130,6 +130,8 @@
        "console=ttyLP0\0" \
        "fdt_addr=0x83000000\0"                 \
        "fdt_high=0xffffffffffffffff\0"         \
+       "cntr_addr=0x98000000\0"                        \
+       "cntr_file=os_cntr_signed.bin\0" \
        "boot_fdt=try\0" \
        "fdt_file=undefined\0" \
        "mmcdev="__stringify(CONFIG_SYS_MMC_ENV_DEV)"\0" \

diff --git a/include/configs/imx8qxp_mek.h b/include/configs/imx8qxp_mek.h
index 83d41aa..cf1b58a 100644 (file)
--- a/include/configs/imx8qxp_mek.h
+++ b/include/configs/imx8qxp_mek.h
@@ -105,6 +105,8 @@
        "console=ttyLP0\0" \
        "fdt_addr=0x83000000\0"                 \
        "fdt_high=0xffffffffffffffff\0"         \
+       "cntr_addr=0x98000000\0"                        \
+       "cntr_file=os_cntr_signed.bin\0" \
        "boot_fdt=try\0" \
        "fdt_file=undefined\0" \
        "mmcdev="__stringify(CONFIG_SYS_MMC_ENV_DEV)"\0" \