On 01/22/2016 03:10 AM, Aneesh Bansal wrote:
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043). In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables: bootdelay = 0 (To disable Boot Prompt) bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal aneesh.bansal@nxp.com
Changes in v3: Protect the inclusion of file fsl_validate.h with macro CONFIG_CHAIN_OF_TRUST
Changes in v2: Defconfigs for Secure Boot Target are not removed.
arch/arm/cpu/armv8/fsl-layerscape/soc.c | 6 ++++++ board/freescale/common/Makefile | 1 + board/freescale/common/fsl_chain_of_trust.c | 17 +++++++++++++++++ board/freescale/ls1021aqds/ls1021aqds.c | 4 ++++ board/freescale/ls1021atwr/ls1021atwr.c | 4 ++++ include/fsl_validate.h | 2 ++ 6 files changed, 34 insertions(+)
Prefix subject with "secure_boot:". Applied to u-boot-fsl-qoriq master. Awaiting upstream.
Thanks.
York