-----Original Message----- From: york sun Sent: Friday, January 22, 2016 1:52 AM To: Aneesh Bansal aneesh.bansal@nxp.com; u-boot@lists.denx.de Cc: Ruchika Gupta ruchika.gupta@nxp.com; Prabhakar Kushwaha prabhakar.kushwaha@nxp.com Subject: Re: [PATCH v2 5/7] enable chain of trust for ARM platforms
On 01/17/2016 01:42 AM, Aneesh Bansal wrote:
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043). In board_late_init(), fsl_setenv_chain_of_trust() is called which will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables: bootdelay = 0 (To disable Boot Prompt) bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal aneesh.bansal@nxp.com
Changes in v2: Defconfigs for Secure Boot Target are not removed
arch/arm/cpu/armv8/fsl-layerscape/soc.c | 4 ++++ board/freescale/common/Makefile | 1 + board/freescale/common/fsl_chain_of_trust.c | 17 +++++++++++++++++ board/freescale/ls1021aqds/ls1021aqds.c | 4 ++++ board/freescale/ls1021atwr/ls1021atwr.c | 4 ++++ include/fsl_validate.h | 2 ++ 6 files changed, 32 insertions(+)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/soc.c b/arch/arm/cpu/armv8/fsl-layerscape/soc.c index 23d6b73..2f92b55 100644 --- a/arch/arm/cpu/armv8/fsl-layerscape/soc.c +++ b/arch/arm/cpu/armv8/fsl-layerscape/soc.c @@ -12,6 +12,7 @@ #include <asm/io.h> #include <asm/global_data.h> #include <asm/arch-fsl-layerscape/config.h> +#include <fsl_validate.h>
Does this patch depend on other patches? It causes compiling error for fsl_sec.h on ls2 boards.
error: #error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined
York
I have patches for LS2 to be sent on top of this patchset. I will submit a new rev of the patch in which inclusion of <fsl_validate.h> is protected by CONFIG_CHAIN_OF_TRUST. When we add chain of trust support for LS2, CONFIG_SYS_FSL_SEC_LE will also be defined.
Aneesh