Add QSPI Secure Boot target to enable chain of trust

Reviewed-by: Ruchika Gupta ruchika.gupta@nxp.com Signed-off-by: Sumit Garg sumit.garg@nxp.com Signed-off-by: Vinitha Pillai vinitha.pillai@nxp.com --- This patch depends on the following patch-set:

1. https://patchwork.ozlabs.org/patch/687002/ 2. https://patchwork.ozlabs.org/patch/687000/ 3. https://patchwork.ozlabs.org/patch/687001/

board/freescale/ls1012ardb/ls1012ardb.c | 5 ++++ configs/ls1012ardb_qspi_SECURE_BOOT_defconfig | 40 +++++++++++++++++++++++++++ include/configs/ls1012a_common.h | 2 -- include/configs/ls1012ardb.h | 4 +++ 4 files changed, 49 insertions(+), 2 deletions(-) create mode 100644 configs/ls1012ardb_qspi_SECURE_BOOT_defconfig

diff --git a/board/freescale/ls1012ardb/ls1012ardb.c b/board/freescale/ls1012ardb/ls1012ardb.c index 778434d..3966152 100644 --- a/board/freescale/ls1012ardb/ls1012ardb.c +++ b/board/freescale/ls1012ardb/ls1012ardb.c @@ -18,6 +18,7 @@ #include <environment.h> #include <fsl_mmdc.h> #include <netdev.h> +#include <fsl_sec.h>

DECLARE_GLOBAL_DATA_PTR;

@@ -110,6 +111,10 @@ int board_init(void) gd->env_addr = (ulong)&default_environment[0]; #endif

+#ifdef CONFIG_FSL_CAAM + sec_init(); +#endif + return 0; }

diff --git a/configs/ls1012ardb_qspi_SECURE_BOOT_defconfig b/configs/ls1012ardb_qspi_SECURE_BOOT_defconfig new file mode 100644 index 0000000..ebf8838 --- /dev/null +++ b/configs/ls1012ardb_qspi_SECURE_BOOT_defconfig @@ -0,0 +1,40 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1012ARDB=y +CONFIG_SYS_EXTRA_OPTIONS="QSPI_BOOT, SECURE_BOOT" +# CONFIG_CMD_IMLS is not set +CONFIG_SYS_NS16550=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1012a-rdb" +CONFIG_OF_CONTROL=y +CONFIG_DM=y +CONFIG_SPI_FLASH=y +CONFIG_DM_SPI=y +# CONFIG_SYS_MALLOC_F is not set +CONFIG_FIT=y +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_OF_STDOUT_VIA_ALIAS=y +CONFIG_QSPI_BOOT=y +CONFIG_BOOTDELAY=10 +CONFIG_HUSH_PARSER=y +CONFIG_CMD_GREPENV=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +CONFIG_CMD_I2C=y +CONFIG_CMD_USB=y +# CONFIG_CMD_SETEXPR is not set +CONFIG_CMD_DHCP=y +CONFIG_CMD_MII=y +CONFIG_CMD_PING=y +CONFIG_CMD_CACHE=y +CONFIG_CMD_EXT2=y +CONFIG_CMD_FAT=y +CONFIG_NET_RANDOM_ETHADDR=y +CONFIG_DM_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_FSL_DSPI=y +CONFIG_USB=y +CONFIG_USB_XHCI_HCD=y +CONFIG_USB_XHCI_DWC3=y +CONFIG_USB_STORAGE=y +CONFIG_RSA=y diff --git a/include/configs/ls1012a_common.h b/include/configs/ls1012a_common.h index 80603c9..ef28480 100644 --- a/include/configs/ls1012a_common.h +++ b/include/configs/ls1012a_common.h @@ -128,6 +128,4 @@ #define CONFIG_PANIC_HANG #define CONFIG_SYS_BOOTM_LEN (64 << 20) /* Increase max gunzip size */

-#include <asm/fsl_secure_boot.h> - #endif /* __LS1012A_COMMON_H */ diff --git a/include/configs/ls1012ardb.h b/include/configs/ls1012ardb.h index 15410dd..909c26b 100644 --- a/include/configs/ls1012ardb.h +++ b/include/configs/ls1012ardb.h @@ -95,4 +95,8 @@ #define CONFIG_SYS_MEMTEST_START 0x80000000 #define CONFIG_SYS_MEMTEST_END 0x9fffffff

+#define CONFIG_FSL_CAAM /* Enable CAAM */ + +#include <asm/fsl_secure_boot.h> + #endif /* __LS1012ARDB_H__ */