diff options
author | Haixiang Bao <haixiang.bao@amlogic.com> | 2018-12-19 20:52:01 +0800 |
---|---|---|
committer | Dongjin Kim <tobetter@gmail.com> | 2019-03-05 23:25:59 +0900 |
commit | ebf62f265f0928c0cebca3f78c4cb5aa8ef138c6 (patch) | |
tree | 517d608f5d6308aea3b8256dd21236de881fb4c8 /common | |
parent | 6864574e3cbfc9e92b99814e3044b516d7e5e395 (diff) | |
download | u-boot-odroid-c1-ebf62f265f0928c0cebca3f78c4cb5aa8ef138c6.tar.gz |
BL33: EFUSE: use EFUSE_LICX for Riscure review [1/1]
PD#SWPL-3175
Problem:
Riscure code review report EFUSE license should use EFUSE_LICx but not
AO_SEC_SD_CFG10/9 any more
Solution:
For G12A/G12B/TL1... which have EFUSE_LICx will use them instead
of AO_SEC_SD_CFG10/9
EFUSE_LIC0/1/2/3 -> AO_SEC_SD_CFG10/9
Verify:
axg/g12a/g12b/gxb/gxl/gxtvbb/tl1/txhd/txl/txlx skt board verify on the way
Change-Id: I13979aecf4e6e58f6d3469b110b500bc83d18e25
Signed-off-by: Haixiang Bao <haixiang.bao@amlogic.com>
Diffstat (limited to 'common')
-rw-r--r-- | common/aml_dt.c | 30 | ||||
-rw-r--r-- | common/cmd_bootm.c | 10 | ||||
-rw-r--r-- | common/cmd_imgread.c | 10 |
3 files changed, 9 insertions, 41 deletions
diff --git a/common/aml_dt.c b/common/aml_dt.c index bbe6463585..ca967de237 100644 --- a/common/aml_dt.c +++ b/common/aml_dt.c @@ -8,6 +8,8 @@ #include <asm/arch/bl31_apis.h> #include <partition_table.h> +#include <amlogic/aml_efuse.h> + //#define AML_DT_DEBUG #ifdef AML_DT_DEBUG #define dbg_printf(...) printf(__VA_ARGS__) @@ -42,24 +44,6 @@ //#define readl(addr) (*(volatile unsigned int*)(addr)) extern int checkhw(char * name); -/* return 1 if dtb is encrpted */ -int is_dtb_encrypt(unsigned char *buffer) -{ -#if 0 - unsigned int magic = *(unsigned int*)buffer; - - if ((DT_HEADER_MAGIC == magic) - || (AML_DT_HEADER_MAGIC == magic) - || (IS_GZIP_FORMAT(magic))) - return 0; - return 1; -#else - const unsigned long cfg10 = readl(AO_SEC_SD_CFG10); - /*KM_MSG("cfg10=0x%lX\n", cfg10);*/ - return ( cfg10 & (0x1<< 4) ); -#endif//#if 0 -} - unsigned long __attribute__((unused)) get_multi_dt_entry(unsigned long fdt_addr){ unsigned int dt_magic = readl(fdt_addr); @@ -242,11 +226,6 @@ unsigned long __attribute__((unused)) return 0; } -static int is_secure_boot_enabled(void) -{ - const unsigned long cfg10 = readl(AO_SEC_SD_CFG10); - return ( cfg10 & (0x1<< 4) ); -} /* return 0 if dts is valid @@ -260,9 +239,8 @@ int check_valid_dts(unsigned char *buffer) unsigned char *sbuffer = (unsigned char *)getenv_hex("loadaddr", CONFIG_DTB_MEM_ADDR + 0x100000); /* g12a merge to trunk, use trunk code */ //unsigned char *sbuffer = (unsigned char *)0x1000000; - if (is_secure_boot_enabled()) { + if (IS_FEAT_BOOT_VERIFY()) { - if (is_dtb_encrypt(buffer)) { memcpy(sbuffer, buffer, AML_DTB_IMG_MAX_SZ); flush_cache((unsigned long)sbuffer, AML_DTB_IMG_MAX_SZ); ret = aml_sec_boot_check(AML_D_P_IMG_DECRYPT, (long unsigned)sbuffer, AML_DTB_IMG_MAX_SZ, 0); @@ -280,8 +258,6 @@ int check_valid_dts(unsigned char *buffer) memcpy(buffer, sbuffer + nCheckOffset, AML_DTB_IMG_MAX_SZ); } - - } #ifdef CONFIG_MULTI_DTB dt_addr = (char *)get_multi_dt_entry((unsigned long)buffer); #else diff --git a/common/cmd_bootm.c b/common/cmd_bootm.c index 6367002014..1707347a1c 100644 --- a/common/cmd_bootm.c +++ b/common/cmd_bootm.c @@ -29,6 +29,8 @@ #endif #include <asm/arch/secure_apb.h> +#include <amlogic/aml_efuse.h> + DECLARE_GLOBAL_DATA_PTR; #if defined(CONFIG_CMD_IMI) @@ -94,12 +96,6 @@ static int do_bootm_subcommand(cmd_tbl_t *cmdtp, int flag, int argc, return ret; } -static int is_secure_boot_enabled(void) -{ - const unsigned long cfg10 = readl(AO_SEC_SD_CFG10); - return ( cfg10 & (0x1<< 4) ); -} - /*******************************************************************/ /* bootm - boot application image from image in memory */ /*******************************************************************/ @@ -258,7 +254,7 @@ int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) #endif #endif//#ifndef CONFIG_AML_SIGNED_UBOOT - if (is_secure_boot_enabled()) + if (IS_FEAT_BOOT_VERIFY()) { /* Override load address argument to skip secure boot header (512). * Only skip if secure boot so normal boot can use plain boot.img+ */ diff --git a/common/cmd_imgread.c b/common/cmd_imgread.c index 1bb33309fb..ebf230dce8 100644 --- a/common/cmd_imgread.c +++ b/common/cmd_imgread.c @@ -18,6 +18,8 @@ #include <asm/arch/secure_apb.h> #include <libfdt.h> +#include <amlogic/aml_efuse.h> + typedef struct andr_img_hdr boot_img_hdr; #define debugP(fmt...) //printf("[Dbg imgread]L%d:", __LINE__),printf(fmt) @@ -78,12 +80,6 @@ typedef struct{ #define COMPILE_TYPE_ASSERT(expr, t) typedef char t[(expr) ? 1 : -1] COMPILE_TYPE_ASSERT(2048 >= sizeof(AmlSecureBootImgHeader), _cc); -static int is_secure_boot_enabled(void) -{ - const unsigned long cfg10 = readl(AO_SEC_SD_CFG10); - return ( cfg10 & (0x1<< 4) ); -} - static int is_andr_9_image(void* pBuffer) { int nReturn = 0; @@ -121,7 +117,7 @@ static int _aml_get_secure_boot_kernel_size(const void* pLoadaddr, unsigned* pTo unsigned int nBlkCnt = 0; const t_aml_enc_blk* pBlkInf = NULL; unsigned char *pAndHead = (unsigned char *)pLoadaddr; - unsigned int isSecure = is_secure_boot_enabled(); + unsigned int isSecure = IS_FEAT_BOOT_VERIFY(); rc = __LINE__; |