diff options
author | Sumit Garg <sumit.garg@nxp.com> | 2016-07-14 12:27:51 -0400 |
---|---|---|
committer | York Sun <york.sun@nxp.com> | 2016-07-21 11:09:23 -0700 |
commit | 8f01397ba76d1ee210bedbf031d807e8df34c482 (patch) | |
tree | 5c25955aa0d03c186a5c7eace132c590c9b6c877 /include/fsl_validate.h | |
parent | 63865278dae47ad19527d9f9b6e0dad6cb01f401 (diff) | |
download | u-boot-8f01397ba76d1ee210bedbf031d807e8df34c482.tar.gz |
powerpc/mpc85xx: SECURE BOOT- Enable chain of trust in SPL
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.
Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
Diffstat (limited to 'include/fsl_validate.h')
-rw-r--r-- | include/fsl_validate.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/include/fsl_validate.h b/include/fsl_validate.h index a71e1ce2b0..c350938d1f 100644 --- a/include/fsl_validate.h +++ b/include/fsl_validate.h @@ -254,4 +254,11 @@ int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc, int fsl_check_boot_mode_secure(void); int fsl_setenv_chain_of_trust(void); + +/* + * This function is used to validate the main U-boot binary from + * SPL just before passing control to it using QorIQ Trust + * Architecture header (appended to U-boot image). + */ +void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr); #endif |