[U-Boot] [PATCH 06/14] SECURE BOOT: Copy Bootscript and header from NOR to DDR for LS2080/5

From: Saksham Jain <saksham.jain@nxp.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 06/14] SECURE BOOT: Copy Bootscript and header from NOR to DDR for LS2080/5
Date: Wed, 27 Jan 2016 15:31:03 +0530	[thread overview]
Message-ID: <1453888871-13307-7-git-send-email-saksham.jain@nxp.com> (raw)
In-Reply-To: <1453888871-13307-1-git-send-email-saksham.jain@nxp.com>

During Secure Boot, a bootscript is validated using its header.
This patch copies both these images to DDR from NOR and then validates and
executed them from DDR. (If NOR is the boot source for LS2080 and LS2085).

This copy step is done to make this step common across booting sources.
Because in case of non-xip memories (e.g. NAND, SD) it is neccessary to copy
both these images to DDR.

For other ARM Platforms (ls1043 and ls1020), header is not copied from NOR
to DDR (otherwise customers will need to modify the existing headers).
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
---
 arch/arm/include/asm/fsl_secure_boot.h | 23 ++++++++++++++++++++---
 include/config_fsl_chain_trust.h       | 11 +++++++----
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h
index 7c55ea1..4bd0517 100644
--- a/arch/arm/include/asm/fsl_secure_boot.h
+++ b/arch/arm/include/asm/fsl_secure_boot.h
@@ -62,13 +62,30 @@
 	"setenv initrd_high 0xcfffffff;"	\
 	"setenv hwconfig \'fsl_ddr:ctlr_intlv=null,bank_intlv=null\';"
 
-/* The address needs to be modified according to NOR memory map */
+/* Copying Bootscript and Header to DDR from NOR for LS2 and for rest, from
+ * Non-XIP Memory (Nand/SD)*/
+#if defined(CONFIG_SYS_RAMBOOT) || defined(CONFIG_LS2080A) ||\
+	defined(CONFIG_LS2085A)
+#define CONFIG_BOOTSCRIPT_COPY_RAM
+#endif
+/* The address needs to be modified according to NOR and DDR memory map */
 #if defined(CONFIG_LS2080A) || defined(CONFIG_LS2085A)
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0x583920000
+#define CONFIG_BS_HDR_ADDR_FLASH	0x583920000
+#define CONFIG_BS_ADDR_FLASH		0x583900000
+#define CONFIG_BS_HDR_ADDR_RAM		0xa3920000
+#define CONFIG_BS_ADDR_RAM		0xa3900000
 #else
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0x600a0000
+#define CONFIG_BS_HDR_ADDR_FLASH	0x600a0000
+#define CONFIG_BS_ADDR_FLASH		0x60060000
+#define CONFIG_BS_HDR_ADDR_RAM		0xa0060000
+#define CONFIG_BS_ADDR_RAM		0xa0060000
 #endif
 
+#define CONFIG_BOOTSCRIPT_HDR_ADDR	CONFIG_BS_HDR_ADDR_RAM
+#define CONFIG_BS_HDR_SIZE		0x00002000
+#define CONFIG_BOOTSCRIPT_ADDR		CONFIG_BS_ADDR_RAM
+#define CONFIG_BS_SIZE			0x00001000
+
 #include <config_fsl_chain_trust.h>
 #endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
 #endif
diff --git a/include/config_fsl_chain_trust.h b/include/config_fsl_chain_trust.h
index 45dda56..aa222bb 100644
--- a/include/config_fsl_chain_trust.h
+++ b/include/config_fsl_chain_trust.h
@@ -65,8 +65,6 @@
 	"esbc_halt\0"
 #endif
 
-/* For secure boot flow, default environment used will be used */
-#if defined(CONFIG_SYS_RAMBOOT)
 #ifdef CONFIG_BOOTSCRIPT_COPY_RAM
 #define CONFIG_BS_COPY_ENV \
 	"setenv bs_hdr_ram " __stringify(CONFIG_BS_HDR_ADDR_RAM)";" \
@@ -76,14 +74,19 @@
 	"setenv bs_flash " __stringify(CONFIG_BS_ADDR_FLASH)";" \
 	"setenv bs_size " __stringify(CONFIG_BS_SIZE)";"
 
+/* For secure boot flow, default environment used will be used */
+#if defined(CONFIG_SYS_RAMBOOT)
 #if defined(CONFIG_RAMBOOT_NAND)
 #define CONFIG_BS_COPY_CMD \
 	"nand read $bs_hdr_ram $bs_hdr_flash $bs_hdr_size ;" \
 	"nand read $bs_ram $bs_flash $bs_size ;"
 #endif /* CONFIG_RAMBOOT_NAND */
-#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
-
+#else
+#define CONFIG_BS_COPY_CMD \
+	"cp.b $bs_hdr_flash $bs_hdr_ram  $bs_hdr_size ;" \
+	"cp.b $bs_flash $bs_ram  $bs_size ;"
 #endif
+#endif /* CONFIG_BOOTSCRIPT_COPY_RAM */
 
 #ifndef CONFIG_BS_COPY_ENV
 #define CONFIG_BS_COPY_ENV
-- 
1.8.1.4
