[U-Boot] [PATCH v2 0/7] The patchset fixes some issue in the generation of the imx image

Mon Aug 12 16:39:27 CEST 2013

(header for Freescale's i.MX processors) to allow the usage of
Freescale's tools to sign the u-boot image and provide a secure boot.

This has nothing to do with the Secure Boot extensions implemented by
Simon Glass, that can be in any case used to boot later a secure image.
Freescale's secure boot ensures that a signed bootloader
is started only if it is verified with a key that is burned into the iMX fuses.
Documentation about the Freescale's secure process can be read from the
AN4591, available on the Freescale's Website.

The patchset allows to add to the imx Header the CSF (command Sequence File)
generated by the tools provided by Freescale. The CSF is then simply concatenated
to the u-boot image, making a signed bootloader, that the processor can verify
if the fuses for the keys are burned. The processor (i.MX53 / i.MX6x) will not
start a bootloader that cannot be verified - further infos how to configure
the SOC to verify the bootloader can be found in the User Manual of the specific
SOC.

Next step is to verify the kernel, that can be still done using Simon's patches for
verified boot (CONFIG_OF_CONTROL must be set in the board configuarion file).

Changes in v2:
- drop dead code (Marek Vasut)
- Fix errors when SECURE_BOOT is selected due to enum
- simplify display_event code (Marek Vasut)
- compile hab code only if SECURE_BOOT is set (Fabio Estevam)
- update licence with SPDX line according to new rules.

Stefano Babic (7):
  tools: imx_header should not include flash_offset
  tools: rename mximage_flash_offset to imximage_ivt_offset
  tools: dynamically allocate imx_header in imximage
  tools: add variable padding of data image in mkimage
  tools: add padding of data image file for imximage
  tools: add support for setting the CSF into imximage
  imx: add status reporting for HAB status

 arch/arm/cpu/armv7/mx6/Makefile          |    7 +-
 arch/arm/cpu/armv7/mx6/hab.c             |  104 ++++++++++++++++++
 arch/arm/include/asm/arch-mx6/hab.h      |   67 ++++++++++++
 arch/arm/include/asm/arch-mx6/imx-regs.h |    8 +-
 doc/README.imximage                      |   18 +++-
 doc/README.mxc_hab                       |   48 +++++++++
 tools/imximage.c                         |  174 +++++++++++++++++++++++++++---
 tools/imximage.h                         |   20 +++-
 tools/mkimage.c                          |   24 ++++-
 tools/mkimage.h                          |    5 +-
 10 files changed, 444 insertions(+), 31 deletions(-)
 create mode 100644 arch/arm/cpu/armv7/mx6/hab.c
 create mode 100644 arch/arm/include/asm/arch-mx6/hab.h
 create mode 100644 doc/README.mxc_hab

-- 
1.7.9.5