[U-Boot] [U-Boot, 4/4] arm: mach-keystone: Updates mon_install for K2G HS
Tom Rini
trini at konsulko.com
Wed Jul 26 19:50:48 UTC 2017
On Mon, Jul 17, 2017 at 12:59:15PM -0500, Andrew F. Davis wrote:
> From: Madan Srinivas <madans at ti.com>
>
> On early K2 devices (eg. K2HK) the secure ROM code does not support
> loading secure code to firewall protected memory, before decrypting,
> authenticating and executing it.
>
> To load the boot monitor on these devices, it is necessary to first
> authenticate and run a copy loop from non-secure memory that copies
> the boot monitor behind firewall protected memory, before decrypting
> and executing it.
>
> On K2G, the secure ROM does not allow secure code executing from
> unprotected memory. Further, ROM first copies the signed and encrypted
> image into firewall protected memory, then decrypts, authenticates
> and executes it.
>
> As a result of this, we cannot use the copy loop for K2G. The
> mon_install has to be modified to pass the address the signed and
> encrypted secure boot monitor image to the authentication API.
>
> For backward compatibility with other K2 devices and K2G GP,
> the mon_install API still supports a single argument. In this case
> the second argument is set to 0 by u-boot and is ignored by ROM
>
> Signed-off-by: Thanh Tran <thanh-tran at ti.com>
> Signed-off-by: Madan Srinivas <madans at ti.com>
> Reviewed-by: Tom Rini <trini at konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20170726/ddbe3976/attachment.sig>
More information about the U-Boot
mailing list