[U-Boot] [PATCH 28/53] armv8: layerscape: secure boot support for environment selection
Rajesh Bhagat
rajesh.bhagat at nxp.com
Wed Oct 3 11:37:11 UTC 2018
Add secure boot support for environment selection.
Signed-off-by: Pankit Garg <pankit.garg at nxp.com>
Signed-off-by: Rajesh Bhagat <rajesh.bhagat at nxp.com>
---
arch/arm/cpu/armv8/fsl-layerscape/cpu.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/cpu.c b/arch/arm/cpu/armv8/fsl-layerscape/cpu.c
index 1ab4d93638..063a8fea55 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/cpu.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/cpu.c
@@ -33,6 +33,9 @@
#ifdef CONFIG_TFABOOT
#include <environment.h>
+#ifdef CONFIG_CHAIN_OF_TRUST
+#include <fsl_validate.h>
+#endif
#endif
DECLARE_GLOBAL_DATA_PTR;
@@ -738,6 +741,14 @@ enum env_location env_get_location(enum env_operation op, int prio)
if (prio)
return ENVL_UNKNOWN;
+#ifdef CONFIG_CHAIN_OF_TRUST
+ /* Check Boot Mode
+ * If Boot Mode is Secure, return ENVL_NOWHERE
+ */
+ if (fsl_check_boot_mode_secure() == 1)
+ goto done;
+#endif
+
switch (src) {
case BOOT_SOURCE_IFC_NOR:
env_loc = ENVL_FLASH;
@@ -765,6 +776,9 @@ enum env_location env_get_location(enum env_operation op, int prio)
break;
}
+#ifdef CONFIG_CHAIN_OF_TRUST
+done:
+#endif
return env_loc;
}
--
2.17.1
More information about the U-Boot
mailing list