]> git.dujemihanovic.xyz Git - u-boot.git/commit
imx: imx7 Support for Manufacturing Protection
authorBreno Lima <breno.lima@nxp.com>
Thu, 25 Mar 2021 09:30:02 +0000 (17:30 +0800)
committerStefano Babic <sbabic@denx.de>
Thu, 8 Apr 2021 07:18:29 +0000 (09:18 +0200)
commit30e39ac7c937e07002e2868b23b679e6bb0f2a58
treeb26b290b9a81b45159b548de500d901c73a8d301
parentac3a16f8501e93efb8554df2dc79a96b00b6eea8
imx: imx7 Support for Manufacturing Protection

This code was originally developed by Raul Cardenas <raul.casas@nxp.com>
and modified to be applied in U-Boot imx_v2017.03.

More information about the initial submission can be seen
in the link below:
https://lists.denx.de/pipermail/u-boot/2016-February/245273.html

i.MX7D has an a protection feature for Manufacturing process.
This feature uses asymmetric encryption to sign and verify
authenticated software handled between parties. This command
enables the use of such feature.

The private key is unique and generated once per device.
And it is stored in secure memory and only accessible by CAAM.
Therefore, the public key generation and signature functions
are the only functions available for the user.

The manufacturing-protection authentication process can be used to
authenticate the chip to the OEM's server.

Command usage:

Print the public key for the device.
- mfgprot pubk

Generates Signature over given data.
- mfgprot sign <data_address> <data_size>

Signed-off-by: Raul Ulises Cardenas <raul.casas@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
arch/arm/mach-imx/Kconfig
arch/arm/mach-imx/Makefile
arch/arm/mach-imx/cmd_mfgprot.c [new file with mode: 0644]
drivers/crypto/fsl/Makefile
drivers/crypto/fsl/desc.h
drivers/crypto/fsl/fsl_mfgprot.c [new file with mode: 0644]
include/fsl_sec.h