From 1c9c4642c3c548678d96bba9f2ae7fb499324916 Mon Sep 17 00:00:00 2001 From: Heiko Schocher Date: Sun, 1 Dec 2019 11:23:29 +0100 Subject: [PATCH] imx6: aristainetos: enable HAB boot enable IMX_HAB on aristianetos board Signed-off-by: Heiko Schocher --- board/aristainetos/aristainetos2.cfg | 3 ++ configs/aristainetos2_defconfig | 4 +++ include/configs/aristainetos2.h | 51 ++++++++++++++++++++++++++++ 3 files changed, 58 insertions(+) diff --git a/board/aristainetos/aristainetos2.cfg b/board/aristainetos/aristainetos2.cfg index fbbc2e5e6d..965ad64b49 100644 --- a/board/aristainetos/aristainetos2.cfg +++ b/board/aristainetos/aristainetos2.cfg @@ -23,6 +23,9 @@ BOOT_FROM spi #define __ASSEMBLY__ #include +#ifdef CONFIG_IMX_HAB +CSF CONFIG_CSF_SIZE +#endif #include "asm/arch/mx6-ddr.h" #include "asm/arch/iomux.h" #include "asm/arch/crm_regs.h" diff --git a/configs/aristainetos2_defconfig b/configs/aristainetos2_defconfig index cad9839f70..0c5c9fc18b 100644 --- a/configs/aristainetos2_defconfig +++ b/configs/aristainetos2_defconfig @@ -8,6 +8,9 @@ CONFIG_ENV_SIZE=0x3000 CONFIG_ENV_OFFSET=0xD0000 CONFIG_NR_DRAM_BANKS=1 CONFIG_ENV_SECT_SIZE=0x10000 +CONFIG_IMX_HAB=y +# CONFIG_CMD_DEKBLOB is not set +# CONFIG_CMD_NANDBCB is not set CONFIG_FIT=y CONFIG_SYS_EXTRA_OPTIONS="IMX_CONFIG=board/aristainetos/aristainetos2.cfg" CONFIG_BOOTDELAY=3 @@ -42,6 +45,7 @@ CONFIG_CMD_MII=y CONFIG_CMD_PING=y CONFIG_CMD_BMP=y CONFIG_CMD_CACHE=y +# CONFIG_CMD_HASH is not set CONFIG_CMD_EXT2=y CONFIG_CMD_EXT4=y CONFIG_CMD_EXT4_WRITE=y diff --git a/include/configs/aristainetos2.h b/include/configs/aristainetos2.h index fba26d0151..48cea2b4d0 100644 --- a/include/configs/aristainetos2.h +++ b/include/configs/aristainetos2.h @@ -36,6 +36,56 @@ #define CONFIG_SYS_SPI_ST_ENABLE_WP_PIN +#ifdef CONFIG_IMX_HAB +#define HAB_EXTRA_SETTINGS \ + "hab_check_addr=" \ + "if hab_auth_img ${check_addr} ${filesize} ; then " \ + "true;" \ + "else " \ + "echo \"HAB checks ${hab_check_filetype} " \ + "failed!\"; " \ + "false; " \ + "fi;\0" \ + "hab_check_file_fit=" \ + "if env exists enable_hab_check && test " \ + "${enable_hab_check} -eq 1 ; then " \ + "setenv hab_check_filetype \"FIT file on SD card " \ + "or eMMC\";" \ + "env set check_addr ${fit_addr_r};" \ + "run hab_check_addr;" \ + "else " \ + "true; "\ + "fi;\0" \ + "hab_check_file_bootscript=" \ + "if env exists enable_hab_check && test " \ + "${enable_hab_check} -eq 1 ; then " \ + "setenv hab_check_filetype \"Bootscript file\";" \ + "env set check_addr ${loadaddr};" \ + "run hab_check_addr;" \ + "else " \ + "true; "\ + "fi;\0" \ + "hab_check_flash_fit=" \ + "if env exists enable_hab_check && test " \ + "${enable_hab_check} -eq 1 ; then " \ + "setenv hab_check_filetype \"FIT files on flash\";" \ + "env set check_addr ${fit_addr_r};" \ + "run hab_check_addr;" \ + "else " \ + "true; "\ + "fi;\0" \ + "enable_hab_check=1\0" +#else +#define HAB_EXTRA_SETTINGS \ + "hab_check_file_fit=echo HAB check FIT file always returns " \ + "true;true\0" \ + "hab_check_flash_fit=echo HAB check flash FIT always returns " \ + "true;true\0" \ + "hab_check_file_bootscript=echo HAB check bootscript always " \ + "returns true;true\0" \ + "enable_hab_check=0\0" +#endif + #define CONFIG_EXTRA_ENV_BOARD_SETTINGS \ "dead=led led_red on\0" \ "mtdids=nand0=gpmi-nand,nor0=spi3.1\0" \ @@ -281,6 +331,7 @@ "else "\ "run main_rescue_boot;" \ "fi; \0"\ + HAB_EXTRA_SETTINGS \ CONFIG_EXTRA_ENV_BOARD_SETTINGS #define CONFIG_ARP_TIMEOUT 200UL -- 2.39.5