/* Security Monitor */
#define CONFIG_SYS_FSL_SEC_MON_LE
-
+/* Secure Boot */
+#define CONFIG_ESBC_HDR_LS
/* Cache Coherent Interconnect */
#define CCI_MN_BASE 0x04000000
* The feature is only applicable in case of NOR boot and is
* not applicable in case of RAMBOOT (NAND, SD, SPI).
*/
+#ifndef CONFIG_ESBC_HDR_LS
+/* Current Key EXT feature not available in LS ESBC Header */
#define CONFIG_FSL_ISBC_KEY_EXT
#endif
+#endif
+
#ifdef CONFIG_LS1043A
/* For LS1043 (ARMv8), ESBC image Address in Header is 64 bit */
#define CONFIG_ESBC_ADDR_64BIT
};
static u8 hash_val[SHA256_BYTES];
+
+#ifdef CONFIG_ESBC_HDR_LS
+/* New Barker Code for LS ESBC Header */
+static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 };
+#else
static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
+#endif
void branch_to_self(void) __attribute__ ((noreturn));
/* This function checks srk_table_flag in header and set/reset srk_flag.*/
static u32 check_srk(struct fsl_secboot_img_priv *img)
{
+#ifdef CONFIG_ESBC_HDR_LS
+ /* In LS, No SRK Flag as SRK is always present*/
+ return 1;
+#else
if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
return 1;
return 0;
+#endif
}
/* This function returns ospr's key_revoc values.*/
}
#endif
+#ifndef CONFIG_ESBC_HDR_LS
static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
{
struct fsl_secboot_img_hdr *hdr = &img->hdr;
return 0;
}
+#endif /* CONFIG_ESBC_HDR_LS */
#if defined(CONFIG_FSL_ISBC_KEY_EXT)
static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
+ case ERROR_KEY_TABLE_NOT_FOUND:
#ifdef CONFIG_KEY_REVOCATION
case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
if (!key_hash && check_ie(img))
key_hash = 1;
#endif
- if (!key_hash)
+#ifndef CONFIG_ESBC_HDR_LS
+/* No single key support in LS ESBC header */
+ if (!key_hash) {
ret = algo->hash_update(algo, ctx,
img->img_key, img->hdr.key_len, 0);
+ key_hash = 1;
+ }
+#endif
if (ret)
return ret;
+ if (!key_hash)
+ return ERROR_KEY_TABLE_NOT_FOUND;
/* Update hash for actual Image */
ret = algo->hash_update(algo, ctx,
u8 *k, *s;
u32 ret = 0;
-#ifdef CONFIG_KEY_REVOCATION
-#endif
int key_found = 0;
/* check barker code */
key_found = 1;
}
#endif
-
+#ifndef CONFIG_ESBC_HDR_LS
+/* Single Key Feature not available in LS ESBC Header */
if (key_found == 0) {
ret = read_validate_single_key(img);
if (ret != 0)
return ret;
key_found = 1;
}
+#endif
+ if (!key_found)
+ return ERROR_KEY_TABLE_NOT_FOUND;
/* check signaure */
if (get_key_len(img) == 2 * hdr->sign_len) {
}
memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
-
+/* No SG support in LS-CH3 */
+#ifndef CONFIG_ESBC_HDR_LS
/* No SG support */
if (hdr->sg_flag)
return ERROR_ESBC_CLIENT_HEADER_SG;
+#endif
/* modulus most significant bit should be set */
k = (u8 *)&img->img_key;
#define ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN 0x18
#define ERROR_IE_TABLE_NOT_FOUND 0x19
#define ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN 0x20
+#define ERROR_KEY_TABLE_NOT_FOUND 0x21
#define ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1 0x40
#define ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2 0x80
#define ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD 0x100
"Wrong IE public key len in header" },
{ ERROR_IE_TABLE_NOT_FOUND,
"Information about IE Table missing" },
+ { ERROR_KEY_TABLE_NOT_FOUND,
+ "No Key/ Key Table Found in header"},
{ ERROR_ESBC_CLIENT_MAX, "NULL" }
};
extern struct jobring jr;
-#ifdef CONFIG_KEY_REVOCATION
-/* Srk table and key revocation check */
-#define SRK_FLAG 0x01
-#define UNREVOCABLE_KEY 4
-#define ALIGN_REVOC_KEY 3
-#define MAX_KEY_ENTRIES 4
-#endif
-
/* Barker code size in bytes */
#define ESBC_BARKER_LEN 4 /* barker code length in ESBC uboot client */
/* header */
/* Maximum number of SG entries allowed */
#define MAX_SG_ENTRIES 8
+/* Different Header Struct for LS-CH3 */
+#ifdef CONFIG_ESBC_HDR_LS
+struct fsl_secboot_img_hdr {
+ u8 barker[ESBC_BARKER_LEN]; /* barker code */
+ u32 srk_tbl_off;
+ struct {
+ u8 num_srk;
+ u8 srk_sel;
+ u8 reserve;
+ u8 ie_flag;
+ } len_kr;
+
+ u32 uid_flag;
+
+ u32 psign; /* signature offset */
+ u32 sign_len; /* length of the signature in bytes */
+
+ u64 pimg64; /* 64 bit pointer to ESBC Image */
+ u32 img_size; /* ESBC client image size in bytes */
+ u32 ie_key_sel;
+
+ u32 fsl_uid_0;
+ u32 fsl_uid_1;
+ u32 oem_uid_0;
+ u32 oem_uid_1;
+ u32 oem_uid_2;
+ u32 oem_uid_3;
+ u32 oem_uid_4;
+ u32 reserved1[3];
+};
+
+#ifdef CONFIG_KEY_REVOCATION
+/* Srk table and key revocation check */
+#define UNREVOCABLE_KEY 8
+#define ALIGN_REVOC_KEY 7
+#define MAX_KEY_ENTRIES 8
+#endif
+
+
+#else /* CONFIG_ESBC_HDR_LS */
+
/*
* ESBC uboot client header structure.
* The struct contain the following fields
u32 ie_key_sel;
};
+#ifdef CONFIG_KEY_REVOCATION
+/* Srk table and key revocation check */
+#define SRK_FLAG 0x01
+#define UNREVOCABLE_KEY 4
+#define ALIGN_REVOC_KEY 3
+#define MAX_KEY_ENTRIES 4
+#endif
+
+#endif /* CONFIG_ESBC_HDR_LS */
+
+
#if defined(CONFIG_FSL_ISBC_KEY_EXT)
struct ie_key_table {
u32 key_len;