Enable bootscript support in secure boot for establishing
chain of trust on LS1021atwr.
Signed-off-by: Gaurav Rana
---
include/configs/ls1021atwr.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h
index 729205f..f637b59 100644
--- a
Move the compilation of file fsl_validate.c in MACRO CONFIG_CMD_ESBC_VALIDATE.
This file should be compiled only when the above MACRO is defined
This caused a break in compilation of iMX platforms when compiling for
SECURE_BOOT
Signed-off-by: Gaurav Rana
---
Changes in V2:
Corrected the commit
efile:1112: recipe for target
'board/freescale/common' failed
make[1]: *** [board/freescale/common] Error 2
make[1]: *** Waiting for unfinished jobs....
Signed-off-by: Gaurav Rana
---
board/freescale/common/Makefile | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --g
defconfig files are added and SFP version for these platforms
is updated.
Signed-off-by: Gaurav Rana
---
arch/powerpc/include/asm/config_mpc85xx.h | 1 +
arch/powerpc/include/asm/fsl_secure_boot.h | 2 ++
board/freescale/t104xrdb/MAINTAINERS | 2 ++
configs
ot source command used in default secure boot command will
run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
after validation of images or core should just spin.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
---
arch/arm/include/asm/fsl_secure_boot.h
Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE.
As rsa modular exponentiation is an independent module
and can be invoked independently.
Signed-off-by: Gaurav Rana
Reviewed-by: Simon Glass
CC: Simon Glass
---
Changes in v2:
add elaborated commit message.
drivers/crypto
esbc_validate command uses various IP Blocks: Security Monitor, CAAM block
and SFP registers. Hence the respective CONFIG's are enabled.
Apart from these CONFIG_SHA_PROG_HW_ACCEL and CONFIG_RSA are also enabled.
Signed-off-by: Gaurav Rana
---
Changes in v3:
No change. Change in other patch
-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
---
Changes in v3:
No change. Change in other patches of the patch set.
Changes in v2:
Copyright is changed in all the files in the patch.
board/freescale/common/cmd_esbc_validate.c | 34 ++
board/freescale/common/fsl_validate.c | 840
: Gaurav Rana
---
Changes in v3:
Modify copyright in include/fsl_sfp.h.
Changes in v2:
No change. Change in other patches of the patch set.
arch/powerpc/include/asm/config_mpc85xx.h | 1 +
arch/powerpc/include/asm/immap_85xx.h | 16 +-
include/fsl_sfp.h | 85
ECURE BOOT.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
---
Changes in v3:
Modify copyright in include/fsl_sec_mon.h and drivers/misc/fsl_sec_mon.c.
Changes in v2:
Commit message is changed.
drivers/misc/Kconfig | 8 +++
drivers/misc/Makefile | 1 +
drivers
esbc_validate command uses various IP Blocks: Security Monitor, CAAM block
and SFP registers. Hence the respective CONFIG's are enabled.
Apart from these CONFIG_SHA_PROG_HW_ACCEL and CONFIG_RSA are also enabled.
Signed-off-by: Gaurav Rana
---
Changes in v2:
Merge patches of enablemen
-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
---
Changes in v2:
Copyright is changed in all the files in the patch.
board/freescale/common/cmd_esbc_validate.c | 34 ++
board/freescale/common/fsl_validate.c | 840 +
doc/README.esbc_validate
ECURE BOOT.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
---
Changes in v2:
Commit message is changed.
drivers/misc/Kconfig | 8 +++
drivers/misc/Makefile | 1 +
drivers/misc/fsl_sec_mon.c | 146 +
include/fsl_sec_mon.h
: Gaurav Rana
---
Changes in v2:
No change. Chnage in other patches of the patch set.
arch/powerpc/include/asm/config_mpc85xx.h | 1 +
arch/powerpc/include/asm/immap_85xx.h | 16 +-
include/fsl_sfp.h | 85 +++
3 files changed, 87 insertions
ation and decapsulation of larger images.
3. Modified the description of km paramter in the command usage for better
readability.
Signed-off-by: Gaurav Rana
Reviewed-by: Ruchika Gupta
---
Changes in v3:
Fixed blob_help_text[] array declaration.
Changes in v2:
Modify blob_help_text[] array
c
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
drivers/crypto/rsa_mod_exp/Makefile | 3 ++-
lib/rsa/Makefile| 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/rsa_mod_exp/Makefile
b/drivers/crypto/rsa_mod_exp/Makefile
index 915b751
ation and decapsulation of larger images.
3. Modified the description of km paramter in the command usage for better
readability.
Signed-off-by: Gaurav Rana
Reviewed-by: Ruchika Gupta
---
Changes in v2:
Modify blob_help_text[] array.
common/cmd_blob.c | 18 ++
dr
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
Changes in v6:
Modify description for CONFIG_SHA256, CONFIG_SHA256, CONFIG_SHA_PROG_HW_ACCEL
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
Changes in v5:
Modify description for CONFIG_SHA256, CONFIG_SHA256.
Changes in v4:
Add
allow encapsulation and decapsulation of larger images.
3. Modified the description of km parameter in the command usage for better
readability.
Signed-off-by: Gaurav Rana
Reviewed-by: Ruchika Gupta
---
common/cmd_blob.c | 18 ++
drivers/crypto/fsl/fsl_blob.c | 4 ++--
2 files ch
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
Changes in v4:
Add CONFIG_SHA256, CONFIG_SHA256, CONFIG_SHA_PROG_HW_ACCEL
Currently only normal hashing is supported using hardware acceleration.
Added support for progressinve hashing using h/w.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
Changes in v3:
Remove duplication of code and create function gen_hash_type.
Modify MAX_SG to
Currently only normal hashing is supported using hardware acceleration.
Added support for progressinve hashing using h/w.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
Changes in v2:
Merge to common functions for SHA1 and SHA256.
Incorporate comments.
README
Currently only normal hashing is supported using hardware acceleration.
Added support for progressinve hashing using h/w.
Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
---
This patch is dependent on following series of 10 patches.
https://patchwork.ozlabs.org/patch
Secure boot target is added for T1042RDB platform.
Signed-off-by: Gaurav Rana
---
board/freescale/t104xrdb/MAINTAINERS | 1 +
configs/T1042RDB_SECURE_BOOT_defconfig | 4
2 files changed, 5 insertions(+)
create mode 100644 configs/T1042RDB_SECURE_BOOT_defconfig
diff --git a/board
Corrected the order of arguments in memset in run_descriptor
function. Wrong order of argumnets led to improper initialization
of members of struct type result. This resulted in RNG instantiation
error.
Signed-off-by: Gaurav Rana
---
Changes from v1:
Corrected typo in Subject message
drivers
Corrected the order of arguments in memset in run_descriptor
function. Wrong order of argumnets led to improper initialization
of members of struct type result. This resulted in RNG instantiation
error.
Signed-off-by: Gaurav Rana
---
drivers/crypto/fsl/jr.c | 2 +-
1 file changed, 1 insertion
Secure boot target is added for P5040DS platform.
Signed-off-by: Gaurav Rana
---
board/freescale/corenet_ds/MAINTAINERS | 1 +
configs/P5040DS_SECURE_BOOT_defconfig | 4
2 files changed, 5 insertions(+)
create mode 100644 configs/P5040DS_SECURE_BOOT_defconfig
diff --git a/board
From: Gaurav Kumar Rana
Secure boot target is added for P5040DS platform.
Signed-off-by: Gaurav Kumar Rana
---
configs/P5040DS_SECURE_BOOT_defconfig | 4
1 file changed, 4 insertions(+)
create mode 100644 configs/P5040DS_SECURE_BOOT_defconfig
diff --git a/configs/P5040DS_SECURE_BOOT_def
29 matches
Mail list logo
