AST2600 leverages the FIT hash/signature verification to fulfill
secure boot trust chain. To improve the performance and save SW
code size for those crypto operations, the two HW crypto engine,
HACE and ACRY, are enabled.
However, both of the engines can only access to data stored in
DRAM space. Therefore, we need to move the FIT image into DRAM
before the booting.
This patch update the CONFIG_BOOTCOMMAND to execute the pre-defined
ENV variable which consists of FIT image copy to memory and booting.
Signed-off-by: Chia-Wei Wang <chiawei_w...@aspeedtech.com>
---
configs/evb-ast2600_defconfig | 2 +-
include/configs/evb_ast2600.h | 7 +++++++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/configs/evb-ast2600_defconfig b/configs/evb-ast2600_defconfig
index eba6940ec1..abb156f13e 100644
--- a/configs/evb-ast2600_defconfig
+++ b/configs/evb-ast2600_defconfig
@@ -27,7 +27,7 @@ CONFIG_SPL_LOAD_FIT_ADDRESS=0x10000
CONFIG_USE_BOOTARGS=y
CONFIG_BOOTARGS="console=ttyS4,115200n8 root=/dev/ram rw"
CONFIG_USE_BOOTCOMMAND=y
-CONFIG_BOOTCOMMAND="bootm 20100000"
+CONFIG_BOOTCOMMAND="run bootspi"
# CONFIG_DISPLAY_CPUINFO is not set
CONFIG_SPL_SIZE_LIMIT_SUBTRACT_GD=y
CONFIG_SPL_SIZE_LIMIT_SUBTRACT_MALLOC=y
diff --git a/include/configs/evb_ast2600.h b/include/configs/evb_ast2600.h
index d2aceb6663..83002db317 100644
--- a/include/configs/evb_ast2600.h
+++ b/include/configs/evb_ast2600.h
@@ -14,7 +14,14 @@
#define CONFIG_SYS_LOAD_ADDR 0x83000000
/* Misc */
+#define STR_HELPER(s) #s
+#define STR(s) STR_HELPER(s)
+
#define CONFIG_EXTRA_ENV_SETTINGS \
+ "loadaddr=" STR(CONFIG_SYS_LOAD_ADDR) "\0" \
+ "bootspi=fdt addr 20100000 && fdt header get fitsize totalsize && " \
+ "cp.b 20100000 ${loadaddr} ${fitsize} && bootm; " \
+ "echo Error loading kernel FIT image\0" \
"verify=yes\0" \
"spi_dma=yes\0" \
""
--
2.17.1
