powerpc: Clean up CHAIN_OF_TRUST related options

As things stand currently, there is only one PowerPC platform that enables the options for CHAIN_OF_TRUST. From the board header files, remove a number of never-set options. Remove board specific values from arch/powerpc/include/asm/fsl_secure_boot.h as well. Rework include/config_fsl_chain_trust.h to not abuse the CONFIG namespace for constructing CHAIN_BOOT_CMD. Migrate all of the configurable addresses to Kconfig. If any platforms are re-introduced with secure boot support, everything required should still be here, but now in Kconfig, or requires migration of an option to Kconfig. Cc: Peng Fan <peng.fan@nxp.com> Signed-off-by: Tom Rini <trini@konsulko.com>
author: Tom Rini 2022-06-17 16:24:34 -0400
committer: Tom Rini 2022-07-05 17:04:15 -0400
commit: f4cd75e96a461e1b138c3af85a4085e2772e4f7c (patch)
tree: 1196eb9c81aa8e2b016764efd5043586eec600c9 /arch
parent: 52aaa1840d226ab9863fd9b64c0a8623abb60706 (diff)
2 files changed, 41 insertions, 42 deletions
diff --git a/arch/Kconfig.nxp b/arch/Kconfig.nxp
index ccbf684bdb3..03b73d4cc34 100644
--- a/arch/Kconfig.nxp
+++ b/arch/Kconfig.nxp
@@ -75,6 +75,46 @@ config SPL_UBOOT_KEY_HASH
 	  41066b564c6ffcef40ccbc1e0a5d0d519604000c785d97bbefd25e4d288d1c8b.
 	  Otherwise leave this empty.
 
+if PPC
+
+config BOOTSCRIPT_COPY_RAM
+	bool "Secure boot copies boot script to RAM"
+	help
+	  On systems that support chain of trust booting, a number of addresses
+	  are required to set variables that are used in the copying and then
+	  verification of different parts of the system.  If enabled, the subsequent
+	  options are for what location to use in each step.
+
+config BS_ADDR_DEVICE
+	hex "Address in RAM for bs_device"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BS_SIZE
+	hex "The size of bs_size which is the amount read from bs_device"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BS_ADDR_RAM
+	hex "Address in RAM for bs_ram"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BS_HDR_ADDR_DEVICE
+	hex "Address in RAM for bs_hdr_device"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BS_HDR_SIZE
+	hex "The size of bs_hdr_size which is the amount read from bs_hdr_device"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BS_HDR_ADDR_RAM
+	hex "Address in RAM for bs_hdr_ram"
+	depends on BOOTSCRIPT_COPY_RAM
+
+config BOOTSCRIPT_HDR_ADDR
+	hex "CONFIG_BOOTSCRIPT_HDR_ADDR"
+	default BS_ADDR_RAM if BOOTSCRIPT_COPY_RAM
+
+endif
+
 config SYS_FSL_SRK_LE
 	def_bool y
 	depends on ARM
diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h b/arch/powerpc/include/asm/fsl_secure_boot.h
index c062fa5c191..a96a1ac5d77 100644
--- a/arch/powerpc/include/asm/fsl_secure_boot.h
+++ b/arch/powerpc/include/asm/fsl_secure_boot.h
@@ -10,19 +10,12 @@
 #ifdef CONFIG_NXP_ESBC
 #if defined(CONFIG_FSL_CORENET)
 #define CONFIG_SYS_PBI_FLASH_BASE		0xc0000000
-#elif defined(CONFIG_TARGET_BSC9132QDS)
-#define CONFIG_SYS_PBI_FLASH_BASE		0xc8000000
-#elif defined(CONFIG_TARGET_C29XPCIE)
-#define CONFIG_SYS_PBI_FLASH_BASE		0xcc000000
 #else
 #define CONFIG_SYS_PBI_FLASH_BASE		0xce000000
 #endif
 #define CONFIG_SYS_PBI_FLASH_WINDOW		0xcff80000
 
-#if defined(CONFIG_TARGET_B4860QDS) || \
-	defined(CONFIG_TARGET_B4420QDS) || \
-	defined(CONFIG_TARGET_T4240QDS) || \
-	defined(CONFIG_TARGET_T2080QDS) || \
+#if defined(CONFIG_TARGET_T2080QDS) || \
 	defined(CONFIG_TARGET_T2080RDB) || \
 	defined(CONFIG_TARGET_T1042RDB) || \
 	defined(CONFIG_TARGET_T1042D4RDB) || \
@@ -78,40 +71,6 @@
 #endif /* ifdef CONFIG_SPL_BUILD */
 
 #ifndef CONFIG_SPL_BUILD
-/*
- * fsl_setenv_chain_of_trust() must be called from
- * board_late_init()
- */
-
-/* If Boot Script is not on NOR and is required to be copied on RAM */
-#ifdef CONFIG_BOOTSCRIPT_COPY_RAM
-#define CONFIG_BS_HDR_ADDR_RAM		0x00010000
-#define CONFIG_BS_HDR_ADDR_DEVICE	0x00800000
-#define CONFIG_BS_HDR_SIZE		0x00002000
-#define CONFIG_BS_ADDR_RAM		0x00012000
-#define CONFIG_BS_ADDR_DEVICE		0x00802000
-#define CONFIG_BS_SIZE			0x00001000
-
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	CONFIG_BS_HDR_ADDR_RAM
-#else
-
-/* The bootscript header address is different for B4860 because the NOR
- * mapping is different on B4 due to reduced NOR size.
- */
-#if defined(CONFIG_TARGET_B4860QDS) || defined(CONFIG_TARGET_B4420QDS)
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0xecc00000
-#elif defined(CONFIG_FSL_CORENET)
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0xe8e00000
-#elif defined(CONFIG_TARGET_BSC9132QDS)
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0x88020000
-#elif defined(CONFIG_TARGET_C29XPCIE)
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0xec020000
-#else
-#define CONFIG_BOOTSCRIPT_HDR_ADDR	0xee020000
-#endif
-
-#endif /* #ifdef CONFIG_BOOTSCRIPT_COPY_RAM */
-
 #include <config_fsl_chain_trust.h>
 #endif /* #ifndef CONFIG_SPL_BUILD */
 #endif /* #ifdef CONFIG_CHAIN_OF_TRUST */
author	Tom Rini	2022-06-17 16:24:34 -0400
committer	Tom Rini	2022-07-05 17:04:15 -0400
commit	f4cd75e96a461e1b138c3af85a4085e2772e4f7c (patch)
tree	1196eb9c81aa8e2b016764efd5043586eec600c9 /arch
parent	52aaa1840d226ab9863fd9b64c0a8623abb60706 (diff)