summaryrefslogtreecommitdiff
path: root/src/soc/broadcom
diff options
context:
space:
mode:
authorDaisuke Nojiri <dnojiri@chromium.org>2015-02-09 18:15:17 -0800
committerPatrick Georgi <pgeorgi@google.com>2015-04-22 08:59:18 +0200
commite1741c512c66c468f3c3399aff451ae428cd6824 (patch)
tree07e1d8aff86068e2f2f86b753713bec4ad8b2549 /src/soc/broadcom
parentcb6bb3bc47bf55e47bdc60c53c5f40617c6a8d9b (diff)
broadcom/cygnus: add secimage and sign bootblock
secimage is a tool which adds a header and signature to the binary first loaded by the soc. ARM core frequency is set to 1 Ghz. BUG=chrome-os-partner:36421 BRANCH=broadcom-firmware TEST=booted b0 board Change-Id: Ia08600d45c47ee4f08d253980036916e44b0044a Signed-off-by: Patrick Georgi <pgeorgi@chromium.org> Original-Commit-Id: 36284d1b242c26b0b5aac2894f7ed1790da1ef15 Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Original-Reviewed-on: https://chrome-internal-review.googlesource.com/197155 Original-Reviewed-by: Scott Branden <sbranden@broadcom.com> Original-Reviewed-by: Julius Werner <jwerner@chromium.org> Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com> Original-Tested-by: Daisuke Nojiri <dnojiri@google.com> Original-Change-Id: Iaddd24006b368c8f37e075cb51e151e985029f3b Original-Reviewed-on: https://chromium-review.googlesource.com/264417 Reviewed-on: http://review.coreboot.org/9914 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Diffstat (limited to 'src/soc/broadcom')
-rw-r--r--src/soc/broadcom/cygnus/Makefile.inc41
1 files changed, 40 insertions, 1 deletions
diff --git a/src/soc/broadcom/cygnus/Makefile.inc b/src/soc/broadcom/cygnus/Makefile.inc
index a1459c0790..dce4e3d0b1 100644
--- a/src/soc/broadcom/cygnus/Makefile.inc
+++ b/src/soc/broadcom/cygnus/Makefile.inc
@@ -57,6 +57,45 @@ ramstage-$(CONFIG_DRIVERS_UART) += ns16550.c
CPPFLAGS_common += -Isrc/soc/broadcom/cygnus/include/
-$(objcbfs)/bootblock.bin: $(objcbfs)/bootblock.elf
+$(objcbfs)/bootblock.tmp: $(objcbfs)/bootblock.elf
@printf " OBJCOPY $(subst $(obj)/,,$(@))\n"
$(OBJCOPY_bootblock) -O binary $< $@
+
+ifneq ($(V),1)
+redirect := > /dev/null
+endif
+
+# Options used in the command line:
+# -out: path of the output file
+# -config: path to the file containing unauth header
+# -hmac: path to the file containing hmac for sha256
+# -bl: boot image file, ie. input file
+#
+# Authenticated header parameters:
+#
+# SBIConfiguration /* Indicates SBI config */
+# SYMMETRIC 0x0040
+#
+# CustomerID; /* Customer ID */
+# TYPE bits [31-28]
+# PRODUCTION 0x6
+# DEVELOPMENT 0x9
+# CUSTOMER_ID bits [27-0]
+#
+# ProductID; /* Product ID */
+#
+# CustomerRevisionID; /* Customer Revision ID */
+#
+# SBIUsage /* Boot Image Usage */
+# NONE 0 /* All purposes */
+# SLEEP 1
+# DEEP_SLEEP 2
+# EXCEPTION 4
+$(objcbfs)/bootblock.bin: $(objcbfs)/bootblock.tmp \
+ $(objutil)/broadcom/secimage/secimage \
+ util/broadcom/unauth.cfg \
+ util/broadcom/khmacsha256
+ @printf " SIGN $(subst $(obj)/,,$(@))\n"
+ $(objutil)/broadcom/secimage/secimage -out $@ \
+ -config util/broadcom/unauth.cfg \
+ -hmac util/broadcom/khmacsha256 -bl $<