imx: replace CONFIG_SECURE_BOOT with CONFIG_IMX_HAB

CONFIG_SECURE_BOOT is too generic and forbids to use it for cross
architecture purposes. If Secure Boot is required for imx, this means to
enable and use the HAB processor in the soc.

Signed-off-by: Stefano Babic <sbabic@denx.de>

diff --git a/Makefile b/Makefile
index 733bcec..80b7811 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -830,10 +830,10 @@ ALL-$(CONFIG_RAMBOOT_PBL) += u-boot.pbl
 endif
 endif
 ALL-$(CONFIG_SPL) += spl/u-boot-spl.bin
-ifeq ($(CONFIG_MX6)$(CONFIG_SECURE_BOOT), yy)
+ifeq ($(CONFIG_MX6)$(CONFIG_IMX_HAB), yy)
 ALL-$(CONFIG_SPL_FRAMEWORK) += u-boot-ivt.img
 else
-ifeq ($(CONFIG_MX7)$(CONFIG_SECURE_BOOT), yy)
+ifeq ($(CONFIG_MX7)$(CONFIG_IMX_HAB), yy)
 ALL-$(CONFIG_SPL_FRAMEWORK) += u-boot-ivt.img
 else
 ALL-$(CONFIG_SPL_FRAMEWORK) += u-boot.img

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 3b0e315..c219a53 100644 (file)
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -812,7 +812,7 @@ config ARCH_MX7
        select ARCH_MISC_INIT
        select BOARD_EARLY_INIT_F
        select CPU_V7A
-       select SYS_FSL_HAS_SEC if SECURE_BOOT
+       select SYS_FSL_HAS_SEC if IMX_HAB
        select SYS_FSL_SEC_COMPAT_4
        select SYS_FSL_SEC_LE
        imply MXC_GPIO
@@ -820,7 +820,7 @@ config ARCH_MX7
 config ARCH_MX6
        bool "Freescale MX6"
        select CPU_V7A
-       select SYS_FSL_HAS_SEC if SECURE_BOOT
+       select SYS_FSL_HAS_SEC if IMX_HAB
        select SYS_FSL_SEC_COMPAT_4
        select SYS_FSL_SEC_LE
        select SYS_THUMB_BUILD if SPL

diff --git a/arch/arm/include/asm/arch-mx7/clock.h b/arch/arm/include/asm/arch-mx7/clock.h
index 1d07fde..984bd3f 100644 (file)
--- a/arch/arm/include/asm/arch-mx7/clock.h
+++ b/arch/arm/include/asm/arch-mx7/clock.h
@@ -357,7 +357,7 @@ int set_clk_nand(void);
 void enable_ocotp_clk(unsigned char enable);
 #endif
 void enable_usboh3_clk(unsigned char enable);
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 void hab_caam_clock_enable(unsigned char enable);
 #endif
 void mxs_set_lcdclk(uint32_t base_addr, uint32_t freq);

diff --git a/arch/arm/include/asm/mach-imx/hab.h b/arch/arm/include/asm/mach-imx/hab.h
index 95df884..b905d84 100644 (file)
--- a/arch/arm/include/asm/mach-imx/hab.h
+++ b/arch/arm/include/asm/mach-imx/hab.h
@@ -130,7 +130,7 @@ struct imx_sec_config_fuse_t {
        int word;
 };
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 extern struct imx_sec_config_fuse_t const imx_sec_config_fuse;
 #endif
 

diff --git a/arch/arm/mach-imx/Kconfig b/arch/arm/mach-imx/Kconfig
index f721eaf..b0b9d2c 100644 (file)
--- a/arch/arm/mach-imx/Kconfig
+++ b/arch/arm/mach-imx/Kconfig
@@ -34,7 +34,7 @@ config USE_IMXIMG_PLUGIN
          i.MX6/7 supports DCD and Plugin. Enable this configuration
          to use Plugin, otherwise DCD will be used.
 
-config SECURE_BOOT
+config IMX_HAB
        bool "Support i.MX HAB features"
        depends on ARCH_MX7 || ARCH_MX6 || ARCH_MX5
        select FSL_CAAM if HAS_CAAM

diff --git a/arch/arm/mach-imx/Makefile b/arch/arm/mach-imx/Makefile
index 87fd697..fbd99a3 100644 (file)
--- a/arch/arm/mach-imx/Makefile
+++ b/arch/arm/mach-imx/Makefile
@@ -44,12 +44,12 @@ ifneq ($(CONFIG_SPL_BUILD),y)
 obj-$(CONFIG_IMX_BOOTAUX) += imx_bootaux.o
 endif
 obj-$(CONFIG_SATA) += sata.o
-obj-$(CONFIG_SECURE_BOOT)    += hab.o
+obj-$(CONFIG_IMX_HAB)    += hab.o
 obj-$(CONFIG_SYSCOUNTER_TIMER) += syscounter.o
 endif
 ifeq ($(SOC),$(filter $(SOC),mx7ulp))
 obj-y  += cache.o
-obj-$(CONFIG_SECURE_BOOT) += hab.o
+obj-$(CONFIG_IMX_HAB) += hab.o
 endif
 ifeq ($(SOC),$(filter $(SOC),vf610))
 obj-y += ddrmc-vf610.o

diff --git a/arch/arm/mach-imx/imx8m/soc.c b/arch/arm/mach-imx/imx8m/soc.c
index f904049..aeca82c 100644 (file)
--- a/arch/arm/mach-imx/imx8m/soc.c
+++ b/arch/arm/mach-imx/imx8m/soc.c
@@ -22,7 +22,7 @@
 
 DECLARE_GLOBAL_DATA_PTR;
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 struct imx_sec_config_fuse_t const imx_sec_config_fuse = {
        .bank = 1,
        .word = 3,

diff --git a/arch/arm/mach-imx/mx6/clock.c b/arch/arm/mach-imx/mx6/clock.c
index 5af1ae7..7763c79 100644 (file)
--- a/arch/arm/mach-imx/mx6/clock.c
+++ b/arch/arm/mach-imx/mx6/clock.c
@@ -1152,7 +1152,7 @@ int enable_pcie_clock(void)
 }
 #endif
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 void hab_caam_clock_enable(unsigned char enable)
 {
        u32 reg;

diff --git a/arch/arm/mach-imx/mx6/soc.c b/arch/arm/mach-imx/mx6/soc.c
index d37d385..6dccee4 100644 (file)
--- a/arch/arm/mach-imx/mx6/soc.c
+++ b/arch/arm/mach-imx/mx6/soc.c
@@ -50,7 +50,7 @@ U_BOOT_DEVICE(imx6_thermal) = {
 };
 #endif
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 struct imx_sec_config_fuse_t const imx_sec_config_fuse = {
        .bank = 0,
        .word = 6,

diff --git a/arch/arm/mach-imx/mx7/clock.c b/arch/arm/mach-imx/mx7/clock.c
index 4f9724c..0e08cab 100644 (file)
--- a/arch/arm/mach-imx/mx7/clock.c
+++ b/arch/arm/mach-imx/mx7/clock.c
@@ -1074,7 +1074,7 @@ void clock_init(void)
        }
 }
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 void hab_caam_clock_enable(unsigned char enable)
 {
        if (enable)

diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach-imx/mx7/soc.c
index 3b8e1ba..35160f4 100644 (file)
--- a/arch/arm/mach-imx/mx7/soc.c
+++ b/arch/arm/mach-imx/mx7/soc.c
@@ -122,7 +122,7 @@ static void isolate_resource(void)
 }
 #endif
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 struct imx_sec_config_fuse_t const imx_sec_config_fuse = {
        .bank = 1,
        .word = 3,

diff --git a/arch/arm/mach-imx/mx7ulp/clock.c b/arch/arm/mach-imx/mx7ulp/clock.c
index 7bf8317..d3365dd 100644 (file)
--- a/arch/arm/mach-imx/mx7ulp/clock.c
+++ b/arch/arm/mach-imx/mx7ulp/clock.c
@@ -314,7 +314,7 @@ void clock_init(void)
        enable_usboh3_clk(1);
 }
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 void hab_caam_clock_enable(unsigned char enable)
 {
        if (enable)

diff --git a/arch/arm/mach-imx/mx7ulp/soc.c b/arch/arm/mach-imx/mx7ulp/soc.c
index 6c53aa1..127fcfe 100644 (file)
--- a/arch/arm/mach-imx/mx7ulp/soc.c
+++ b/arch/arm/mach-imx/mx7ulp/soc.c
@@ -11,7 +11,7 @@
 
 static char *get_reset_cause(char *);
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 struct imx_sec_config_fuse_t const imx_sec_config_fuse = {
        .bank = 29,
        .word = 6,

diff --git a/arch/arm/mach-imx/spl.c b/arch/arm/mach-imx/spl.c
index 30fa6ae..9fa397c 100644 (file)
--- a/arch/arm/mach-imx/spl.c
+++ b/arch/arm/mach-imx/spl.c
@@ -222,7 +222,7 @@ u32 spl_boot_mode(const u32 boot_device)
 }
 #endif
 
-#if defined(CONFIG_SECURE_BOOT)
+#if defined(CONFIG_IMX_HAB)
 
 /*
  * +------------+  0x0 (DDR_UIMAGE_START) -

diff --git a/arch/arm/mach-imx/spl_sd.cfg b/arch/arm/mach-imx/spl_sd.cfg
index e791deb..dbaee81 100644 (file)
--- a/arch/arm/mach-imx/spl_sd.cfg
+++ b/arch/arm/mach-imx/spl_sd.cfg
@@ -12,6 +12,6 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif

diff --git a/board/boundary/nitrogen6x/nitrogen6dl.cfg b/board/boundary/nitrogen6x/nitrogen6dl.cfg
index b1e3c0f..56b3bcb 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6dl.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6dl.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/boundary/nitrogen6x/nitrogen6dl2g.cfg b/board/boundary/nitrogen6x/nitrogen6dl2g.cfg
index 3e7d605..13f7a89 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6dl2g.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6dl2g.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/boundary/nitrogen6x/nitrogen6q.cfg b/board/boundary/nitrogen6x/nitrogen6q.cfg
index 26bb645..1304b52 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6q.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6q.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/boundary/nitrogen6x/nitrogen6q2g.cfg b/board/boundary/nitrogen6x/nitrogen6q2g.cfg
index 5ff3eed..e5e923d 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6q2g.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6q2g.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/boundary/nitrogen6x/nitrogen6s.cfg b/board/boundary/nitrogen6x/nitrogen6s.cfg
index 5482656..e5f814b 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6s.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6s.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/boundary/nitrogen6x/nitrogen6s1g.cfg b/board/boundary/nitrogen6x/nitrogen6s1g.cfg
index dd30ca9..f3d754e 100644 (file)
--- a/board/boundary/nitrogen6x/nitrogen6s1g.cfg
+++ b/board/boundary/nitrogen6x/nitrogen6s1g.cfg
@@ -19,7 +19,7 @@ BOOT_FROM      spi
 
 #define __ASSEMBLY__
 #include <config.h>
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 #include "asm/arch/mx6-ddr.h"

diff --git a/board/freescale/mx6slevk/imximage.cfg b/board/freescale/mx6slevk/imximage.cfg
index b33bb93..fd71bef 100644 (file)
--- a/board/freescale/mx6slevk/imximage.cfg
+++ b/board/freescale/mx6slevk/imximage.cfg
@@ -24,7 +24,7 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/freescale/mx6sllevk/imximage.cfg b/board/freescale/mx6sllevk/imximage.cfg
index 2dcff00..74b3a90 100644 (file)
--- a/board/freescale/mx6sllevk/imximage.cfg
+++ b/board/freescale/mx6sllevk/imximage.cfg
@@ -27,7 +27,7 @@ BOOT_FROM     sd
 PLUGIN board/freescale/mx6sllevk/plugin.bin 0x00907000
 #else
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/freescale/mx6sxsabresd/imximage.cfg b/board/freescale/mx6sxsabresd/imximage.cfg
index 0354bb3..28ffb2f 100644 (file)
--- a/board/freescale/mx6sxsabresd/imximage.cfg
+++ b/board/freescale/mx6sxsabresd/imximage.cfg
@@ -20,7 +20,7 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/freescale/mx6ullevk/imximage.cfg b/board/freescale/mx6ullevk/imximage.cfg
index 39306d4..40818d0 100644 (file)
--- a/board/freescale/mx6ullevk/imximage.cfg
+++ b/board/freescale/mx6ullevk/imximage.cfg
@@ -33,7 +33,7 @@ BOOT_FROM     sd
 PLUGIN board/freescale/mx6ullevk/plugin.bin 0x00907000
 #else
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/freescale/mx7dsabresd/imximage.cfg b/board/freescale/mx7dsabresd/imximage.cfg
index b72e0cf..a0f39c4 100644 (file)
--- a/board/freescale/mx7dsabresd/imximage.cfg
+++ b/board/freescale/mx7dsabresd/imximage.cfg
@@ -24,7 +24,7 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/freescale/mx7ulp_evk/imximage.cfg b/board/freescale/mx7ulp_evk/imximage.cfg
index 43ebc23..ec36730 100644 (file)
--- a/board/freescale/mx7ulp_evk/imximage.cfg
+++ b/board/freescale/mx7ulp_evk/imximage.cfg
@@ -27,7 +27,7 @@ BOOT_FROM     sd
 PLUGIN board/freescale/mx7ulp_evk/plugin.bin 0x2F020000
 #else
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 /*

diff --git a/board/toradex/colibri-imx6ull/imximage.cfg b/board/toradex/colibri-imx6ull/imximage.cfg
index 2ce55a6..a11e288 100644 (file)
--- a/board/toradex/colibri-imx6ull/imximage.cfg
+++ b/board/toradex/colibri-imx6ull/imximage.cfg
@@ -25,7 +25,7 @@ BOOT_FROM     nand
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/toradex/colibri_imx7/imximage.cfg b/board/toradex/colibri_imx7/imximage.cfg
index 25cfd5c..1b4f272 100644 (file)
--- a/board/toradex/colibri_imx7/imximage.cfg
+++ b/board/toradex/colibri_imx7/imximage.cfg
@@ -25,7 +25,7 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/warp/imximage.cfg b/board/warp/imximage.cfg
index 4fb5a84..dea331c 100644 (file)
--- a/board/warp/imximage.cfg
+++ b/board/warp/imximage.cfg
@@ -24,7 +24,7 @@ BOOT_FROM     sd
 /*
  * Secure boot support
  */
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG__IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/warp7/imximage.cfg b/board/warp7/imximage.cfg
index a6edfda..a4c2f67 100644 (file)
--- a/board/warp7/imximage.cfg
+++ b/board/warp7/imximage.cfg
@@ -12,7 +12,7 @@
 #include <config.h>
 
 IMAGE_VERSION  2
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
 CSF CONFIG_CSF_SIZE
 #endif
 

diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 39ae982..c423e04 100644 (file)
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -146,7 +146,7 @@ int board_late_init(void)
         */
        clrsetbits_le16(&wdog->wcr, 0, 0x10);
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
        /* Determine HAB state */
        env_set_ulong(HAB_ENABLED_ENVNAME, imx_hab_is_enabled());
 #else

diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c
index b3e3ccd..cbc00a4 100644 (file)
--- a/common/spl/spl_fit.c
+++ b/common/spl/spl_fit.c
@@ -553,7 +553,7 @@ int spl_load_simple_fit(struct spl_image_info *spl_image,
 
        spl_image->flags |= SPL_FIT_FOUND;
 
-#ifdef CONFIG_SECURE_BOOT
+#ifdef CONFIG_IMX_HAB
        board_spl_fit_post_load((ulong)fit, size);
 #endif
 

diff --git a/configs/colibri_imx7_defconfig b/configs/colibri_imx7_defconfig
index a9149dd..a6457d5 100644 (file)
--- a/configs/colibri_imx7_defconfig
+++ b/configs/colibri_imx7_defconfig
@@ -2,7 +2,7 @@ CONFIG_ARM=y
 CONFIG_SYS_THUMB_BUILD=y
 CONFIG_ARCH_MX7=y
 CONFIG_SYS_TEXT_BASE=0x87800000
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_TARGET_COLIBRI_IMX7=y
 CONFIG_NR_DRAM_BANKS=1
 CONFIG_IMX_RDC=y

diff --git a/configs/colibri_imx7_emmc_defconfig b/configs/colibri_imx7_emmc_defconfig
index c5de2e7..b4ca115 100644 (file)
--- a/configs/colibri_imx7_emmc_defconfig
+++ b/configs/colibri_imx7_emmc_defconfig
@@ -2,7 +2,7 @@ CONFIG_ARM=y
 CONFIG_SYS_THUMB_BUILD=y
 CONFIG_ARCH_MX7=y
 CONFIG_SYS_TEXT_BASE=0x87800000
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_TARGET_COLIBRI_IMX7=y
 CONFIG_TARGET_COLIBRI_IMX7_EMMC=y
 CONFIG_ARMV7_BOOT_SEC_DEFAULT=y

diff --git a/configs/imx6dl_mamoj_defconfig b/configs/imx6dl_mamoj_defconfig
index 983d985..6b92f94 100644 (file)
--- a/configs/imx6dl_mamoj_defconfig
+++ b/configs/imx6dl_mamoj_defconfig
@@ -1,7 +1,7 @@
 CONFIG_ARM=y
 CONFIG_ARCH_MX6=y
 CONFIG_SYS_TEXT_BASE=0x17800000
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_TARGET_MX6DL_MAMOJ=y
 CONFIG_NR_DRAM_BANKS=1
 CONFIG_CSF_SIZE=0x2060

diff --git a/configs/warp7_bl33_defconfig b/configs/warp7_bl33_defconfig
index 80accfb..9d161f3 100644 (file)
--- a/configs/warp7_bl33_defconfig
+++ b/configs/warp7_bl33_defconfig
@@ -1,7 +1,7 @@
 CONFIG_ARM=y
 CONFIG_ARCH_MX7=y
 CONFIG_SYS_TEXT_BASE=0x87800000
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_TARGET_WARP7=y
 CONFIG_ARMV7_BOOT_SEC_DEFAULT=y
 CONFIG_FIT=y

diff --git a/configs/warp7_defconfig b/configs/warp7_defconfig
index a022454..62e331d 100644 (file)
--- a/configs/warp7_defconfig
+++ b/configs/warp7_defconfig
@@ -1,7 +1,7 @@
 CONFIG_ARM=y
 CONFIG_ARCH_MX7=y
 CONFIG_SYS_TEXT_BASE=0x87800000
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_TARGET_WARP7=y
 CONFIG_NR_DRAM_BANKS=1
 CONFIG_ARMV7_BOOT_SEC_DEFAULT=y

diff --git a/doc/imx/habv4/guides/encrypted_boot.txt b/doc/imx/habv4/guides/encrypted_boot.txt
index c59d204..e2b4357 100644 (file)
--- a/doc/imx/habv4/guides/encrypted_boot.txt
+++ b/doc/imx/habv4/guides/encrypted_boot.txt
@@ -16,7 +16,7 @@ The DEK blob is generated by an authenticated U-Boot image with
 the dek_blob cmd enabled. The image used for DEK blob generation
 needs to have the following configurations enabled in Kconfig:
 
-CONFIG_SECURE_BOOT=y
+CONFIG_IMX_HAB=y
 CONFIG_CMD_DEKBLOB=y
 
 Note: The encrypted boot feature is only supported by HABv4 or

diff --git a/doc/imx/habv4/guides/mx6_mx7_secure_boot.txt b/doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
index 98e18be..20fff93 100644 (file)
--- a/doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
+++ b/doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
@@ -17,7 +17,7 @@ introduction_habv4.txt document.
 
 The U-Boot provides support to secure boot configuration and also provide
 access to the HAB APIs exposed by the ROM vector table, the support is
-enabled by selecting the CONFIG_SECURE_BOOT option.
+enabled by selecting the CONFIG_IMX_HAB option.
 
 When built with this configuration, the U-Boot provides extra functions for
 HAB, such as the HAB status logs retrievement through the hab_status command
@@ -57,12 +57,12 @@ The diagram below illustrate a signed u-boot-dtb.imx image layout:
 -------------------------------------
 
 The first step is to generate an U-Boot image supporting the HAB features
-mentioned above, this can be achieved by adding CONFIG_SECURE_BOOT to the
+mentioned above, this can be achieved by adding CONFIG_IMX_HAB to the
 build configuration:
 
 - Defconfig:
 
-  CONFIG_SECURE_BOOT=y
+  CONFIG_IMX_HAB=y
 
 - Kconfig:
 

diff --git a/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt b/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt
index 0d7931a..fde0f27 100644 (file)
--- a/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt
+++ b/doc/imx/habv4/guides/mx6_mx7_spl_secure_boot.txt
@@ -27,7 +27,7 @@ root of trust.
 
 The U-Boot provides support to secure boot configuration and also provide
 access to the HAB APIs exposed by the ROM vector table, the support is
-enabled by selecting the CONFIG_SECURE_BOOT option.
+enabled by selecting the CONFIG_IMX_HAB option.
 
 When built with this configuration the U-Boot correctly pads the final SPL
 image by aligning to the next 0xC00 address, so the CSF signature data
@@ -82,12 +82,12 @@ The diagram below illustrate a signed u-boot-ivt.img image layout:
 -------------------------------------
 
 The first step is to generate an U-Boot image supporting the HAB features
-mentioned above, this can be achieved by adding CONFIG_SECURE_BOOT to the
+mentioned above, this can be achieved by adding CONFIG_IMX_HAB to the
 build configuration:
 
 - Defconfig:
 
-  CONFIG_SECURE_BOOT=y
+  CONFIG_IMX_HAB=y
 
 - Kconfig:
 

diff --git a/tools/spl_size_limit.c b/tools/spl_size_limit.c
index 8902e30..c6c139e 100644 (file)
--- a/tools/spl_size_limit.c
+++ b/tools/spl_size_limit.c
@@ -14,7 +14,7 @@ int main(int argc, char *argv[])
 
 #ifdef CONFIG_SPL_SIZE_LIMIT
        spl_size_limit = CONFIG_SPL_SIZE_LIMIT;
-#if defined(CONFIG_SECURE_BOOT) && defined(CONFIG_CSF_SIZE)
+#if defined(CONFIG_IMX_HAB) && defined(CONFIG_CSF_SIZE)
        spl_size_limit -= CONFIG_CSF_SIZE;
 #endif
 #ifdef CONFIG_SPL_SIZE_LIMIT_SUBTRACT_GD