Nuvoton-Israel · YHYANG2 · Dec 14, 2023 · Dec 14, 2023 · Dec 14, 2023
diff --git a/arch/arm/include/asm/arch-npcm7xx/gcr.h b/arch/arm/include/asm/arch-npcm7xx/gcr.h
@@ -127,6 +127,12 @@
 #define  INTCR_MFTFEN               1
 #define  INTCR_KCSRST_MODE          0
 
+/* Integration Control Register 2 (INTCR2) */
+#define INTCR2_WDC                  21
+#define INTCR2_CHOSEN_IMAGE         20
+#define INTCR2_SELFTEST_PASSED      11
+#define INTCR2_SELFTEST_REQUEST     10
+
 /* Integration Control Register 3 (INTCR3) */
 #define  INTCR3_PCIRREL             30
 #define  INTCR3_GFXRSTDLY           26
@@ -144,6 +150,10 @@
 #define  INTCR3_BIOSEN              1
 #define  INTCR3_HHRDIS              0
 
+/* Function Lock Register 1 (FLOCKR1) */
+#define FLOCKR1_UPDATE_APPROVE_LOCK 29
+#define FLOCKR1_UPDATE_APPROVE      28
+
 /* Serial Ports (SPSWC) */
 #define SPSWC_RTSS  7
 #define SPSWC_DTRS  6

diff --git a/arch/arm/include/asm/arch-npcm7xx/mailbox.h b/arch/arm/include/asm/arch-npcm7xx/mailbox.h
@@ -0,0 +1,98 @@
+/*----------------------------------------------------------------------------*/
+/* SPDX-License-Identifier: GPL-2.0                                           */
+/*                                                                            */
+/* Copyright (c) 2010-2019 by Nuvoton Technology Corporation                  */
+/* All rights reserved                                                        */
+/*                                                                            */
+/*----------------------------------------------------------------------------*/
+/* File Contents:                                                             */
+/*   mailbox.h                                                                */
+/*            This file contains API of routines for handling the PCI MailBox */
+/*  Project:                                                                  */
+/*            Poleg Bootblock and ROM Code (shared header)                    */
+/*----------------------------------------------------------------------------*/
+
+#ifndef _MAILBOX_H
+#define _MAILBOX_H
+
+#include "shared_defs.h"
+
+#define ROM_STATUS_MSG_ADDR                          0xF084BFE8
+#define BOOTBLK_STATUS_MSG_ADDR                      0xF084BFD0
+
+/*---------------------------------------------------------------------------------------------------------*/
+/* Image states                                                                                            */
+/*---------------------------------------------------------------------------------------------------------*/
+#define IMAGE_NOT_TESTED                             0x00
+#define IMAGE_WRONG_START_TAG                        0x01
+#define IMAGE_DEST_ADDRESS_UNALIGNED                 0x02
+#define IMAGE_BAD_SIGNATURE                          0x04
+#define IMAGE_MEMORY_OVERLAP                         0x08
+#define IMAGE_HEADER_OK_COPY_IMAGE                   0x10
+#define IMAGE_OK_RUN_FROM_FLASH                      0x40
+#define IMAGE_OK                                     0x80
+#define IMAGE_REJECTED_BY_BB                         0x11
+#define IMAGE_NEW_COPY                               0x12
+#define IMAGE_NOT_IN_USE                             0xFF    /* image is not selected - depends on FUSE_FUSTRAP_oAltImgLoc */
+
+/*---------------------------------------------------------------------------------------------------------*/
+/* Rom status                                                                                              */
+/*---------------------------------------------------------------------------------------------------------*/
+#define ST_ROM_BASIC_USE_IMAGE_SPI0_CS0_OFFSET0      0x21    // Select image at SPI0 CS0 offset 0	   ( address 0x80000000)
+#define ST_ROM_BASIC_USE_IMAGE_SPI0_CS0_OFFSET80000  0x22    // Select image at SPI0 CS0 offset 8000   ( address 0x80080000)
+#define ST_ROM_BASIC_USE_IMAGE_SPI0_CS1_OFFSET0      0x23    // Select image at SPI0 CS1 offset 0	   ( address 0x88000000)
+
+#define ST_ROM_USE_KEY0_IMAGE0                       0x27    // checking image 0, select Pk0 according to fuses for signature varification.
+#define ST_ROM_USE_KEY1_IMAGE0                       0x28    // checking image 0, select Pk1 according to fuses for signature varification.
+#define ST_ROM_USE_KEY2_IMAGE0                       0x29    // checking image 0, select Pk2 according to fuses for signature varification.
+
+#define ST_ROM_USE_KEY0_IMAGE1                       0x2A    // checking image 1, select Pk0 according to fuses for signature varification.
+#define ST_ROM_USE_KEY1_IMAGE1                       0x2B    // checking image 1, select Pk1 according to fuses for signature varification.
+#define ST_ROM_USE_KEY2_IMAGE1                       0x2C    // checking image 1, select Pk2 according to fuses for signature varification.
+
+#define ST_ROM_USE_KEY0_IMAGE2                       0x2D    // checking image 2, select Pk0 according to fuses for signature varification.
+#define ST_ROM_USE_KEY1_IMAGE2                       0x2E    // checking image 2, select Pk1 according to fuses for signature varification.
+#define ST_ROM_USE_KEY2_IMAGE2                       0x2F    // checking image 2, select Pk2 according to fuses for signature varification.
+
+/*---------------------------------------------------------------------------------------------------------*/
+/* MailBox module internal structure definitions                                                           */
+/*---------------------------------------------------------------------------------------------------------*/
+#pragma pack(1)
+typedef struct _ROM_STATUS_MSG
+{
+	union
+	{
+		struct
+		{
+			u8  image0State;
+			u8  image1State;
+			u8  image2state;
+
+			union
+			{
+				struct
+				{
+					u8  image0_pk0;
+					u8  image0_pk1;
+					u8  image0_pk2;
+					u8  image1_pk0;
+					u8  image1_pk1;
+					u8  image1_pk2;
+					u8  image2_pk0;
+					u8  image2_pk1;
+					u8  image2_pk2;
+				} pk_states;
+				u8 pk_bytes[9];
+			} pk;
+		} state ;
+		u8 bytes[12];
+	} imageState ;
+
+	u8   startTag[START_TAG_SIZE];
+	u32  status;
+
+} ROM_STATUS_MSG;
+#pragma pack()
+
+#endif
+
diff --git a/arch/arm/include/asm/arch-npcm7xx/otp.h b/arch/arm/include/asm/arch-npcm7xx/otp.h
@@ -55,6 +55,7 @@ struct npcm_otp_regs {
 
 #define FDATA_MASK              (0xff)
 
+#define FUSTRAP_O_ALTIMGLOC     BIT(18)
 #define FUSTRAP_O_SECBOOT       BIT(23)
 
 #define FCFG_FDIS               BIT(31)

diff --git a/arch/arm/include/asm/arch-npcm7xx/shared_defs.h b/arch/arm/include/asm/arch-npcm7xx/shared_defs.h
@@ -0,0 +1,26 @@
+#ifndef SHARED_DEFS_H
+#define SHARED_DEFS_H
+
+#include <configs/poleg.h>
+
+#define FLASH_BOOT_ALTERNATIVES  2
+
+/*------------------------------------------------------*/
+/* Boot module exported definitions                     */
+/*------------------------------------------------------*/
+#define START_TAG_SIZE           8     // bytes
+//                                       0xAA550750        T     O     O     B
+#define START_TAG_ARR_BOOTBLOCK {0x50, 0x07, 0x55, 0xAA, 0x54, 0x4F, 0x4F, 0x42}
+//                                 U     B     O     O     T     B     L     K
+#define START_TAG_ARR_UBOOT     {0x55, 0x42, 0x4F, 0x4F, 0x54, 0x42, 0x4C, 0x4B}
+
+#define FLASH_EXAM_ADDR_1       (SPI0_BASE_ADDR)
+#define FLASH_EXAM_ADDR_2       (SPI0_BASE_ADDR + 0x80000)
+#define FLASH_EXAM_ADDR_3       (SPI0_BASE_ADDR + SPI_FLASH_REGION_SIZE)
+
+#define KBOLD_ON                "\x1b[1m"
+#define KBOLD_OFF               "\x1b[22m"
+#define KNRM                    "\x1B[0m" KBOLD_OFF
+#define KRED                    "\x1B[31m" KBOLD_ON
+
+#endif
diff --git a/arch/arm/mach-npcm/secure_boot.c b/arch/arm/mach-npcm/secure_boot.c
@@ -12,6 +12,7 @@
 #include <asm/arch/cpu.h>
 #include <asm/arch/gcr.h>
 #include <asm/arch/otp.h>
+#include <asm/arch/poleg_info.h>
 #include <cpu_func.h>
 
 #define NPCM_GCR_INTCR2_SELFTEST_PASSED		BIT(11)
@@ -82,7 +83,7 @@ static int secure_boot_configuration(void)
 	 * fuse images should be a part of the flash image, right after the uboot
 	 * TODO: set addr
 	 */
-	//addr = POLEG_UBOOT_END;
+	addr = POLEG_UBOOT_END;
 
 	/*
 	 * if found, program the image to the fuse arrays, set the secure boot

diff --git a/board/nuvoton/poleg/Kconfig b/board/nuvoton/poleg/Kconfig
@@ -27,5 +27,8 @@ config TARGET_POLEG_RUNBMC
 
 endchoice
 
+config NPCM_NIST_BOOT
+	bool "NPCM NIST Boot"
+
 source "board/nuvoton/common/Kconfig"
 endif
diff --git a/board/nuvoton/poleg/Makefile b/board/nuvoton/poleg/Makefile
@@ -22,3 +22,4 @@
 #
 
 obj-y	:= poleg.o
+obj-$(CONFIG_NPCM_NIST_BOOT) += nist_boot.o