From bc03d1e9728ab1faa9eebbee3ed90e57bd27c051 Mon Sep 17 00:00:00 2001
From: Robert Rosengren <robert.rosengren@stericsson.com>
Date: Wed, 15 Dec 2010 09:48:59 +0100
Subject: db8500: Verify signature of kernel before booting

Verification of the kernel and ITP signature before allowing to boot is
added. This feature is configurable and by default not activated. MeeGo-
built RPM will have this enabled.

ST-Ericsson ID: WP275634, ER275440

Change-Id: Ib888f39dd5dca1bc8b7d6e1b002da83a77908b07
Reviewed-on: http://gerrit.lud.stericsson.com/gerrit/11415
Tested-by: Robert ROSENGREN <robert.rosengren@stericsson.com>
Reviewed-by: Michael BRANDT <michael.brandt@stericsson.com>
Reviewed-by: QATOOLS
Reviewed-by: Jens WIKLANDER <jens.wiklander@stericsson.com>
---
 include/asm-arm/arch-db8500/sec_bridge.h | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'include')

diff --git a/include/asm-arm/arch-db8500/sec_bridge.h b/include/asm-arm/arch-db8500/sec_bridge.h
index c02bc38a3..447911c72 100644
--- a/include/asm-arm/arch-db8500/sec_bridge.h
+++ b/include/asm-arm/arch-db8500/sec_bridge.h
@@ -15,9 +15,14 @@
 
 #define ISSWAPI_SECURE_LOAD		0x10000002
 #define ISSWAPI_FLUSH_BOOT_CODE		0x11000003
+#define ISSWAPI_VERIFY_SIGNED_HEADER	0x11000005
+#define ISSWAPI_VERIFY_HASH		0x11000006
 
 int sec_bridge_init_bridge(void);
 u32 sec_bridge_call_secure_service(const u32 serviceid,
 				   const u32 secureconfig, ...);
 int sec_bridge_flush_issw(void);
+int sec_bridge_verify_kernel_image(u32 *img_addr);
+int sec_bridge_verify_itp_image(u32 *img_addr);
+
 #endif
-- 
cgit v1.2.3