Merge branch 'master' of git://git.denx.de/u-boot-fsl-qoriq

12 files changed, 377 insertions, 146 deletions

diff --git a/board/freescale/common/Makefile b/board/freescale/common/Makefile
index 51d2814a43..be114cebef 100644
--- a/board/freescale/common/Makefile
+++ b/board/freescale/common/Makefile
@@ -76,5 +76,6 @@ obj-$(CONFIG_LAYERSCAPE_NS_ACCESS)	+= ns_access.o
 ifdef CONFIG_SECURE_BOOT
 obj-$(CONFIG_CMD_ESBC_VALIDATE) += fsl_validate.o cmd_esbc_validate.o
 endif
+obj-$(CONFIG_CHAIN_OF_TRUST) += fsl_chain_of_trust.o
 
 endif
diff --git a/board/freescale/common/cmd_esbc_validate.c b/board/freescale/common/cmd_esbc_validate.c
index 8bbe85bb3b..dfa3e2100e 100644
--- a/board/freescale/common/cmd_esbc_validate.c
+++ b/board/freescale/common/cmd_esbc_validate.c
@@ -11,6 +11,11 @@
 static int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc,
 				char * const argv[])
 {
+	if (fsl_check_boot_mode_secure() == 0) {
+		printf("Boot Mode is Non-Secure. Not entering spin loop.\n");
+		return 0;
+	}
+
 	printf("Core is entering spin loop.\n");
 loop:
 	goto loop;
@@ -21,10 +26,29 @@ loop:
 static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc,
 				char * const argv[])
 {
+	char *hash_str = NULL;
+	uintptr_t haddr;
+	int ret;
+
 	if (argc < 2)
 		return cmd_usage(cmdtp);
+	else if (argc > 2)
+		/* Second arg - Optional - Hash Str*/
+		hash_str = argv[2];
+
+	/* First argument - header address -32/64bit */
+	haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16);
 
-	return fsl_secboot_validate(cmdtp, flag, argc, argv);
+	/* With esbc_validate command, Image address must be
+	 * part of header. So, the function is called
+	 * by passing this argument as 0.
+	 */
+	ret = fsl_secboot_validate(haddr, hash_str, 0);
+	if (ret)
+		return 1;
+
+	printf("esbc_validate command successful\n");
+	return 0;
 }
 
 /***************************************************/
@@ -45,6 +69,6 @@ U_BOOT_CMD(
 
 U_BOOT_CMD(
 	esbc_halt,	1,	0,	do_esbc_halt,
-	"Put the core in spin loop ",
+	"Put the core in spin loop (Secure Boot Only)",
 	""
 );
diff --git a/board/freescale/common/fsl_chain_of_trust.c b/board/freescale/common/fsl_chain_of_trust.c
new file mode 100644
index 0000000000..ecfcc8253a
--- /dev/null
+++ b/board/freescale/common/fsl_chain_of_trust.c
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2015 Freescale Semiconductor, Inc.
+ *
+ * SPDX-License-Identifier:	GPL-2.0+
+ */
+
+#include <common.h>
+#include <fsl_validate.h>
+#include <fsl_sfp.h>
+
+#ifdef CONFIG_LS102XA
+#include <asm/arch/immap_ls102xa.h>
+#endif
+
+#if defined(CONFIG_MPC85xx)
+#define CONFIG_DCFG_ADDR	CONFIG_SYS_MPC85xx_GUTS_ADDR
+#else
+#define CONFIG_DCFG_ADDR	CONFIG_SYS_FSL_GUTS_ADDR
+#endif
+
+#ifdef CONFIG_SYS_FSL_CCSR_GUR_LE
+#define gur_in32(a)       in_le32(a)
+#else
+#define gur_in32(a)       in_be32(a)
+#endif
+
+/* Check the Boot Mode. If Secure, return 1 else return 0 */
+int fsl_check_boot_mode_secure(void)
+{
+	uint32_t val;
+	struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
+	struct ccsr_gur __iomem *gur = (void *)(CONFIG_DCFG_ADDR);
+
+	val = sfp_in32(&sfp_regs->ospr) & ITS_MASK;
+	if (val == ITS_MASK)
+		return 1;
+
+#if defined(CONFIG_FSL_CORENET) || !defined(CONFIG_MPC85xx)
+	/* For PBL based platforms check the SB_EN bit in RCWSR */
+	val = gur_in32(&gur->rcwsr[RCW_SB_EN_REG_INDEX - 1]) & RCW_SB_EN_MASK;
+	if (val == RCW_SB_EN_MASK)
+		return 1;
+#endif
+
+#if defined(CONFIG_MPC85xx) && !defined(CONFIG_FSL_CORENET)
+	/* For Non-PBL Platforms, check the Device Status register 2*/
+	val = gur_in32(&gur->pordevsr2) & MPC85xx_PORDEVSR2_SBC_MASK;
+	if (val != MPC85xx_PORDEVSR2_SBC_MASK)
+		return 1;
+
+#endif
+	return 0;
+}
+
+int fsl_setenv_chain_of_trust(void)
+{
+	/* Check Boot Mode
+	 * If Boot Mode is Non-Secure, no changes are required
+	 */
+	if (fsl_check_boot_mode_secure() == 0)
+		return 0;
+
+	/* If Boot mode is Secure, set the environment variables
+	 * bootdelay = 0 (To disable Boot Prompt)
+	 * bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
+	 */
+	setenv("bootdelay", "0");
+	setenv("bootcmd", CONFIG_CHAIN_BOOT_CMD);
+	return 0;
+}
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index b510c71c40..8fd6dd63b1 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -24,6 +24,10 @@
 #define SHA256_NIBBLES	(256/4)
 #define NUM_HEX_CHARS	(sizeof(ulong) * 2)
 
+#define CHECK_KEY_LEN(key_len)	(((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
+				 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
+				 ((key_len) == 2 * KEY_SIZE_BYTES))
+
 /* This array contains DER value for SHA-256 */
 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
 		0x86, 0x48, 0x01, 0x65,	0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
@@ -179,20 +183,97 @@ static u32 is_key_revoked(u32 keynum, u32 rev_flag)
 	return 0;
 }
 
-/* It validates srk_table key lengths.*/
-static u32 validate_srk_tbl(struct srk_table *tbl, u32 num_entries)
+/* It read validates srk_table key lengths.*/
+static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
 {
 	int i = 0;
-	for (i = 0; i < num_entries; i++) {
-		if (!((tbl[i].key_len == 2 * KEY_SIZE_BYTES/4) ||
-		      (tbl[i].key_len == 2 * KEY_SIZE_BYTES/2) ||
-		      (tbl[i].key_len == 2 * KEY_SIZE_BYTES)))
+	u32 ret, key_num, key_revoc_flag, size;
+	struct fsl_secboot_img_hdr *hdr = &img->hdr;
+	void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
+
+	if ((hdr->len_kr.num_srk == 0) ||
+	    (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
+		return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
+
+	key_num = hdr->len_kr.srk_sel;
+	if (key_num == 0 || key_num > hdr->len_kr.num_srk)
+		return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
+
+	/* Get revoc key from sfp */
+	key_revoc_flag = get_key_revoc();
+	ret = is_key_revoked(key_num, key_revoc_flag);
+	if (ret)
+		return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
+
+	size = hdr->len_kr.num_srk * sizeof(struct srk_table);
+
+	memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
+
+	for (i = 0; i < hdr->len_kr.num_srk; i++) {
+		if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
 			return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
 	}
+
+	img->key_len = img->srk_tbl[key_num - 1].key_len;
+
+	memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
+	       img->key_len);
+
+	return 0;
+}
+#endif
+
+static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
+{
+	struct fsl_secboot_img_hdr *hdr = &img->hdr;
+	void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
+
+	/* check key length */
+	if (!CHECK_KEY_LEN(hdr->key_len))
+		return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
+
+	memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
+
+	img->key_len = hdr->key_len;
+
+	return 0;
+}
+
+#if defined(CONFIG_FSL_ISBC_KEY_EXT)
+static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
+{
+	struct fsl_secboot_img_hdr *hdr = &img->hdr;
+	u32 ie_key_len, ie_revoc_flag, ie_num;
+	struct ie_key_info *ie_info;
+
+	if (get_ie_info_addr(&img->ie_addr))
+		return ERROR_IE_TABLE_NOT_FOUND;
+	ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
+	if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
+		return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
+
+	ie_num = hdr->ie_key_sel;
+	if (ie_num == 0 || ie_num > ie_info->num_keys)
+		return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
+
+	ie_revoc_flag = ie_info->key_revok;
+	if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
+		return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
+
+	ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
+
+	if (!CHECK_KEY_LEN(ie_key_len))
+		return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
+
+	memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
+	       ie_key_len);
+
+	img->key_len = ie_key_len;
 	return 0;
 }
 #endif
 
+
 /* This function return length of public key.*/
 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
 {
@@ -289,6 +370,13 @@ void fsl_secboot_handle_error(int error)
 			printf("ERROR :: %x :: %s\n", error, e->name);
 	}
 
+	/* If Boot Mode is secure, transition the SNVS state and issue
+	 * reset based on type of failure and ITS setting.
+	 * If Boot mode is non-secure, return from this function.
+	 */
+	if (fsl_check_boot_mode_secure() == 0)
+		return;
+
 	switch (error) {
 	case ERROR_ESBC_CLIENT_HEADER_BARKER:
 	case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
@@ -455,13 +543,8 @@ static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
 		return ret;
 
 	/* Update hash for actual Image */
-#ifdef CONFIG_ESBC_ADDR_64BIT
-	ret = algo->hash_update(algo, ctx,
-		(u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1);
-#else
 	ret = algo->hash_update(algo, ctx,
-		(u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1);
-#endif
+		(u8 *)img->img_addr, img->img_size, 1);
 	if (ret)
 		return ret;
 
@@ -541,13 +624,9 @@ static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
 	struct fsl_secboot_img_hdr *hdr = &img->hdr;
 	void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
 	u8 *k, *s;
+	u32 ret = 0;
+
 #ifdef CONFIG_KEY_REVOCATION
-	u32 ret;
-	u32 key_num, key_revoc_flag, size;
-#endif
-#if defined(CONFIG_FSL_ISBC_KEY_EXT)
-	struct ie_key_info *ie_info;
-	u32 ie_num, ie_revoc_flag, ie_key_len;
 #endif
 	int  key_found = 0;
 
@@ -555,93 +634,48 @@ static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
 	if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
 		return ERROR_ESBC_CLIENT_HEADER_BARKER;
 
-#ifdef CONFIG_ESBC_ADDR_64BIT
-	sprintf(buf, "%llx", hdr->pimg64);
-#else
-	sprintf(buf, "%x", hdr->pimg);
-#endif
+	/* If Image Address is not passed as argument to function,
+	 * then Address and Size must be read from the Header.
+	 */
+	if (img->img_addr == 0) {
+	#ifdef CONFIG_ESBC_ADDR_64BIT
+		img->img_addr = hdr->pimg64;
+	#else
+		img->img_addr = hdr->pimg;
+	#endif
+	}
+
+	sprintf(buf, "%lx", img->img_addr);
 	setenv("img_addr", buf);
 
 	if (!hdr->img_size)
 		return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
 
+	img->img_size = hdr->img_size;
+
 	/* Key checking*/
 #ifdef CONFIG_KEY_REVOCATION
 	if (check_srk(img)) {
-		if ((hdr->len_kr.num_srk == 0) ||
-		    (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
-			return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
-
-		key_num = hdr->len_kr.srk_sel;
-		if (key_num == 0 || key_num > hdr->len_kr.num_srk)
-			return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
-
-		/* Get revoc key from sfp */
-		key_revoc_flag = get_key_revoc();
-		ret = is_key_revoked(key_num, key_revoc_flag);
-		if (ret)
-			return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
-
-		size = hdr->len_kr.num_srk * sizeof(struct srk_table);
-
-		memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
-
-		ret = validate_srk_tbl(img->srk_tbl, hdr->len_kr.num_srk);
-
+		ret = read_validate_srk_tbl(img);
 		if (ret != 0)
 			return ret;
-
-		img->key_len = img->srk_tbl[key_num - 1].key_len;
-
-		memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
-		       img->key_len);
-
 		key_found = 1;
 	}
 #endif
 
 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
 	if (!key_found && check_ie(img)) {
-		if (get_ie_info_addr(&img->ie_addr))
-			return ERROR_IE_TABLE_NOT_FOUND;
-		ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
-		if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
-			return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
-
-		ie_num = hdr->ie_key_sel;
-		if (ie_num == 0 || ie_num > ie_info->num_keys)
-			return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
-
-		ie_revoc_flag = ie_info->key_revok;
-		if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
-			return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
-
-		ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
-
-		if (!((ie_key_len == 2 * KEY_SIZE_BYTES / 4) ||
-		      (ie_key_len == 2 * KEY_SIZE_BYTES / 2) ||
-		      (ie_key_len == 2 * KEY_SIZE_BYTES)))
-			return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
-
-		memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
-		       ie_key_len);
-
-		img->key_len = ie_key_len;
+		ret = read_validate_ie_tbl(img);
+		if (ret != 0)
+			return ret;
 		key_found = 1;
 	}
 #endif
 
 	if (key_found == 0) {
-		/* check key length */
-		if (!((hdr->key_len == 2 * KEY_SIZE_BYTES / 4) ||
-		      (hdr->key_len == 2 * KEY_SIZE_BYTES / 2) ||
-		      (hdr->key_len == 2 * KEY_SIZE_BYTES)))
-			return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
-
-		memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
-
-		img->key_len = hdr->key_len;
-
+		ret = read_validate_single_key(img);
+		if (ret != 0)
+			return ret;
 		key_found = 1;
 	}
 
@@ -698,27 +732,73 @@ static inline int str2longbe(const char *p, ulong *num)
 
 	return *p != '\0' && *endptr == '\0';
 }
+/* Function to calculate the ESBC Image Hash
+ * and hash from Digital signature.
+ * The Two hash's are compared to yield the
+ * result of signature validation.
+ */
+static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
+{
+	int ret;
+	uint32_t key_len;
+	struct key_prop prop;
+#if !defined(USE_HOSTCC)
+	struct udevice *mod_exp_dev;
+#endif
+	ret = calc_esbchdr_esbc_hash(img);
+	if (ret)
+		return ret;
+
+	/* Construct encoded hash EM' wrt PKCSv1.5 */
+	construct_img_encoded_hash_second(img);
+
+	/* Fill prop structure for public key */
+	memset(&prop, 0, sizeof(struct key_prop));
+	key_len = get_key_len(img) / 2;
+	prop.modulus = img->img_key;
+	prop.public_exponent = img->img_key + key_len;
+	prop.num_bits = key_len * 8;
+	prop.exp_len = key_len;
+
+	ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
+	if (ret) {
+		printf("RSA: Can't find Modular Exp implementation\n");
+		return -EINVAL;
+	}
+
+	ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
+			  &prop, img->img_encoded_hash);
+	if (ret)
+		return ret;
+
+	/*
+	 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
+	 * memcmp returns zero on success
+	 * memcmp returns non-zero on failure
+	 */
+	ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
+		img->hdr.sign_len);
 
-int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
-		char * const argv[])
+	if (ret)
+		return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
+
+	return 0;
+}
+
+int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
+			uintptr_t img_addr)
 {
 	struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
 	ulong hash[SHA256_BYTES/sizeof(ulong)];
 	char hash_str[NUM_HEX_CHARS + 1];
-	ulong addr = simple_strtoul(argv[1], NULL, 16);
 	struct fsl_secboot_img_priv *img;
 	struct fsl_secboot_img_hdr *hdr;
 	void *esbc;
 	int ret, i, hash_cmd = 0;
 	u32 srk_hash[8];
-	uint32_t key_len;
-	struct key_prop prop;
-#if !defined(USE_HOSTCC)
-	struct udevice *mod_exp_dev;
-#endif
 
-	if (argc == 3) {
-		char *cp = argv[2];
+	if (arg_hash_str != NULL) {
+		const char *cp = arg_hash_str;
 		int i = 0;
 
 		if (*cp == '0' && *(cp + 1) == 'x')
@@ -731,7 +811,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
 		 */
 		if (strlen(cp) != SHA256_NIBBLES) {
 			printf("%s is not a 256 bits hex string as expected\n",
-			       argv[2]);
+			       arg_hash_str);
 			return -1;
 		}
 
@@ -741,7 +821,7 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
 			hash_str[NUM_HEX_CHARS] = '\0';
 			if (!str2longbe(hash_str, &hash[i])) {
 				printf("%s is not a 256 bits hex string ",
-				       argv[2]);
+				       arg_hash_str);
 				return -1;
 			}
 		}
@@ -756,9 +836,11 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
 
 	memset(img, 0, sizeof(struct fsl_secboot_img_priv));
 
+	/* Update the information in Private Struct */
 	hdr = &img->hdr;
-	img->ehdrloc = addr;
-	esbc = (u8 *)(uintptr_t)img->ehdrloc;
+	img->ehdrloc = haddr;
+	img->img_addr = img_addr;
+	esbc = (u8 *)img->ehdrloc;
 
 	memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
 
@@ -800,51 +882,12 @@ int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
 		goto exit;
 	}
 
-	ret = calc_esbchdr_esbc_hash(img);
+	ret = calculate_cmp_img_sig(img);
 	if (ret) {
-		fsl_secblk_handle_error(ret);
-		goto exit;
-	}
-
-	/* Construct encoded hash EM' wrt PKCSv1.5 */
-	construct_img_encoded_hash_second(img);
-
-	/* Fill prop structure for public key */
-	memset(&prop, 0, sizeof(struct key_prop));
-	key_len = get_key_len(img) / 2;
-	prop.modulus = img->img_key;
-	prop.public_exponent = img->img_key + key_len;
-	prop.num_bits = key_len * 8;
-	prop.exp_len = key_len;
-
-	ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
-	if (ret) {
-		printf("RSA: Can't find Modular Exp implementation\n");
-		return -EINVAL;
-	}
-
-	ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
-			  &prop, img->img_encoded_hash);
-	if (ret) {
-		fsl_secblk_handle_error(ret);
-		goto exit;
-	}
-
-	/*
-	 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
-	 * memcmp returns zero on success
-	 * memcmp returns non-zero on failure
-	 */
-	ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
-		img->hdr.sign_len);
-
-	if (ret) {
-		fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_EM);
+		fsl_secboot_handle_error(ret);
 		goto exit;
 	}
 
-	printf("esbc_validate command successful\n");
-
 exit:
-	return 0;
+	return ret;
 }
diff --git a/board/freescale/common/qixis.c b/board/freescale/common/qixis.c
index 9f6b0e7f31..113295f64a 100644
--- a/board/freescale/common/qixis.c
+++ b/board/freescale/common/qixis.c
@@ -216,6 +216,39 @@ int qixis_reset_cmd(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 #else
 		printf("Not implemented\n");
 #endif
+	} else if (strcmp(argv[1], "sd") == 0) {
+#ifdef QIXIS_LBMAP_SD
+		QIXIS_WRITE(rst_ctl, 0x30);
+		QIXIS_WRITE(rcfg_ctl, 0);
+		set_lbmap(QIXIS_LBMAP_SD);
+		set_rcw_src(QIXIS_RCW_SRC_SD);
+		QIXIS_WRITE(rcfg_ctl, 0x20);
+		QIXIS_WRITE(rcfg_ctl, 0x21);
+#else
+		printf("Not implemented\n");
+#endif
+	} else if (strcmp(argv[1], "sd_qspi") == 0) {
+#ifdef QIXIS_LBMAP_SD_QSPI
+		QIXIS_WRITE(rst_ctl, 0x30);
+		QIXIS_WRITE(rcfg_ctl, 0);
+		set_lbmap(QIXIS_LBMAP_SD_QSPI);
+		set_rcw_src(QIXIS_RCW_SRC_SD);
+		qixis_write_i2c(offsetof(struct qixis, rcfg_ctl), 0x20);
+		qixis_write_i2c(offsetof(struct qixis, rcfg_ctl), 0x21);
+#else
+		printf("Not implemented\n");
+#endif
+	} else if (strcmp(argv[1], "qspi") == 0) {
+#ifdef QIXIS_LBMAP_QSPI
+		QIXIS_WRITE(rst_ctl, 0x30);
+		QIXIS_WRITE(rcfg_ctl, 0);
+		set_lbmap(QIXIS_LBMAP_QSPI);
+		set_rcw_src(QIXIS_RCW_SRC_QSPI);
+		qixis_write_i2c(offsetof(struct qixis, rcfg_ctl), 0x20);
+		qixis_write_i2c(offsetof(struct qixis, rcfg_ctl), 0x21);
+#else
+		printf("Not implemented\n");
+#endif
 	} else if (strcmp(argv[1], "watchdog") == 0) {
 		static char *period[9] = {"2s", "4s", "8s", "16s", "32s",
 					  "1min", "2min", "4min", "8min"};
@@ -255,6 +288,9 @@ U_BOOT_CMD(
 	"- hard reset to default bank\n"
 	"qixis_reset altbank - reset to alternate bank\n"
 	"qixis_reset nand - reset to nand\n"
+	"qixis_reset sd - reset to sd\n"
+	"qixis_reset sd_qspi - reset to sd with qspi support\n"
+	"qixis_reset qspi - reset to qspi\n"
 	"qixis watchdog <watchdog_period> - set the watchdog period\n"
 	"	period: 1s 2s 4s 8s 16s 32s 1min 2min 4min 8min\n"
 	"qixis_reset dump - display the QIXIS registers\n"
diff --git a/board/freescale/ls1021aqds/ls1021aqds.c b/board/freescale/ls1021aqds/ls1021aqds.c
index be3358a564..5f4ec9d878 100644
--- a/board/freescale/ls1021aqds/ls1021aqds.c
+++ b/board/freescale/ls1021aqds/ls1021aqds.c
@@ -22,6 +22,7 @@
 #include <fsl_sec.h>
 #include <spl.h>
 #include <fsl_devdis.h>
+#include <fsl_validate.h>
 
 #include "../common/sleep.h"
 #include "../common/qixis.h"
@@ -369,6 +370,9 @@ int board_late_init(void)
 #ifdef CONFIG_SCSI_AHCI_PLAT
 	ls1021a_sata_init();
 #endif
+#ifdef CONFIG_CHAIN_OF_TRUST
+	fsl_setenv_chain_of_trust();
+#endif
 
 	return 0;
 }
diff --git a/board/freescale/ls1021atwr/ls1021atwr.c b/board/freescale/ls1021atwr/ls1021atwr.c
index 8eaff5f0ce..b85774c4a4 100644
--- a/board/freescale/ls1021atwr/ls1021atwr.c
+++ b/board/freescale/ls1021atwr/ls1021atwr.c
@@ -30,6 +30,7 @@
 #ifdef CONFIG_U_QE
 #include "../../../drivers/qe/qe.h"
 #endif
+#include <fsl_validate.h>
 
 
 DECLARE_GLOBAL_DATA_PTR;
@@ -549,6 +550,9 @@ int board_late_init(void)
 #ifdef CONFIG_SCSI_AHCI_PLAT
 	ls1021a_sata_init();
 #endif
+#ifdef CONFIG_CHAIN_OF_TRUST
+	fsl_setenv_chain_of_trust();
+#endif
 
 	return 0;
 }
diff --git a/board/freescale/ls1043aqds/MAINTAINERS b/board/freescale/ls1043aqds/MAINTAINERS
index 0c7f648b6c..65a0af1930 100644
--- a/board/freescale/ls1043aqds/MAINTAINERS
+++ b/board/freescale/ls1043aqds/MAINTAINERS
@@ -7,3 +7,5 @@ F:	configs/ls1043aqds_defconfig
 F:	configs/ls1043aqds_nor_ddr3_defconfig
 F:	configs/ls1043aqds_nand_defconfig
 F:	configs/ls1043aqds_sdcard_ifc_defconfig
+F:	configs/ls1043aqds_sdcard_qspi_defconfig
+F:	configs/ls1043aqds_qspi_defconfig
diff --git a/board/freescale/ls1043aqds/README b/board/freescale/ls1043aqds/README
index 6261a778aa..a6fd7a35f5 100644
--- a/board/freescale/ls1043aqds/README
+++ b/board/freescale/ls1043aqds/README
@@ -94,3 +94,4 @@ a) Promjet Boot
 b) NOR boot
 c) NAND boot
 d) SD boot
+e) QSPI boot
diff --git a/board/freescale/ls1043aqds/ddr.c b/board/freescale/ls1043aqds/ddr.c
index 42d906824a..3d3c53385a 100644
--- a/board/freescale/ls1043aqds/ddr.c
+++ b/board/freescale/ls1043aqds/ddr.c
@@ -132,9 +132,22 @@ void dram_init_banksize(void)
 	 * The address needs to add the offset of its bank.
 	 */
 	gd->bd->bi_dram[0].start = CONFIG_SYS_SDRAM_BASE;
-	gd->bd->bi_dram[0].size = gd->ram_size;
+	if (gd->ram_size > CONFIG_SYS_DDR_BLOCK1_SIZE) {
+		gd->bd->bi_dram[0].size = CONFIG_SYS_DDR_BLOCK1_SIZE;
+		gd->bd->bi_dram[1].start = CONFIG_SYS_DDR_BLOCK2_BASE;
+		gd->bd->bi_dram[1].size = gd->ram_size -
+					  CONFIG_SYS_DDR_BLOCK1_SIZE;
 #ifdef CONFIG_SYS_MEM_RESERVE_SECURE
-	gd->secure_ram = gd->bd->bi_dram[0].start + gd->secure_ram;
-	gd->secure_ram |= MEM_RESERVE_SECURE_MAINTAINED;
+		gd->secure_ram = gd->bd->bi_dram[1].start +
+				 gd->secure_ram -
+				 CONFIG_SYS_DDR_BLOCK1_SIZE;
+		gd->secure_ram |= MEM_RESERVE_SECURE_MAINTAINED;
 #endif
+	} else {
+		gd->bd->bi_dram[0].size = gd->ram_size;
+#ifdef CONFIG_SYS_MEM_RESERVE_SECURE
+		gd->secure_ram = gd->bd->bi_dram[0].start + gd->secure_ram;
+		gd->secure_ram |= MEM_RESERVE_SECURE_MAINTAINED;
+#endif
+	}
 }
diff --git a/board/freescale/ls1043aqds/ls1043aqds.c b/board/freescale/ls1043aqds/ls1043aqds.c
index d6696ca812..01db078222 100644
--- a/board/freescale/ls1043aqds/ls1043aqds.c
+++ b/board/freescale/ls1043aqds/ls1043aqds.c
@@ -40,11 +40,14 @@ enum {
 #define CFG_SD_MUX3_MUX4	0x1 /* MUX4 */
 #define CFG_SD_MUX4_SLOT3	0x0 /* SLOT3 TX/RX1 */
 #define CFG_SD_MUX4_SLOT1	0x1 /* SLOT1 TX/RX3 */
+#define CFG_UART_MUX_MASK	0x6
+#define CFG_UART_MUX_SHIFT	1
+#define CFG_LPUART_EN		0x1
 
 int checkboard(void)
 {
 	char buf[64];
-#ifndef CONFIG_SD_BOOT
+#if !defined(CONFIG_SD_BOOT) && !defined(CONFIG_QSPI_BOOT)
 	u8 sw;
 #endif
 
@@ -52,6 +55,8 @@ int checkboard(void)
 
 #ifdef CONFIG_SD_BOOT
 	puts("SD\n");
+#elif defined(CONFIG_QSPI_BOOT)
+	puts("QSPI\n");
 #else
 	sw = QIXIS_READ(brdcfg[0]);
 	sw = (sw & QIXIS_LBMAP_MASK) >> QIXIS_LBMAP_SHIFT;
@@ -218,7 +223,17 @@ void board_retimer_init(void)
 
 int board_early_init_f(void)
 {
+#ifdef CONFIG_LPUART
+	u8 uart;
+#endif
 	fsl_lsch2_early_init_f();
+#ifdef CONFIG_LPUART
+	/* We use lpuart0 as system console */
+	uart = QIXIS_READ(brdcfg[14]);
+	uart &= ~CFG_UART_MUX_MASK;
+	uart |= CFG_LPUART_EN << CFG_UART_MUX_SHIFT;
+	QIXIS_WRITE(brdcfg[14], uart);
+#endif
 
 	return 0;
 }
@@ -303,6 +318,16 @@ int board_init(void)
 #ifdef CONFIG_OF_BOARD_SETUP
 int ft_board_setup(void *blob, bd_t *bd)
 {
+	u64 base[CONFIG_NR_DRAM_BANKS];
+	u64 size[CONFIG_NR_DRAM_BANKS];
+
+	/* fixup DT for the two DDR banks */
+	base[0] = gd->bd->bi_dram[0].start;
+	size[0] = gd->bd->bi_dram[0].size;
+	base[1] = gd->bd->bi_dram[1].start;
+	size[1] = gd->bd->bi_dram[1].size;
+
+	fdt_fixup_memory_banks(blob, base, size, 2);
 	ft_cpu_setup(blob, bd);
 
 #ifdef CONFIG_SYS_DPAA_FMAN
diff --git a/board/freescale/ls1043aqds/ls1043aqds_rcw_sd_qspi.cfg b/board/freescale/ls1043aqds/ls1043aqds_rcw_sd_qspi.cfg
new file mode 100644
index 0000000000..7783521b95
--- /dev/null
+++ b/board/freescale/ls1043aqds/ls1043aqds_rcw_sd_qspi.cfg
@@ -0,0 +1,8 @@
+#PBL preamble and RCW header
+aa55aa55 01ee0100
+# RCW
+# Enable QSPI; disable IFC
+08100010 0a000000 00000000 00000000
+14550002 80004012 60040000 c1002000
+00000000 00000000 00000000 00038800
+20124000 00001100 00000096 00000001