From d04f24974a5b1e24cb9414ebc2e84a91848982c4 Mon Sep 17 00:00:00 2001
From: Holger Hans Peter Freyther <holger@freyther.de>
Date: Wed, 11 Jul 2012 08:38:20 +0200
Subject: [PATCH] interrupt: Allow to interrupt the NAND boot by sending a
 command

Before doing the NAND boot the 'I_ME' message will be sent and the
ubl will wait up to a second for a response. This interruption mode
can be disabled, e.g. when deploying the system in a publically
accessible system. Right now the possibility of easy recovery is
more important.
---
 Makefile  |  2 +-
 davinci.c | 18 +++++++++++++++---
 davinci.h |  2 ++
 ubl.c     | 29 +++++++++++++++++++++++++++++
 4 files changed, 47 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 602dccc..c6ef369 100644
--- a/Makefile
+++ b/Makefile
@@ -48,7 +48,7 @@ ifneq ($(OLDBOARD),$(BOARD))
 $(shell   echo "$(BOARD)" > config.h)
 endif
 
-CFLAGS += -D${PLATFORM} -D${FLASH_TYPE} -Dboard_$(BOARD)
+CFLAGS += -D${PLATFORM} -D${FLASH_TYPE} -Dboard_$(BOARD) -DENABLE_BOOT_INTERRUPT
 
 # Processor type setup
 # The Instruction and Data accesses are differentiated via accessing different
diff --git a/davinci.c b/davinci.c
index 04234e8..3fe0599 100644
--- a/davinci.c
+++ b/davinci.c
@@ -239,14 +239,14 @@ ivt_init(void)
 }
 
 static int
-timer0_init(void)
+timer0_init(uint8_t timeout)
 {
 	TIMER0->TGCR  = 0x00000000; /* Reset timer */
 	TIMER0->TCR   = 0x00000000; /* Disable timer */
 	TIMER0->TIM12 = 0x00000000; /* Reset timer count to zero */
 
 	/* Set timer period (5 seconds timeout) */
-	TIMER0->PRD12 = SYSTEM_CLK_HZ * 5;
+	TIMER0->PRD12 = SYSTEM_CLK_HZ * timeout;
 
 	return E_PASS;
 }
@@ -261,6 +261,18 @@ timer0_start(void)
 	TIMER0->TGCR  = 0x00000005; /* Start TIMER12 in 32-bits mode. */
 }
 
+void
+timer0_settimeout(uint8_t timeout)
+{
+	timer0_init(timeout);
+}
+
+int
+timer0_setdefault_timeout()
+{
+	return timer0_init(5);
+}
+
 uint32_t
 timer0_status(void)
 {
@@ -680,7 +692,7 @@ davinci_platform_init(char *version)
 		status |= uart0_init();
 
 	if (status == E_PASS)
-		status |= timer0_init();
+		status |= timer0_setdefault_timeout();
 
 	uart_send_lf();
 	log_info(version);
diff --git a/davinci.h b/davinci.h
index 2f81146..ba666f7 100644
--- a/davinci.h
+++ b/davinci.h
@@ -459,5 +459,7 @@ void ddr_vtp_calibration(void);
 
 void timer0_start(void);
 uint32_t timer0_status(void);
+void timer0_settimeout(uint8_t timeout);
+int timer0_setdefault_timeout(void);
 
 #endif /* _DAVINCI_H_ */
diff --git a/ubl.c b/ubl.c
index fb3ba79..08e0510 100644
--- a/ubl.c
+++ b/ubl.c
@@ -85,6 +85,33 @@ icache_enable(void)
 	write_p15_c1(reg | C1_IC);
 }
 
+/* Disable this for more secure boots */
+#ifdef ENABLE_BOOT_INTERRUPT
+static uint32_t boot_cmd;
+static void
+interrupt_me(void)
+{
+
+	/* short for interrupt me */
+	host_msg("I_ME");
+
+	timer0_settimeout(1);
+	if (uart_get_cmd(&boot_cmd) != E_PASS)
+		return;
+	if (boot_cmd != 0x23)
+		return;
+	timer0_setdefault_timeout();
+
+	log_info("Boot interrupted");
+	uart_boot(&jump_entry_point);
+}
+#else
+static void
+interrupt_me(void)
+{
+}
+#endif
+
 static int
 ubl_main(void)
 {
@@ -119,6 +146,8 @@ ubl_main(void)
 	case NON_SECURE_NAND:
 		log_info("NAND"); /* Report boot mode to host */
 
+		interrupt_me();
+
 		/* Copy binary application data from NAND to DDRAM */
 		if (nand_copy(&jump_entry_point) != E_PASS) {
 			log_info("Boot failed.");