From c143b7e576526dc3ebeb33efab6078d733f82606 Mon Sep 17 00:00:00 2001
From: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Date: Tue, 15 Sep 2020 10:31:43 +0530
Subject: [PATCH] boot: skip secure boot if atf is present.

This change skip kernel signing validation and proceed with
unsigned boot path only if atf set in env.

Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Change-Id: I01728c754eb1a7514e7206056385a55e0ba192c7
---
 board/qca/arm/common/cmd_bootqca.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/board/qca/arm/common/cmd_bootqca.c b/board/qca/arm/common/cmd_bootqca.c
index 8ba27f5dfa..dae1a1187a 100644
--- a/board/qca/arm/common/cmd_bootqca.c
+++ b/board/qca/arm/common/cmd_bootqca.c
@@ -849,8 +849,11 @@ static int do_bootipq(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 	ret = qca_scm_call(SCM_SVC_FUSE, QFPROM_IS_AUTHENTICATE_CMD, &buf, sizeof(char));
 
 	aquantia_phy_reset_init_done();
-
-	if (ret == 0 && buf == 1) {
+	/*
+	|| if atf is enable in env ,do_boot_signedimg is skip.
+	|| Note: This features currently support in ipq50XX.
+	*/
+	if (ret == 0 && buf == 1 && !getenv("atf")) {
 		ret = do_boot_signedimg(cmdtp, flag, argc, argv);
 	} else if (ret == 0 || ret == -EOPNOTSUPP) {
 		ret = do_boot_unsignedimg(cmdtp, flag, argc, argv);