Move an OEM closing logic to ahab_close() function to be able to use
it directly without calling a u-boot command.
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Make sure we have an IMX header before calling spl_load_imx_container,
since if we don't it will fail with -ENOENT. This allows us to fall back to
legacy/raw images if they are also enabled.
This is a functional change, one which likely should have been in place
from the start, but a functional change nonetheless. Previously, all
non-IMX8 images (except FITs without FIT_FULL) would be optimized out if
the only image load method enabled supported IMX8 images. With this change,
support for other image types now has an effect.
There are seven boards with SPL_LOAD_IMX_CONTAINER enabled: three with
SPL_BOOTROM_SUPPORT:
imx93_11x11_evk_ld imx93_11x11_evk imx8ulp_evk
and four with SPL_MMC:
deneb imx8qxp_mek giedi imx8qm_mek
All of these boards also have SPL_RAW_IMAGE_SUPPORT and
SPL_LEGACY_IMAGE_FORMAT enabled as well. However, none have FIT support
enabled. Of the six load methods affected by this patch, only SPL_MMC and
SPL_BOOTROM_SUPPORT are enabled with SPL_LOAD_IMX_CONTAINER.
spl_romapi_load_image_seekable does not support legacy or raw images, so
there is no growth. However, mmc_load_image_raw_sector does support loading
legacy/raw images. Since these images could not have been booted before, I
have disabled support for legacy/raw images on these four boards. This
reduces bloat from around 800 bytes to around 200.
There are no in-tree boards with SPL_LOAD_IMX_CONTAINER and AHAB_BOOT both
enabled, so we do not need to worry about potentially falling back to
legacy images in a secure boot scenario.
Future work could include merging imx_container.h with imx8image.h, since
they appear to define mostly the same structures.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
add support for SHA-256 secure hash algorithm using the ARM v8
SHA-256 instructions for verifying image hash.
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Abstract common interfaces for AHAB authentication operations.
Then share some common codes for AHAB and SPL container authentication
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Move imx8 sci header file to include/firmware/imx, then we could
use build macro to reuse some i.MX8 drivers for i.MX9, such as
drivers/cpu/imx8_cpu.c.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
Since the container is shared among i.MX platforms, move its header file
to mach-imx
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
It is a pain to have to specify the value 16 in each call. Add a new
hextoul() function and update the code to use it.
Add a proper comment to simple_strtoul() while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Calling ahab_close cmd force the user to interact for confirmation.
This is not user-friendly when using this cmd during factory process.
Allow the user to pass '-y' option to bypass this confirmation.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Oliver Graute <oliver.graute@kococonnector.com>
Fix the following warning:
arch/arm/mach-imx/imx8/ahab.c:105:3: warning: implicit declaration of function ‘flush_dcache_range’ [-Wimplicit-function-declaration]
flush_dcache_range(s, e);
^~~~~~~~~~~~~~~~~~
Include cpu_func.h header which declares the flush_dcache_range()
function.
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
arch/arm/mach-imx/imx8/ahab.c: In function ‘authenticate_os_container’:
arch/arm/mach-imx/imx8/ahab.c:96:9: warning: format ‘%x’ expects argument of type
‘unsigned int’, but argument 9 has type ‘ulong {aka long unsigned int}’ [-Wformat=]
debug("img %d, dst 0x%x, src 0x%x, size 0x%x\n",
Fix those by using "%lu" specified.
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
arch/arm/mach-imx/imx8/ahab.c:110:63: warning: format ‘%x’ expects
argument of type ‘unsigned int’, but argument 2 has type ‘u64 {aka long
long unsigned int}’ [-Wformat=]
Fix those by using %llx
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
The Linux coding style guide (Documentation/process/coding-style.rst)
clearly says:
It's a **mistake** to use typedef for structures and pointers.
Besides, using typedef for structures is annoying when you try to make
headers self-contained.
Let's say you have the following function declaration in a header:
void foo(bd_t *bd);
This is not self-contained since bd_t is not defined.
To tell the compiler what 'bd_t' is, you need to include <asm/u-boot.h>
#include <asm/u-boot.h>
void foo(bd_t *bd);
Then, the include direcective pulls in more bloat needlessly.
If you use 'struct bd_info' instead, it is enough to put a forward
declaration as follows:
struct bd_info;
void foo(struct bd_info *bd);
Right, typedef'ing bd_t is a mistake.
I used coccinelle to generate this commit.
The semantic patch that makes this change is as follows:
<smpl>
@@
typedef bd_t;
@@
-bd_t
+struct bd_info
</smpl>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
In SPL build, the formatting '%llx' in debug() is not supported.
Also, fix some misplaced parameters in printf.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Seb Fagard <sebastien.fagard@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Latest SCFW has removed old MISC SECO commands. So update the codes
to use new SECO commands.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Add function and new command "auth_cntr" for secure boot support.
When booting with life cycle set to OEM closed, we need to use
this function to authenticate the OS container and load kernel & FDT
from OS container to their destination.
Also add image authentication call when loading container images.
Users can set CONFIG_AHAB_BOOT=y to enable the feature. It is not
set at default.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
