add support for SHA-256 secure hash algorithm using the ARM v8
SHA-256 instructions for verifying image hash.
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Abstract common interfaces for AHAB authentication operations.
Then share some common codes for AHAB and SPL container authentication
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
If the container has image which conflicts with
spl_get_load_buffer address, there are processing failures.
Use malloc instead of spl_get_load_buffer.
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Nitin Garg <nitin.garg@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
1. Implement bootaux for the M4 boot on i.MX8QM and QXP. Users need to download
M4 image to any DDR address first. Then use the
"bootaux <M4 download DDR address> [M4 core id]" to boot CM4_0
or CM4_1, the default core id is 0 for CM4_0.
Since current M4 only supports running in TCM. The bootaux will copy
the M4 image from DDR to its TCML.
2. Implment bootaux for HIFI on QXP
command: bootaux 0x81000000 1
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The bootaux uses ulong to read private data and write to M4 TCM,
this cause problem on ARM64 platform where the ulong is 8bytes.
Fix it by using u32 to replace ulong.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The current bootaux supports i.MX8M and i.MX93, but the name "_M4_"
implies that the SoCs have Cortex-M4. Actually i.MX8MM/Q use Cortex-M4,
i.MX8MN/P use Cortex-M7, i.MX93 use Cortex-M33, so use "_MCU_" in place
of "_M4_" to simplify the naming.
Signed-off-by: faqiang.zhu <faqiang.zhu@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the support for loading image from secondary container set on
iMX8QM B0, iMX8QXP C0.
Using the SCFW API to get container set index, if it is the secondary
boot, get the offset from fuse and apply to offset of current container
set beginning for loading.
Also override the emmc boot partition to check secondary boot and switch
to the other boot part.
This patch is modified from NXP downstream:
imx8: Fix the fuse used by secondary container offset
imx: container: Skip container set check for ROM API
imx8: spl: Support booting from secondary container set
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Checking container header tag and version is wrong, it causes to fail
to bypass invalid container
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix below coverity issues caused by get_idx function where "-1" is
compared with uint8_t "element"
343336 Unsigned compared with neg
343337 Operands don't affect result
Additional, this function returns "-1" will cause overflow to
event string array.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
On the imx8ulp A1 SoC, the ELE RNG needs to be manually started.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Extend the RX timeout value to 10s, because when authentication is failed
the ELE needs long time (>2s for 28M image) to return the result. Print
rx wait info per 1s.
Also correct TX and RX status registers in debug.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
According to SRM, the Sentinel MU has 8 TR and 4 RR registers. All
of them are used for ELE message. So update TR count to 8 and fix a
typo in receive msg
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix Coverity (CID 21143558).
When tee_shm_register returns failure, the shm_input pointer is
invalid, should not free it. Same issue also exists on registering
shm_output.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add two ELE API: ele_return_lifecycle_update and ele_write_secure_fuse
Add two cmd: ahab_return_lifecycle and ahab_sec_fuse_prog
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix build warning:
warning: format ‘%x’ expects argument of type ‘unsigned int’, but argument 3
has type ‘u64’ {aka ‘long long unsigned int’} [-Wformat=]
printf("can't find memreg for image %d load address 0x%x, error %d\n",
warning: format ‘%lx’ expects argument of type ‘long unsigned int’, but
argument 3 has type ‘sc_faddr_t’ {aka ‘long long unsigned int’} [-Wformat=]
debug("memreg %u 0x%lx -- 0x%lx\n", mr, start, end);
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Per NXP requirement, we rename all the NXP EdgeLock Secure Enclave
code including comment, folder and API name to ELE to align.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The return value is int type, not sc_err_t(u8), correct the usage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Tested-by: Oliver Graute <oliver.graute@kococonnector.com>
Reviewed-by: Oliver Graute <oliver.graute@kococonnector.com>
The return value is int type, not sc_err_t(u8), correct the usage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Tested-by: Oliver Graute <oliver.graute@kococonnector.com>
Reviewed-by: Oliver Graute <oliver.graute@kococonnector.com>
Running a memtest in U-Boot and Linux shows that some Colibri iMX6
produce bitflips at temperatures above 60°C. This happens because the
RALAT and WALAT values on the Colibri iMX6 are too low. The problems
were introduced by commit 09dbac8174 ("mx6: ddr: Restore ralat/walat
in write level calibration") before the calibration process overwrote
the values and set them to the maximum value. With this commit, we make
sure that the RALAT and WALAT values are set to the maximum values
again. This has been proven to work for years.
Fixes: 09dbac8174 ("mx6: ddr: Restore ralat/walat in write level calibration")
Signed-off-by: Stefan Eichenberger <stefan.eichenberger@toradex.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
The Gateworks imx8mp-venice-gw7905-2x consists of a SOM + baseboard.
The GW702x SOM contains the following:
- i.MX8M Plus SoC
- LPDDR4 memory
- eMMC Boot device
- Gateworks System Controller (GSC) with integrated EEPROM, button
controller, and ADC's
- PMIC
- SOM connector providing:
- eQoS GbE MII
- 1x SPI
- 2x I2C
- 4x UART
- 2x USB 3.0
- 1x PCI
- 1x SDIO (4-bit 3.3V)
- 1x SDIO (4-bit 3.3V/1.8V)
- GPIO
The GW7905 Baseboard contains the following:
- GPS
- microSD
- off-board I/O connector with I2C, SPI, GPIO
- EERPOM
- PCIe clock generator
- 1x full-length miniPCIe socket with PCI/USB3 (via mux) and USB2.0
- 1x half-length miniPCIe socket with USB2.0 and USB3.0
- USB 3.0 HUB
- USB Type-C with USB PD Sink capability and peripheral support
- USB Type-C with USB 3.0 host support
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Since U-Boot builds HTML documentation, migrate the contents
of the README file to an rst file which can generate the
proper outputs.
Signed-off-by: Adam Ford <aford173@gmail.com>
Instead of cluttering up a header file with a bunch of defines,
move the default environmental variables to a file called
imx8mn_beacon.env and reference it from the defconfigs.
Signed-off-by: Adam Ford <aford173@gmail.com>
Since U-Boot builds HTML documentation, migrate the contents
of the README file to an rst file which can generate the
proper outputs.
Signed-off-by: Adam Ford <aford173@gmail.com>
Instead of cluttering up a header file with a bunch of defines,
move the default environmental variables to a file called
imx8mm_beacon.env and reference it from the defconfig.
Signed-off-by: Adam Ford <aford173@gmail.com>
While testing the ethernet interface on a Variscite symphony carrier
board using an imx8mn SOM with an onboard ADIN1300 PHY (EC hardware
configuration), the ethernet PHY is not detected.
The ADIN1300 datasheet indicate that the "Management interface
active (t4)" state is reached at most 5ms after the reset signal is
deasserted.
The device tree in Variscite custom git repository uses the following
property:
phy-reset-post-delay = <20>;
Add a new MDIO property 'reset-deassert-us' of 20ms to have the same
delay inside the ethphy node. Adding this property fixes the problem
with the PHY detection.
Note that this SOM can also have an Atheros AR8033 PHY. In this case,
a 1ms deassert delay is sufficient. Add a comment to that effect.
Fixes: c4c1ed68c1 ("imx8mn_var_som: Add support for Variscite
VAR-SOM-MX8M-NANO board")
Signed-off-by: Hugo Villeneuve <hvilleneuve@dimonoff.com>
Select DM_ETH_PHY so that the reset-gpios property of the ethphy node
can be used.
Also select DM_PCA953X, which is needed for resetting the
ethernet PHY on the carrier board via the PCA9534 I/O expander.
Commit 4e5114daf9 ("imx8mn: synchronise device tree with linux") did
synchronise device tree with linux, which in effect removed obsolete
PHY reset properties and replaced them with new mdio DM
properties. But the commit didn't activate DM_ETH_PHY or DM_PCA953X.
Fixes: 4e5114daf9 ("imx8mn: synchronise device tree with linux")
Signed-off-by: Hugo Villeneuve <hvilleneuve@dimonoff.com>
Enable support to read and display configuration/manufacturing infos
from 4Kbit EEPROM located on SOM board.
Note: CONFIG_DISPLAY_BOARDINFO is automatically selected for ARM arch.
Signed-off-by: Hugo Villeneuve <hvilleneuve@dimonoff.com>
Getting
Found /vpu_g1@38300000 node
Modify /vpu_g1@38300000:status disabled
Found /vpu_g2@38310000 node
Modify /vpu_g2@38310000:status disabled
etc. on the console on every boot is needlessly verbose. Demote the
"Found ..." lines to debug(), which is consistent with other instances
in soc.c.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
The single binary version of u-boot for XEA board is used to debrick and
factory programming.
The produced u-boot.sb is a single file, which allows having fully
operational u-boot prompt loaded with imx287 ROM.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
The XEA board now supports the DM_SERIAL feature in u-boot.
The SPL is using the SPL_OF_PLATDATA - i.e. NOT SPL_DM_SERIAL to
reduce the overall size of the SPL binary.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
The CONFIG_PL011 used by all other ARCH_MX28 based boards is not
supporting DM_SERIAL. Instead, other define - namely CONFIG_PL01X_SERIAL
shall be used by boards supporting DM_SERIAL.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
The in-spl enabled DM serial console requires the board setup to be
able to parse SPL_OF_PLATDATA based serial driver (pl01x) for the
imx28 based XEA board.
Signed-off-by: Lukasz Majewski <lukma@denx.de>