Abstract common interfaces for AHAB authentication operations.
Then share some common codes for AHAB and SPL container authentication
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
If the container has image which conflicts with
spl_get_load_buffer address, there are processing failures.
Use malloc instead of spl_get_load_buffer.
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Nitin Garg <nitin.garg@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
1. Implement bootaux for the M4 boot on i.MX8QM and QXP. Users need to download
M4 image to any DDR address first. Then use the
"bootaux <M4 download DDR address> [M4 core id]" to boot CM4_0
or CM4_1, the default core id is 0 for CM4_0.
Since current M4 only supports running in TCM. The bootaux will copy
the M4 image from DDR to its TCML.
2. Implment bootaux for HIFI on QXP
command: bootaux 0x81000000 1
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The bootaux uses ulong to read private data and write to M4 TCM,
this cause problem on ARM64 platform where the ulong is 8bytes.
Fix it by using u32 to replace ulong.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The current bootaux supports i.MX8M and i.MX93, but the name "_M4_"
implies that the SoCs have Cortex-M4. Actually i.MX8MM/Q use Cortex-M4,
i.MX8MN/P use Cortex-M7, i.MX93 use Cortex-M33, so use "_MCU_" in place
of "_M4_" to simplify the naming.
Signed-off-by: faqiang.zhu <faqiang.zhu@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the support for loading image from secondary container set on
iMX8QM B0, iMX8QXP C0.
Using the SCFW API to get container set index, if it is the secondary
boot, get the offset from fuse and apply to offset of current container
set beginning for loading.
Also override the emmc boot partition to check secondary boot and switch
to the other boot part.
This patch is modified from NXP downstream:
imx8: Fix the fuse used by secondary container offset
imx: container: Skip container set check for ROM API
imx8: spl: Support booting from secondary container set
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Checking container header tag and version is wrong, it causes to fail
to bypass invalid container
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix below coverity issues caused by get_idx function where "-1" is
compared with uint8_t "element"
343336 Unsigned compared with neg
343337 Operands don't affect result
Additional, this function returns "-1" will cause overflow to
event string array.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
On the imx8ulp A1 SoC, the ELE RNG needs to be manually started.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Extend the RX timeout value to 10s, because when authentication is failed
the ELE needs long time (>2s for 28M image) to return the result. Print
rx wait info per 1s.
Also correct TX and RX status registers in debug.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
According to SRM, the Sentinel MU has 8 TR and 4 RR registers. All
of them are used for ELE message. So update TR count to 8 and fix a
typo in receive msg
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix Coverity (CID 21143558).
When tee_shm_register returns failure, the shm_input pointer is
invalid, should not free it. Same issue also exists on registering
shm_output.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add two ELE API: ele_return_lifecycle_update and ele_write_secure_fuse
Add two cmd: ahab_return_lifecycle and ahab_sec_fuse_prog
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix build warning:
warning: format ‘%x’ expects argument of type ‘unsigned int’, but argument 3
has type ‘u64’ {aka ‘long long unsigned int’} [-Wformat=]
printf("can't find memreg for image %d load address 0x%x, error %d\n",
warning: format ‘%lx’ expects argument of type ‘long unsigned int’, but
argument 3 has type ‘sc_faddr_t’ {aka ‘long long unsigned int’} [-Wformat=]
debug("memreg %u 0x%lx -- 0x%lx\n", mr, start, end);
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Per NXP requirement, we rename all the NXP EdgeLock Secure Enclave
code including comment, folder and API name to ELE to align.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The return value is int type, not sc_err_t(u8), correct the usage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Tested-by: Oliver Graute <oliver.graute@kococonnector.com>
Reviewed-by: Oliver Graute <oliver.graute@kococonnector.com>
The return value is int type, not sc_err_t(u8), correct the usage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Tested-by: Oliver Graute <oliver.graute@kococonnector.com>
Reviewed-by: Oliver Graute <oliver.graute@kococonnector.com>
Running a memtest in U-Boot and Linux shows that some Colibri iMX6
produce bitflips at temperatures above 60°C. This happens because the
RALAT and WALAT values on the Colibri iMX6 are too low. The problems
were introduced by commit 09dbac8174 ("mx6: ddr: Restore ralat/walat
in write level calibration") before the calibration process overwrote
the values and set them to the maximum value. With this commit, we make
sure that the RALAT and WALAT values are set to the maximum values
again. This has been proven to work for years.
Fixes: 09dbac8174 ("mx6: ddr: Restore ralat/walat in write level calibration")
Signed-off-by: Stefan Eichenberger <stefan.eichenberger@toradex.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
As the serial devices are configured in the device tree, enable
DM_SERIAL in the non-SPL T1024RDB defconfigs.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Make sure the serial driver is initialized before relocation by tagging
the serial nodes with "bootph-all". Add these u-boot specific properties
to an *-u-boot.dtsi file.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the serial node descriptions similar to Linux v6.4 for the
t1024rdb board and its dependencies.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The serial clock is provided by the get_serial_clock() callback on PPC
under DM_SERIAL. Use the same method to compute the clock as for
non-DM_SERIAL use cases.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Call pci_init() to force PCI enumeration at probe time.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
As the serial devices are configured in the device tree, enable
DM_SERIAL in the non-SPL T1042D4RDB defconfigs.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Make sure the serial driver is initialized before relocation by tagging
the serial nodes with "bootph-all". Add these u-boot specific properties
to an *-u-boot.dtsi file.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the serial node descriptions similar to Linux v6.4 for the
t1042d4rdb board and its dependencies.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The serial clock is provided by the get_serial_clock() callback on PPC
under DM_SERIAL. Use the same method to compute the clock as for
non-DM_SERIAL use cases.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Call pci_init() to force PCI enumeration at probe time.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
As the serial devices are configured in the device tree, enable
DM_SERIAL in the non-SPL T4240RDB defconfig.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Make sure the serial driver is initialized before relocation by tagging
the serial nodes with "bootph-all". Add these u-boot specific properties
to an *-u-boot.dtsi file.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the serial node descriptions similar to Linux v6.4 for the t4240rdb
board and its dependencies.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The serial clock is provided by the get_serial_clock() callback on PPC
under DM_SERIAL. Use the same method to compute the clock as for
non-DM_SERIAL use cases.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Call pci_init() to force PCI enumeration at probe time.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
As the serial devices are configured in the device tree, enable
DM_SERIAL in the non-SPL T2080RDB defconfigs.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Make sure the serial driver is initialized before relocation by tagging
the serial nodes with "bootph-all". Add these u-boot specific properties
to an *-u-boot.dtsi file.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add the serial node descriptions similar to Linux v6.4 for the t2080rdb
board and its dependencies.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The serial clock is provided by the get_serial_clock() callback on PPC
under DM_SERIAL. Use the same method to compute the clock as for
non-DM_SERIAL use cases.
Signed-off-by: Camelia Groza <camelia.groza@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>