Add tests to reach 100% code coverage for the added etype encrypted.
Signed-off-by: Christian Taedcke <christian.taedcke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The new encrypted etype generates a cipher node in the device tree
that should not be evaluated by binman, but still be kept in the
output device tree.
Signed-off-by: Christian Taedcke <christian.taedcke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds a new etype encrypted.
It creates a new cipher node in the related image similar to the
cipher node used by u-boot, see boot/image-cipher.c.
Signed-off-by: Christian Taedcke <christian.taedcke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Drop the use of a numbered key file since numbering is just for the test
devicetree files. Also adjust the tests to avoid putting a hard-coded
path to binman in the file, using the entry arg instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Now that buildman has a requirements.txt file we need to make use of it.
Reviewed-by: Simon Glass <sjg@chromium.org>
[n-francis@ti.com: Adding missing command from .azure-pipelines.yml]
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
At this point, buildman requires a few different modules and so we need
a requirements.txt to track what modules are needed.
Cc: Simon Glass <sjg@chromium.org>
Cc: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Without this re-building will fail with an error when trying to create
the symlink for the second time with an already exists error.
Signed-off-by: Andrew Davis <afd@ti.com>
[n-francis@ti.com: Added support for test output dir and testcase]
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Earlier documentation specified builds for generating bootloader images
using an external TI repository k3-image-gen and core-secdev-k3. Modify
this to using the binman flow so that user understands how to build the
final boot images.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Since binman is used to package bootloader images for all K3 devices, we
do not have to rely on the earlier methods to package them.
Scripts that were used to generate x509 certificate for tiboot3.bin and
generate tispl.bin, u-boot.img have been removed.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Move to using binman to generate tispl.bin which is used to generate the
final flash.bin bootloader for iot2050 boards.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
By providing entries in the binman node of the device tree, binman will
be able to find and package board config artifacts generated by
TIBoardConfig with sysfw.bin and generate the final image sysfw.itb.
It will also pick out the R5 SPL and sign it with the help of TI signing
entry and generate the final tiboot3.bin.
Entries for A72 build have been added to k3-j721e-binman.dtsi to
generate tispl.bin and u-boot.img.
Support has been added for both HS-SE(SR 1.1), HS-FS(SR 2.0) and GP images
In HS-SE, the encrypted system firmware binary must be signed along with
the signed certificate binary.
HS-SE:
* tiboot3-j721e_sr1_1-hs-evm.bin
* sysfw-j721e_sr1_1-hs-evm.itb
* tispl.bin
* u-boot.img
HS-FS:
* tiboot3-j721e_sr2-hs-fs-evm.bin
* sysfw-j721e_sr2-hs-fs-evm.itb
* tispl.bin
* u-boot.img
GP:
* tiboot3.bin -->tiboot3-j721e-gp-evm.bin
* sysfw.itb --> sysfw-j721e-gp-evm.itb
* tispl.bin_unsigned
* u-boot.img_unsigned
It is to be noted that the bootflow followed by J721E requires:
tiboot3.bin:
* R5 SPL
* R5 SPL dtbs
sysfw.itb:
* TIFS
* board-cfg
* pm-cfg
* sec-cfg
* rm-cfg
tispl.bin:
* DM
* ATF
* OP-TEE
* A72 SPL
* A72 SPL dtbs
u-boot.img:
* A72 U-Boot
* A72 U-Boot dtbs
Reviewed-by: Simon Glass <sjg@chromium.org>
[afd@ti.com: changed output binary names appropriately]
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Schema file in YAML must be provided in board/ti/common for validating
input config files and packaging system firmware. The schema includes
entries for rm-cfg, board-cfg, pm-cfg and sec-cfg.
Board config files must be provided in board/ti/<devicename> in YAML.
These can then be consumed for generation of binaries to package system
firmware. Added YAML configs for J721E in particular.
Signed-off-by: Tarun Sahu <t-sahu@ti.com>
[n-francis@ti.com: prepared patch for upstreaming]
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Board config binary artifacts must be generated to be used by binman to
package sysfw.itb and tiboot3.bin for all K3 devices.
For devices that follow combined flow, these board configuration
binaries must again be packaged into a combined board configuration
blobs to be used by binman to package tiboot3.bin.
Add common k3-binman.dtsi to generate all the board configuration
binaries needed.
Also add custMpk.pem and ti-degenerate-key.pem needed for signing GP and
HS bootloader images common to all K3 devices.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
The ti-secure entry contains certificate for binaries that will be
loaded or booted by system firmware whereas the ti-secure-rom entry
contains certificate for binaries that will be booted by ROM. Support
for both these types of certificates is necessary for booting of K3
devices.
Reviewed-by: Simon Glass <sjg@chromium.org>
[vigneshr@ti.com: fixed inconsist cert generation by multiple packing]
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
The ti-board-config entry loads and validates a given YAML config file
against a given schema, and generates the board config binary. K3
devices require these binaries to be packed into the final system
firmware images.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Using `default y` will not select BMP when CMD_BMP has been enabled, if
it was already configured.
By using `select`, if `CMD_BMP` is turned on, it will force the presence
of `BMP`.
Fixes: 072b0e16c4 ("common: Kconfig: Add BMP configs")
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
To understand usage of DDR in A53 SPL stage, add a table showing region
and space used by major components of SPL.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Use config SPL_VIDEO_REMOVE to remove video driver at SPL stage before
jumping to next stage, in place of CONFIG_SPL_VIDEO, to allow user to
remove video if required.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This is required since user may want to either call the remove method
of video driver and reset the display or not call the remove method
to continue displaying until next stage.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
U-boot proper can use frame buffer address passed from SPL to reserve
the memory area used by framebuffer set in SPL so that splash image
set in SPL continues to get displayed while u-boot proper is running.
Put the framebuffer address and size in a bloblist to make them
available at u-boot proper, if in u-boot proper CONFIG_VIDEO is defined.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add method to reserve video framebuffer information using blob,
received from previous stage.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Use spl_dcache_enable, in place of setup_dram, arch_reserve_mmu to set
up pagetable, initialise DRAM and enable Dcache to avoid multiple
function calls.
Check for CONFIG_SPL_VIDEO in place of CONFIG_SPL_VIDEO_TIDSS to prevent
any build failure in case video config is not defined and video related
functions are called.
Check for CONFIG_SPL_SPLASH_SCREEN and CONFIG_SPL_BMP before calling
splash_display to avoid compilation failure.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
In spl_dcache_enable after setting up page table, set gd->relocaddr
pointer to tlb_addr, to get next location to reserve memory. Align
tlb_addr with 64KB address.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
At SPL stage when stack is relocated, the stack pointer needs to be
updated, the stack pointer may point to stack in on chip memory even
though stack is relocated.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is little need to print the devstat information or when we exit a
function during a typical boot. Remove them to reduce the noise during
typical operation
Signed-off-by: Bryan Brattlof <bb@ti.com>
During LPDDR initialization we will loop through a series of frequency
changes in order to train at the various operating frequencies. During
this training, accessing the DRAM_CLASS bitfield could happen during a
frequency change and cause the read to hang.
Store the DRAM type into the main structure to avoid multiple readings
while the independent phy is training.
Signed-off-by: Bryan Brattlof <bb@ti.com>
The function declaration for force_emif_self_refresh takes no parameters
but does not specify this, only the prototype in the headers do. As
clang will warn about this, correct it.
Signed-off-by: Tom Rini <trini@konsulko.com>
Non-HS boards can use FIT images so include the env var commands
for these unconditionally.
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
AM62x SoC is available in multiple variant:
- CPU cores (Cortex-A) AM62x1 (1 core), AM62x2 (2 cores), AM62x4 (4 cores)
- GPU AM625x with GPU, AM623x without GPU
- PRU (Programmable RT unit) can be present or not on AM62x2/AM62x4
Remove the relevant FDT nodes by reading the actual configuration
from the SoC registers, with that change is possible to have a single
dts/dtb file handling the different variant at runtime.
While removing GPU node and CPU nodes also the watchdog node
in the same Module Domain is removed.
A similar approach is implemented for example on i.MX8 and STM32MP1 SoC.
Signed-off-by: Emanuele Ghidoli <emanuele.ghidoli@toradex.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Add register address and relevant bitmasks and shifts.
Allow reading these information:
- device identification
- number of cores (part of device identification)
- features (currently: PRU / no PRU)
- security
- functional safety
- speed grade
- temperature grade
- package
Signed-off-by: Emanuele Ghidoli <emanuele.ghidoli@toradex.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Reviewed-by: Andrew Davis <afd@ti.com>
ft_system_setup cannot be enabled on SoC without msmc sram otherwise
fdt_fixup_msmc_ram function fails causing system reset.
Fix by moving fdt_fixup_msmc_ram to common_fdt.c file and creating
SoC (AM654, J721E and J721S2) specific files for fdt fixups.
This change was verified to not change anything on any existing board
(all the J721S2, AM654 and J721E boards requires it,
none of the remaining k3 boards require it).
Fixes: 30e96a2401 ("arm: mach-k3: Move MSMC fixup to SoC level")
Signed-off-by: Emanuele Ghidoli <emanuele.ghidoli@toradex.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
