From Sentinel FW v0.0.9-9df0f503, the response message of get info API
is changed to add OEM SRK and some states (IMEM, CSAL, TRNG).
With old structure, we get failure from sentinel due to the buffer
size can't fit with new response message. So update the API structure
to fix the issue.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
This patch is used to support DBD owner fuse changed to S400 only.
The XRDC PDAC2 for LPAV pbridge5 and MSC1/2/3 for GPIO and LPAV are not
configured by S400 default setting. So these PDAC and MSC are invalid,
only DBD owner can access the corresponding resources.
We have to configure necessary PDAC and MSC for SPL before DDR
initialization.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
To clean the upower codes by aligning codes format, check err_code
and add detail bits list for the memory magic number
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The swton indicates the logic switch, magic number 0xfff80 is hard
to understand, so use macro.
Some board design may not have MIPI_CSI voltage input connected per
data sheet. In that case, the upower power on API may dead loop mu to wait
response, however there is no response. So remove MIPI_CSI here, let
linux power domain driver to runtime enable the power domain.
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
At present, in cgc1_pll3_init we don't set the pll3pfd div values,
just use the default 0. But on A1 part, ROM will set PLL3 pfd1div2
to 1 and pfd2div1 to 3.
This finally causes some clocks' rate decreased, for example USDHC.
So clear the PLL3DIV_PFD dividers to get correct rate.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Some space in SRAM0 will be protected by S400 to allow RX SecPriv mode
access only for boot purpose. Since SW will reuse the SRAM0 as SCMI
buffer and SPL container loading buffer, need to reconfigure MRC3.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
To align with ARM trusted firmware's change, adjust DRAM timing
save area to new position 0x20055000. So we can release the space
since 0x2006c000 for the NOBITS region of ARM trusted firmware
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Jacky Bai <ping.bai@nxp.com>
Need to add DRAM access permission for S400, as S400 needs to access
it When SPL calls image authentication
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
To fit the DBD_EN fused part, we re-design the TRDC and XRDC assignment.
M33 will be the TRDC owner and needs to configure TRDC. A35 is the
XRDC owner, ATF will configure XRDC.
The handshake between U-boot and M33 image is used to sync TRDC and
XRDC configuration completion. Once the handshake is done, A35 and M33
can access the allowed resources in others domain.
The handshake is needed when M33 is booted or DBD_EN fused, because both
cases will enable the TRDC. If handshake is timeout, the boot will hang.
We use SIM GPR0 to pass the info from SPL to u-boot, because before the
handshake, u-boot can't access SEC SIM and FSB.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Jacky Bai <ping.bai@nxp.com>
As M33 is responsible for TRDC configuration, the settings for A35
nonsecure world access and DMA0 access are moved to M33 image.
So remove the codes to release TRDC and configure it. Just keep
the configurations for reference.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Jacky Bai <ping.bai@nxp.com>
iMX8ULP A1 S400 ROM removes the setting for MRC4/5. So we have to set
them in SPL to allow access to DDR from A35 and APD PER masters
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Since A1 ROM has fixed the ROM API eMMC issue, we should only use
the workaround for A0.1 part. Add a SOC revision check.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
In both SPL and u-boot, after probing the S400 MU, get the chip revision,
lifecycle and UID from Sentinel.
Update get_cpu_rev to use the chip revision not hard coded it for A0
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Since latest DTS has added multiple MU nodes, using compatible
string to find the device node is not proper. It finds the first
node with the compatible string matched even the node is disabled.
Signed-off-by: Ye Li <ye.li@nxp.com>
Move to using .env file for setting up environment variables for am65x.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Include ti_armv7_common.env and ti/mmc.env, which includes' K3 common
environment variables used across different K3 boards.
This patch depends on
https://lore.kernel.org/all/20230315052745.110502-1-n-francis@ti.com/
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
TI's security enforcing SoCs will authenticate each binary it loads by
comparing it's signature with keys etched into the SoC during the boot
up process. The am62ax family of SoCs by default will have some level of
security enforcement checking. To keep things as simple as possible,
enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of
secure SoCs will work out of the box
Enable the CONFIG_TI_SECURE_DEVICE by default
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Kamlesh Gurudasani <kamlesh@ti.com>
Move to using .env file for setting up environment variables for J721E
and J7200.
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Move to using .env file for setting up environment variables for J721S2.
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add K3 common environment variables to .env. We retain the old-style C
environment .h files to maintain compatibility with other K3 boards that
have not moved to using .env yet.
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Last use of CONFIG_SYS_GPIO1_PRELIM was removed by
commit fae2ea5951 ("ppc: Remove MPC8349EMDS board and ARCH_MPC8349
support").
Last use of CONFIG_SYS_GPIO2_PRELIM was removed even before by
commit 6843862342 ("ppc: Remove caddy2 / vme8349 boards")
Those two items were removed from whitelist by
commit 8cca60a2cb ("Kconfig: Remove some symbols from the whitelist")
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Fixes: fae2ea5951 ("ppc: Remove MPC8349EMDS board and ARCH_MPC8349 support")
Last (incorrect) use of those CONFIG items was removed by
commit 9fd9abedcc ("TQM834x: remove defines causing gcc4.4 warnings")
Those items are invalid and should have been removed at the
same time because lblaw[] has only 4 elements.
And they were removed from the whitelist by
commit 9c5df7a2a9 ("mpc83xx: Migrate LBLAW_* to Kconfig")
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Fixes: 9fd9abedcc ("TQM834x: remove defines causing gcc4.4 warnings")
Apple silicon SoCs have numerous embedded co-processors with pre-loaded
firmware. The co-processors text and data sections need to be mapped via
DART iommus controlled by the main processor. Those sections are
exported as reserved-memory. Bump CONFIG_LMB_MAX_REGIONS from 8 to 64 to
deal with the large amount of reserved-memory regions.
Signed-off-by: Janne Grunau <j@jannau.net>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
The Linux devicetrees for Apple silicon devices are after review
feedback switching from deleting unused PCIe ports to disabling them.
Link: https://lore.kernel.org/asahi/1ea2107a-bb86-8c22-0bbc-82c453ab08ce@linaro.org/
Signed-off-by: Janne Grunau <j@jannau.net>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
The WIZ acts as a wrapper for SerDes and has Lanes 0 and 2 reserved
for USB for type-C lane swap if Lane 1 and Lane 3 are linked to the
USB PHY that is integrated into the SerDes IP. The WIZ control register
has to be configured to support this lane swap feature.
The support for swapping lanes 2 and 3 is missing and therefore
add support to configure the control register to swap between
lanes 2 and 3 if PHY type is USB.
Signed-off-by: Sinthu Raja <sinthu.raja@ti.com>
It's possible that the Type-C plug orientation on the DIR line will be
implemented through hardware design. In that situation, there won't be
an external GPIO line available, but the driver still needs to address
this since the DT won't use the typec-dir-gpios property.
Add code to handle LN10 Type-C swap if typec-dir-gpios property is not
specified in DT.
Signed-off-by: Sinthu Raja <sinthu.raja@ti.com>
For non TI boards it is not possible to enable the do_board_detect()
call as TI_I2C_BOARD_DETECT is defined in board/ti/common/Kconfig.
I want to use do_board_detect() to dectect boards and properties based
on some SPI communication with a FPGA.
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Kconfig does not support using 'select' to select a 'choice'. A choice
can be configured by either setting the choice symbol to 'y' in a
configuration file or by setting a 'default' of the choice.
In board/ti/*/Kconfig the SOC_K3_* choice is already set to 'y' in their
corresponding configs/*_defconfig file. So remove selecting it.
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
The M.2 slots of the related IOT2050 variant need to be configured
according to the plugged cards. This tries to detect the card using the
M.2 configuration pins of the B-key slot. If that fails, a U-Boot
environment variable can be set to configure manually. This variable is
write-permitted also in secure boot mode as it is not able to undermine
the integrity of the booted system.
The configuration is then applied to mux the serdes and to fix up the
device tree passed to or loaded by the bootloader. The fix-ups are
coming from device tree overlays that are embedded into the firmware
image and there also integrity protected. The OS remains free to load
a device tree to which they do not apply: U-Boot will not fail to boot
in that case.
Based on original patch by Chao Zeng.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Add support for the M.2 board based on the iot2050 advanced board.
The board has two m.2 connectors, one is B-keyed, the other E-keyed.
The B-key slot can connect 5G/SSD devices, and E-key can be used for
WIFI/BT devices.
This variant is covered by PG2 firmware image.
Signed-off-by: chao zeng <chao.zeng@siemens.com>
[Jan: align DT to kernel, polish wording]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
User-button is controlled by the mcu domain gpio number 25.
But main0 main1 mcu domain all have gpio number 25.
To identify where the gpio is from, Using gpio controll base as the prefix
to indicate the gpio resource.
Signed-off-by: chao zeng <chao.zeng@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Use external blob otpcmd.bin to replace the 0xff filled OTP programming
command block to create a firmware image that provisions the OTP on
first boot. This otpcmd.bin is generated from the customer keys using
steps described in the meta-iot2050 integration layer for the device.
Based on original patch by Baocheng Su.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
There are many ways to get a signed firmware for the IOT2050 devices,
namely for the parts under user-control. This script documents one way
of doing it, given a signing key. Augment the board documentation with
the required procedure around it.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Allows to create a public key device tree dtsi for inclusion into U-Boot
SPL and proper during first build already. This can be achieved via
CONFIG_DEVICE_TREE_INCLUDES.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Add hashes and configuration signature stubs to prepare verified boot
of main U-Boot by SPL.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Will be needed when CONFIG_ENV_WRITEABLE_LIST is enabled. The listed
variables shall remain writable, for informational purposes - they have
to be considered untrusted because the persistent U-Boot env is not
protected.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Allows run-time control over watchdog auto-start and the timeout via
setting the environment variable watchdog_timeout_ms. A value of zero
means "do not start". Use CONFIG_WATCHDOG_TIMEOUT_MSECS as initial value
and this to zero by default. Users can then enable the watchdog once the
use and OS which picks it up during boot.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Anything that is not boot-env related is better kept there by now.
At this chance, also drop a stale comment from iot2050.h
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The latest version of the binary-only firmware parts come in a combined
form of FSBL and sysfw containers. This implies some layout changes to
the generated firmware image but also makes handling of artifacts much
simpler (4 files less). The env locations will not change, just the
space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of
space left in practice.
Adjust configuration and documentation accordingly.
Along this change, add a new reservation for update commands of the
user-controlled OTP part. A specific userspace tool will fill it, and
the FSBL will evaluate it during boot. This reservation will use 64K of
the former sysfw section.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Refactor according to the entry `fit: Entry containing a FIT` of
document tools/binman/README.entries.
As the generator uses the device tree name for the config description,
board_fit_config_name_match requires a small adjustment as well.
Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
[Jan: re-add now required CONFIG_OF_LIST, update config matching]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Due to different signature keys, the PG1 and the PG2 boards can no
longer use the same FSBL (tiboot3). This makes it impossible anyway to
maintaine a single flash.bin for both variants, so we can also split the
build.
A new target is added to indicates the build is for PG1 vs. PG2 boards.
Hence now the variants have separated defconfig files.
The runtime board_is_sr1() check does make no sense anymore, so remove
it and replace with build time check.
Documentation is updated accordingly. New binary artifacts are already
available via meta-iot2050.
Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
[Jan: refactor config option into targets, tweak some wordings]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
-----BEGIN PGP SIGNATURE-----
iQFQBAABCgA6FiEEqxhEmNJ6d7ZdeFLIHrMeAg6sL8gFAmQirs0cHGV1Z2VuLmhy
aXN0ZXZAY29sbGFib3JhLmNvbQAKCRAesx4CDqwvyIWBCACz3Bh76v3vbqhaQPBq
ZGB+jnaZQsWW9r285dCmQFA/xGLbQoMVIhzvLVmEcZdr0d9wHUEsy1IzC6tak2MJ
NkiYcNRb3lnYEDthvjGdpz6QIGZBBOj8l8ha70z4ZvzBwTfOReB04N5207n5Tzq/
hAFAWcM3VxfVXF2Xb8O/HbyEbOVXKY65xWinAIZqvGscox+vx3Vj9m1aLqcQP0Wy
bCZowynfyKWiFrHr5TYgpmL4ROsj3jbnRhC0dqyB+ewRdRAK4uVJXRj23ywwDcGH
VqlYFVFT8EY5HSzCG8VGMtGqV+H4+K4RYiTLtDwtbHWdXnUKLKORXtXi2xcHHxS1
rj5U
=kb6/
-----END PGP SIGNATURE-----
Merge tag 'u-boot-at91-2023.07-a' of https://source.denx.de/u-boot/custodians/u-boot-at91 into next
First set of u-boot-at91 features for the 2023.07 cycle:
This feature set includes the clock changes required for sam9x60 SoC to
support USB host.
After the conversion to DM_SERIAL in commit 01f372d8d6 ("udoo_neo:
Select DM_SERIAL and drop iomux board level init") the SPL log is gone
and the U-Boot proper log becomes incomplete:
Core: 80 devices, 18 uclasses, devicetree: separate
MMC: FSL_SDHC: 1, FSL_SDHC: 2
Loading Environment from MMC... OK
In: serial@2020000
Out: serial@2020000
Err: serial@2020000
Net: eth0: ethernet@2188000
Hit any key to stop autoboot: 0
Introduce the u-boot.dtsi file that passes the u-boot,dm-pre-reloc
properties to the relevant nodes so that UART can be used early in SPL.
With this change, the complete SPL and U-Boot messages are seen again.
Signed-off-by: Fabio Estevam <festevam@denx.de>
The second call to cli_ch_process() is in the wrong place, meaning that
the one of the characters of an invalid escape sequence is swallowed
instead of being returned.
Fix the bug and add a test to cover this.
This behaviour matches that of the code before cli_getch() was
introduced. This was verified on the commit before b08e9d4b66 i.e.:
7d850f85aa ("sandbox: Enable mmc command and legacy images")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This function does not behave as expected when unknown escape sequences
are sent to it:
- it fails to store (and thus echo) the last character of the invalid
sequence
- it fails to set esc_len to 0 when it finishes emitting the invalid
sequence, meaning that the following character will appear to be part
of a new escape sequence
- it processes the first character of the rejected sequence as a valid
character, just starting the sequence all over again
The last two bugs conspire to produce an "impossible condition #876"
message which is the main symptom of this behaviour.
Fix these bugs and add a test to verify the behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>