VHV_Enable GPIO is required to enable during eFuse programming on Armada
SoCs not from 3700 family. Add support for enabling and disabling VHV pin
via GPIO during eFuse programming, when specified.
All details are in Marvell AN-389: ARMADA VHV Power document
(Doc. No. MV-S302545-00 Rev. C, August 2, 2016).
Note that due to HW Errata 3.6 eFuse erroneous burning (Ref #: HWE-3718342)
VHV power must be disabled while core voltage is off to prevent erroneous
eFuse programming.
This is specified in Marvell ARMADA 380/385/388 Functional Errata,
Guidelines, and Restrictions document
(Doc. No. MV-S501377-00 Rev. D, December 1, 2016).
Signed-off-by: Pali Rohár <pali@kernel.org>
This patch implements LD eFuse programming support. Armada 385 contains two
LD eFuse lines, each is 256 bit long with one additional lock bit. LD 0
line is mapped to U-Boot fuse bank 64 and LD 1 line to fuse bank 65. U-Boot
32-bit fuse words 0-8 are mapped to LD eFuse line bits 0-255. U-Boot fuse
word 9 is mapped to LD eFuse line lock bit.
So to program LD 1 General Purpose Data line, use U-Boot fuse command:
=> fuse prog -y 65 0 0x76543210
=> fuse prog -y 65 1 0xfedcba98
=> fuse prog -y 65 2 0x76543210
=> fuse prog -y 65 3 0xfedcba98
=> fuse prog -y 65 4 0x76543210
=> fuse prog -y 65 5 0xfedcba98
=> fuse prog -y 65 6 0x76543210
=> fuse prog -y 65 7 0xfedcba98
=> fuse prog -y 65 8 0x1
Signed-off-by: Pali Rohár <pali@kernel.org>
Armada 385 contains 64 lines of HD eFuse and 2 lines of LD eFuse. HD eFuse
is used for secure boot and each line is 64 bits long + 1 lock bit. LD
eFuse lines are 256 bits long + 1 lock bit. LD 0 line is reserved for
Marvell Internal Use and LD 1 line is for General Purpose Data. U-Boot
already contains HD eFuse reading and programming support.
This patch implements LD eFuse reading support. LD 0 line is mapped to
U-Boot fuse bank 64 and LD 1 line to fuse bank 65.
LD 0 Marvell Internal Use line seems that was burned in factory with some
data and can be read by U-Boot fuse command:
=> fuse read 64 0 9
LD 1 General Purpose Data line is by default empty and can be read by
U-Boot fuse command:
=> fuse read 65 0 9
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
The patch implements secure booting for the mvebu architecture.
This includes:
- The addition of secure headers and all needed signatures and keys in
mkimage
- Commands capable of writing the board's efuses to both write the
needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
commands to write the efuses
The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
