For validating images from uboot (Such as Kernel Image), either keys
from SoC fuses can be used or keys from a verified table of public
keys can be used. The latter feature is called IE Key Extension
Feature.
For Layerscape Chasis 3 based platforms, IE table is validated by
Bootrom and address of this table is written in scratch registers 13
and 14 via PBI commands.
Following are the steps describing usage of this feature:
1) Verify IE Table in ISBC phase using keys stored in fuses.
2) Install IE table. (To be used across verification of multiple
images stored in a static global structure.)
3) Use keys from IE table, to verify further images.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
VID support in NXP layerscape Chassis-3 (lsch3) compilant SoCs like
LS2088A, LS2080A differs from existing logic.
-VDD voltage array is different
-Registers are different
-VDD calculation logic is different
Add new function adjust_vdd() for LSCH3 compliant SoCs
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Signed-off-by: Arpit Goel <arpit.goel@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In some cases this is absolutely required, so select this for some secure
features. This also requires migration of RSA_FREESCALE_EXP
Cc: Ruchika Gupta <ruchika.gupta@nxp.com>
Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Saksham Jain <saksham.jain@nxp.freescale.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Introduce board/freescale/common/Kconfig so that we have a single place
for CONFIG options that are shared between ARM and PowerPC NXP platforms.
Cc: York Sun <york.sun@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
With entry_point now being an unsigned long we need to adapt the last
two debug prints to use %lX not %X.
Fixes: 11e1479b9e ("SPL: make struct spl_image 64-bit safe")
Signed-off-by: Tom Rini <trini@konsulko.com>
At present there are two SPI functions only used by freescale which are
defined in the spi_flash.h header. One function name matches an existing
generic SPL function.
Move these into a private header to avoid confusion.
Arcturus looks like it does not actually support SPI, so drop the SPI code
from that board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Update the API's for transition of Security Monitor states. Instead
of providing both initial and final states for transition, just
provide final state for transition as Security Monitor driver will
take care of it internally.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
[York Sun: Reformatted commit message slightly]
Reviewed-by: York Sun <york.sun@nxp.com>
LS1046AQDS Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 128 Mbyte NOR flash single-chip memory
* 512 Mbyte NAND flash
* 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe: supports Gen 1 and Gen 2
SATA 3.0: one SATA 3.0 port
USB 3.0: two micro AB connector and one type A connector
UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Shaohui Xie <Shaohui.Xie@nxp.com>
Signed-off-by: Mingkai Hu <mingkai.hu@nxp.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The deep sleep function of LS1 platform, is mapped into PSCI system
suspend function, this patch adds implementation of it.
Signed-off-by: Hongbo Zhang <hongbo.zhang@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Add this API to make the individual device is able to be set to
the specified permission.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Override jump_to_image_no_args function to include validation of
u-boot image using spl_validate_uboot before jumping to u-boot image.
Also define macros in SPL framework to enable crypto operations.
Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.
Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
Add QIXIS_LBMAP_BRDCFG_REG to the save offset of LBMAP
configuration register instead of hardcoding it in
set_lbmap() function.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Check if qixis supports memory-mapped read/write
before compiling IFC based qixis read/write functions.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
LS102A ref manual dictates that ICID have to be written to the MSB
of the ICID register, not to the LSB.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Mix usage of uint32_t and u32 fixed in favor of u32.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Reviewed-by: York Sun <york.sun@nxp.com>
On the LS102x boards, in order to initialize the ICID values of
masters, the dev_stream_id array holds absolute offsets from the
base of SCFG.
In ls102xa_config_ssmu_stream_id, the base pointer is cast to
uint32_t * before adding the offset, leading to an invalid address.
Casting it to void * solves the issue.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Reviewed-by: York Sun <york.sun@nxp.com>
This patch enable VID support for ls2080ardb platform.
It uses the common VID driver.
Signed-off-by: Rai Harninder <harninder.rai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Use a pointer to pass image address to fsl_secboot_validate(),
instead of using environmental variable "img_addr".
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In case of fatal failure during secure boot execution (e.g. header
not found), reset is asserted to stop execution. If the RESET_REQ
is not tied to HRESET, this allows the execution to continue.
Add esbh_halt() after the reset to make sure execution stops.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
For secure boot, a header is used to identify key table, signature
and image address. A new header structure is added for lsch3.
Currently key extension (IE) feature is not supported. Single key
feature is not supported. Keys must be in table format. Hence, SRK
(key table) must be present. Max key number has increase from 4 to
8. The 8th key is irrevocable. A new barker Code is used.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
IR chip is on one of the channels on multiplexed I2C-bus.
Reset to default channel after accessing.
Signed-off-by: Wenbin Song <wenbin.song@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
As the QE firmware struct is shared with Fman, move the header file
out of drivers/qe/.
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In case of error while executing esbc_validate command, SNVS
transition and issue of reset is required only for secure-boot.
If boot mode is non-secure, this is not required.
Similarly, esbc_halt command which puts the core in Spin Loop
is applicable only for Secure Boot.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043).
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
bootdelay = 0 (To disable Boot Prompt)
bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The fuse status register provides the values from on-chip
voltage ID efuses programmed at the factory. These values
define the voltage requirements for the chip. u-boot reads
FUSESR and translates the values into the appropriate
commands to set the voltage output value of an external
voltage regulator.
Signed-off-by: Ying Zhang <b40530@freescale.com>
Reviewed-by: York Sun <york.sun@nxp.com>