The M.2 slots of the related IOT2050 variant need to be configured
according to the plugged cards. This tries to detect the card using the
M.2 configuration pins of the B-key slot. If that fails, a U-Boot
environment variable can be set to configure manually. This variable is
write-permitted also in secure boot mode as it is not able to undermine
the integrity of the booted system.
The configuration is then applied to mux the serdes and to fix up the
device tree passed to or loaded by the bootloader. The fix-ups are
coming from device tree overlays that are embedded into the firmware
image and there also integrity protected. The OS remains free to load
a device tree to which they do not apply: U-Boot will not fail to boot
in that case.
Based on original patch by Chao Zeng.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Add support for the M.2 board based on the iot2050 advanced board.
The board has two m.2 connectors, one is B-keyed, the other E-keyed.
The B-key slot can connect 5G/SSD devices, and E-key can be used for
WIFI/BT devices.
This variant is covered by PG2 firmware image.
Signed-off-by: chao zeng <chao.zeng@siemens.com>
[Jan: align DT to kernel, polish wording]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Use external blob otpcmd.bin to replace the 0xff filled OTP programming
command block to create a firmware image that provisions the OTP on
first boot. This otpcmd.bin is generated from the customer keys using
steps described in the meta-iot2050 integration layer for the device.
Based on original patch by Baocheng Su.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
There are many ways to get a signed firmware for the IOT2050 devices,
namely for the parts under user-control. This script documents one way
of doing it, given a signing key. Augment the board documentation with
the required procedure around it.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The latest version of the binary-only firmware parts come in a combined
form of FSBL and sysfw containers. This implies some layout changes to
the generated firmware image but also makes handling of artifacts much
simpler (4 files less). The env locations will not change, just the
space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of
space left in practice.
Adjust configuration and documentation accordingly.
Along this change, add a new reservation for update commands of the
user-controlled OTP part. A specific userspace tool will fill it, and
the FSBL will evaluate it during boot. This reservation will use 64K of
the former sysfw section.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Due to different signature keys, the PG1 and the PG2 boards can no
longer use the same FSBL (tiboot3). This makes it impossible anyway to
maintaine a single flash.bin for both variants, so we can also split the
build.
A new target is added to indicates the build is for PG1 vs. PG2 boards.
Hence now the variants have separated defconfig files.
The runtime board_is_sr1() check does make no sense anymore, so remove
it and replace with build time check.
Documentation is updated accordingly. New binary artifacts are already
available via meta-iot2050.
Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
[Jan: refactor config option into targets, tweak some wordings]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This adds support for the IOT2050 Basic and Advanced devices. The Basic
used the dual-core AM6528 GP processor, the Advanced one the AM6548 HS
quad-core version.
Both variants are booted via a Siemens-provided FSBL that runs on the R5
cores. Consequently, U-Boot support is targeting the A53 cores. U-Boot
SPL, ATF and TEE have to reside in SPI flash.
Full integration into a bootable image can be found on
https://github.com/siemens/meta-iot2050
Based on original board support by Le Jin, Gao Nian and Chao Zeng.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
