Add DEK encapsulation support for imx8. The DEK blob is generated by the
SECO through the SCFW API.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Calling ahab_close cmd force the user to interact for confirmation.
This is not user-friendly when using this cmd during factory process.
Allow the user to pass '-y' option to bypass this confirmation.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Oliver Graute <oliver.graute@kococonnector.com>
Introduce weak function board_mem_get_layout() which allows overriding
the memory layout from board code in runtime, useful for handling
different SKU versions.
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Signed-off-by: Igor Opaniuk <igor.opaniuk@toradex.com>
Reviewed-by: Oleksandr Suvorov <oleksandr.suvorov@toradex.com>
This commit adds initial support for the Toradex Apalis iMX8X 2GB WB
IT V1.1A System on Module support [1].
Boot log:
U-Boot 2020.10-02940-g894aebb7e8-dirty (Oct 22 2020 - 09:43:57 +0300)
CPU: NXP i.MX8QXP RevB A35 at 1200 MHz at 30C
DRAM: 2 GiB
MMC: FSL_SDHC: 0, FSL_SDHC: 1
Loading Environment from MMC... OK
In: serial@5a070000
Out: serial@5a070000
Err: serial@5a070000
Model: Toradex Apalis iMX8 QuadXPlus 2GB Wi-Fi / BT IT V1.1A,
Serial# 06617018
Net: eth0: ethernet@5b040000 [PRIME]
Hit any key to stop autoboot: 0
Functionality wise the following is known to be working:
- eMMC and MMC/SD card
- Ethernet (*)
- GPIOs
- I2C
Unfortunately, there is no USB functionality for the i.MX 8QXP as of
yet.
* With the SCU FW from the latest Toradex BSP 5.0.0 (SCU FW 1.5.1)
ETH PHY encounters bring up problems after reset, this will be fixed
soon on SCU FW side.
[1] https://www.toradex.com/computer-on-modules/apalis-arm-family/nxp-imx-8x
Signed-off-by: Igor Opaniuk <igor.opaniuk@toradex.com>
Acked-by: Oleksandr Suvorov <oleksandr.suvorov@toradex.com>
Fix the following warning:
arch/arm/mach-imx/imx8/ahab.c:105:3: warning: implicit declaration of function ‘flush_dcache_range’ [-Wimplicit-function-declaration]
flush_dcache_range(s, e);
^~~~~~~~~~~~~~~~~~
Include cpu_func.h header which declares the flush_dcache_range()
function.
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
arch/arm/mach-imx/imx8/ahab.c: In function ‘authenticate_os_container’:
arch/arm/mach-imx/imx8/ahab.c:96:9: warning: format ‘%x’ expects argument of type
‘unsigned int’, but argument 9 has type ‘ulong {aka long unsigned int}’ [-Wformat=]
debug("img %d, dst 0x%x, src 0x%x, size 0x%x\n",
Fix those by using "%lu" specified.
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
arch/arm/mach-imx/imx8/ahab.c:110:63: warning: format ‘%x’ expects
argument of type ‘unsigned int’, but argument 2 has type ‘u64 {aka long
long unsigned int}’ [-Wformat=]
Fix those by using %llx
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: uboot-imx <uboot-imx@nxp.com>
The Linux coding style guide (Documentation/process/coding-style.rst)
clearly says:
It's a **mistake** to use typedef for structures and pointers.
Besides, using typedef for structures is annoying when you try to make
headers self-contained.
Let's say you have the following function declaration in a header:
void foo(bd_t *bd);
This is not self-contained since bd_t is not defined.
To tell the compiler what 'bd_t' is, you need to include <asm/u-boot.h>
#include <asm/u-boot.h>
void foo(bd_t *bd);
Then, the include direcective pulls in more bloat needlessly.
If you use 'struct bd_info' instead, it is enough to put a forward
declaration as follows:
struct bd_info;
void foo(struct bd_info *bd);
Right, typedef'ing bd_t is a mistake.
I used coccinelle to generate this commit.
The semantic patch that makes this change is as follows:
<smpl>
@@
typedef bd_t;
@@
-bd_t
+struct bd_info
</smpl>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this header out of the common header. Network support is used in
quite a few places but it still does not warrant blanket inclusion.
Note that this net.h header itself has quite a lot in it. It could be
split into the driver-mode support, functions, structures, checksumming,
etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
When we create software partition, we still need let parent
partition to configure sid, so move the check after sid failed.
Acked-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add code to check m4 partition booted or not, we will use this
to runtime set device tree file that passed to Linux Kernel.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
For fspi build, we will enable both SPL NOR support and SPL SPI
support. SPL will dynamically check the resource owner then
select corresponding boot device.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
When doing partition reboot, the boot image won't be reloaded by ROM,
it is just CPU reset to boot entry. The SW has to keep the boot image
inside the RAM unchanged. It includes both the TEXT section and DATA
section.
For SPL, the problem is DATA section will be updated at runtime, so in
next partition reboot the data is not same as the initial value from
cold boot. If any code depends on the initial value, then it will have
problem.
This patch introduces a mechanism to recover the data section
for partition reboot. It adds a new section in image for saving
data section. When from cold boot, the data section will be saved
to that new section at SPL early phase. When from partition reboot,
the data section will be restored from the new section.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
When Trusty OS allocates the mem region from 0xfe0000000-0xffffffff,
the get_effective_memsize does not return correct memory size.
There is a check in get_effective_memsize to find the memreg where
the u-boot is running, and return the size of that memreg as the result
of get_effective_memsize. When using aligned start, the value is
0x80200000 since it is 2MB aligned. Thus the finding of memreg will
fail and return the PHYS_SDRAM_1_SIZE because u-boot text base is
0x80020000. This cause u-boot is relocated to the high memory where has
been occupied by Trusty OS.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The DDR memory from 0x88000000 to 0x8FFFFFFF is assigned to M4 on
QM and QXP. The M4 can allocate this memory by two ways,
in SCD or u-boot.
In this patch, u-boot addes the memory reserve node to DTB to pass
the info to kernel, no matter the M4 memory is reserved in SCD
or u-boot. So kernel won't access M4 reserved memory.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
We are currently using SC_R_LAST as a marker for imx8 power domain tree
nodes without a resource attached. This value is compiled into dtb as
part of the linux build and used by uboot.
The SC_R_LAST constant changes frequently as SCFW resources are added
(by design) and every time we need to update linux and uboot headers
together or boot can fail.
Fix this by replacing SC_R_LAST usage with a new constant SC_R_NONE
defined to be 0xFFF0.
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Leonard Crestez <leonard.crestez@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add a module to configure the tamper and secure violation of
the SNVS using the SCU API.
The module also adds some commands:
- snvs_cfg: Configure the SNVS HP and LP registers
- snvs_dgo_cfg: Configure the SNVS DGO bloc if present (8QXP)
- tamper_pin_cfg: Change the configuration of the tamper pins
- snvs_clear_status: Allow to write to LPSR and LPTDSR to clear
status bits
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
In SPL build, the formatting '%llx' in debug() is not supported.
Also, fix some misplaced parameters in printf.
Modified from Seb Fagard's downstream patch
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
In SPL build, the formatting '%llx' in debug() is not supported.
Also, fix some misplaced parameters in printf.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Seb Fagard <sebastien.fagard@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Latest SCFW has removed old MISC SECO commands. So update the codes
to use new SECO commands.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
parameter 'end address' must be inclusive of address range.
Modified from Seb's downstream patch.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Move the SIP macro to common header and unify the name to
make others could reuse them.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The call to spl_mmc_get_uboot_raw_sector() completely ignores and
overwrites the raw_sect value passed from the caller of spl_mmc_load().
Fix this by passing raw_sect to the function and returning the same
value in the default case.
Signed-off-by: Faiz Abbas <faiz_abbas@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
These functions belong in cpu_func.h. Another option would be cache.h
but that code uses driver model and we have not moved these cache
functions to use driver model. Since they are CPU-related it seems
reasonable to put them here.
Move them over.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Borrow ID reading code from Ye Li (NXP U-Boot, commit ID 5b443e3e2617)
but drop imx-mkimage commit ID reading since we now use in tree mkimage.
Signed-off-by: Anatolij Gustschin <agust@denx.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Add function and new command "auth_cntr" for secure boot support.
When booting with life cycle set to OEM closed, we need to use
this function to authenticate the OS container and load kernel & FDT
from OS container to their destination.
Also add image authentication call when loading container images.
Users can set CONFIG_AHAB_BOOT=y to enable the feature. It is not
set at default.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
To avoid hardcoded offset when adding u-boot.cnt to flash.bin, we use
flexible offset which is calculated based on the size of the container
image generated int the first stage. And pad u-boot.cnt at 1KB
alignment.
So add code to get the offset when SPL loading u-boot.cnt.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add OP-TEE device tree node for Linux according to args passed from ATF.
If ATF has been built with OP-TEE running, boot_pointer[1] will indicate
that.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
On i.MX8QM, sid is programmable, so we could program sid according the
value encoded in device tree.
This patch support legacy bindings which are still being used by XEN
and new bindings used by Linux Kernel.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
When resource is not assigned to non-secure Linux, if linux continue
to use the node, linux may crash or hang. So need to set the node
status to disabled for not owned resources.
The resource id is in the power-domains property in device tree,
so parse the power-domains property to get the resource id and
use scfw api to check whether it is owned by current partition.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Since SCU MU driver has been bound in dm_init, so we don't need to
bind it again. Just replace by using uclass function to probe it.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
To support SPL loading container file, add a new Makefile target,
and introduce a new Kconfig file to source the cfg file which
will be parsed by mkimage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>