Commit graph

8 commits

Author SHA1 Message Date
Andrew Davis
1a1d48e36a configs: Make TI_SECURE_DEVICE default for K3
All K3 boards now are secure by default, instead of setting this in each
defconfig, make it implied by the ARCH config.

The only exception is IOT2050, which I do not believe will have any
problems with being a TI_SECURE_DEVICE, but for now turn it off to keep
its config the same.

Signed-off-by: Andrew Davis <afd@ti.com>
Tested-by: Tom Rini <trini@konsulko.com>
2023-10-11 13:22:32 -04:00
Simon Glass
82e26e0d68 spl: Use CONFIG_SPL... instead of CONFIG_..._SPL_...
We like to put the SPL first so it is clear that it relates to SPL. Rename
various malloc-related options which have crept in, to stick to this
convention.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Reviewed-by: Martyn Welch <martyn.welch@collabora.com>
Reviewed-by: Svyatoslav Ryhel <clamor95@gmail.com>
2023-10-06 14:38:11 -04:00
Tom Rini
c960c0fd38 configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-05-01 11:50:26 -04:00
Bryan Brattlof
411faba7c7 configs: am62ax: enable secure device configs by default
TI's security enforcing SoCs will authenticate each binary it loads by
comparing it's signature with keys etched into the SoC during the boot
up process. The am62ax family of SoCs by default will have some level of
security enforcement checking. To keep things as simple as possible,
enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of
secure SoCs will work out of the box

Enable the CONFIG_TI_SECURE_DEVICE by default

Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Kamlesh Gurudasani <kamlesh@ti.com>
2023-03-29 13:30:29 -04:00
Tom Rini
fcb5117da8 configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-02-17 09:58:06 -05:00
Bryan Brattlof
940b7128c9 configs: am62a: move stack and heap to HSM RAM
Texas Instruments has begun enabling security setting on the SoCs they
produce to instruct ROM and TIFS to begin protecting the Security
Management Subsystem (SMS) from other binaries we load into the chip by
default.

One way ROM does this is by enabling firewalls to protect the OCSRAM
region it's using during bootup. Only after TIFS has started (and had
time to disable the OCSRAM firewall region) will we have write access to
the region.

This means we will need to move the stack & heap from OCSRAM to HSM RAM
and reduce the size of BSS and the SPL to allow it to fit properly.

Signed-off-by: Bryan Brattlof <bb@ti.com>
2023-01-10 15:39:07 -05:00
Bryan Brattlof
d12561211d configs: restrict am62ax wakup SPL size
In its current form, the am62a's wakeup SPL is fairly small, however
this will not remain as more boot modes are eventually added. To protect
us from overflowing our ~256k of HSM SRAM, add limits and check during
the wakeup SPL build.

Signed-off-by: Bryan Brattlof <bb@ti.com>
2023-01-10 15:39:07 -05:00
Bryan Brattlof
719bd650c3 configs: introduce configs for the am62a
Introduce the minimum configs, only SD-MMC and UART boot related
settings, to serve as a good starting point for the am62a as we add more
functionality.

Signed-off-by: Bryan Brattlof <bb@ti.com>
[trini: Disable CONFIG_NET as it's not used, in both platforms]
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-12-09 14:12:28 -05:00