With U-Boot having access to ROM API call table, it is possible to use
the ROM API call it authenticate e.g. signed kernel fitImages using the
BootROM ECDSA support. Make this available by pulling the ECDSA BootROM
call support from SPL-only guard.
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Marek Vasut <marex@denx.de>
Introduce the code in mach-stm32mp and the configuration file
stm32mp13_defconfig for the new STM32MP family.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add config CONFIG_STM32MP15_PWR to handle the
access to regulators managed by the PWR driver defined in
pwr_regulator.c
This driver is only used in U-Boot by STM32MP15x family.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Move code and defines only needed for CONFIG_STM32MP15x in stm32mp15x.c
when low level init without TFABOOT is supported.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The STM32MP ROM provides several service. One of them is the ability
to verify ecdsa256 signatures. Hook the ROM API into the ECDSA uclass.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
The purpose of this change is to allow configuring TrustZone (TZC)
memory permissions. For example, OP-TEE expects TZC regions to be
configured in a very particular way. The API presented here is
intended to allow exactly that.
UCLASS support is not implemented, because it would not be too useful.
Changing TZC permissions needs to be done with care, so as not to cut
off access to memory we are currently using. One place where we can
use this is at the end of SPL, right before jumping to OP-TEE.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Add CONFIG_CMD_STM32PROG_SERIAL and CONFIG_CMD_STM32PROG_USB to
independently select the support of UART or USB communication for
STM32CubeProgrammer.
For serial boot over UART, user can deactivate CONFIG_CMD_STM32PROG_SERIAL
to use U-Boot console of binary loaded by UART (for board bring-up for
example).
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add the bsec driver in SPL, as it is needed by SOC part number detection
to found the supported OPP.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Add a specific command stm32prog for STM32MP soc family
witch allows to program the boot devices with the tool
STM32CubeProgrammer (http://www.st.com/STM32CubeProg).
This command uses the same UART STM32 protocol than MCU
STM32 with or USB with DFU protocol v1.1 (ithe MCU ST
extension are no supported).
The executed actions are based on a tab separated value file
with a stm32 header, the FlashLayout file
(https://wiki.st.com/stm32mpu/wiki/STM32CubeProgrammer_flashlayout).
This file is parsed by the U-Boot command to:
- initialize the devices
- create the partition table on each device
- initialize the DFU backend to access to not volatile memory
(NOR/NAND/SD/eMMC) or to virtual device (OTP/PMIC)
Up to STM32PROG_MAX_DEV (5) devices can be updated with a FlashLayout.
The communication between U-Boot and STM32CubeProgrammer is done with
the specific alternate configuration (see "AN5275: USB DFU/USART protocols
used in STM32MP1 Series bootloaders" for details).
The command stm32prog is executed when a boot from USB is detected
(selected with bootpins) and we can program the boot devices with
a simple command (on Windows or Linux):
PC $> STM32_Programmer_CLI -c port=usb1 -w flaslayout.tsv
1/ the ROM code loads TF-A in embedded RAM (DFU or uart)
2/ TF-A loads flashlayout file and U-Boot in DDR (DFU or uart)
3/ U-Boot executes the stm32prog command (DFU or uart)
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Save and use the FDT address provided by TF-A in r2 at boot time
(it is NT_FW_CONFIG = Non Trusted Firmware configuration file)
Address is saved in save_boot_params(), called by start.S
and the used DTB is gd->fdt_blob = board_fdt_blob_setup().
If dtb is not provided or invalid, U-Boot use as fallback
the builtin DTB.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
This is a generic implementation. Add CONFIG_SYSRESET_CMD_POWEROFF
to signal when we need it. Enable it from the STPMIC1 config and in
sandbox.
The config flag is transitionary, that is it can be removed after all
poweroff implementations use sysreset, and just have CMD_POWEROFF depend
on sysreset.
Signed-off-by: Urja Rannikko <urjaman@gmail.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@st.com>
Tested-by: Patrick Delaunay <patrick.delaunay@st.com>
Activate the command poweroff by default for STM32MP1:
- with PCSI from TF-A for trusted boot
- with PMIC sysreset request for basic boot (SYSRESET_POWER)
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add a MISC driver with read and write access to BSEC IP
(Boot and Security and OTP control)
- offset 0: shadowed values
- offset 0x80000000: OTP fuse box values (SAFMEM)
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
This driver binds and manages the following regulator of
SoC's PWR block :
- reg11
- reg18
- usb33
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Add PSCI v1.0 support for Linux and manage PSCI state
for each CPU (affinity 0 level) with all mandatory functions:
- PSCI_VERSION
- CPU_SUSPEND
- CPU_OFF
- CPU_ON
- AFFINITY_INFO
- SYSTEM_OFF
- SYSTEM_RESET
- PSCI_FEATURES
and 1 optional to avoid Linux warning
- MIGRATE_INFO_TYPE
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: CITOOLS <smet-aci-reviews@lists.codex.cro.st.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have multiple licenses (in
these cases, dual license) declared in the SPDX-License-Identifier tag.
In this case we change from listing "LICENSE-A LICENSE-B" or "LICENSE-A
or LICENSE-B" or "(LICENSE-A OR LICENSE-B)" to "LICENSE-A OR LICENSE-B"
as per the Linux Kernel style document. Note that parenthesis are
allowed so when they were used before we continue to use them.
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
- add new arch stm32mp for STM32 MPU/Soc based on Cortex A
- support for stm32mp157 SOC
- SPL is used as first boot stage loader
- using driver model for all the drivers, even in SPL
- all security feature are deactivated (ETZC and TZC)
- reused STM32 MCU drivers when it is possible
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>