Document SRC_GPR10 PERSIST_SECONDARY_BOOT functionality. This is useful for
reliable bootloader A/B updates, as it permits switching between two copies
of bootloader at different offsets of the same storage. The switch happens
in case one copy is corrupted OR can be enforced by user. This functionality
is present at least since i.MX53, however is poorly documented in all known
SoC datasheets, hence this document aims to clarify the usage, currently on
i.MX7D and i.MX8MM.
Signed-off-by: Marek Vasut <marex@denx.de> # Original MX7D work, this document
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io> # All the MX8M work
Cc: Christoph Niedermaier <cniedermaier@dh-electronics.de>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Harald Seiler <hws@denx.de>
Cc: Igor Opaniuk <igor.opaniuk@foundries.io>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Ludwig Zenz <lzenz@dh-electronics.com>
Cc: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Ye Li <ye.li@nxp.com>
Cc: uboot-imx <uboot-imx@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
When booting in low power or dual boot modes the M4 binary is
authenticated by the M4 ROM code.
Add an option in hab_status command so users can retrieve M4 HAB
failure and warning events.
=> hab_status m4
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
No HAB Events Found!
Add command documentation in mx6_mx7_secure_boot.txt guide.
As HAB M4 API cannot be called from A7 core the code is parsing
the M4 HAB persistent memory region. The HAB persistent memory
stores HAB events, public keys and others HAB related information.
The HAB persistent memory region addresses and sizes can be found
in AN12263 "HABv4 RVT Guidelines and Recommendations".
Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
This construct is quite long-winded. In earlier days it made some sense
since auto-allocation was a strange concept. But with driver model now
used pretty universally, we can shorten this to 'auto'. This reduces
verbosity and makes it easier to read.
Coincidentally it also ensures that every declaration is on one line,
thus making dtoc's job easier.
Signed-off-by: Simon Glass <sjg@chromium.org>
CCF clocks should always use the struct clock passed to their methods for
extracting the driver-specific clock information struct. Previously, many
functions would use the clk->dev->priv if the device was bound. This could
cause problems with composite clocks. The individual clocks in a composite
clock did not have the ->dev field filled in. This was fine, because the
device-specific clock information would be used. However, since there was
no ->dev, there was no way to get the parent clock. This caused the
recalc_rate method of the CCF divider clock to fail. One option would be to
use the clk->priv field to get the composite clock and from there get the
appropriate parent device. However, this would tie the implementation to
the composite clock. In general, different devices should not rely on the
contents of ->priv from another device.
The simple solution to this problem is to just always use the supplied
struct clock. The composite clock now fills in the ->dev pointer of its
child clocks. This allows child clocks to make calls like clk_get_parent()
without issue.
imx avoided the above problem by using a custom get_rate function with
composite clocks.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Acked-by: Lukasz Majewski <lukma@denx.de>
Add AHAB encrypted boot documentation for i.MX8/8x family devices
covering the following topics:
- How to encrypt and sign the 2nd container in flash.bin image.
- How to encrypt and sign a standalone container image.
Include a CSF example to encrypt 2nd container in flash.bin image.
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Catia Han <yaqian.han@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Update reference in many files detected by
scripts/documentation-file-ref-check
README.imximage => imx/mkimage/imximage.txt
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
CONFIG_SECURE_BOOT is too generic and forbids to use it for cross
architecture purposes. If Secure Boot is required for imx, this means to
enable and use the HAB processor in the soc.
Signed-off-by: Stefano Babic <sbabic@denx.de>
This patch describes the design decisions considerations and taken approach
for porting in a separate documentation entry.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
The secure_boot.txt guide was replaced by mx6_mx7_secure_boot.txt and
mx6_mx7_spl_secure_boot.txt documents.
Both documents covers all steps needed for SPL and non-SPL tagets,
so remove secure_boot.txt file to avoid duplicated content.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
All guides are currently located at doc/imx/habv4/guides/ directory.
Move encrypted_boot.txt document to guides directory.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
The current U-Boot implementation includes SPL targets for
some NXP development boards:
- mx6sabreauto_defconfig
- mx6sabresd_defconfig
- mx6ul_14x14_evk_defconfig
- mx6ul_9x9_evk_defconfig
Add additional steps needed to completly secure the
bootloader image.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Add HABv4 documentation for non-SPL targets covering the
following topics:
- How to sign an securely boot an u-boot-dtb.imx image.
- How to extend the root of trust for additional boot images.
- Add 3 CSF examples.
- Add IVT generation script example.
Reviewed-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
The HABv4 is supported in i.MX50, i.MX53, i.MX6, i.MX7,
series and i.MX 8M, i.MX8MM devices.
Add an introductory document containing the following topics:
- HABv4 Introduction
- HABv4 Secure Boot
- HABv4 Encrypted Boot
- HAB PKI tree generation
- HAB Fast Authentication PKI tree generation
- SRK Table and SRK Hash generation
Reviewed-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
There is no need to have an extra hab directory under doc/imx/.
Habv4 and AHAB documentation can be added directly in doc/imx/ for a
cleaner documentation structure.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
There is no need to have README in all i.MX documents name.
Remove README from i.MX docs name and add .txt file extension.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
The Serial Download Protocol feature is availible in various
i.MX SoCs.
Move README.sdp document to imx/misc directory.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
The current High Assurance Boot document README.mxc_hab
include details for the following features in a single file:
- HAB Secure Boot
- HAB Encrypted Boot
Split HAB documentation in a specific directory for a cleaner
documentation structure, subsequent patches will include more
content in HAB documentation.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
The following documents describe device details according to the
i.MX family:
- README.imx25
- README.imx27
- README.imx5
- README.imx6
- README.mxs
Move all device common related document to doc/imx/common for a better
directory structure.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
The following documents describe the image type used by the mkimage
tool to generate U-Boot images for i.MX devices.
- README.imximage
- README.mxsimage
Move all mkimage related document to doc/imx/mkimage for a better
directory structure.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Currently the Serial Download Protocol tools and procedure are
documented in two places:
- doc/imx/README.sdp
- doc/imx/README.imx6
It is better to consolidate all SDP related information into
README.sdp file, so move the content from README.imx6 to
README.sdp.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Currently the U-Boot doc/ directory contains the following files
that are only relevant for i.MX devices:
- doc/README.imx25
- doc/README.imx27
- doc/README.imx5
- doc/README.imx6
- doc/README.imximage
- doc/README.mxc_hab
- doc/README.mxs
- doc/README.mxsimage
- doc/README.sdp
Move all content to a common i.MX folder for a better documentation
structure.
Signed-off-by: Breno Lima <breno.lima@nxp.com>