Commit graph

259 commits

Author SHA1 Message Date
Andre Przywara
5907357322 spl: mmc: extend spl_mmc_boot_mode() to take mmc argument
Platforms can overwrite the weak definition of spl_mmc_boot_mode() to
determine where to load U-Boot proper from.
For most of them this is a trivial decision based on Kconfig variables,
but it might be desirable the probe the actual device to answer this
question.

Pass the pointer to the mmc struct to that function, so implementations
can make use of that.

Compile-tested for all users changed.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Stefano Babic <sbabic@denx.de>
Reviewed-by: Ley Foon Tan <ley.foon.tan@inte.com> (for SoCFPGA)
Acked-by: Lokesh Vutla <lokeshvutla@ti.com> (for OMAP and K3)
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-04-04 23:24:17 +01:00
Marek Vasut
b49105320a stm32mp: psci: Implement PSCI system suspend and DRAM SSR
Implement PSCI system suspend and placement of DRAM into SSR while the
CPUs are in suspend. This saves non-trivial amount of power in suspend,
on 2x W632GU6NB-15 ~710mW.

Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
2022-03-15 09:16:55 +01:00
Patrick Delaunay
2d48d99c4a stm32mp1: bsec: add missing dev in function comment
Add the missing @dev reference in some function description.

Fixes: b66bfdf238 ("arm: stm32mp: bsec: migrate trace to log macro")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-03-15 09:10:52 +01:00
Patrick Delaunay
0c20f53b3f stm32mp: bsec: add permanent lock write support
Add support of the permanent lock support in U-Boot proper
when BSEC is not managed by secure monitor (TF-A SP_MIN or OP-TEE).

This patch avoid issue with stm32key command and fuse command
on basic boot for this missing feature of U-Boot BSEC driver.

Reported-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Tested-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-03-15 09:10:52 +01:00
Patrice Chotard
22c0815eca configs: stm32mp15: Enable OF_BOARD flag
Since commit 9855034397 ("fdt: Don't call board_fdt_blob_setup()
 without OF_BOARD") board_fdt_blob_setup() is no more called on
STM32MP platforms in trusted boot which hangs during boot process.

Enable OF_BOARD flag to fix this issue.

Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2022-01-24 11:03:21 +01:00
Patrick Delaunay
94e561f84a stm32prog: add partition name in treat_partition_list error messages
Add the partition name and remove the line number in error messages
of treat_partition_list() to provide correct information to user of
STM32CubeProgrammer.

The "line number" value was confusing because it is incorrect here;
the index in  part_array[] is not aligned with the line number in
the parsed Layout file, because the empty lines and the lines beginning
by '#' are skipped during the first parsing in parse_flash_layout().

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-01-24 11:01:41 +01:00
Patrick Delaunay
5c68904fe1 stm32mp: correct the dependency for bootcount configs
Default value for CONFIG_SYS_BOOTCOUNT_SINGLEWORD and
CONFIG_SYS_BOOTCOUNT_ADDR are only needed when
CONFIG_BOOTCOUNT_GENERIC is used.

This patch avoids to define these configs when an other bootcount backend
is activated, for example for CONFIG_BOOTCOUNT_ENV.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-01-24 10:56:45 +01:00
Patrick Delaunay
d5e8119bae stm32mp: remove the bootcount activation
Today the bootcount is not managed by the Linux kernel for STM32MP15 as
we don't have driver to update the used backup register in TAMP and the
recovery command still executes the normal bootcmd with
'altbootcmd=run bootcmd'.

So the bootcount feature is never used, the config CONFIG_BOOTCOUNT_LIMIT
and the associated environment variable 'altbootcmd' can be removed to
reduce the U-Boot size.

Each boards can re-enable this feature later in their defconfig, if it is
needed, with the expected backend, for example CONFIG_BOOTCOUNT_GENERIC
or CONFIG_BOOTCOUNT_ENV.

CC: Marek Vasut <marex@denx.de>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-01-24 10:56:45 +01:00
Marek Vasut
757c8387be arm: stm32mp: Fix USB boot device report
In case the SoC reports the boot device type is USB, it means the SPL was
loaded via BootROM DFU mode. Currently the spl_boot_device() returns boot
device as USB host, change it to DFU instead, so the SPL can continue the
DFU boot and load U-Boot via DFU.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2022-01-24 10:52:49 +01:00
Simon Glass
d3877fba31 Convert CONFIG_BOOTP_SERVERIP to Kconfig
This converts the following to Kconfig:
   CONFIG_BOOTP_SERVERIP

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-21 14:01:35 -05:00
Heinrich Schuchardt
185f812c41 doc: replace @return by Return:
Sphinx expects Return: and not @return to indicate a return value.

find . -name '*.c' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

find . -name '*.h' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-19 18:11:34 +01:00
Patrick Delaunay
c8b2eef52b stm32mp15: tidy up #ifdefs in cpu.c
We should avoid #ifdef in C modules and the unused functions
are eliminated by the linker.

Use the more readable IS_ENABLE() instead.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-11-10 17:07:31 +01:00
Patrick Delaunay
f42045b2e7 stm32mp15: replace CONFIG_TFABOOT when it is possible
In some part of STM32MP15 support the CONFIG_TFABOOT can be replaced
by other config: CONFIG_ARMV7_PSCI and CONFIG_ARM_SMCCC.

This patch also simplifies the code in cpu.c, stm32mp1_ram.c and
clk_stml32mp1.c as execution of U-Boot in sysram (boot without SPL and
without TFA) is not supported: the associated initialization code is
present only in SPL.

This cleanup patch is a preliminary step to support SPL load of OP-TEE
in secure world, with SPL in secure world and U-Boot in no-secure world.

Reported-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-11-10 17:07:31 +01:00
Patrick Delaunay
17aeb589fa stm32mp15: remove configs dependency on CONFIG_TFABOOT
Remove the dependency on CONFIG_TFABOOT in stm32mp Kconfig
- always activate the ARCH config: CONFIG_ARCH_SUPPORT_PSCI
  and CONFIG_CPU_V7_HAS_NONSEC
- CONFIG_ARMV7_NONSEC is deactivated in trusted defconfig
- the correct sysreset driver is activated in each defconfig:
  CONFIG_SYSRESET_PSCI or SYSRESET_SYSCON

Reported-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-11-10 17:07:30 +01:00
Patrick Delaunay
9788708f03 arm: stm32mp: bsec: Update OTP shadow registers in SPL
Currently the upper OTP (after 57) are shadowed in U-Boot proper,
when TFABOOT is not used.

This choice cause an issue when U-Boot is not executed after SPL,
so this BSEC initialization is moved in SPL and no more executed in U-Boot,
so it is still executed only one time.

After this patch this BSEC initialization is done in FSBL: SPL or TF-A.

To force this initialization in all the case, the probe of the BSEC
driver is forced in SPL in the arch st32mp function: spl_board_init().

Even if today BSEC driver is already probed in STM32MP15x clock driver
clk_stm32mp1.c because get_cpu_type() is called in
stm32mp1_get_max_opp_freq() function.

Reported-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-11-10 17:06:51 +01:00
Patrick Delaunay
56a368f661 gpio: stm32: create include file for driver private data
The stm32 gpio driver private data are not needed in arch include files,
they are not used by code except for stm32 gpio and pincontrol drivers,
using the same IP; the defines for this IP is moved in a new file
"stm32_gpio_priv.h" in driver/gpio.

This patch avoids to have duplicated file gpio.h for each SOC
in MPU directory mach-stm32mp and in each MCU directory arch-stm32*
and allows to remove CONFIG_GPIO_EXTRA_HEADER for all STM32.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-11-10 17:03:36 +01:00
Patrick Delaunay
5564b4cd4d stm32mp: add binman support for STM32MP15x
Use binman to add the stm32image header on SPL binary for basic boot
or on U-Boot binary when it is required, i.e. for TF-A boot without FIP
support, when CONFIG_STM32MP15x_STM32IMAGE is activated.

The "binman" tool is the recommended tool for specific image generation.
This patch allows to suppress the config.mk file and it is a preliminary
step to manage FIT generation with binman.

The init_r parsing of U-Boot device tree to search the binman
information is not required for STM32MP15, so the binman library
can be removed in U-Boot (CONFIG_BINMAN_FDT is deactivated).

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-11-10 15:12:16 +01:00
William Grant
3067971aa9 stm32mp: stm32prog: Normalise newlines
The missing trailing newline could confuse check-config.sh if the
definition of an option was on the first line of the next file that
find(1) happened to return.

Signed-off-by: William Grant <wgrant@ubuntu.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-11-10 15:11:15 +01:00
Ilias Apalodimas
e7fb789612 sandbox: Remove OF_HOSTFILE
OF_HOSTFILE is used on sandbox configs only.  Although it's pretty
unique and not causing any confusions,  we are better of having simpler
config options for the DTB.

So let's replace that with the existing OF_BOARD.  U-Boot would then
have only three config options for the DTB origin.
- OF_SEPARATE, build separately from U-Boot
- OF_BOARD, board specific way of providing the DTB
- OF_EMBED embedded in the u-boot binary(should not be used in production

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-27 16:38:26 -04:00
Patrick Delaunay
4f53ac2adb tee: add a stub for tee_find_device
Add stub for tee_find_device function when CONFIG_TEE is not activated
to simplify the caller code.

This patch allows to remove the CONFIG_IS_ENABLED(OPTEE) tests
for stm32 platform.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@inaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-05 08:44:48 -04:00
Tom Rini
6674edaabf Prepare v2021.10-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmFBKRgACgkQFHw5/5Y0
 tyw/PwwAtGB3rBeYW4rjWuMC5WP1UDTnvZIAok5ImWumWDahjDm8Yq2VCzAe9adw
 EYBjuNmaNl9aQvGVqlVJeIcLku5MLuLQu2za8vhc1R8X9VTPPY+LLTcdOokOmB8y
 8JiaE7fJsb1bZeV+diF9tss3B0IkUrwSJtW1d+qfdz/4UiRvwK5BhnZgzIobDldO
 g1Ldz/xiR2GOAXlUMwDrNAi6qNvmeAqRsQxySVrjltAV2ST7LJnOiHuWvJX6g6VS
 l796Hleh/kULfEW6n+1ZaTNqvVRcJ8xYSOG8w8y9u6HuPBA3JrYH1p1Eo5n7PPDv
 US71Iy/ncweTyfTMEBThWLqjHOQ05sVkWX/r4fj2iJRli+Og53lE1fVJ4ajIx7vz
 Tc76wI43i0I5lr2yTErjUG6EzDDoueqd+c8BwxihNLUK/+QG31xoCEMfC80C25ro
 QhYVFgiPWN0ySUD5M5tbGXODvfNNIDKXpY5oSOTVtemZtDEMpO2zBM1s/K3RV7Ud
 Je9Pj0Cu
 =Me42
 -----END PGP SIGNATURE-----

Merge tag 'v2021.10-rc4' into next

Prepare v2021.10-rc4

Signed-off-by: Tom Rini <trini@konsulko.com>

# gpg: Signature made Tue 14 Sep 2021 06:58:32 PM EDT
# gpg:                using RSA key 1A3C7F70E08FAB1707809BBF147C39FF9634B72C
# gpg: Good signature from "Thomas Rini <trini@konsulko.com>" [ultimate]

# Conflicts:
#	board/Arcturus/ucp1020/spl.c
#	cmd/mvebu/Kconfig
#	common/Kconfig.boot
#	common/image-fit.c
#	configs/UCP1020_defconfig
#	configs/sifive_unmatched_defconfig
#	drivers/pci/Kconfig
#	include/configs/UCP1020.h
#	include/configs/sifive-unmatched.h
#	lib/Makefile
#	scripts/config_whitelist.txt
2021-09-16 10:29:40 -04:00
Patrice Chotard
c8510e397f stm32mp: Fix board_get_usable_ram_top()
When booting in EFI, lib/efi_loader/efi_memory.c calls
board_get_usable_ram_top(0) which returns by default
gd->ram_base + gd->ram_size which is the top of DDR.

In case of OPTEE boot, the top of DDR is currently reserved by OPTEE,
board_get_usable_ram_top(0) must return an address outside OPTEE
reserved memory.

gd->ram_top matches this constraint as it has already been initialized
by substracting all DT reserved-memory (included OPTEE memory area).

Fixes: 92b611e8b0 ("stm32mp: correctly handle board_get_usable_ram_top(0)")

Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-09-06 10:00:11 +02:00
Simon Glass
ea2ca7e17e spi: Rename SPI_SUPPORT to SPI
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
2a73606668 serial: Rename SERIAL_SUPPORT to SERIAL
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:01 -04:00
Michal Simek
b4c2c151b1 Kconfig: Remove all default n/no options
default n/no doesn't need to be specified. It is default option anyway.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
[trini: Rework FSP_USE_UPD portion]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-08-31 17:47:49 -04:00
Alexandru Gagniuc
ee870859ce arm: stm32mp1: Implement ECDSA signature verification
The STM32MP ROM provides several service. One of them is the ability
to verify ecdsa256 signatures. Hook the ROM API into the ECDSA uclass.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-08-16 10:49:35 +02:00
Patrick Delaunay
92b611e8b0 stm32mp: correctly handle board_get_usable_ram_top(0)
The function board_get_usable_ram_top can be called after relocation
with total_size = 0 to get the uppermost pointer that is valid to access
in U-Boot.

When total_size = 0, the reserved memory should be not take in account
with lmb library and 'gd->ram_base + gd->ram_size' can be used.

It is the case today in lib/efi_loader/efi_memory.c:efi_add_known_memory()
and this patch avoids that the reserved memory for OP-TEE is not part of
the EFI available memory regions.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-08-16 10:49:35 +02:00
Patrick Delaunay
f64d32a27a stm32mp1: stm32prog: remove stm32prog_get_tee_partitions with FIP
The MTD tee partitions used to save the OP-TEE binary are needed when
TF-A doesn't use the FIP container to load binaries.

This patch puts under CONFIG_STM32MP15x_STM32IMAGE flag the associated
code in U-Boot binary and prepare the code cleanup when
CONFIG_STM32MP15x_STM32IMAGE support will be removed after TF-A migration
to FIP support.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-08-16 09:36:31 +02:00
Patrick Delaunay
f91783edf2 arm: stm32mp: handle the OP-TEE nodes in DT with FIP support
With FIP support in TF-A (when CONFIG_STM32MP15x_STM32IMAGE
is not activated), the DT nodes needed by OP-TEE are added by OP-TEE
firmware in U-Boot device tree, present in FIP.

These nodes are only required in trusted boot, when TF-A load the file
u-boot.stm32, including the U-Boot device tree with STM32IMAGE header,
in this case OP-TEE can't update the U-Boot device tree.

Moreover in trusted boot mode with FIP, as the OP-TEE nodes are present
in U-Boot device tree only when needed the function
stm32_fdt_disable_optee can be removed.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-08-16 09:34:27 +02:00
Patrick Delaunay
6de57b41dd arm: stm32mp: add config for STM32IMAGE support
By default for trusted boot with TF-A, U-Boot (u-boot-nodtb)
is located in FIP container with its device tree and with
the secure monitor (provided by TF-A or OP-TEE).
The FIP file is loaded by TF-A BL2 and each components is
extracted at the final location.

This patch add CONFIG_STM32MP15x_STM32IMAGE to request the
STM32 image generation for SOC STM32MP15x
when FIP container is not used (u-boot.stm32 is loaded by TF-A
as done previously to keep the backward compatibility).

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-08-16 09:34:27 +02:00
Simon Glass
0b1284eb52 global: Convert simple_strtoul() with decimal to dectoul()
It is a pain to have to specify the value 10 in each call. Add a new
dectoul() function and update the code to use it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
7e5f460ec4 global: Convert simple_strtoul() with hex to hextoul()
It is a pain to have to specify the value 16 in each call. Add a new
hextoul() function and update the code to use it.

Add a proper comment to simple_strtoul() while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
9ca00684db Rename DRIVERS_MISC_SUPPORT to DRIVERS_MISC
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-28 14:29:37 -04:00
Simon Glass
83061dbd1c Rename GPIO_SUPPORT to GPIO
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-28 14:29:36 -04:00
Simon Glass
078111b9c0 Rename SPL_WATCHDOG_SUPPORT to SPL_WATCHDOG
Rename this option so that CONFIG_IS_ENABLED can be used with it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-28 14:27:54 -04:00
Alexandru Gagniuc
8533263c85 stm32mp1: spl: Configure TrustZone controller for OP-TEE
OP-TEE is very particular about how the TZC should be configured.
When booting an OP-TEE payload, an incorrect TZC configuration will
result in a panic.

Most information can be derived from the SPL devicetree. The only
information we don't have is the split between TZDRAM and shared
memory. This has to be hardcoded. The rest of the configuration is
fairly easy, and only requires 3 TZC regions. Configure them.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-07-27 09:48:11 +02:00
Alexandru Gagniuc
8d7f5edd86 arm: stm32mp: Implement support for TZC 400 controller
The purpose of this change is to allow configuring TrustZone (TZC)
memory permissions. For example, OP-TEE expects TZC regions to be
configured in a very particular way. The API presented here is
intended to allow exactly that.

UCLASS support is not implemented, because it would not be too useful.
Changing TZC permissions needs to be done with care, so as not to cut
off access to memory we are currently using. One place where we can
use this is at the end of SPL, right before jumping to OP-TEE.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-07-27 09:48:09 +02:00
Patrick Delaunay
8b71b20e0e arm: stm32mp1: force boot_device variable for invalid TAMP register value
When the TAMP register 20 have an invalid value (0x0 for example after
TAMPER error) the "boot_device" U-Boot env variable have no value and
no error is displayed in U-Boot log.

The STM32MP boot command bootcmd_stm32mp failed with strange trace:
  "Boot over !"

and the next command in bootcmd_stm32mp failed with few indication:
  if test ${boot_device} = serial || test ${boot_device} = usb;
	then stm32prog ${boot_device} ${boot_instance};

As it is difficult to investigate, the current patch avoids this issue:
- change the debug message to error: "unexpected boot mode" is displayed
- display trace "Boot over invalid!" in bootcmd_stm32mp
- execute "run distro_bootcmd" to try all the possible target

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-27 09:47:40 +02:00
Patrick Delaunay
3c1057c548 stm32mp: use device sequence number in boot_instance variable
Use the device sequence number in boot_instance variable
and no more the SDMMC instance provided by ROM code/TF-A.

After this patch we don't need to define the mmc alias in
device tree, for example:
  mmc0 = &sdmmc1;
  mmc1 = &sdmmc2;
  mmc2 = &sdmmc3;
to have a correct mapping between the ROM code boot device =
"${boot_device}${boot_instance}" and the MMC device in U-Boot.

With this patch the 'mmc0' device (used in mmc commands) is
always used when only one instance sdmmc is activated in device
tree, even if it is only the sdmmc2 or sdmmc3.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
b18c3abdea stm32mp: stm32prog: use defines for virtual partition size
Use the existing defines PMIC_SIZE and OTP_SIZE and a new define
CMD_SIZE for virtual partition size.

This patch corrects the size for OTP partition in alternate name
(1024 instead of 512) and avoids other alignment issues.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
7c55249307 stm32mp: syscon: manage clock when present in device tree
Enable the clocks during syscon probe when they are present in device tree.

This patch avoids a freeze when the SYSCFG clock is not enabled by
TF-A / OP-TEE.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
80cfc6c692 stm32mp: cmd_stm32key: add subcommand close
The expected sequence to close the device

1/ Load key in DDR with any supported load command
2/ Update OTP with key: STM32MP> stm32key read <addr>

At this point the device is able to perform image authentication but
non-authenticated images can still be used and executed.
So it is the last moment to test boot with signed binary and
check that the ROM code accepts them.

3/ Close the device: only signed binary will be accepted !!
   STM32MP> stm32key close

Warning: Programming these OTP is an irreversible operation!
         This may brick your system if the HASH of key is invalid

This command should be deactivated by default in real product.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
d3551b8eef stm32mp: cmd_stm32key: add read OTP subcommand
Allow to read the OTP value and lock status with the command
$> stm32key read.

This patch also protects the stm32key fuse command.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
e00e1f394c stm32mp: cmd_stm32key: add get_misc_dev function
Add a helper function to access to BSEC misc driver.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
3da2552a22 stm32mp: cmd_stm32key: lock of PKH OTP after fuse
Lock the OTP value of key's hash after the command
$> stm32key fuse <address>

This operation forbids a second update of these OTP as they are
ECC protected in BSEC: any update of these OTP with a different value
causes a BSEC disturb error and the closed chip will be bricked.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
fe24090eb7 stm32mp: cmd_stm32key: handle error in fuse_hash_value
Handle errors in fuse_hash_value function.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
bc78d5f25a stm32mp: cmd_stm32key: use sub command
Simplify parsing the command argument by using
the macro U_BOOT_CMD_WITH_SUBCMDS.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
3a99481159 stm32mp: configs: activate the command stm32key only for ST boards
This command is used to evaluate the secure boot on stm32mp SOC,
it is deactivated by default in real products.

We activate this command only in STMicroelectronics defconfig
used with the evaluation boards.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
edca8c3f8e stm32mp: stm32prog: fix the content of short help message
Reduce the content of short help message for stm32prog command and
removed the carriage return to fix the display of 'help' command when
this command is activated.

Fixes: 954bd1a923 ("stm32mp: add the command stm32prog")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-07-16 09:28:46 +02:00
Patrick Delaunay
1f2e3d5599 stm32mp: stm32prog: handle dfu error
Handle DFU stack error in STM32CubeProgrammer protocol.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
2021-06-18 10:09:41 +02:00