Add DEK encapsulation support for imx8. The DEK blob is generated by the
SECO through the SCFW API.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
This commit adds initial support for the Toradex Apalis iMX8X 2GB WB
IT V1.1A System on Module support [1].
Boot log:
U-Boot 2020.10-02940-g894aebb7e8-dirty (Oct 22 2020 - 09:43:57 +0300)
CPU: NXP i.MX8QXP RevB A35 at 1200 MHz at 30C
DRAM: 2 GiB
MMC: FSL_SDHC: 0, FSL_SDHC: 1
Loading Environment from MMC... OK
In: serial@5a070000
Out: serial@5a070000
Err: serial@5a070000
Model: Toradex Apalis iMX8 QuadXPlus 2GB Wi-Fi / BT IT V1.1A,
Serial# 06617018
Net: eth0: ethernet@5b040000 [PRIME]
Hit any key to stop autoboot: 0
Functionality wise the following is known to be working:
- eMMC and MMC/SD card
- Ethernet (*)
- GPIOs
- I2C
Unfortunately, there is no USB functionality for the i.MX 8QXP as of
yet.
* With the SCU FW from the latest Toradex BSP 5.0.0 (SCU FW 1.5.1)
ETH PHY encounters bring up problems after reset, this will be fixed
soon on SCU FW side.
[1] https://www.toradex.com/computer-on-modules/apalis-arm-family/nxp-imx-8x
Signed-off-by: Igor Opaniuk <igor.opaniuk@toradex.com>
Acked-by: Oleksandr Suvorov <oleksandr.suvorov@toradex.com>
When doing partition reboot, the boot image won't be reloaded by ROM,
it is just CPU reset to boot entry. The SW has to keep the boot image
inside the RAM unchanged. It includes both the TEXT section and DATA
section.
For SPL, the problem is DATA section will be updated at runtime, so in
next partition reboot the data is not same as the initial value from
cold boot. If any code depends on the initial value, then it will have
problem.
This patch introduces a mechanism to recover the data section
for partition reboot. It adds a new section in image for saving
data section. When from cold boot, the data section will be saved
to that new section at SPL early phase. When from partition reboot,
the data section will be restored from the new section.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The DDR memory from 0x88000000 to 0x8FFFFFFF is assigned to M4 on
QM and QXP. The M4 can allocate this memory by two ways,
in SCD or u-boot.
In this patch, u-boot addes the memory reserve node to DTB to pass
the info to kernel, no matter the M4 memory is reserved in SCD
or u-boot. So kernel won't access M4 reserved memory.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add a module to configure the tamper and secure violation of
the SNVS using the SCU API.
The module also adds some commands:
- snvs_cfg: Configure the SNVS HP and LP registers
- snvs_dgo_cfg: Configure the SNVS DGO bloc if present (8QXP)
- tamper_pin_cfg: Change the configuration of the tamper pins
- snvs_clear_status: Allow to write to LPSR and LPTDSR to clear
status bits
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add function and new command "auth_cntr" for secure boot support.
When booting with life cycle set to OEM closed, we need to use
this function to authenticate the OS container and load kernel & FDT
from OS container to their destination.
Also add image authentication call when loading container images.
Users can set CONFIG_AHAB_BOOT=y to enable the feature. It is not
set at default.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
To support SPL loading container file, add a new Makefile target,
and introduce a new Kconfig file to source the cfg file which
will be parsed by mkimage.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add parsing i.MX8 Container file support, this is to let
SPL could load images in a container file to destination address.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
This commit adds initial support for the Toradex Apalis iMX8QM 4GB WB IT
V1.0B module. Unlike the V1.0A early access samples exclusively booting
from SD card, they are now strapped to boot from eFuses which are
factory fused to properly boot from their on-module eMMC. U-Boot
supports either booting from the on-module eMMC or may be used for
recovery purpose using the universal update utility (uuu) aka mfgtools
3.0.
Functionality wise the following is known to be working:
- eMMC, 8-bit and 4-bit MMC/SD card slots
- Gigabit Ethernet
- GPIOs
- I2C
Unfortunately, there is no USB functionality for the i.MX 8QM as of yet.
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Reviewed-by: Max Krummenacher <max.krummenacher@toradex.com>
This commit adds initial support for the Toradex Colibri iMX8QXP 2GB WB
IT V1.0B module. Unlike the V1.0A early access samples exclusively
booting from SD card, they are now strapped to boot from eFuses which
are factory fused to properly boot from their on-module eMMC. U-Boot
supports either booting from the on-module eMMC or may be used for
recovery purpose using the universal update utility (uuu) aka mfgtools
3.0.
Functionality wise the following is known to be working:
- eMMC and MMC/SD card
- Ethernet
- GPIOs
- I2C
Unfortunately, there is no USB functionality for the i.MX 8QXP as of
yet.
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Reviewed-by: Igor Opaniuk <igor.opaniuk@toradex.com>
SPL runs in EL3 mode, except MU0_A, others are not powered on,
and could not be used. However normal U-Boot use MU1_A, so we
could not reuse the one in dts. And we could not replace the one
in dts with MU0_A, because MU0_A is reserved in secure world.
Signed-off-by: Peng Fan <peng.fan@nxp.com>