Enable support for loadables in SEC firmware FIT image. Currently
support is added for single loadable image.
Brief description of implementation:
Add two more address pointers (loadable_h, loadable_l) as arguments to
sec_firmware_init() api.
Create new api: sec_firmware_checks_copy_loadable() to check if loadables
node is present in SEC firmware FIT image. If present, verify loadable
image and copies it to secure DDR memory.
Populate address pointers with secure DDR memory addresses where loadable
is copied.
Example use-case could be trusted OS (tee.bin) as loadables node in SEC
firmware FIT image.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
All these places seem to inherit the codes from the MMC driver where
a FIXME was put in the comment. However the correct operation after
read should be cache invalidate, not flush.
The underlying drivers should be responsible for the cache operation.
Remove these codes completely.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: York Sun <york.sun@nxp.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: York Sun <york.sun@nxp.com>
As part of preparation for nand DM conversion the new API has been
introduced to remove direct access to nand_info array. So, use it here
instead of accessing to nand_info array directly.
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
Cc: York Sun <york.sun@nxp.com>
Signed-off-by: Grygorii Strashko <grygorii.strashko@ti.com>
When U-Boot boots from EL2, skip some lowlevel init code requiring
EL3, including CCI-400/CCN-504, trust zone, GIC, etc. These
initialization tasks are carried out before U-Boot runs. This applies
to the RAM version image used for SPL boot if PPA is loaded first.
Signed-off-by: York Sun <york.sun@nxp.com>
The header address of PPA defined in Kconfig.
Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
As part of Secure Boot Chain of trust, PPA image must be validated
before the image is started.
The code for the same has been added.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The PPA binary may be stored on QSPI flash instead of NOR.
So, deprecated CONFIG_SYS_LS_PPA_FW_IN_NOR in favour of
CONFIG_SYS_LS_PPA_FW_IN_XIP to prevent fragmentation of code
by addition of a new QSPI specific flag.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The FSL Primary Protected Application (PPA) is a software component
loaded during boot which runs in TrustZone and remains resident
after boot.
Use the secure firmware framework to integrate FSL PPA into U-Boot.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>