Commit graph

10 commits

Author SHA1 Message Date
Sumit Garg
9b3f40ad09 armv8: sec_firmware: Add support for loadables in FIT
Enable support for loadables in SEC firmware FIT image. Currently
support is added for single loadable image.

Brief description of implementation:
  Add two more address pointers (loadable_h, loadable_l) as arguments to
  sec_firmware_init() api.
  Create new api: sec_firmware_checks_copy_loadable() to check if loadables
  node is present in SEC firmware FIT image. If present, verify loadable
  image and copies it to secure DDR memory.
  Populate address pointers with secure DDR memory addresses where loadable
  is copied.

Example use-case could be trusted OS (tee.bin) as loadables node in SEC
firmware FIT image.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-10-27 08:47:14 -07:00
Bin Meng
723b43daec blk: Remove various places that do flush cache after read
All these places seem to inherit the codes from the MMC driver where
a FIXME was put in the comment. However the correct operation after
read should be cache invalidate, not flush.

The underlying drivers should be responsible for the cache operation.
Remove these codes completely.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: York Sun <york.sun@nxp.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: York Sun <york.sun@nxp.com>
2017-09-15 08:05:10 -04:00
Grygorii Strashko
8a049dd642 armv8: fsl-layerscape: use get_nand_dev_by_index()
As part of preparation for nand DM conversion the new API has been
introduced to remove direct access to nand_info array. So, use it here
instead of accessing to nand_info array directly.

Cc: Albert Aribaud <albert.u.boot@aribaud.net>
Cc: York Sun <york.sun@nxp.com>
Signed-off-by: Grygorii Strashko <grygorii.strashko@ti.com>
2017-07-11 22:41:53 -04:00
York Sun
399e2bb60c armv8: layerscape: Make U-Boot EL2 safe
When U-Boot boots from EL2, skip some lowlevel init code requiring
EL3, including CCI-400/CCN-504, trust zone, GIC, etc. These
initialization tasks are carried out before U-Boot runs. This applies
to the RAM version image used for SPL boot if PPA is loaded first.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-06-01 19:57:24 -07:00
Sumit Garg
fa642559f5 armv8: fsl-layerscape: Add validation of PPA image from NAND and SD
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-24 09:05:20 -07:00
Vinitha Pillai-B57223
d1a795ace9 armv8: fsl-layerscape: SECURE BOOT: Add header address of PPA in kconfig
The header address of PPA defined in Kconfig.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Hou Zhiqiang
75ce8ee4e4 fsl: PPA: add support PPA image loading from NAND and SD
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-03-28 10:40:09 -07:00
Sumit Garg
07806e6229 ls1043ardb: PPA: add PPA validation in case of secure boot
As part of Secure Boot Chain of trust, PPA image must be validated
before the image is started.
The code for the same has been added.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-09-14 14:06:39 -07:00
Hou Zhiqiang
ab01ef5fa6 ARMv8/fsl-ppa: Consolidate PPA image stored-media flag for XIP
The PPA binary may be stored on QSPI flash instead of NOR.
So, deprecated CONFIG_SYS_LS_PPA_FW_IN_NOR in favour of
CONFIG_SYS_LS_PPA_FW_IN_XIP to prevent fragmentation of code
by addition of a new QSPI specific flag.

Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-08-02 09:51:29 -07:00
Hou Zhiqiang
f1dd4cadd2 ARMv8/layerscape: Add FSL PPA support
The FSL Primary Protected Application (PPA) is a software component
loaded during boot which runs in TrustZone and remains resident
after boot.

Use the secure firmware framework to integrate FSL PPA into U-Boot.

Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-19 11:33:53 -07:00