Use a pointer to pass image address to fsl_secboot_validate(),
instead of using environmental variable "img_addr".
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In case of fatal failure during secure boot execution (e.g. header
not found), reset is asserted to stop execution. If the RESET_REQ
is not tied to HRESET, this allows the execution to continue.
Add esbh_halt() after the reset to make sure execution stops.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
For secure boot, currently we were using fixed bootargs for all SoCs.
This is not needed and we can use the bootargs which are used in
non-secure boot.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
This commit solves CAAM coherency issue on ls2080. When caches are
enabled and CAAM's DMA's AXI transcations are not made cacheable,
Core reads/writes data from/to caches and CAAM does from main memory.
This forces data flushes to synchronize various data structures. But
even if any data in proximity of these structures is read by core,
these structures again are fetched in caches.
To avoid this problem, either all the data that CAAM accesses can be
made cache line aligned or CAAM transcations can be made cacheable.
So, this commit makes CAAM transcations as write back with write and
read allocate.
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
When MMU is disabled, 64-bit write must be aligned at 64-bit
boundary. Becaue the memory location is not guaranteed to be 64-bit
aligned, the 64-bit write needs to be split into two 32-bit writes
to avoid the alignment exception.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
During secure boot, SMMU is enabled on POR by SP bootrom. SMMU needs
to be put in bypass mode in uboot to enable CAAM transcations to pass
through.
For non-secure boot, SP BootROM doesn't enable SMMU, which is in
bypass mode out of reset.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The GUR (DCFG) registers in CCSR space are in little endian format.
Define a config CONFIG_SYS_FSL_CCSR_GUR_LE in
arch/arm/include/asm/arch-fsl-layerscape/config.h
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
"fdt_high" env variable was set to 0xcfffffff for secure boot.
Change it to 0xa0000000 for LS2080 to be consistent with non-secure
boot targets.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
To unify steps for secure boot for xip (eg. NOR) and non-xip memories
(eg. NAND, SD), bootscipts and its header are copied to main memory.
Validation and execution are performed from there.
For other ARM Platforms (ls1043 and ls1020), to avoid disruption of
existing users, this copy step is not used for NOR boot.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
During secure boot, Linux image along with other images are validated
using bootscript. This bootscript also needs to be validated before
it executes. This requires a header for bootscript.
When secure boot is enabled, default bootcmd is changed to first
validate bootscript using the header and then execute the script.
For ls2080, NOR memory map is different from other ARM SoCs. So a new
address on NOR is used for this bootscript header (0x583920000). The
Bootscript address is mentioned in this header along with addresses of
other images.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Sec_init has been called at the beginning to initialize SEC Block
(CAAM) which is used by secure boot validation later for both ls2080a
qds and rdb. 64-bit address in ESBC Header has been enabled. Secure
boot defconfigs are created for boards (NOR boot).
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
For secure boot, a header is used to identify key table, signature
and image address. A new header structure is added for lsch3.
Currently key extension (IE) feature is not supported. Single key
feature is not supported. Keys must be in table format. Hence, SRK
(key table) must be present. Max key number has increase from 4 to
8. The 8th key is irrevocable. A new barker Code is used.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Add configs for various IPs used during secure boot. Add address
and endianness for SEC and Security Monitor. SRK are fuses in SFP
(fuses for public key's hash). These are stored in little endian
format.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In LS2080, SFP has version 3.4. It is in little endian. The base
address is 0x01e80200. SFP is used in Secure Boot to read fuses.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
NULL pointer should be checked before any dereference. This patch
move memest after the NULL pointer check.
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reported-by: Jose Rivera <german.rivera@nxp.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Free dflt_dpio pointer after its usage during error handling
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reported-by: Jose Rivera <german.rivera@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The qspi_cfg register is set by PBI when booting from QSPI. No need
to changing it again.
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The fsl-mc node has been moved under /soc, so update
the path references accordingly. Backwards compatibility
is retained for /fsl-mc.
Delete backwards compatibility for the completely obsolete
/fsl,dprc@0.
Signed-off-by: Stuart Yoder <stuart.yoder@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Introduce CONFIG_RTL8169 in Kconfig and move over boards' defconfig
to use that.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Stephen Warren <swaren@nvidia.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Introduce CONFIG_RTL8139 in Kconfig and move over boards' defconfig
to use that.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Fixup MPC8641HPCN* and r2dplus configs]
Signed-off-by: Tom Rini <trini@konsulko.com>
Some boards' defconfig files are out of order. Clean this up.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This should return 0 on success, not 1. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Marek Vasut <marex@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
The error path for fit_import_data() is incorrect if the second open() call
fails.
Reported-by: Coverity (CID: 138489)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The file that is opened is not closed in all cases. Fix it.
Reported-by: Coverity (CID: 138490)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Make sure that both the error path and normal return free the buffer and
close the file.
Reported-by: Coverity (CID: 138491)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The 'buf' variable is not freed. Fix it.
Reported-by: Coverity (CID: 138492)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The 'fdt' variable is not unmapped in all error cases. Fix this.
Reported-by: Coverity (CID: 138493)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The space allocated to fdt is not freed on error. Fix it.
Reported-by: Coverity (CID: 138494)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is a missing close() on the error path. Add it.
Reported-by: Coverity (CID: 138496)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
This cannot be NULL since part_get_info() calls this function and requires
it to be non-NULL.
Reported-by: Coverity (CID: 138497)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
This cannot be NULL since part_print() calls this function and requires it
to be non-NULL.
Reported-by: Coverity (CID: 138498)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
One of these is causing a coverity warning. Drop these functions and use the
standard U-Boot ones instead.
Reported-by: Coverity (CID: 138499)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The code flows through to the end of the function, so we don't need another
close() before this. Remove it.
Reported-by: Coverity (CID: 138503)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The code flows through to the end of the function, so we don't need another
close() before this. Remove it.
Reported-by: Coverity (CID: 138504)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The license command isn't usually built and has a few problems:
- The rules to generate license.h haven't worked in a long time,
re-write these based on the bmp_logo.h rules.
- 'tok' is unused and the license text size has increased
- bin2header.c wasn't grabbing unistd.h to know the prototype for
read().
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
For Raspberry Pi, we had the input clock rate to the pl011 fixed in
the rpi.c file, but it may be changed by firmware due to user changes
to config.txt. Since the firmware always sets up the uart (default
115200 output unless the user changes it), we can just skip our own
uart init to simplify the boot process and more reliably get serial
output.
Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Tom Rini <trini@konsulko.com>
Tested-by: Stephen Warren <swarren@wwwdotorg.org>
Some features are only useful or meaningful when the command line is
present. Ensure that these features are not compiled in when CONFIG_CMDLINE
is not enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
These files do not need to be compiled when CONFIG_CMDLINE is disabled.
Update the Makefile to reflect this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
When CONFIG_CMDLINE is disabled we need to remove all the command-line
code. Most can be removed by dropping the appropriate linker lists from the
images, but sub-commands must be dealt with specially.
A simple mechanism is used to avoid 'unused static function' errors.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Normally board_run_command() will handle command processed. But if for some
reason it returns then we should panic to avoid further processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Update the link script to drop this code when not needed. This is only done
for two architectures at present.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a new Kconfig option for the command line. This is enabled by default,
but when disabled it will remove the command line.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>