Rename the CONFIG_SECURE_BOOT name to CONFIG_NXP_ESBC to avoid
conflicts with UEFI secure boot.
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Compile the legacy PCIe initialization routines for P2041RDB,
P3041, P4080, P5020 and P5040 DS boards only when DM_PCI is
not enabled.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
DM_I2C_COMPAT is a compatibility layer that allows using the non-DM I2C
API when DM_I2C is used. When DM_I2C_COMPAT is not enabled for
compilation, a compilation error will be generated. This patch solves
the problem that the i2c-related api of the lx2160a platform does not
support dm.
Signed-off-by: Chuanhua Han <chuanhua.han@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
This driver needs modification to work with new soc,
like ls1028, since bitmap of RCFG is changed to
RESV[7:5] LIVE[4] WDEN[3] RESV[2:1] GO[0]
000 1 0 00 0
Also the RCW location is moved to only dutcfg0.
RESV[7:4] RCWSRC[3:0]
1111 configurable
Following commands are functional now
qixis_reset
qixis_reset sd
qixis_reset qspi
qixis_reset emmc
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Yuantian Tang <andy.tang@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Uboot prompt must not be available while running
secure boot. TO ensure this bootdelay must be set
to -2.
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Use the proper CONFIG_TARGET_MPC832XEMDS Kconfig option to replace the
CONFIG_MPC832XEMDS ad-hoc config option.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Voltage regulator LTC3882 device has 0.5% voltage read error.
So for NXP SoC devices this generally equates to 2mV
Update set_voltage_to_LTC for below:
1.Add coorection of upto 2mV in voltage comparison
to take care of voltage read error of voltage regulator
2.Add loop max count kept as 100 to avoid infinte loop.
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Move ns_dev[] from header file to C file to avoid compiling warning
when header file is included by others.
Signed-off-by: Ran Wang <ran.wang_1@nxp.com>
[YS: rewrite commit message]
Reviewed-by: York Sun <york.sun@nxp.com>
As per updated hardware documentation for
lsch3 based chips like LS2088A, 0.9v support
has been added in possible supported SoC volatges
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
We have a large number of places where while we historically referenced
gd in the code we no longer do, as well as cases where the code added
that line "just in case" during development and never dropped it.
Signed-off-by: Tom Rini <trini@konsulko.com>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.
This commit moves the header code:
include/libfdt.h -> include/linux/libfdt.h
include/libfdt_env.h -> include/linux/libfdt_env.h
and replaces include directives:
#include <libfdt.h> -> #include <linux/libfdt.h>
#include <libfdt_env.h> -> #include <linux/libfdt_env.h>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Currently only SD, NAND can be secondary boot sources controlled
by FPGA/CPLD via qixis commands. For SoC like LS1088 IFC-NOR
can be secondary boot source, while QSPI-NOR is the primary.
Add options in qixis to switch to other boot sources including
ifc and emmc.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Adds a VID specific API in init_sequence_f and spl code flow
namely init_func_vid which is required to adjust core voltage.
VID specific code is required in spl, hence moving flag CONFIG_VID
out of spl flags.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Rajesh Bhagat <rajesh.bhagat@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Restructures common driver to support LTC3882 voltage regulator
chip.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Rajesh Bhagat <rajesh.bhagat@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Moves IR chip (IR36021) specific code in flag to resolve
compilation issue where it is not present. For example,
LS1088A is having a new LTC3882 voltage chip.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Rajesh Bhagat <rajesh.bhagat@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Adds a board specific API namely board_adjust_vdd which
is required to define the board VDD adjust settings.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Rajesh Bhagat <rajesh.bhagat@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Both the "qixis_reset" and esbc_validate" commands can only be used in
full U-Boot so do not build them in SPL. As part of this rework the
qixis code to declare things as static and make use of __weak for
function aliases.
Cc; York Sun <york.sun@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
As part of chain of trust with confidentiality along with distro
boot, linux kernel image needs to be stored in encrypted form on
ext4 boot partition. So enable CONFIG_CMD_EXT4_WRITE in case of
Secure boot on ARM based platforms.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Add pfuze dm code, this code could be enabled with CONFIG_DM_PMIC_PFUZE100.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.
Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
The implementation of function set_pcie_ns_access() uses a wrong
argument. The structure array ns_dev has a member 'ind' which is
initialized by CSU_CSLX_*. It should use the 'ind' directly to
address the PCIe's CSL register (CSL_base + CSU_CSLX_PCIE*).
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
[YS: Revise commit message]
Reviewed-by: York Sun <york.sun@nxp.com>
Enable validation of boot.scr script prior to its execution dependent
on "secureboot" flag in environment. Disable fall back option to
nor/qspi boot in case of secure boot. Also enable "secureboot=y"
flag in environment for ARM based platforms instead of bootcmd.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
This converts the following to Kconfig:
CONFIG_ENV_IS_IN_MMC
CONFIG_ENV_IS_IN_NAND
CONFIG_ENV_IS_IN_UBI
CONFIG_ENV_IS_NOWHERE
In fact this already exists for sunxi as a 'choice' config. However not
all the choices are available in Kconfig yet so we cannot use that. It
would lead to more than one option being set.
In addition, one purpose of this series is to allow the environment to be
stored in more than one place. So the existing choice is converted to a
normal config allowing each option to be set independently.
There are not many opportunities for Kconfig updates to reduce the size of
this patch. This was tested with
./tools/moveconfig.py -i CONFIG_ENV_IS_IN_MMC
And then manual updates. This is because for CHAIN_OF_TRUST boards they
can only have ENV_IS_NOWHERE set, so we enforce that via Kconfig logic
now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
When U-Boot boots from EL2, skip some lowlevel init code requiring
EL3, including CCI-400/CCN-504, trust zone, GIC, etc. These
initialization tasks are carried out before U-Boot runs. This applies
to the RAM version image used for SPL boot if PPA is loaded first.
Signed-off-by: York Sun <york.sun@nxp.com>
This header includes things that are needed to make driver build. Adjust
existing users to include that always, even if other dm/ includes are
present
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts the following to Kconfig:
CONFIG_CMD_HASH
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework slightly, enable on some boards again]
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_CMD_ESBC_VALIDATE
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Commit 94e3c8c4fd ("crypto/fsl - Add progressive hashing support
using hardware acceleration.") created entries for CONFIG_SHA1,
CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and CONFIG_SHA_PROG_HW_ACCEL.
However, no defconfig has migrated to it. Complete the move by first
adding additional logic to various Kconfig files to select this when
required and then use the moveconfig tool. In many cases we can select
these because they are required to implement other drivers. We also
correct how we include the various hashing algorithms in SPL.
This commit was generated as follows (after Kconfig additions):
[1] tools/moveconfig.py -y SHA1 SHA256 SHA_HW_ACCEL
[2] tools/moveconfig.py -y SHA_PROG_HW_ACCEL
Note:
We cannot move SHA_HW_ACCEL and SHA_PROG_HW_ACCEL simultaneously
because there is dependency between them.
Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Chander Kashyap <k.chander@samsung.com>
Cc: Steve Rae <steve.rae@raedomain.com>
Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Akshay Saraswat <akshay.s@samsung.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_SPL_BOARD_INIT
Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
[trini: Update the Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_CMD_BLOB
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add imply CMD_BLOB under CHAIN_OF_TRUST]
Signed-off-by: Tom Rini <trini@konsulko.com>
- Add SD secure boot target for ls1043ardb.
- Implement FSL_LSCH2 specific spl_board_init() to setup CAAM stream
ID and corresponding stream ID in SMMU.
- Change the u-boot size defined by a macro for copying the main
U-Boot by SPL to also include the u-boot Secure Boot header size as
header is appended to u-boot image. So header will also be copied
from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90KB. SPL is copied to OCRAM
(128K) where 32K are reserved for use by boot ROM and 6K for secure
boto header.
- Error messages during SPL boot are limited to error code numbers
instead of strings to reduce the size of SPL image.
Signed-off-by: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
For validating images from uboot (Such as Kernel Image), either keys
from SoC fuses can be used or keys from a verified table of public
keys can be used. The latter feature is called IE Key Extension
Feature.
For Layerscape Chasis 3 based platforms, IE table is validated by
Bootrom and address of this table is written in scratch registers 13
and 14 via PBI commands.
Following are the steps describing usage of this feature:
1) Verify IE Table in ISBC phase using keys stored in fuses.
2) Install IE table. (To be used across verification of multiple
images stored in a static global structure.)
3) Use keys from IE table, to verify further images.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
VID support in NXP layerscape Chassis-3 (lsch3) compilant SoCs like
LS2088A, LS2080A differs from existing logic.
-VDD voltage array is different
-Registers are different
-VDD calculation logic is different
Add new function adjust_vdd() for LSCH3 compliant SoCs
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Signed-off-by: Arpit Goel <arpit.goel@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In some cases this is absolutely required, so select this for some secure
features. This also requires migration of RSA_FREESCALE_EXP
Cc: Ruchika Gupta <ruchika.gupta@nxp.com>
Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Saksham Jain <saksham.jain@nxp.freescale.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Introduce board/freescale/common/Kconfig so that we have a single place
for CONFIG options that are shared between ARM and PowerPC NXP platforms.
Cc: York Sun <york.sun@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
With entry_point now being an unsigned long we need to adapt the last
two debug prints to use %lX not %X.
Fixes: 11e1479b9e ("SPL: make struct spl_image 64-bit safe")
Signed-off-by: Tom Rini <trini@konsulko.com>
At present there are two SPI functions only used by freescale which are
defined in the spi_flash.h header. One function name matches an existing
generic SPL function.
Move these into a private header to avoid confusion.
Arcturus looks like it does not actually support SPI, so drop the SPI code
from that board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Update the API's for transition of Security Monitor states. Instead
of providing both initial and final states for transition, just
provide final state for transition as Security Monitor driver will
take care of it internally.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
[York Sun: Reformatted commit message slightly]
Reviewed-by: York Sun <york.sun@nxp.com>
LS1046AQDS Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 128 Mbyte NOR flash single-chip memory
* 512 Mbyte NAND flash
* 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe: supports Gen 1 and Gen 2
SATA 3.0: one SATA 3.0 port
USB 3.0: two micro AB connector and one type A connector
UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Shaohui Xie <Shaohui.Xie@nxp.com>
Signed-off-by: Mingkai Hu <mingkai.hu@nxp.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The deep sleep function of LS1 platform, is mapped into PSCI system
suspend function, this patch adds implementation of it.
Signed-off-by: Hongbo Zhang <hongbo.zhang@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Add this API to make the individual device is able to be set to
the specified permission.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Override jump_to_image_no_args function to include validation of
u-boot image using spl_validate_uboot before jumping to u-boot image.
Also define macros in SPL framework to enable crypto operations.
Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.
Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
Add QIXIS_LBMAP_BRDCFG_REG to the save offset of LBMAP
configuration register instead of hardcoding it in
set_lbmap() function.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Check if qixis supports memory-mapped read/write
before compiling IFC based qixis read/write functions.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com>
Signed-off-by: Abhimanyu Saini <abhimanyu.saini@nxp.com>
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
LS102A ref manual dictates that ICID have to be written to the MSB
of the ICID register, not to the LSB.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Mix usage of uint32_t and u32 fixed in favor of u32.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Reviewed-by: York Sun <york.sun@nxp.com>
On the LS102x boards, in order to initialize the ICID values of
masters, the dev_stream_id array holds absolute offsets from the
base of SCFG.
In ls102xa_config_ssmu_stream_id, the base pointer is cast to
uint32_t * before adding the offset, leading to an invalid address.
Casting it to void * solves the issue.
Signed-off-by: Vincent Siles <vincent.siles@provenrun.com>
Reviewed-by: York Sun <york.sun@nxp.com>
This patch enable VID support for ls2080ardb platform.
It uses the common VID driver.
Signed-off-by: Rai Harninder <harninder.rai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Use a pointer to pass image address to fsl_secboot_validate(),
instead of using environmental variable "img_addr".
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In case of fatal failure during secure boot execution (e.g. header
not found), reset is asserted to stop execution. If the RESET_REQ
is not tied to HRESET, this allows the execution to continue.
Add esbh_halt() after the reset to make sure execution stops.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
For secure boot, a header is used to identify key table, signature
and image address. A new header structure is added for lsch3.
Currently key extension (IE) feature is not supported. Single key
feature is not supported. Keys must be in table format. Hence, SRK
(key table) must be present. Max key number has increase from 4 to
8. The 8th key is irrevocable. A new barker Code is used.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
IR chip is on one of the channels on multiplexed I2C-bus.
Reset to default channel after accessing.
Signed-off-by: Wenbin Song <wenbin.song@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
As the QE firmware struct is shared with Fman, move the header file
out of drivers/qe/.
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In case of error while executing esbc_validate command, SNVS
transition and issue of reset is required only for secure-boot.
If boot mode is non-secure, this is not required.
Similarly, esbc_halt command which puts the core in Spin Loop
is applicable only for Secure Boot.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043).
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
bootdelay = 0 (To disable Boot Prompt)
bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The fuse status register provides the values from on-chip
voltage ID efuses programmed at the factory. These values
define the voltage requirements for the chip. u-boot reads
FUSESR and translates the values into the appropriate
commands to set the voltage output value of an external
voltage regulator.
Signed-off-by: Ying Zhang <b40530@freescale.com>
Reviewed-by: York Sun <york.sun@nxp.com>
IR chip on all the boards are required to be used in Intel mode
to support VID. VDD will not be adjusted if IR chip is used in
other modes.
Signed-off-by: Ying Zhang <b40530@freescale.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Some images to be validated are relocated to a dynamic
address at run time. So, these addresses cannot be known
befor hand while signing the images and creating the header
offline.
So, support is required to pass the image address to the
validate function as an argument.
If an address is provided to the function, the address
field in Header is not read and is treated as a reserved
field.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The code for image hash calculation, hash calculation from
RSA signature and comparison of hashes has been mobed to a
separate function.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Separate functions are created for reading and checking the
sanity of Public keys:
- read_validate_single_key
- read_validate_ie_tbl
- read_validate_srk_table
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The prototype and defination of function fsl_secboot_validate
has been changed to support calling this function from another
function within u-boot.
Only two aruments needed:
1) header address - Mandatory
2) SHA256 string - optional
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
1.Use "qixis_reset sd" to boot from SD
2.Use "qixis_reset sd_qspi" to boot from SD with QSPI support
3.Use "qixis_reset qspi" to boot from QSPI flash
On some SoCs such as LS1021A and LS1043A, IFC and QSPI could be
pin-multiplexed. So the switches are different between SD boot with
IFC support and SD boot with QSPI support. The default booting from
SD is with IFC support.
Once QSPI is enabled(IFC disabled), only use I2C to access QIXIS.
Signed-off-by: Gong Qianyu <Qianyu.Gong@freescale.com>
Reviewed-by: York Sun <york.sun@nxp.com>
This will allow the implementation to make use of data in the block_dev
structure beyond the base device number. This will be useful so that eMMC
block devices can encompass the HW partition ID rather than treating this
out-of-band. Equally, the existence of the priv field is crying out for
this patch to exist.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
According to the Coverity result, a unsigned int variable is used fo less-
than-zero comparison, the result is never true. Need to fix the variable
type to signed int.
Signed-off-by: Ye.Li <B37916@freescale.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Stefano Babic <sbabic@denx.de>
Reviewed-by: Stefano Babic <sbabic@denx.de>
LS1043ARDB Secure Boot Target from NOR has been added.
- Configs defined to enable esbc_validate.
- ESBC Address in header is made 64 bit.
- SMMU is re-configured in Bypass mode.
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
When creating phy-handle property, an unsigned int value is created by
fdt_create_phandle, and memcpy is used to get the value, since DTS is
big endian, the value cannot be used directly on little endian SoCs,
it should be converted by cpu_to_fdt32.
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
LS1043AQDS Specification:
-------------------------
Memory subsystem:
* 2GByte DDR4 DIMM
* 128 Mbyte NOR flash single-chip memory
* 512 Mbyte NAND flash
* 16 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
Ethernet:
* Two RGMII ports
* XFI 10G port
* SGMII
* QSGMII with 4x 1G ports
PCIe: supports Gen 1 and Gen 2
SATA 3.0: one SATA 3.0 port
USB 3.0: two micro AB connector and one type A connector
UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Signed-off-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@freescale.com>
[York Sun: Add CONFIG_SYS_NS16550=y in defconfig]
Reviewed-by: York Sun <yorksun@freescale.com>
When detecting SDHC Adapter Card Type 2(SD/MMC Legacy Adapter Card),
enable EVDD automatic control via SDHC_VS. This could support SD card
IO voltage switching for UHS-1 speed mode.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
If adapter card type identification is supported for platform, we would
enable dat[4:7] for eMMC4.5 Adapter Card.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
It will take more than 1s when wake up from deep sleep. Most of the
time is spent on outputing information. This patch reduced the deep
sleep latency by:
1. avoid outputing system informaton
2. remove flush cache after DDR restore
3. skip reloading second stage uboot binary when SD boot
Signed-off-by: Tang Yuantian <Yuantian.Tang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The ITS bit was being read incorrectly beacause of operator
precedence. The same ahs been corrected.
Signed-off-by: Lawish Deshmukh <lawish.deshmukh@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Signed-off-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Config Security Level Register is different between different SoCs,
so put the CSL register definition into the arch specific directory.
Signed-off-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
For the Chain of Trust, the esbc_validate command supports
32 bit fields for location of the image. In the header structure
definition, these were declared as pointers which made them
64 bit on a 64 bit core.
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
If enable DM PMIC and REGULATOR, we should not use original power
framework. So need to comment out the pfuze code for original power
framework, when CONFIG_DM_PMIC_PFUZE100 defined.
Signed-off-by: Peng Fan <Peng.Fan@freescale.com>
Cc: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Stefano Babic <sbabic@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Secure Boot Target is added for NAND for P3041.
For mpc85xx SoCs, the core begins execution from address 0xFFFFFFFC.
In case of secure boot, this default address maps to Boot ROM.
The Boot ROM code requires that the bootloader(U-boot) must lie
in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is
configured as SRAM. U-Boot binary will be located on SRAM configured
at address 0xBFF00000.
In the U-Boot code, TLB entries are created to map the virtual address
0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
SYSTEM ID EPPROM always store SYSTEM version info in big endian format.
SoC with ARM or PowerPC core should read/write version info from eeprom
in BIG endian format.
So use cpu-specific APIs to read SYSTEM version.
Signed-off-by: Jaiprakash Singh <b44839 at freescale.com>
Signed-off-by: Prabhakar Kushwaha <prabhakar at freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
CONFIG_ARMV7_VIRT depends on CONFIG_ARMV7_NONSEC, thus doesn't need to
be taken into account additionally. CONFIG_ARMV7_PSCI is only set on
boards that support CONFIG_ARMV7_NONSEC, and it only works on those.
CC: Tang Yuantian <Yuantian.Tang@freescale.com>
CC: York Sun <yorksun@freescale.com>
CC: Steve Rae <srae@broadcom.com>
CC: Andre Przywara <andre.przywara@linaro.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Tested-by: Alison Wang <alison.wang@freescale.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
Add adapter card type identification support by reading
FPGA STAT_PRES1 register SDHC Card ID[0:2] bits. To use this function,
define CONFIG_FSL_ESDHC_ADAPTER_IDENT.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Cc: York Sun <yorksun@freescale.com>
Cc: Pantelis Antoniou <panto@antoniou-consulting.com>
[York Sun: resolve conflicts in README.fsl-esdhc]
Reviewed-by: York Sun <yorksun@freescale.com>
Function dp_ddr_restore is to restore the first 128-byte space
of DDR. However those codes may be optimized out by compiler
since the destination address is at 0x0. In order to avoid
compiler optimization, we restore the space from high address,
which is not at 0x0, to low address.
Signed-off-by: Tang Yuantian <Yuantian.Tang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Use "qixis_reset nand" to reset the board to boot from NAND.
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: York Sun <yorksun@freescale.com>
Move the compilation of file fsl_validate.c in MACRO CONFIG_CMD_ESBC_VALIDATE.
This file should be compiled only when the above MACRO is defined
This caused a break in compilation of iMX platforms when compiling for SECURE_BOOT
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Muram will power off during deepsleep, and the microcode of qe
in muram will be lost, it should be reload when resume.
Signed-off-by: Zhao Qiang <B45475@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Muram will power off during deepsleep, and the microcode of qe
in muram will be lost, it should be reload when resume.
Signed-off-by: Zhao Qiang <B45475@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
1. Default environment will be used for secure boot flow
which can't be edited or saved.
2. Command for secure boot is predefined in the default
environment which will run on autoboot (and autoboot is
the only option allowed in case of secure boot) and it
looks like this:
#define CONFIG_SECBOOT \
"setenv bs_hdraddr 0xe8e00000;" \
"esbc_validate $bs_hdraddr;" \
"source $img_addr;" \
"esbc_halt;"
#endif
3. Boot Script can contain esbc_validate commands and bootm command.
Uboot source command used in default secure boot command will
run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
after validation of images or core should just spin.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
esbc_validate command uses various IP Blocks: Security Monitor, CAAM block
and SFP registers. Hence the respective CONFIG's are enabled.
Apart from these CONFIG_SHA_PROG_HW_ACCEL and CONFIG_RSA are also enabled.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
1. esbc_validate command is meant for validating header and
signature of images (Boot Script and ESBC uboot client).
SHA-256 and RSA operations are performed using SEC block in HW.
This command works on both PBL based and Non PBL based Freescale
platforms.
Command usage:
esbc_validate img_hdr_addr [pub_key_hash]
2. ESBC uboot client can be linux. Additionally, rootfs and device
tree blob can also be signed.
3. In the event of header or signature failure in validation,
ITS and ITF bits determine further course of action.
4. In case of soft failure, appropriate error is dumped on console.
5. In case of hard failure, SoC is issued RESET REQUEST after
dumping error on the console.
6. KEY REVOCATION Feature:
QorIQ platforms like B4/T4 have support of srk key table and key
revocation in ISBC code in Silicon.
The srk key table allows the user to have a key table with multiple
keys and revoke any key in case of particular key gets compromised.
In case the ISBC code uses the key revocation and srk key table to
verify the u-boot code, the subsequent chain of trust should also
use the same.
6. ISBC KEY EXTENSION Feature:
This feature allows large number of keys to be used for esbc validation
of images. A set of public keys is being signed and validated by ISBC
which can be further used for esbc validation of images.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
There 4 JRs, 4 RTICs and 8 DECOs, and set them the same stream id
for using the same SMMU3 on LS1021A.
Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com>
Signed-off-by: Alison Wang <alison.wang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
This patch is to implement pmic_mode_init function, and add prototype
in header file.
This function is to set switching mode for pmic buck regulators to
improve system efficiency.
Mode:
OFF: The regulator is switched off and the output voltage is discharged.
PFM: In this mode, the regulator is always in PFM mode, which
is useful at light loads for optimized efficiency.
PWM: In this mode, the regulator is always in PWM mode operation
regardless of load conditions.
APS: In this mode, the regulator moves automatically between
pulse skipping mode and PWM mode depending on load conditions.
Signed-off-by: Peng Fan <Peng.Fan@freescale.com>
Acked-by: Przemyslaw Marczak <p.marczak@samsung.com>
These boards are still non-generic boards.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Cc: Dave Liu <daveliu@freescale.com>
Cc: Anton Vorontsov <avorontsov@ru.mvista.com>
LS1 has 4 SMMUs for address translation of the masters. All the
SMMUs' stream IDs are 8-bit. The address translation depends on the
stream ID of the incoming transaction.
Each master has unique stream ID assigned to it and is configurable
through SCFG registers. The stream ID for the masters is identical
and share the same register field of STREAM ID registers.
Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The Central Security Unit (CSU) allows secure world software to
change the default access control policies of peripherals/bus
slaves, determining which bus masters may access them. This
allows peripherals to be separated into distinct security domains.
Combined with SMMU configuration of the system masters privileges,
these features provide protection against indirect unauthorized
access to data.
For now we configure all the peripheral access permissions as R/W.
Signed-off-by: Xiubo Li <Li.Xiubo@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
With the introducing of generic board and ARM-based cores, current
deep sleep framework doesn't work anymore.
This patch will convert the current framework to adapt this change.
Basically it does:
1. Converts all the Freescale's DDR driver to support deep sleep.
2. Added basic framework support for ARM-based and PPC-based
cores separately.
Signed-off-by: Tang Yuantian <Yuantian.Tang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Through adding CONFIG_QIXIS_I2C_ACCESS macro,
QIXIS_READ(reg)/QIXIS_WRITE(reg, value) can be used
for both i2c and ifc access to QIXIS FPGA. This is
more convenient for coding.
Signed-off-by: Jason Jin <jason.jin@freescale.com>
Signed-off-by: Alison Wang <alison.wang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
XFI does not work stable on current board, it's due to heat sink issue,
to make it work stable the board needs additional heat sink, enable two
XFI lanes only. Right now we do not have such an erratum for the issue,
so use a define CONFIG_SYS_FSL_B4860QDS_XFI_ERR to identify it.
The workaround will only be used in XFI protocols and only if the
hwconfig indicates that XFI is prefered.
A new VSC3308 config function is used instead of re-use the original
function, to avoid making the function complex and ugly.
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The fuse status register provides the values from on-chip
voltage ID efuses programmed at the factory.
These values define the voltage requirements for
the chip. u-boot reads FUSESR and translates the values
into the appropriate commands to set the voltage output
value of an external voltage regulator.
Signed-off-by: Ying Zhang <b40530@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
SystemID information could be read through I2C1 from EEPROM
on LS1021ATWR board.
As LS1 is a little-endian processor, getting the version ID by
be32_to_cpu() is wrong. Fix it by using e.version directly.
This change will be compatible for both ARM and PowerPC.
As there is an errata that I2C1 could not work in SD boot,
reading EEPROM through I2C1 is disabled too in SD boot.
Signed-off-by: Alison Wang <alison.wang@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
U-Boot has never cared about the type when we get max/min of two
values, but Linux Kernel does. This commit gets min, max, min3, max3
macros synced with the kernel introducing type checks.
Many of references of those macros must be fixed to suppress warnings.
We have two options:
- Use min, max, min3, max3 only when the arguments have the same type
(or add casts to the arguments)
- Use min_t/max_t instead with the appropriate type for the first
argument
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Acked-by: Pavel Machek <pavel@denx.de>
Acked-by: Lukasz Majewski <l.majewski@samsung.com>
Tested-by: Lukasz Majewski <l.majewski@samsung.com>
[trini: Fixup arch/blackfin/lib/string.c]
Signed-off-by: Tom Rini <trini@ti.com>
This function can fail if the device tree runs out of space. Rather than
silently booting with an incomplete device tree, allow the failure to be
detected.
Unfortunately this involves changing a lot of places in the code. I have
not changed behvaiour to return an error where one is not currently
returned, to avoid unexpected breakage.
Eventually it would be nice to allow boards to register functions to be
called to update the device tree. This would avoid all the many functions
to do this. However it's not clear yet if this should be done using driver
model or with a linker list. This work is left for later.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Anatolij Gustschin <agust@denx.de>
Since the Pfuze initializations are similar on various mx6 SABRE
boards. Factorize the initialization to a common function in file
board/freescale/common/pfuze.c. So that all SABRE boards BSP can
share the function.
Signed-off-by: Ye.Li <B37916@freescale.com>
On LS1021ATWR, Silicon's Sii9022A HDMI Transmitter
is used. This patch adds the common setting for this
chip.
Signed-off-by: Alison Wang <alison.wang@freescale.com>