Age | Commit message (Collapse) | Author |
|
Move this option to Kconfig and tidy up existing uses.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this option to Kconfig and tidy up existing uses.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this option to Kconfig and tidy up existing uses.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
A few boards define this in a header file which is incorrect. It means that
Kconfig options that rely on this cannot be used. Move it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
A few boards define this in a header file which is incorrect. It means that
Kconfig options that rely on this cannot be used. Move it.
Note that quite a few boards defined this options but do not appear to
actually use SPL:
BSC9132QDS_NOR_DDRCLK100_SECURE
BSC9132QDS_NOR_DDRCLK133_SECURE
BSC9132QDS_SDCARD_DDRCLK100_SECURE
BSC9132QDS_SDCARD_DDRCLK133_SECURE
BSC9132QDS_SPIFLASH_DDRCLK100_SECURE
BSC9132QDS_SPIFLASH_DDRCLK133_SECURE
C29XPCIE_NOR_SECBOOT
P1010RDB-PA_36BIT_NAND_SECBOOT
P1010RDB-PA_36BIT_SPIFLASH_SECBOOT
P1010RDB-PA_NAND_SECBOOT
P1010RDB-PA_NOR_SECBOOT
P1010RDB-PB_36BIT_NOR_SECBOOT
P1010RDB-PB_36BIT_SPIFLASH_SECBOOT
P1010RDB-PB_NAND_SECBOOT
P1010RDB-PB_NOR_SECBOOT
P3041DS_SECURE_BOOT
P4080DS_SECURE_BOOT
P5020DS_NAND_SECURE_BOOT
P5040DS_SECURE_BOOT
T1023RDB_SECURE_BOOT
T1024QDS_DDR4_SECURE_BOOT
T1024QDS_SECURE_BOOT
T1024RDB_SECURE_BOOT
T1040RDB_SECURE_BOOT
T1042D4RDB_SECURE_BOOT
T1042RDB_SECURE_BOOT
T2080QDS_SECURE_BOOT
T2080RDB_SECURE_BOOT
T4160QDS_SECURE_BOOT
T4240QDS_SECURE_BOOT
ls1021aqds_nor_SECURE_BOOT
ls1021atwr_nor_SECURE_BOOT
ls1043ardb_SECURE_BOOT
For these boards CONFIG_SPL_DM will no-longer be defined in SPL. But since
they apparently don't have an SPL, this should not matter.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The secure boot header files incorrectly define SPL options only if
CONFIG_SPL_BUILD is defined. This means that the options are only enabled
in an SPL build, and not with a normal 'make xxx_defconfig'. This means
that moveconfig.py cannot work, since it sees the options as disabled even
when they may be manually enabled in an SPL build.
Fix this by changing the order.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
If the functions passed to the registration function are not in the same
C file (extern) then spatch will not handle the dependent changes.
Make those changes manually.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
For the 4xx related files:
Acked-by: Stefan Roese <sr@denx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
Some of the changes were a bit too complex.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
Run scripts/coccinelle/net/mdio_register.cocci on the U-Boot code base.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
Commit "ecc3066 Fix board init code to respect the C runtime environment"
broke platform support for ppc4xx.
start.S prepares a stackframe that is later rendered unusable by appending
the reserved space for global data.
Instead the reserved space has to be put first. Then the stackframe can
be pushed.
I can only test the 405EP OCM case. At least all other ppc4xx boards still
build.
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Signed-off-by: Stefan Roese <sr@denx.de>
|
|
We need to ensure that CONFIG_PHYS_64BIT is configured via Kconfig so
that it is always available to the build system. Otherwise we can run
into cases where we have inconsistent sizes of certain attributes.
Ravi Babu reported offset mismatch of struct dwc3 across files since
commit 95ebc253e6d4 ("types.h: move and redefine resource_size_t").
Since the commit, resource_addr_t points to phys_addr_t, whose size
is dependent on CONFIG_PHYS_64BIT for ARM architecture.
I tried my best to use "select" where possible (for example, ARMv8
architecture) because I think this kind of option is generally user-
unconfigurable. However, I see some of PowerPC boards have 36BIT
defconfigs as well as 32BIT ones. I moved CONFIG_PHYS_64BIT to the
defconfigs for such boards.
CONFIG_36BIT is no longer referenced, so all of the defines were
removed from CONFIG_SYS_EXTRA_OPTIONS.
Fixes: 95ebc253e6d4 ("types.h: move and redefine resource_size_t")
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reported-by: Ravi Babu <ravibabu@ti.com>
Acked-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Update erratum workaround for A006379 to set register CPCHDBCR0
with value 0x001e0000, replacing the old value 0x003c0000.
Signed-off-by: York Sun <york.sun@nxp.com>
Reported-by: Dave Liu <dave.liu@nxp.com>
|
|
|
|
Add support for reading bootscript and bootscript header from SD. Also
renamed macros *_FLASH to *_DEVICE to represent SD alongwith NAND and
NOR flash.
Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Without this, GCC uses the toolchain default, which may be incompatible
with -maltivec.
Signed-off-by: Scott Wood <oss@buserror.net>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
For mpc85xx SoCs, the core begins execution from address 0xFFFFFFFC.
In non-secure boot scenario from NAND, this address will map to CPC
configured as SRAM. But in case of secure boot, this default address
always maps to IBR (Internal Boot ROM).
The IBR code requires that the bootloader(U-boot) must lie in 0 to 3.5G
address space i.e. 0x0 - 0xDFFFFFFF.
For secure boot target from NAND, the text base for SPL is kept same as
non-secure boot target i.e. 0xFFFx_xxxx but the SPL U-boot binary will
be copied to CPC configured as SRAM with address in 0-3.5G(0xBFFC_0000)
As a the virtual and physical address of CPC would be different. The
virtual address 0xFFFx_xxxx needs to be mapped to physical address
0xBFFx_xxxx.
Create a new PBI file to configure CPC as SRAM with address 0xBFFC0000
and update DCFG SCRTACH1 register with location of Header required for
secure boot.
The changes are similar to
commit 467a40dfe35f48d830f01a72617207d03ca85b4d
powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
While P3041 has a 1MB CPC and does not require SPL. On T104x, CPC
is only 256K and thus SPL framework is used.
The changes are only applicable for SPL U-Boot running out of CPC SRAM
and not the next level U-Boot loaded on DDR.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.
Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Fix a number of typos, including:
* "compatble" -> "compatible"
* "eanbeld" -> "enabled"
* "envrionment" -> "environment"
* "FTD" -> "FDT" (for "flattened device tree")
* "ommitted" -> "omitted"
* "overriden" -> "overridden"
* "partiton" -> "partition"
* "propogate" -> "propagate"
* "resourse" -> "resource"
* "rest in piece" -> "rest in peace"
* "suport" -> "support"
* "varible" -> "variable"
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
|
|
Define a platform data structure for the MPC85XX GPIO driver to allow
use of the driver without device tree. Users should define the GPIO
blocks for their platform like this:
struct mpc85xx_gpio_plat gpio_blocks[] = {
{
.addr = 0x130000,
.ngpios = 32,
},
{
.addr = 0x131000,
.ngpios = 32,
},
};
U_BOOT_DEVICES(my_platform_gpios) = {
{ "gpio_mpc85xx", &gpio_blocks[0] },
{ "gpio_mpc85xx", &gpio_blocks[1] },
};
This is intended to build upon the recent submission of the base
MPC85XX driver from Mario Six. We need to use that new driver
without dts support and this patch gives us that flexibility.
This has been tested on a Freescale T2080 CPU, although only the first
GPIO block.
Signed-off-by: Hamish Martin <hamish.martin@alliedtelesis.co.nz>
Reviewed-by: Mario Six <mario.six@gdsys.cc>
Tested-by: Mario Six <mario.six@gdsys.cc>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
The errata command is useless in SPL, so don't build it. This fixes
multiple build failures on PowerPC.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: York Sun <york.sun@nxp.com>
Fixes: 92623672f9d3 ("fsl: usb: make errata function common for PPC and ARM")
|
|
Since bcopy() is no longer used, delete all remaining references to
it.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
|
|
This patch adds a driver for the built-in GPIO controller of the MPC85XX
SoC (probably supporting other PowerQUICC III SoCs as well).
Each GPIO bank is identified by its own entry in the device tree, i.e.
gpio-controller@fc00 {
#gpio-cells = <2>;
compatible = "fsl,pq3-gpio";
reg = <0xfc00 0x100>
}
By default, each bank is assumed to have 32 GPIOs, but the ngpios
setting is honored, so the number of GPIOs for each bank in configurable
to match the actual GPIO count of the SoC (e.g. the 32/32/23 banks of
the P1022 SoC).
The usual functions of GPIO drivers (setting input/output mode and output
value setting) are supported.
The driver has been tested on MPC85XX, but it is likely that other
PowerQUICC III devices will work as well.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Replace a number of array length calculations with the ARRAY_SIZE()
macro, for clarity.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Since CONFIG_OF_BOARD_SETUP depends on CONFIG_OF_LIBFDT:
config OF_BOARD_SETUP
bool "Set up board-specific details in device tree before boot"
depends on OF_LIBFDT
...
remove superfluous tests of CONFIG_OF_LIBFDT when testing for
CONFIG_OF_BOARD_SETUP.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
[trini: Typo fix: s/ifdefi/ifdef/]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Since generic board init is enabled, this is not used. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
|
|
|
|
While enabling L2 cache, the value of L2PE (L2 cache parity/ECC
error checking enable) must not be changed while the L2 cache is
enabled.
So, L2PE must be set before enabling L2 cache.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Commit ac337168a unified functions to flush and invalidate dcache by
range. These two functions were no-op for SoCs other than 4xx and
MPC86xx. Adding these functions seemed to be correct but introduced
issues when the dcache is flushed. While the root cause is under
investigation, disable these functions for affected SoCs so various
drivers can work.
Signed-off-by: York Sun <york.sun@nxp.com>
|
|
For SoCs that contain multiple SEC engines, each of them needs
to be initialized (by means of initializing among others the
random number generator).
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Some SOCs, specifically the ones in the C29x familiy can have
multiple security engines. This patch adds a system configuration
define which indicates the maximum number of SEC engines that
can be found on a SoC.
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Signed-off-by: Mario Six <mario.six@gdsys.cc>
|
|
Signed-off-by: Mario Six <mario.six@gdsys.cc>
|
|
Spelling corrections for (among other things):
* environment
* override
* variable
* ftd (should be "fdt", for flattened device tree)
* embedded
* FTDI
* emulation
* controller
|
|
I'll switch my mails to my own server, so drop all gmail references.
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
|
|
To enable DM on MPC85xx, we need pre-relocation malloc, which is
implemented in this patch.
We also make sure that the IVORs are always 4-aligned on e500 to prevent
alignment exceptions caused by code changes in start.S.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Cc: York Sun <york.sun@nxp.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Most of ehci-fsl header describe USB controller
designed by Chipidea and used by various SoC vendors.
This patch renames it to a generic header: ehci-ci.h
Contents of file are not changed (so it contains several
references to freescale SoCs).
Signed-off-by: Mateusz Kulikowski <mateusz.kulikowski@gmail.com>
Acked-by: Marek Vasut <marex@denx.de>
Tested-by: Simon Glass <sjg@chromium.org>
|
|
Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
Acked-by: Marek Vasut <marex@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.
Move these options to Kconfig and tidy up board configuration:
CONFIG_FIT
CONFIG_OF_BOARD_SETUP
CONFIG_OF_SYSTEM_SETUP
CONFIG_FIT_SIGNATURE
CONFIG_FIT_BEST_MATCH
CONFIG_FIT_VERBOSE
CONFIG_OF_STDOUT_VIA_ALIAS
CONFIG_RSA
Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.
Note: Masahiro's moveconfig.py script is amazing.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Kconfig options must defined in the defconfig files. Since RSA_SOFTWARE_EXP
relies on CONFIG_DM, unless it is set in kconfig we cannot enable RSA.
Remove the hacks which enable CONFIG_DM in header files and update the
defconfig.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Not only powerpc/mpc85xx but also Freescale Layerscape platforms will
use fdt_fixup_fman_firmware() to insert Fman ucode blob into the device
tree. So move the function to Fman driver code.
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
As the QE firmware struct is shared with Fman, move the header file
out of drivers/qe/.
Signed-off-by: Gong Qianyu <Qianyu.Gong@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
PAMU driver basic support for usage in Secure Boot.
In secure boot PAMU is not in bypass mode. Hence to use
any peripheral (SEC Job ring in our case), PAMU has to be
configured.
The patch reverts commit 7cad2e38d61e27ea59fb7944f7e647e97ef292d3.
The Header file pamu.h and few functions in driver have been derived
from Freescale Libos.
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Signed-off-by: David Müller <d.mueller@elsoft.ch>
|
|
Correct spelling of "U-Boot" shall be used in all written text
(documentation, comments in source files etc.).
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Minkyu Kang <mk7.kang@samsung.com>
|
|
|
|
Chain of Trust is enabled for PowerPC platforms for Secure Boot.
CONFIG_BOARD_LATE_INIT is defined.
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
bootdelay = 0 (To disable Boot Prompt)
bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
There are two phases in Secure Boot
1. ISBC: In BootROM, validate the BootLoader (U-Boot).
2. ESBC: In U-Boot, continuing the Chain of Trust by
validating and booting LINUX.
For ESBC phase, there is no difference in SoC's based on ARM or
PowerPC cores.
But the exit conditions after ISBC phase i.e. entry conditions for
U-Boot are different for ARM and PowerPC.
PowerPC:
If Secure Boot is executed, a separate U-Boot target is required
which must be compiled with a diffrent Text Base as compared to
Non-Secure Boot. There are some LAW and TLB settings which are
required specifically for Secure Boot scenario.
ARM:
ARM based SoC's have a fixed memory map and exit conditions from
BootROM are same irrespective of boot mode (Secure or Non-Secure).
Thus the current Secure Boot functionlity has been split into
two parts:
CONFIG_CHAIN_OF_TRUST
This will have the following functionality as part of U-Boot:
1. Enable commands like esbc_validate, esbc_halt
2. Change the environment settings based on bootmode, determined
at run time:
- If bootmode is non-secure, no change
- If bootmode is secure, set the following:
- bootdelay = 0 (Don't give boot prompt)
- bootcmd = Validate and execute the bootscript.
CONFIG_SECURE_BOOT
This is defined only for creating a different compile time target
for secure boot.
Traditionally, both these functionalities were defined under
CONFIG_SECURE_BOOT. This patch is aimed at removing the requirement
for a separate Secure Boot target for ARM based SoC's.
CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be
determine at run time.
Another Security Requirement for running CHAIN_OF_TRUST is that
U-Boot environemnt must not be picked from flash/external memory.
This cannot be done based on bootmode at run time in current U-Boot
architecture. Once this dependency is resolved, no separate
SECURE_BOOT target will be required for ARM based SoC's.
Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is
defining CONFIG_ENV_IS_NOWHERE
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
CONFIG_CMD_BLOB must be defined in case of Secure Boot. It was
earlier defined in all config files. The definition has been
moved to a common file which is included by all configs.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|