summaryrefslogtreecommitdiff
path: root/arch
diff options
context:
space:
mode:
authorPatrick Delaunay <patrick.delaunay@st.com>2019-02-12 11:44:39 +0100
committerPatrick Delaunay <patrick.delaunay@st.com>2019-04-12 16:09:13 +0200
commitabf2678f0f0d796295f3bfbe422436292e0795f7 (patch)
treed084a4a8f8708d49e7dbb82ad90c6d8e880eb9ff /arch
parent48ff1bc4f0a97c3291d0c87c2717fc1d79da5ef5 (diff)
stm32mp1: add trusted boot with TF-A
Add support of trusted boot, using TF-A as first stage bootloader, The boot sequence is BootRom >=> TF-A.stm32 (clock & DDR) >=> U-Boot.stm32 The TF-A monitor provides secure monitor with support of SMC - proprietary to manage secure devices (BSEC for example) - PSCI for power The same device tree is used for STMicroelectronics boards with basic boot and with trusted boot. Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Diffstat (limited to 'arch')
-rw-r--r--arch/arm/Kconfig6
-rw-r--r--arch/arm/mach-stm32mp/Kconfig17
-rw-r--r--arch/arm/mach-stm32mp/config.mk15
-rw-r--r--arch/arm/mach-stm32mp/cpu.c9
4 files changed, 39 insertions, 8 deletions
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 4a23e327df..764547091c 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -1406,8 +1406,10 @@ config ARCH_STM32MP
help
Support for STM32MP SoC family developed by STMicroelectronics,
MPUs based on ARM cortex A core
- U-BOOT is running in DDR and SPL support is the unsecure First Stage
- BootLoader (FSBL)
+ U-BOOT is running in DDR, loaded by the First Stage BootLoader (FSBL).
+ FSBL can be TF-A: Trusted Firmware for Cortex A, for trusted boot
+ chain.
+ SPL is the unsecure FSBL for the basic boot chain.
config ARCH_ROCKCHIP
bool "Support Rockchip SoCs"
diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig
index 8a929fa913..3101d80f18 100644
--- a/arch/arm/mach-stm32mp/Kconfig
+++ b/arch/arm/mach-stm32mp/Kconfig
@@ -25,19 +25,30 @@ config SYS_SOC
config TARGET_STM32MP1
bool "Support stm32mp1xx"
- select ARCH_SUPPORT_PSCI
+ select ARCH_SUPPORT_PSCI if !STM32MP1_TRUSTED
select CPU_V7A
- select CPU_V7_HAS_NONSEC
+ select CPU_V7_HAS_NONSEC if !STM32MP1_TRUSTED
select CPU_V7_HAS_VIRT
select PINCTRL_STM32
select STM32_RCC
select STM32_RESET
select SYS_ARCH_TIMER
- select SYSRESET_SYSCON
+ imply SYSRESET_PSCI if STM32MP1_TRUSTED
+ imply SYSRESET_SYSCON if !STM32MP1_TRUSTED
help
target STMicroelectronics SOC STM32MP1 family
STMicroelectronics MPU with core ARMv7
+config STM32MP1_TRUSTED
+ bool "Support trusted boot with TF-A"
+ default y if !SPL
+ select ARM_SMCCC
+ help
+ Say Y here to enable boot with TF-A
+ Trusted boot chain is :
+ BootRom => TF-A.stm32 (clock & DDR) => U-Boot.stm32
+ TF-A monitor provides proprietary smc to manage secure devices
+
config SYS_TEXT_BASE
prompt "U-Boot base address"
default 0xC0100000
diff --git a/arch/arm/mach-stm32mp/config.mk b/arch/arm/mach-stm32mp/config.mk
index f371aac75b..403af2a225 100644
--- a/arch/arm/mach-stm32mp/config.mk
+++ b/arch/arm/mach-stm32mp/config.mk
@@ -3,7 +3,20 @@
# Copyright (C) 2018, STMicroelectronics - All Rights Reserved
#
-ALL-$(CONFIG_SPL_BUILD) += u-boot-spl.stm32
+ifndef CONFIG_SPL
+ALL-y += u-boot.stm32
+else
+ifdef CONFIG_SPL_BUILD
+ALL-y += u-boot-spl.stm32
+endif
+endif
+
+MKIMAGEFLAGS_u-boot.stm32 = -T stm32image -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE)
+
+u-boot.stm32: MKIMAGEOUTPUT = u-boot.stm32.log
+
+u-boot.stm32: u-boot.bin FORCE
+ $(call if_changed,mkimage)
MKIMAGEFLAGS_u-boot-spl.stm32 = -T stm32image -a $(CONFIG_SPL_TEXT_BASE) -e $(CONFIG_SPL_TEXT_BASE)
diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c
index b8933587ad..b96720fe5a 100644
--- a/arch/arm/mach-stm32mp/cpu.c
+++ b/arch/arm/mach-stm32mp/cpu.c
@@ -59,6 +59,7 @@
#define BSEC_OTP_MAC 57
#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
+#ifndef CONFIG_STM32MP1_TRUSTED
static void security_init(void)
{
/* Disable the backup domain write protection */
@@ -114,6 +115,7 @@ static void security_init(void)
*/
writel(0x0, TAMP_CR1);
}
+#endif /* CONFIG_STM32MP1_TRUSTED */
/*
* Debug init
@@ -130,7 +132,8 @@ static void dbgmcu_init(void)
static u32 get_bootmode(void)
{
u32 boot_mode;
-#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
+#if !defined(CONFIG_STM32MP1_TRUSTED) && \
+ (!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD))
u32 bootrom_itf = readl(BOOTROM_PARAM_ADDR);
u32 bootrom_device, bootrom_instance;
@@ -167,9 +170,10 @@ int arch_cpu_init(void)
#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
dbgmcu_init();
-
+#ifndef CONFIG_STM32MP1_TRUSTED
security_init();
#endif
+#endif
/* get bootmode from BootRom context: saved in TAMP register */
boot_mode = get_bootmode();
@@ -177,6 +181,7 @@ int arch_cpu_init(void)
if ((boot_mode & TAMP_BOOT_DEVICE_MASK) == BOOT_SERIAL_UART)
gd->flags |= GD_FLG_SILENT | GD_FLG_DISABLE_CONSOLE;
#if defined(CONFIG_DEBUG_UART) && \
+ !defined(CONFIG_STM32MP1_TRUSTED) && \
(!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD))
else
debug_uart_init();