diff options
author | Patrick Delaunay <patrick.delaunay@st.com> | 2019-02-12 11:44:39 +0100 |
---|---|---|
committer | Patrick Delaunay <patrick.delaunay@st.com> | 2019-04-12 16:09:13 +0200 |
commit | abf2678f0f0d796295f3bfbe422436292e0795f7 (patch) | |
tree | d084a4a8f8708d49e7dbb82ad90c6d8e880eb9ff /arch | |
parent | 48ff1bc4f0a97c3291d0c87c2717fc1d79da5ef5 (diff) |
stm32mp1: add trusted boot with TF-A
Add support of trusted boot, using TF-A as first stage bootloader,
The boot sequence is
BootRom >=> TF-A.stm32 (clock & DDR) >=> U-Boot.stm32
The TF-A monitor provides secure monitor with support of SMC
- proprietary to manage secure devices (BSEC for example)
- PSCI for power
The same device tree is used for STMicroelectronics boards with
basic boot and with trusted boot.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Diffstat (limited to 'arch')
-rw-r--r-- | arch/arm/Kconfig | 6 | ||||
-rw-r--r-- | arch/arm/mach-stm32mp/Kconfig | 17 | ||||
-rw-r--r-- | arch/arm/mach-stm32mp/config.mk | 15 | ||||
-rw-r--r-- | arch/arm/mach-stm32mp/cpu.c | 9 |
4 files changed, 39 insertions, 8 deletions
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 4a23e327df..764547091c 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1406,8 +1406,10 @@ config ARCH_STM32MP help Support for STM32MP SoC family developed by STMicroelectronics, MPUs based on ARM cortex A core - U-BOOT is running in DDR and SPL support is the unsecure First Stage - BootLoader (FSBL) + U-BOOT is running in DDR, loaded by the First Stage BootLoader (FSBL). + FSBL can be TF-A: Trusted Firmware for Cortex A, for trusted boot + chain. + SPL is the unsecure FSBL for the basic boot chain. config ARCH_ROCKCHIP bool "Support Rockchip SoCs" diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig index 8a929fa913..3101d80f18 100644 --- a/arch/arm/mach-stm32mp/Kconfig +++ b/arch/arm/mach-stm32mp/Kconfig @@ -25,19 +25,30 @@ config SYS_SOC config TARGET_STM32MP1 bool "Support stm32mp1xx" - select ARCH_SUPPORT_PSCI + select ARCH_SUPPORT_PSCI if !STM32MP1_TRUSTED select CPU_V7A - select CPU_V7_HAS_NONSEC + select CPU_V7_HAS_NONSEC if !STM32MP1_TRUSTED select CPU_V7_HAS_VIRT select PINCTRL_STM32 select STM32_RCC select STM32_RESET select SYS_ARCH_TIMER - select SYSRESET_SYSCON + imply SYSRESET_PSCI if STM32MP1_TRUSTED + imply SYSRESET_SYSCON if !STM32MP1_TRUSTED help target STMicroelectronics SOC STM32MP1 family STMicroelectronics MPU with core ARMv7 +config STM32MP1_TRUSTED + bool "Support trusted boot with TF-A" + default y if !SPL + select ARM_SMCCC + help + Say Y here to enable boot with TF-A + Trusted boot chain is : + BootRom => TF-A.stm32 (clock & DDR) => U-Boot.stm32 + TF-A monitor provides proprietary smc to manage secure devices + config SYS_TEXT_BASE prompt "U-Boot base address" default 0xC0100000 diff --git a/arch/arm/mach-stm32mp/config.mk b/arch/arm/mach-stm32mp/config.mk index f371aac75b..403af2a225 100644 --- a/arch/arm/mach-stm32mp/config.mk +++ b/arch/arm/mach-stm32mp/config.mk @@ -3,7 +3,20 @@ # Copyright (C) 2018, STMicroelectronics - All Rights Reserved # -ALL-$(CONFIG_SPL_BUILD) += u-boot-spl.stm32 +ifndef CONFIG_SPL +ALL-y += u-boot.stm32 +else +ifdef CONFIG_SPL_BUILD +ALL-y += u-boot-spl.stm32 +endif +endif + +MKIMAGEFLAGS_u-boot.stm32 = -T stm32image -a $(CONFIG_SYS_TEXT_BASE) -e $(CONFIG_SYS_TEXT_BASE) + +u-boot.stm32: MKIMAGEOUTPUT = u-boot.stm32.log + +u-boot.stm32: u-boot.bin FORCE + $(call if_changed,mkimage) MKIMAGEFLAGS_u-boot-spl.stm32 = -T stm32image -a $(CONFIG_SPL_TEXT_BASE) -e $(CONFIG_SPL_TEXT_BASE) diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c index b8933587ad..b96720fe5a 100644 --- a/arch/arm/mach-stm32mp/cpu.c +++ b/arch/arm/mach-stm32mp/cpu.c @@ -59,6 +59,7 @@ #define BSEC_OTP_MAC 57 #if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD) +#ifndef CONFIG_STM32MP1_TRUSTED static void security_init(void) { /* Disable the backup domain write protection */ @@ -114,6 +115,7 @@ static void security_init(void) */ writel(0x0, TAMP_CR1); } +#endif /* CONFIG_STM32MP1_TRUSTED */ /* * Debug init @@ -130,7 +132,8 @@ static void dbgmcu_init(void) static u32 get_bootmode(void) { u32 boot_mode; -#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD) +#if !defined(CONFIG_STM32MP1_TRUSTED) && \ + (!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)) u32 bootrom_itf = readl(BOOTROM_PARAM_ADDR); u32 bootrom_device, bootrom_instance; @@ -167,9 +170,10 @@ int arch_cpu_init(void) #if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD) dbgmcu_init(); - +#ifndef CONFIG_STM32MP1_TRUSTED security_init(); #endif +#endif /* get bootmode from BootRom context: saved in TAMP register */ boot_mode = get_bootmode(); @@ -177,6 +181,7 @@ int arch_cpu_init(void) if ((boot_mode & TAMP_BOOT_DEVICE_MASK) == BOOT_SERIAL_UART) gd->flags |= GD_FLG_SILENT | GD_FLG_DISABLE_CONSOLE; #if defined(CONFIG_DEBUG_UART) && \ + !defined(CONFIG_STM32MP1_TRUSTED) && \ (!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)) else debug_uart_init(); |