summaryrefslogtreecommitdiff
path: root/arch/arm/mach-imx
AgeCommit message (Collapse)Author
2018-02-22imx: hab: Check if CSF contains deprecated commandsUtkarsh Gupta
Write, Check and Set MID commands have been deprecated from the Code Signing Tool (CST) v2.3.3 and will not be implemented in newer versions of HAB, hence the following features are no longer available: - Write Data - Clear Mask - Set Mask - Check All Clear - Check All Set - Check Any Clear - Check Any Set - Set MID The inappropriate use of Write Data command may lead to an incorrect authentication boot flow. Since no specific application has been identified that requires the use of any of these features, it is highly recommended to add this check. Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-22imx: hab: Check if CSF is valid before authenticating imageUtkarsh Gupta
For proper authentication the HAB code must check if the CSF is valid. Users must call the csf_is_valid() function to parse the CSF prior to authenticating any additional images. The function will return a failure if any of the following invalid conditions are met: - CSF pointer is NULL - CSF Header does not exist - CSF does not lie within the image bounds - CSF command length zero Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-22imx: hab: Ensure the IVT DCD pointer is Null prior to calling HAB ↵Utkarsh Gupta
authenticate function. DCD commands should only be present in the initial boot image loaded by the SoC ROM. DCD should not be present in images that will be verified by software using HAB RVT authentication APIs. Newer versions of HAB will generate an error if a DCD pointer is present in an image being authenticated by calling the HAB RVT API. Older versions of HAB will process and run DCD if it is present, and this could lead to an incorrect authentication boot flow. It is highly recommended this check is in place to ensure additional HAB verified images do not include a DCD table. Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-22imx: hab: Keep CAAM clock enabled after authenticating additional imagesBreno Lima
Currently it is not possible to run CMD_DEK on i.MX SPL targets: => dek_blob 0x12000000 0x12001000 128 The system hangs after running dek_blob because the CAAM clock is being disabled by the HAB code. There is no need to disable CAAM clock after authenticating additional boot images, thus keep CAAM clock enabled to address this issue. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-08arm: imx: mx28: Move MX28 selection to KconfigStefan Agner
The motivation for moving MX28 selection to Kconfig is to be able to better handle NAND MXS selection through Kconfig. This selection method also aligns with the way other i.MX SoCs are selected in U-Boot. Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
2018-02-08arm: imx: mx23: Move MX23 selection to KconfigStefan Agner
The motivation for moving MX23 selection to Kconfig is to be able to better handle NAND MXS selection through Kconfig. This selection method also aligns with the way other i.MX SoCs are selected in U-Boot. Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
2018-02-07spl: eMMC/SD: Provide one __weak spl_boot_mode() functionLukasz Majewski
The goal of this patch is to clean up the code related to choosing SPL MMC boot mode. The spl_boot_mode() now is called only in spl_mmc_load_image() function, which is only compiled in if CONFIG_SPL_MMC_SUPPORT is enabled. To achieve the goal, all per mach/arch implementations eligible for unification has been replaced with one __weak implementation. Signed-off-by: Lukasz Majewski <lukma@denx.de> Reviewed-by: Marek Vasut <marex@denx.de> Reviewed-by: Stefano Babic <sbabic@denx.de> Acked-by: Michal Simek <michal.simek@xilinx.com> (For ZynqMP) Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-04imx: mx7: run sec_init for CAAM RNGBryan O'Donoghue
This patch adds a sec_init call into arch_misc_init(). Doing so in conjunction with the patch "drivers/crypto/fsl: assign job-rings to non-TrustZone" enables use of the CAAM in Linux when OPTEE/TrustZone is active. u-boot will initialise the RNG and assign ownership of the job-ring registers to a non-TrustZone context. With recent changes by Lukas Auer to fully initialize the RNG in sec_init() this means that u-boot will hand-off the CAAM in a state that Linux then can use the CAAM without touching the reserved DECO registers. This change is safe both for the OPTEE/TrustZone boot path and the regular non-OPTEE/TrustZone boot path. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Marco Franchi <marco.franchi@nxp.com> Cc: Vanessa Maegima <vanessa.maegima@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Lukas Auer <lukas.auer@aisec.fraunhofer.de> Tested-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-04arm: imx: mx53loco: remove usage of mx53_dram_sizePatrick Bruenn
Static variables are not available during board_init_f(). 'static uint32_t mx53_dram_size[2];' was used in board specific dram_init(), dram_init_banksize() and get_effective_memsize() to avoid multiple calls to get_ram_size(). Reused dram initialization functions from arch/arm/mach-imx/mx5/mx53_dram.c Signed-off-by: Patrick Bruenn <p.bruenn@beckhoff.com>
2018-02-04arm: imx: m53evk: remove usage of mx53_dram_sizePatrick Bruenn
Static variables are not available during board_init_f(). 'static uint32_t mx53_dram_size[2];' was used in board specific dram_init(), dram_init_banksize() and get_effective_memsize() to avoid multiple calls to get_ram_size(). Reused dram initialization functions from arch/arm/mach-imx/mx5/mx53_dram.c Signed-off-by: Patrick Bruenn <p.bruenn@beckhoff.com>
2018-02-04arm: imx: cx9020: move dram init into common placePatrick Bruenn
Move dram_init(), dram_init_banksize() and get_effective_memsize() to arch/arm/mach-imx/mx5/mx53_dram.c, where it can be reused by m53evk and mx53loco. Signed-off-by: Patrick Bruenn <p.bruenn@beckhoff.com>
2018-02-04imx: makefile: compile files for i.MX8MPeng Fan
Compile files for i.MX8M Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com> Cc: Stefano Babic <sbabic@denx.de>
2018-02-04imx: mx8m: add soc related settings and filesPeng Fan
Add SoC level initialization code - arch_cpu_init - mmu table - detect cpu revision - reset cpu and wdog settings - timer init - wdog settings - lowlevel init to save/restore registers - a few dummy header file to avoid build failure - ft_system_setup Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-04imx: mx7: move mmc env code to mmc_env.cPeng Fan
The mx7 mmc env code is shared by i.MX8M, so move it to mmc_env.c. Signed-off-by: Peng Fan <peng.fan@nxp.com>
2018-02-04imx: cpu: support get_boot_device for i.MX8MPeng Fan
Enable get_boot_device for i.MX8M, it supports boot type USB. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: mx7: move get_boot_device to cpu.cPeng Fan
Move get_boot_device to cpu.c to prepare adding i.MX8M support, because i.MX8M share same code with i.MX7. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: bootaux: support i.MX8MPeng Fan
Add i.MX8M support. Because i.MX8M use SiP call trap to Arm Trusted Firmware to handle M4, so use #ifdef to avoid build error on i.MX6/7. Signed-off-by: Peng Fan <peng.fan@nxp.com>
2018-02-04imx: cleanup bootauxPeng Fan
Move i.MX6/7 bootaux code to imx_bootaux.c. The i.MX6/7 has different src layout, so define M4 reg offset to ease the cleanup. Redefine the M4 related BIT for share common code. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com>
2018-02-04imx: refactor imx_get_mac_from_fusePeng Fan
Move imx_get_mac_from_fuse to a new mac.c for i.MX6/7. Since fuse regs structure are different for i.MX6/7, use mac address offset in code and define a new local struture imx_mac_fuse. Also sort the config order. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: cpu: add cpu speed/grade for i.MX8MPeng Fan
Use more general enum types for speed grade. Refine get_cpu_speed_grade_hz to support i.MX8M. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: cpu: move speed/temp to common cpuPeng Fan
The i.MX7 cpu speed/temp code could be reused on i.MX8M, so move them to common cpu code. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: spl: implement spl_boot_device for i.MX8MPeng Fan
Implement spl_boot_device for i.MX8M. Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: cpu: update cpu file to support i.MX8MPeng Fan
Update get_reset_cause to reflect i.MX8M Compile out get_ahb_clk and set_chipselect_size for i.MX8M Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: add sip functionPeng Fan
Add SiP (Silicon Provider) services function to issue SMC call to Arm Trusted Firmware. More SiP information could be found in https://github.com/ARM-software/arm-trusted-firmware/blob/master/ docs/arm-sip-service.rst Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com> Cc: Stefano Babic <sbabic@denx.de>
2018-02-04imx: mx8m: add clock driverPeng Fan
Add clock driver to support i.MX8M. There are two kind PLLs, FRAC pll and SSCG pll. ROM already configured SYS PLL1/2, we only need to configure the output. ocotp/i2c/pll decoding and configuration/usdhc/lcdif/dram pll/ enet clock are configured in the code. Signed-off-by: Peng Fan <peng.fan@nxp.com> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Stefano Babic <sbabic@denx.de>
2018-02-04imx: add i.MX8M into KconfigPeng Fan
Add i.MX8M into Kconfig, create a new folder mx8m dedicated for i.MX8M. Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Reviewed-by: Stefano Babic <sbabic@denx.de>
2018-02-04imx: mx7: psci: add system power off supportAnson Huang
Add i.MX7 PSCI system power off support, linux kernel can use "poweroff" command to power off system via SNVS, PMIC power will be disabled. Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
2018-02-04imx: mx7: psci: add system reset supportAnson Huang
Add i.MX7 PSCI system reset support, linux kernel can use "reboot" command to reset system even wdog driver is disabled in kernel. Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
2018-01-26Merge git://git.denx.de/u-boot-spiTom Rini
2018-01-24wait_bit: use wait_for_bit_le32 and remove wait_for_bitÁlvaro Fernández Rojas
wait_for_bit callers use the 32 bit LE version Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com> Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com> Reviewed-by: Jagan Teki <jagan@openedev.com>
2018-01-14arm: imx: hab: Add hab_failsafe console commandBryan O'Donoghue
hab_failsafe when called puts the part into BootROM recovery mode. This will allow u-boot scripts to script the dropping down into recovery mode. => hab_failsafe Shows the i.MX7 appear as "hiddev0,hidraw5: USB HID v1.10 Device [Freescale SemiConductor Inc SP Blank ULT1] " in a Linux dmesg thus allowing download of a new image via the BootROM USB download protocol routine. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Implement hab_rvt_failsafeBryan O'Donoghue
This patch implements the basic callback hooks for hab_rvt_check_failsafe for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just do nothing and there's definitely a TODO to implement that extra functionality on the alternative BootROM API. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Make imx_hab_is_enabled globalBryan O'Donoghue
It will be helpful to boot commands to know if the HAB is enabled. Export imx_hab_is_enabled() now to facilitate further work with this data-point in a secure-boot context. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Make authenticate_image() return zero on open boardsBryan O'Donoghue
The BootROM will not successfully process a HAB image passed by u-boot unless the board has been set into locked mode. Some of the existing usages of authenticate_image() expect and rely on unlocked boards doing the following 1. Not calling into the BootROM authenticate_image() callback 2. Returning a pass status for authenticate_image() calls anyway A previous patch removed the necessity to call into imx_hab_is_enabled() twice. This patch ensures the reliance on authenticate_image() returning zero is maintained. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Breno Matheus Lima <brenomatheus@gmail.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com>
2018-01-14arm: imx: hab: Rename is_hab_enabled imx_hab_is_enabledBryan O'Donoghue
Understanding if the HAB is enabled is something that we want to interrogate and report on outside of the HAB layer. First step to that is renaming the relevant function to match the previously introduced external naming convention imx_hab_function() The name imx_hab_is_hab_enabled() is a tautology. A more logical name is imx_hab_is_enabled(). Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Prefix authenticate_image with imx_habBryan O'Donoghue
Tidy up the HAB namespace a bit by prefixing external functions with imx_hab. All external facing functions past this point will be prefixed in the same way to make the fact we are doing IMX HAB activities clear from reading the code. authenticate_image() could mean anything imx_hab_authenticate_image() is on the other hand very explicit. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Make internal functions and data staticBryan O'Donoghue
There is no need to export these functions and data structures externally. Make them all static now. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Print HAB event log only after calling ROMBryan O'Donoghue
The current flow of authenticate_image() will print the HAB event log even if we reject an element of the IVT header before ever calling into the ROM. This can be confusing. This patch changes the flow of the code so that the HAB event log is only printed out if we have called into the ROM and received some sort of status code. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Cc: Breno Matheus Lima <brenomatheus@gmail.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Add a hab_rvt_check_target to image authBryan O'Donoghue
Add a hab_rvt_check_target() step to authenticate_image() as a sanity check for the target memory region authenticate_image() will run over, prior to making the BootROM authentication callback itself. This check is recommended by the HAB documentation so it makes sense to adhere to the guidance and perform that check as directed. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Implement hab_rvt_check_targetBryan O'Donoghue
This patch implements the basic callback hooks for hab_rvt_check_target() for BootROM code using the older BootROM address layout - in my test case the i.MX7. Code based on new BootROM callbacks will just have HAB_SUCCESS as a result code. Adding support for the new BootROM callbacks is a TODO. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Print additional IVT elements during debugBryan O'Donoghue
This patch enables printout of the IVT entry, dcd and csf data fields. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Print CSF based on IVT descriptorBryan O'Donoghue
The IVT gives the absolute address of the CSF. There is no requirement for the CSF to be located adjacent to the IVT so lets use the address provided in the IVT header instead of the hard-coded fixed CSF offset currently in place. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Only call ROM once headers are verifiedBryan O'Donoghue
Previous patches added IVT header verification steps. We shouldn't call hab_rvt_entry() until we have done the basic header verification steps. This patch changes the time we make the hab_rvt_entry() call so that it only takes place if we are happy with the IVT header sanity checks. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Verify IVT self matches calculated addressBryan O'Donoghue
The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Add IVT header verificationBryan O'Donoghue
The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Fix authenticate_image input parametersBryan O'Donoghue
u-boot command "hab_auth_img" tells a user that it takes - addr - image hex address - offset - hex offset of IVT in the image but in fact the callback hab_auth_img makes to authenticate_image treats the second 'offset' parameter as an image length. Furthermore existing code requires the IVT header to be appended to the end of the image which is not actually a requirement of HABv4. This patch fixes this situation by 1: Adding a new parameter to hab_auth_img - addr : image hex address - length : total length of the image - offset : offset of IVT from addr 2: Updates the existing call into authenticate_image() in arch/arm/mach-imx/spl.c:jump_to_image_no_args() to pass addr, length and IVT offset respectively. This allows then hab_auth_img to actually operate the way it was specified in the help text and should still allow existing code to work. It has the added advantage that the IVT header doesn't have to be appended to an image given to HAB - it can be prepended for example. Note prepending the IVT is what u-boot will do when making an IVT for the BootROM. It should be possible for u-boot properly authenticate images made by mkimage via HAB. This patch is the first step in making that happen subsequent patches will focus on removing hard-coded offsets to the IVT, which again is not mandated to live at the end of a .imx image. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Move CSF_PAD_SIZE to hab.hBryan O'Donoghue
CSF_PAD_SIZE should be defined in hab.h, move it to that location now. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Move IVT_SIZE to hab.hBryan O'Donoghue
The size of the IVT header should be defined in hab.h move it there now. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Optimise flow of authenticate_image on hab_entry failBryan O'Donoghue
The current code disjoins an entire block of code on hab_entry pass/fail resulting in a large chunk of authenticate_image being offset to the right. Fix this by checking hab_entry() pass/failure and exiting the function directly if in an error state. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2018-01-14arm: imx: hab: Optimise flow of authenticate_image on is_enabled failBryan O'Donoghue
There is no need to call is_enabled() twice in authenticate_image - it does nothing but add an additional layer of indentation. We can check for is_enabled() at the start of the function and return the result code directly. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>