summaryrefslogtreecommitdiff
path: root/arch/arm/mach-keystone/mon.c
AgeCommit message (Collapse)Author
2019-07-29arm: mach-keystone: Use appended original image size in image processingAndrew F. Davis
When an image is signed/encrypted on K2 devices the image may get padded to meet alignment requirements for the signature/encryption type. The original size is appended as 4 bytes little-endian to the end of the final image. Normally the trailing extra bytes are ignored and so restoring the exact original size is not important. In the case of initrd the original size is important as the kernel uses it to look for additional filesystem data and can do the wrong thing when the size is not correct. Read off the original size and report it back from the image post processing stage. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2018-05-07SPDX: Convert all of our single license tags to Linux Kernel styleTom Rini
When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com>
2017-07-26arm: mach-keystone: Fixes issue with return values in inline assemblySrinivas, Madan
The inline assembly functions in mon.c assume that the caller will check for the return value in r0 according to regular ARM calling conventions. However, this assumption breaks down if the compiler inlines the functions. The caller is then under no obligation to use r0 for the result. To fix this disconnect, we must explicitly move the return value from the smc/bl call to the variable that the function returns. Signed-off-by: Madan Srinivas <madans@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-26arm: mach-keystone: Updates mon_install for K2G HSMadan Srinivas
On early K2 devices (eg. K2HK) the secure ROM code does not support loading secure code to firewall protected memory, before decrypting, authenticating and executing it. To load the boot monitor on these devices, it is necessary to first authenticate and run a copy loop from non-secure memory that copies the boot monitor behind firewall protected memory, before decrypting and executing it. On K2G, the secure ROM does not allow secure code executing from unprotected memory. Further, ROM first copies the signed and encrypted image into firewall protected memory, then decrypts, authenticates and executes it. As a result of this, we cannot use the copy loop for K2G. The mon_install has to be modified to pass the address the signed and encrypted secure boot monitor image to the authentication API. For backward compatibility with other K2 devices and K2G GP, the mon_install API still supports a single argument. In this case the second argument is set to 0 by u-boot and is ignored by ROM Signed-off-by: Thanh Tran <thanh-tran@ti.com> Signed-off-by: Madan Srinivas <madans@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-10arm: mach-keystone: Modify secure image size before copyAndrew F. Davis
The size of the secure image does not include the size of the header, subtract this out before we move the image or we grab extra data after the image. Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2017-04-08arm: mach-keystone: Implements FIT post-processing call for keystone SoCsVitaly Andrianov
This commit implements the board_fit_image_post_process() function for the keystone architecture. This function calls into the secure boot monitor for secure authentication/decryption of the image. All needed work is handled by the boot monitor and, depending on the keystone platform, the security functions may be offloaded to other secure processing elements in the SoC. The boot monitor acts as the gateway to these secure functions and the boot monitor for secure devices is available as part of the SECDEV package for KS2. For more details refer doc/README.ti-secure Signed-off-by: Vitaly Andrianov <vitalya@ti.com> Signed-off-by: Madan Srinivas <madans@ti.com> Signed-off-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2016-03-16ARM: keystone2: Split monitor code / command codeTom Rini
When we switch to including all linker lists in SPL it is important to not include commands as that may lead to link errors due to other things we have already discarded. In this case, we split the code for supporting the monitor out from the code for loading it. Cc: Vitaly Andrianov <vitalya@ti.com> Cc: Nishanth Menon <nm@ti.com> Cc: Lokesh Vutla <lokeshvutla@ti.com> Signed-off-by: Tom Rini <trini@konsulko.com>