06 May, 2020
40 commits
-
When booting in low power or dual boot modes the M4 binary is
authenticated by the M4 ROM code.Add an option in hab_status command so users can retrieve M4 HAB
failure and warning events.=> hab_status m4
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
No HAB Events Found!Add command documentation in mx6_mx7_secure_boot.txt guide.
As HAB M4 API cannot be called from A7 core the code is parsing
the M4 HAB persistent memory region. The HAB persistent memory
stores HAB events, public keys and others HAB related information.The HAB persistent memory region addresses and sizes can be found
in AN12263 "HABv4 RVT Guidelines and Recommendations".Reviewed-by: Utkarsh Gupta
Reviewed-by: Ye Li
Signed-off-by: Breno Lima
(cherry picked from commit 0efff16579fabcf57acb9c8857afac8fb58de355)
(cherry picked from commit 4815444f293d8021f8bd62079bd576e88cdef639)
(cherry picked from commit 2d95bff6e4c86af4a2cfc66ab40ccd693f746796) -
The HABv4 implementation in ROM checks if HAB major version
in IVT header is 4.x.The current implementation in hab.c code is only validating
HAB v4.0 and HAB v4.1 and may be incompatible with newer
HABv4 versions.Modify verify_ivt_header() function to align with HABv4
implementation in ROM code.Signed-off-by: Breno Lima
Reviewed-by: Ye Li
(cherry picked from commit 33f51b401dffa393274a28f9d49a87af3eb02fe0)
(cherry picked from commit 7ee050afb5bf380ac58dcf8d9d29e315400992e3) -
Add ability for hab_status command to show All HAB events and not just
HAB failure eventsSigned-off-by: Utkarsh Gupta
Reviewed-by: Ye Li
(cherry picked from commit a9fdc0e4efa5c50ae194f7862d87cf53608afd8c)
(cherry picked from commit 1419cf3144dd6d202b6507a10804809e02c61c69) -
Since commit 8891410c729b ("MLK-19848 mx6dq: Fix chip version issue for
rev1.3") it's not possible to call the HAB API functions on i.MX6DQ
SoC Rev 1.3:Authenticate image from DDR location 0x12000000...
undefined instruction
pc : [] lr : []
reloc pc : [] lr : []
sp : 8ef444a8 ip : 126e8068 fp : 8ff59aa8
r10: 8ffd51e4 r9 : 8ef50eb0 r8 : 006e8000
r7 : 00000000 r6 : 126ea01f r5 : 0000002b r4 : 126e8000
r3 : 412c00dd r2 : 00000001 r1 : 00000001 r0 : 00000063
Flags: nzCv IRQs off FIQs off Mode SVC_32
Resetting CPU ...resetting ...
The hab.h code is defining the HAB API base address according to the
old SoC revision number, thus failing when calling the HAB API
authenticate_image() function.Fix this issue by using mx6dq rev 1.3 instead of mx6dq rev 1.5.
Signed-off-by: Breno Lima
Reviewed-by: Ye Li
(cherry picked from commit adc4d93e6e1726f111e86ca74fb76215215dbc86)
(cherry picked from commit a4300029173afb872b7e7e38d191ca5528da7fed) -
Currently it's not possible to authenticate additional boot images in HAB
open configuration.The hab.c code is checking if the SEC_CONFIG[1] fuse is programmed prior
to calling the hab_authenticate_image() API function. Users cannot check
if their additional boot images has been correctly signed prior to closing
their device.Enable hab.c to authenticate additional boot images in open mode so HAB
events can be retrieved through get_hab_status() function.Signed-off-by: Breno Lima
Reviewed-by: Ye Li
(cherry picked from commit 15d3e93bd16b5375f4dbf525ce61f0912ece4c0b)
(cherry picked from commit 557360b5eeeca9c48f020692005e79d84ce89800) -
Modify to use hab_rvt_failsafe function for failsafe ROM API, not
directly call its ROM address. This function will wrap the sip call for iMX8M
platforms.Signed-off-by: Ye Li
(cherry picked from commit d6b9992db082920b55c08d33df1cb03942939e7f)
(cherry picked from commit 1f020c859a792296e866cf568bbea98b28435437) -
Calling csf_is_valid() with an un-signed image may lead to data abort
as the CSF pointer could be pointing to a garbage address when accessed
in HAB_HDR_LEN(*(const struct hab_hdr *)(ulong)ivt_initial->csf).Authenticate image from DDR location 0x80800000...
Check CSF for Write Data command before authenticating image
data abort
pc : [] lr : []
reloc pc : [] lr : []
sp : fdf45dc8 ip : 00000214 fp : 00000000
r10: fffb6170 r9 : fdf4fec0 r8 : 00722020
r7 : 80f20000 r6 : 80800000 r5 : 80800000 r4 : 00720000
r3 : 17a5aca3 r2 : 00000000 r1 : 80f2201f r0 : 00000019
Flags: NzcV IRQs off FIQs off Mode SVC_32
Resetting CPU ...resetting ...
To avoid such errors during authentication process, validate IVT structure
by calling validate_ivt function which checks the following values in an IVT:IVT_HEADER = 0x4X2000D1
ENTRY != 0x0
RES1 = 0x0
DCD = 0x0 /* Recommended */
SELF != 0x0 /* Absoulute address of IVT */
CSF != 0x0
RES2 = 0x0This commit also checks if Image's start address is 4 byte aligned.
commit "0088d127 MLK-14945 HAB: Check if IVT valid before authenticating image"
removed as this patch addresses the issue.Signed-off-by: Utkarsh Gupta
(cherry picked from commit dabffd1b04df3b0393ef6a9a35b5fd816edd8c63)
Signed-off-by: Ye Li
(cherry picked from commit b4bda0ae3c5c5be0524148c1bcdfea908da859d6)
(cherry picked from commit 2077719b22232eac459ea78914644dac20fed1c4) -
Since cmd_dek is using CAAM JR, so enable the CMD_DEK only when
HAS_CAAM is setSigned-off-by: Ye Li
(cherry picked from commit 8a552c8d98df953c13a0144972b8c16ed7684e92)
(cherry picked from commit dd3c14ba3f814610af05b07ec7cd47dcf0925a49) -
When secure boot is enabled, add authenticate_image in booti to authenticate
kernel image.Signed-off-by: Ye Li
(cherry picked from commit f29a143cdb8c74566113737e9be7e1bcd8c625f4)
(cherry picked from commit 1e33f493a55dad7e016f948b932000ec295c6df4)
(cherry picked from commit 677c332120eff7161532288685c58f246d1f00ff) -
When current EL is not EL3, the direct calling to HAB will fail because
CAAM/SNVS can't initialize at non-secure mode. In this case, we use
SIP call to run the HAB in ATF.Signed-off-by: Ye Li
(cherry picked from commit bca4e251b6083476e987d92c428136a1c81bcb0b)
(cherry picked from commit e31a75cc78ad2d5e6ab5d58851058ab57de1566d)
(cherry picked from commit 6643eac10e3654c62a4acd9c5a4c8c0ac5ee4d0b) -
Add some SOC level codes and build configurations to use HAB lib for
CONFIG_IMX_HAB (secure boot), like adding the SEC_CONFIG fuse, enable
fuse driver, CAAM clock function, and add CAAM secure RAM to MMU table.The FSL_CAAM is temporally not enabled for iMX8M when CONFIG_IMX_HAB is set,
because we don't need the CAAM driver for SPL.Signed-off-by: Ye Li
Reviewed-by: Peng Fan
(cherry picked from commit a0cba5678b10827bc4b5e4fb2e40945a5c332baa)
(cherry picked from commit 330a3108e3806fc2b9fa500f84ebfb4feb821c6d)
(cherry picked from commit bec1d873ca68d7aa3b4355c490ac085b4ef4f7a5) -
There are some changes to support ARM64 i.MX8M platform in this patches:
1. The hab_rvt base and function vectors are different as i.MX6/72. Need to bypass an workaround for i.MX6 to fix problem in MMU.
3. The x18 register needed save & restore before calling any HAB API. According
to ARM procedure call spec, the x18 is caller saved when it is used as
temporary register. So calling HAB API may scratch this register, and
cause crash once accessing the gd pointer.On ARMv7, the r9 is callee saved when it is used as variable register. So
no need to save & restore it.4. Add SEC_CONFIG fuse for iMX8M
Signed-off-by: Ye Li
Reviewed-by: Peng Fan
(cherry picked from commit 5f6ef97a9d13361895180df7014f4e4fb48a5875)
(cherry picked from commit 465407632f436cb55db1d261ee0adb7458220045)
(cherry picked from commit 23cb97d2bcbfbbc80561fda069b7ff805ef00c05) -
To support the trust boot chain, we integrate the authentication
into the kernel image loading process. The kernel image will be verified
at its load address. So when signing the kernel image, we need to
use this load address which may change on different platforms.Signed-off-by: Ye Li
(cherry picked from commit 3c118b8d6bbe1a25ca8c8bafeb528309f16fc73d)
(cherry picked from commit fd9a9759ed9b3a9fc26b18aff00880382213b1ca)
(cherry picked from commit 98d4faefdb83579d4a5a170e06af5efb64ad2b3c)
(cherry picked from commit 3c0f0eed6cb703cd7d67ec97520b1990b5e35fb2) -
When loading kernel image, the image size is parsed from header, so it
does not include the CSF and IVT.Add back the authenticate_image function to wrap the imx_hab_authenticate_image
with calculating IVT offset and full image size.Signed-off-by: Ye Li
(cherry picked from commit 86bf433c3d6940ce71749e97a37efbff5ac7a79f)
(cherry picked from commit b73db85448323521be94f748eaa687d4d3557f38) -
1. Fix wrong USDHC clock
2. Increase malloc f size to 0x2000
3. Change to use DM GPIO interfaces to avoid wrong GPIO device selected
4. Enlarge SPL max size to 148KB
5. Add do_reset commandSigned-off-by: Ye Li
-
Should check SPL_SYSRESET if need to enable ARM firmware for PSCI
in SPL.Signed-off-by: Ye Li
-
Port the files from imx_v2019.04. Split to two files: one for imx8mq
and the other for imx8mm/8mn/8mpSigned-off-by: Ye Li
-
Add QSPI NOR relavant configurations and QSPI clock init to board
codesSigned-off-by: Ye Li
(cherry picked from commit c55c3db3d2d61c902cd68e9fee9de9b9750b946f) -
Update defconfig to enable TMU for i.MX8M EVK board.
Signed-off-by: Ye Li
(cherry picked from commit 339bc1a3a377d52c027ccdb146fe7f1cd0c28882)
(cherry picked from commit e6e05cb1d56e8a5c7ad9d738d121085e7162a5fa) -
Current cpu info common function in imx-common only supports imx-thermal, update
the codes to also support TMU.Signed-off-by: Ye Li
Acked-by: Peng Fan
(cherry picked from commit 878a4ff40987742a30cf8990b2da98205fd6cff5)
(cherry picked from commit be6ab22634214f36716c239413b9203ab1123376)
(cherry picked from commit e4131272acf3b3ef4f9f5949e50fab9ae7c3b116) -
Porting the TMU driver from kernel and supporting DM in the driver.
Users need to provide the TMU node and sensors nodes in DTB.Signed-off-by: Ye Li
Acked-by: Peng Fan
(cherry picked from commit f883de99b93de8c2fadd382d8cf961667bacd038)
(cherry picked from commit 8e09d0f0ab33d9a52098546b147d41c4c2598c0d)
(cherry picked from commit 327d5a951adde39428eeab877a85fe43b51977aa) -
i.MX8MQ EVK has two USB ports, the port 0 is typec, the port 1 is host.
This patch enables both device and host mode (xhci) for typec port by setting tcpc
to relevant UFP/DFP mode. For port 1, it is only supports the host mode (xhci).PD charge is enabled at default on typec port for the dead battery. In this case,
the typec port only works in device mode.Signed-off-by: Ye Li
(cherry picked from commit 27345e2b5e85c11b361dffda37172ad1f141d7ba)
(cherry picked from commit a1fca2fec215aca9cac700bbd40eff6f0bed94fc) -
Since the CONFIG_BLK is defined by DM MMC, to support USB storage,
we have to use DM USB. Add the basic DM support for xhci-imx8m driver.
Also update DTSi to add USB alias seq.Signed-off-by: Ye Li
(cherry picked from commit bff4001d090fabf76d0a9a2060c0dc1386b3cab8)
(cherry picked from commit eb7927f1ffbe57b86adaf18bc34ac848428427f3) -
imx8mq usb xhci is a dwc3 based controller, its synopsys PHY
can be controlled by usbmix glue layer. imx8mq has 2 USB3 instance,
this patch enables both two USB3 controllers.Reviewed-by : Peng Fan
Signed-off-by: Li Jun(cherry picked from commit cb77028d960277df2dc357a86e6851da74924c1a)
Signed-off-by: Ye Li
(cherry picked from commit 5a6326b0498115ca524537d5695ccd582d335157)
(cherry picked from commit 4d2664a31ef2b45e6cd3ef6fbb83d81ea04b555e) -
ATF will power off all PUs at default, so for USB, we enable
its PU power for both host and device modes in board_usb_init and
disable the power when usb is stop in board_usb_cleanup.This is only needed when power domain driver is disabled
Signed-off-by: Ye Li
Reviewed-by: Li Jun
(cherry picked from commit 20e8f5ab5e18fa578283ad232e500a47e71fdd28)
(cherry picked from commit 9eb9b42c0acc42f46deba696da63582a4a32a9fb) -
Some dwc3 based USB3 IP may have a wrong default suspend clk
setting, so add an interface to correct it by board setting.Acked-by: Peng Fan
Signed-off-by: Li Jun
(cherry picked from commit 240b636718313e03db505a713e66e3f893cb7727)
(cherry picked from commit ac64f460533f734ac5b2659f8e8ba9fbdd56e539)
(cherry picked from commit 45cf59ff70696a147e39034c6b8418cb687c9f84) -
Print out atf commit in U-Boot.
Signed-off-by: Peng Fan
(cherry picked from commit df89948806c38e38119767a67ef0e18f24ac886b)
(cherry picked from commit 3a17aa1659fbfe675b74ada60a481d93bb557cdc)
(cherry picked from commit 60780b360889a4366159d342dd7e197faf0d1ca2) -
We found USB issue when using super-speed for mfgtool, temporally work around
the problem to use high-speed only.Signed-off-by: Ye Li
Reviewed-by: Li Jun
(cherry picked from commit e31f99c05c37ac35080e415cfd8c8e2a1c96f865)
(cherry picked from commit 6134c7ee3967fe303bdb2bb7e981ac698b909c5d)
(cherry picked from commit 46f606811b9adfb5bff35ef487de31bae8109801) -
When booting for mfgtool, we need to disable DCSS and HDMI since the HDMI
firmware won't be loaded by mfgtool. Add the detect in u-boot and update the
DTB.Signed-off-by: Ye Li
Acked-by: Peng Fan
(cherry picked from commit 1d01cec0296d56ba8436941864d8da81013e0732)
(cherry picked from commit 89512c1b28add9daf8001c51a44b9da826cbb9ad)
(cherry picked from commit 61d9b430f9a21754441923d9aea350a931f7f7a5) -
Only the GPR0 bit[13] is used as GPR_ENET1_TX_CLK_SEL, bit[17] is reserved
on imx8mq. So we don't need to clear bit[17].Add the definition of bit[13] in register file.
Also fix the size of gpr array, should be 48 not 47.Signed-off-by: Ye Li
(cherry picked from commit 528e88c4eef7dd27ef7ab223dd7935c164daa35c) -
Update thermal node properties, i2c pinmux, gpmi/apbh-dma nodes and
alias for mmc/usb/qspi.Remove unused memreserve for ATF
Signed-off-by: Ye Li
-
Signed-off-by: Ye Li
(cherry picked from commit c8c5c3469f6ffa4789ae9e10c4a97c232657493c)
(cherry picked from commit ef9c92deaf636e044d61cf1f3cc4d9d1fa2de501) -
Add ENET no-DM support, CDNS USB3 host/gadget, M4 bootaux and memtest etc
Update some SPL configs:
1. Remove FIT support and enable TINY printf for saving SPL size.
2. Fix wrong SPL regulator driver enabled, show use fixed regulator not
gpio.
3. Add flexspi defconfig which uses SPI relevant SPL configs and disable
MMC, GPIO and regulator SPL drivers.
4. Enable the panic. Since we use PSCI to reset, but ATF is not boot when
SPL is running.
5. Use full malloc not simple malloc which has dedicated malloc pool
to support large pool size. The simple malloc size is also used by
early malloc which occupies the stack space. This causes we can't
have a large malloc poolSigned-off-by: Ye Li
-
Add i2c alias for i2c mux bus, add mipi lvds i2c nodes, usbotg1, usbotg3,
fec, flexspi, and update iomux.Signed-off-by: Ye Li
-
Add board codes and defconfig file for iMX8QM MEK board. Support
peripherals: UART, USB3 host/gadget, Flexspi, SD/eMMC, ENET, i2c.Signed-off-by: Ye Li
-
Update DTS files for iMX8QM MEK board. Porting them from imx_v2019.04
u-bootSigned-off-by: Ye Li
-
If without this flag, calling dev_power_domain_ctrl will iteratively remove
the power domain device will causes iteratively power off parent PD. This is
not expected by imx8-power-domain-legacy driver. Power off parent PD is
controlled by the driver internally.So set DM_FLAG_DEFAULT_PD_CTRL_OFF to avoid such issue
Signed-off-by: Ye Li
-
The CONFIG_DEVRES is not a necessary config for pinctrl. We decouple the
dependence from the kconfig. So the DEVRES is not default enabled.When using USB gadget driver like CDNS3 or DWC3, without enabling gadget DM
driver, the calling to devm_kzalloc will cause crash if CONFIG_DEVRES is set.Signed-off-by: Ye Li
(cherry picked from commit baeed1c2a36c07126e35a3cdb34f4f392e88c939) -
Currently the driver gets value from PSR register, but this register
is only for input mode. For output mode, it always return 0 not the
value we set for output.This patch changes to use DR register, which returns the DR value for
output mode, and PSR value for input mode.Signed-off-by: Ye Li
(cherry picked from commit 4afc3f90943c6b117f79b66d2cd04e64f437b0c2)
(cherry picked from commit 8cca3efba0d508b2c267f8a32b302970dd05244d)
(cherry picked from commit 7980dc9700bdeb610cfa91b4b53abe450c688b9b) -
This patch aim at documenting USB related dt-bindings for the
Cadence USB controller.Signed-off-by: Sherry Sun
