11 Jan, 2018
1 commit
09 Aug, 2017
1 commit
-
Fix the size calculation in the verify boot. The original
patch 266b5c0cdbd1150cf5e6bde0d473e5d2f0f60812 was merged
but this was not the correct version. The correct version
subtracted the header.Fixes: 266b5c0cdbd1 ("arm: am33xx: security: adds auth support for encrypted images")
Signed-off-by: Madan Srinivas
Signed-off-by: Dan Murphy
26 Jul, 2017
1 commit
-
The image address passed to secure_boot_verify_image() may not be
cacheline aligned, round the address down to the nearest cacheline.Signed-off-by: Andrew F. Davis
25 Jul, 2017
1 commit
-
This patch adds support for authentication of both plain
text and encrypted binaries. A new SECDEV package is needed
to enable encryption of binaries by default for AM3x.The ROM authentication API detects encrypted images at
runtime and automatically decrypts the image if the
signature verification passes.Addition of encryption on AM3x results in a change in the
image format. On AM4x, AM5x and, on AM3x devices signing
clear test images, the signature is appended to the end of the
binary.On AM3x, when the SECDEV package is used to create signed
and encrypted images, the signature is added as a header
to the start of the binary. So the binary size calculation
has been updated to reflect this change.The signing tools and encrypted image format for AM3x
cannot be changed to behave like AM4x and AM5x to
maintain backward compatibility with older Sitara
M-Shield releases.Adding encryption support also increases the size of
the PPA. As the SPL is loaded right after the PPA for
any peripheral boot, this increase in PPA size results
in the SPL load address moving by 0x200 bytes (for UART boot).
Memory boot modes like MMC are not affected, as the ROM
loads the PPA and SPL in two separate steps.Acked-by: Andrew F. Davis
Signed-off-by: Madan Srinivas
15 Jul, 2017
1 commit
-
AM571x supports DDR running at 666MHz. Right now it is
clocked at 532MHz which is lower than what is supported.
In order to have maximum performance on AM571-IDK,
switch DDR to 666MHz.Signed-off-by: Steve Kipisz
Signed-off-by: Lokesh Vutla
27 Jun, 2017
3 commits
-
gpio2 is used to detect lcd based on which pin mux is done in SPL.
gpio7 is used to enable vtt regulator. Enable these teo gpio nodes
in SPL.Signed-off-by: Lokesh Vutla
-
Enable spl_early_init() so that spl can use
DT very early during boot.Signed-off-by: Lokesh Vutla
-
ROM stores the boot params information in a known location
and passes it to SPL. This information needs to be copied
very early during boot or else there is a chance of getting
corrupted by SPL. So move this boot device detection very early
during boot.Signed-off-by: Lokesh Vutla
17 Jun, 2017
1 commit
-
The size of the secure image does not include the size of the
header, subtract this out before we move the image or we grab
extra data after the image.Signed-off-by: Andrew F. Davis
24 May, 2017
3 commits
-
When the OP-TEE image is built for secure paging the load address may be
in SRAM, remove checks that prevent this.Signed-off-by: Harinarayan Bhatta
Signed-off-by: Andrew F. Davis -
Now that we can specify DT nodes that can be used in spl, mark
all necessary nodes as u-boot,dm-spl.Signed-off-by: Lokesh Vutla
-
Now that we can specify DT nodes that can be used in spl, mark
all necessary nodes as u-boot,dm-spl.Signed-off-by: Lokesh Vutla
22 May, 2017
4 commits
-
One some keystone2 platforms like K2G ICE, there is an option
to switch between 24MHz or 25MHz as sysclk. But the existing
driver assumes it is always 24MHz. Add support for getting
all reference clocks dynamically by reading boot pins.Signed-off-by: Lokesh Vutla
-
K2G supports various sysclk frequencies which can be
determined using sysboot pins. PLLs should be configured
based on this sysclock frequency. Add PLL configurations
for all supported sysclk frequencies.Signed-off-by: Lokesh Vutla
-
am335x supports various sysclk frequencies which can be determined
using sysboot pins. PLLs should be configures based on this
sysclk frequency. Add PLL configurations for all supported
frequencies.Signed-off-by: Lokesh Vutla
-
Update MPU frequencies and voltages as per the latest
DM[1] dated: OCT 2011 Revised APRIL 2016, Section 5.4.
Below is the consolidated data:MPU values for PG 2.0 and later(Package ZCZ and ZCE):
-------------------------------------------------------
| | ZCZ | ZCE |
|-------------------------------------------------------|
| | VDD[V] | ARM [MHz] | VDD[V] | ARM [MHz] |
|-------|----------|------------|----------|------------|
| NITRO | 1.325 | 1000 | NA | NA |
|-------|----------|------------|----------|------------|
| TURBO | 1.26 | 800 | NA | NA |
|-------|----------|------------|----------|------------|
|OPP120 | 1.20 | 720 | NA | NA |
|-------|----------|------------|----------|------------|
|OPP100 | 1.10 | 600 | 1.10 | 600 |
|-------|----------|------------|----------|------------|
| OPP50 | 0.95 | 300 | 0.95 | 300 |
-------------------------------------------------------There is no eFuse blown on PG1.0 Silicons due to which there is
no way to detect the maximum frequencies supported. So default
to OPP100 for which both frequency and voltages are common on both
the packages.[1] http://www.ti.com/lit/ds/symlink/am3356.pdf
Signed-off-by: Lokesh Vutla
10 May, 2017
1 commit
-
Secure boot targets that can be loaded from an SD card FAT partition
need to be called "MLO" on the filesystem, make a copy with this name
to clarify the correct image for SD card booting.Signed-off-by: Andrew F. Davis
07 May, 2017
3 commits
-
The compatible should not include the name of the platform as this is
now a common FDT fixup.Fixes: 60f666e22c37 ("arm: mach-omap2: Factor out common FDT fixup suport")
Signed-off-by: Andrew F. Davis -
When not using ARMV7_LPAE the size of "reg" needs to be 32-bit, not
64-bit.Fixes: 60f666e22c37 ("arm: mach-omap2: Factor out common FDT fixup suport")
Signed-off-by: Andrew F. Davis -
The inline assembly functions in mon.c assume that the caller will
check for the return value in r0 according to regular ARM calling
conventions.However, this assumption breaks down if the compiler inlines the
functions. The caller is then under no obligation to use r0 for the
result.To fix this disconnect, we must explicitly move the return value
from the smc/bl call to the variable that the function returns.Signed-off-by: Madan Srinivas
04 May, 2017
3 commits
-
Adding support for fdt fixup to update the
memory node in device tree for falcon boot.This is needed for single stage or falcon
bootmode, to pass memory configuration to
kernel through DT memory node.Signed-off-by: Ravi Babu
Reviewed-by: Lukasz Majewski -
Enable Malloc simple on all am335x based boards.
Signed-off-by: Lokesh Vutla
-
No reason to use a separate load script for am33xx than using
omap-common load script.Signed-off-by: Lokesh Vutla
27 Apr, 2017
1 commit
-
For OMAP family devices we check for a header tag in U-Boot and also
print out whether authentication passed or not, add these here.This also makes the source identical to the upstream version.
Signed-off-by: Andrew F. Davis
21 Apr, 2017
1 commit
-
On early K2 devices (eg. K2HK) the secure ROM code does not support
loading secure code to firewall protected memory, before decrypting,
authenticating and executing it.To load the boot monitor on these devices, it is necessary to first
authenticate and run a copy loop from non-secure memory that copies
the boot monitor behind firewall protected memory, before decrypting
and executing it.On K2G, the secure ROM does not allow secure code executing from
unprotected memory. Further, ROM first copies the signed and encrypted
image into firewall protected memory, then decrypts, authenticates
and executes it.As a result of this, we cannot use the copy loop for K2G. The
mon_install has to be modified to pass the address the signed and
encrypted secure boot monitor image to the authentication API.For backward compatibility with other K2 devices and K2G GP,
the mon_install API still supports a single argument. In this case
the second argument is set to 0 by u-boot and is ignored by ROMSigned-off-by: Thanh Tran
Signed-off-by: Madan Srinivas
20 Apr, 2017
1 commit
-
The iodelays and pinmux information is platform specific. Since the SPL
can embed only one dts, getting this information from it would mean to have
one SPL binary for each platform.
In order to keep the ability to run the same SPL binary on several
platforms, the iodelays and pinmux configurations used by the SPL are
provided by the platform code.Signed-off-by: Jean-Jacques Hiblot
11 Apr, 2017
5 commits
-
Similar to what is done with OMAP5 class boards we need to
perform fixups common to this SoC class, add support for this here
and add HS fixups.Signed-off-by: Andrew F. Davis
-
If a firmware node is already present in the FDT we will fail to create
one and so fail to add our OP-TEE node, make this fixup first check for
a firmware node and then only try to add one if it is not found.Signed-off-by: Andrew F. Davis
-
Some of the fixups currently done for OMAP5 class boards are common to
other OMAP family devices, move these to fdt-common.c.Signed-off-by: Andrew F. Davis
-
TEE loading and firewall setup are common to all omap2 devices, move
these function out of omap5 and into mach-omap2. This allows us
to use these functions from other omap class devices.Signed-off-by: Andrew F. Davis
-
commit 4f65ee38131a180cc2d8bc2cfe76cca31a9d55a4 upstream.
After we authenticate/decrypt an image we need to flush the caches
as they may still contain bits of the encrypted image. This will
cause failures if we attempt to jump to this image.Reported-by: Yogesh Siraswar
Signed-off-by: Andrew F. Davis
Reviewed-by: Tom Rini
31 Mar, 2017
1 commit
-
The K2G ICE EVM straps RX_DV/RX_CTRL pin of on board DP83867 phy in mode
1. Unfortunately, the phy data manual disallows this.Add ti,dp83867-rxctrl-strap-quirk in the phy node to allow software
to enable workaround suggested for this incorrect strap setting. This
ensures proper operation of this PHY.Signed-off-by: Murali Karicheri
16 Mar, 2017
1 commit
-
Currently, AM43xx just re-uses the version strings from AM33xx which is
wrong; the actual values for AM43xx are different. Fix this by adding
a separate version string array for AM43xx and use this instead.Signed-off-by: Tero Kristo
03 Mar, 2017
1 commit
-
Probe USB_DEV_GENERIC drivers during arch_misc_init(). This is required
in order for USB DM model based peripheral mode devices like DFU to work
in U-Boot.Signed-off-by: Vignesh R
22 Feb, 2017
1 commit
-
EVM hardware spec recommends to add 0.25 nsec delay in the tx
direction for internal delay in the clock path to be on the safer
side. Also change the phy-mode to RGMII-ID to apply both tx and rx
delays.Signed-off-by: Murali Karicheri
17 Feb, 2017
1 commit
-
When the node 'reserved-memory' is not defined in the DT we fail
to add needed properties. We also fail to move 'offs' to point to
the new node. Fix these here.Signed-off-by: Andrew F. Davis
Reviewed-by: Tom Rini
16 Feb, 2017
4 commits
-
This patch adds a workaround to reset the phy one time during boot
using GPIO0 pin 10 to make sure, the Phy latches the configuration
from the input pins correctly.Signed-off-by: Murali Karicheri
Signed-off-by: Sekhar Nori -
This patch adds dt node for DP83867 phy used on K2G ICE boards. And
also enable netcp device nodes for K2G ICE boards.Signed-off-by: Murali Karicheri
Acked-by: Mugunthan V N
Signed-off-by: Sekhar Nori -
This patch removes the unused phy-mode property from the phy dt node. On
K2G, currently link-interface determines if phy is used or not and is
already set to use rgmii. So this is not needed. Besides phy-mode should
be added to slave interface configuration of the cpsw driver, not in the
phy node.Signed-off-by: Murali Karicheri
Acked-by: Mugunthan V N
Signed-off-by: Sekhar Nori -
Adds an additional image type needed for supporting secure keystone
devices. The build generates u-boot_HS_MLO which can be used to boot
from all media on secure keystone devices.Signed-off-by: Madan Srinivas
Signed-off-by: Andrew F. Davis