13 files changed, 369 insertions, 37 deletions
diff --git a/include/configs/km/pg-wcom-ls102xa.h b/include/configs/km/pg-wcom-ls102xa.h
index 3a243d789c0..b6e6958599c 100644
--- a/include/configs/km/pg-wcom-ls102xa.h
+++ b/include/configs/km/pg-wcom-ls102xa.h
@@ -10,8 +10,7 @@
 #define CFG_SYS_INIT_RAM_SIZE	OCRAM_SIZE
 
 #define CFG_PRAM			((CONFIG_KM_PNVRAM + \
-					  CONFIG_KM_PHRAM + \
-					  CONFIG_KM_RESERVED_PRAM) >> 10)
+					  CONFIG_KM_PHRAM) >> 10)
 
 #define PHYS_SDRAM			0x80000000
 #define PHYS_SDRAM_SIZE			(1u * 1024 * 1024 * 1024)
diff --git a/include/configs/kmcent2.h b/include/configs/kmcent2.h
index e7ae18ec5f9..de41b998ea4 100644
--- a/include/configs/kmcent2.h
+++ b/include/configs/kmcent2.h
@@ -158,11 +158,10 @@
 /******************************************************************************
  * (PRAM usage)
  * ... -------------------------------------------------------
- * ... |ROOTFSSIZE | PNVRAM |PHRAM |RESERVED_PRAM | END_OF_RAM
+ * ... |ROOTFSSIZE | PNVRAM |PHRAM | END_OF_RAM              |
  * ... |<------------------- pram -------------------------->|
  * ... -------------------------------------------------------
  * @END_OF_RAM:
- * @CONFIG_KM_RESERVED_PRAM: reserved pram for special purpose
  * @CONFIG_KM_PHRAM: address for /var
  * @CONFIG_KM_PNVRAM: address for PNVRAM (for the application)
  */
diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h
index 270088ad94f..5c0fd6d171b 100644
--- a/include/dm/uclass-id.h
+++ b/include/dm/uclass-id.h
@@ -38,6 +38,7 @@ enum uclass_id {
 	/* U-Boot uclasses start here - in alphabetical order */
 	UCLASS_ACPI_PMC,	/* (x86) Power-management controller (PMC) */
 	UCLASS_ADC,		/* Analog-to-digital converter */
+	UCLASS_AES,		/* AES cryptographic engine */
 	UCLASS_AHCI,		/* SATA disk controller */
 	UCLASS_AUDIO_CODEC,	/* Audio codec with control and data path */
 	UCLASS_AXI,		/* AXI bus */
diff --git a/include/env/pg-wcom/ls102xa.env b/include/env/pg-wcom/ls102xa.env
index abbec424574..88aaac8f008 100644
--- a/include/env/pg-wcom/ls102xa.env
+++ b/include/env/pg-wcom/ls102xa.env
@@ -8,7 +8,6 @@ checkfdt=true
 cramfsloadfdt=cramfsload $fdt_addr_r fdt_0x${IVM_BoardId}_0x${IVM_HWKey}.dtb
 ethrotate=no
 hwconfig=devdis:esdhc,usb3,usb2,sata,sec,dcu,duart2,qspi,can1,can2_4,ftm2_8,i2c2_3,sai1_4,lpuart2_6,asrc,spdif,lpuart1,ftm1
-netdev=eth2
 
 newenv=protect off CONFIG_ENV_ADDR_REDUND +0x40000 &&
        erase CONFIG_ENV_ADDR_REDUND +0x40000 &&
diff --git a/include/env/ti/ti_armv7_keystone2.env b/include/env/ti/ti_armv7_keystone2.env
index e0395d302cb..1b2aaa2808a 100644
--- a/include/env/ti/ti_armv7_keystone2.env
+++ b/include/env/ti/ti_armv7_keystone2.env
@@ -12,6 +12,7 @@ dfu_alt_info_mmc=
 	uEnv.txt fat 0 1
 
 bootdir=/boot
+bootm_size=0x10000000
 tftp_root=/
 nfs_root=/export
 mem_lpae=1
diff --git a/include/env/ti/ti_common.env b/include/env/ti/ti_common.env
index 7029d12bf20..03e3267ef8a 100644
--- a/include/env/ti/ti_common.env
+++ b/include/env/ti/ti_common.env
@@ -8,7 +8,6 @@ rdaddr=0x88080000
 ramdisk_addr_r=0x88080000
 scriptaddr=0x80000000
 pxefile_addr_r=0x80100000
-bootm_size=0x10000000
 boot_fdt=try
 
 boot_fit=0
diff --git a/include/fb_spi_flash.h b/include/fb_spi_flash.h
new file mode 100644
index 00000000000..904654748a4
--- /dev/null
+++ b/include/fb_spi_flash.h
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright 2025 Collabora Ltd.
+ */
+
+#ifndef _FB_SPI_FLASH_H_
+#define _FB_SPI_FLASH_H_
+
+#include <part.h>
+
+/**
+ * fastboot_spi_flash_get_part_info() - Lookup SPI flash partition by name
+ *
+ * @part_name: Named device to lookup
+ * @part_info: Pointer to returned struct disk_partition
+ * @response: Pointer to fastboot response buffer
+ * Return: 0 if OK, -ENOENT if no partition name was given, -ENODEV on invalid
+ * raw partition descriptor
+ */
+int fastboot_spi_flash_get_part_info(const char *part_name,
+				     struct disk_partition *part_info,
+				     char *response);
+
+/**
+ * fastboot_spi_flash_write() - Write image to SPI flash for fastboot
+ *
+ * @cmd: Named device to write image to
+ * @download_buffer: Pointer to image data
+ * @download_bytes: Size of image data
+ * @response: Pointer to fastboot response buffer
+ */
+void fastboot_spi_flash_write(const char *cmd, void *download_buffer,
+			      u32 download_bytes, char *response);
+
+/**
+ * fastboot_spi_flash_erase() - Erase SPI flash for fastboot
+ *
+ * @cmd: Named device to erase
+ * @response: Pointer to fastboot response buffer
+ */
+void fastboot_spi_flash_erase(const char *cmd, char *response);
+#endif
diff --git a/include/imx8image.h b/include/imx8image.h
index e0d25c5b6c9..d0e05811ff9 100644
--- a/include/imx8image.h
+++ b/include/imx8image.h
@@ -45,6 +45,7 @@
 #define DCD_ENTRY_ADDR_IN_SCFW		0x240
 
 #define CONTAINER_ALIGNMENT		0x400
+#define CONTAINER_PQC_ALIGNMENT		0x4000
 #define CONTAINER_FLAGS_DEFAULT		0x10
 #define CONTAINER_FUSE_DEFAULT		0x0
 
@@ -160,6 +161,8 @@ enum imx8image_cmd {
 	CMD_DATA,
 	CMD_DUMMY_V2X,
 	CMD_HOLD,
+	CMD_CNTR_VERSION,
+	CMD_DUMMY_DDR,
 };
 
 enum imx8image_core_type {
@@ -216,6 +219,8 @@ typedef enum option_type {
 	OEI,
 	DUMMY_V2X,
 	HOLD,
+	CNTR_VERSION,
+	DUMMY_DDR,
 } option_type_t;
 
 typedef struct {
@@ -262,6 +267,7 @@ typedef struct {
 #define IMG_TYPE_SENTINEL 0x06	/* SENTINEL image type */
 #define IMG_TYPE_PROV    0x07   /* Provisioning image type */
 #define IMG_TYPE_DEK     0x08   /* DEK validation type */
+#define IMG_TYPE_DDR_DUMMY 0x0D /* DDR training data dummy entry */
 #define IMG_TYPE_V2X_DUMMY 0x0E /* V2X Dummy image */
 
 #define IMG_TYPE_SHIFT   0
diff --git a/include/imx_container.h b/include/imx_container.h
index 691c764b3e5..684fc3bc988 100644
--- a/include/imx_container.h
+++ b/include/imx_container.h
@@ -12,7 +12,11 @@
 #define IV_MAX_LEN			32
 #define HASH_MAX_LEN			64
 
+#if IS_ENABLED(CONFIG_IMX_PQC_SUPPORT)
+#define CONTAINER_HDR_ALIGNMENT 0x4000
+#else
 #define CONTAINER_HDR_ALIGNMENT 0x400
+#endif
 #define CONTAINER_HDR_EMMC_OFFSET 0
 #define CONTAINER_HDR_MMCSD_OFFSET SZ_32K
 #define CONTAINER_HDR_QSPI_OFFSET SZ_4K
@@ -72,7 +76,14 @@ int get_container_size(ulong addr, u16 *header_length);
 
 static inline bool valid_container_hdr(struct container_hdr *container)
 {
+#if IS_ENABLED(CONFIG_IMX_PQC_SUPPORT)
+	return (container->tag == CONTAINER_HDR_TAG ||
+		container->tag == 0x82) &&
+		(container->version == CONTAINER_HDR_VERSION ||
+		 container->version == 0x2);
+#else
 	return container->tag == CONTAINER_HDR_TAG &&
 	       container->version == CONTAINER_HDR_VERSION;
+#endif
 }
 #endif
diff --git a/include/limits.h b/include/limits.h
index 1d0bbf69be7..a032bc5b84d 100644
--- a/include/limits.h
+++ b/include/limits.h
@@ -3,11 +3,61 @@
 #ifndef _LIMITS_H
 #define _LIMITS_H
 
-#define INT_MAX     0x7fffffff
-#define UINT_MAX    0xffffffffU
+#define SCHAR_MAX   __SCHAR_MAX__
+#define SCHAR_MIN   (-SCHAR_MAX - 1)
+#define UCHAR_MAX   (SCHAR_MAX * 2 + 1)
+
+#ifdef __CHAR_UNSIGNED__
+#define CHAR_MAX    UCHAR_MAX
+#define CHAR_MIN    0
+#else
+#define CHAR_MAX    SCHAR_MAX
+#define CHAR_MIN    SCHAR_MIN
+#endif
+
+#define SHRT_MAX    __SHRT_MAX__
+#define SHRT_MIN    (-SHRT_MAX - 1)
+#define USHRT_MAX   (SHRT_MAX * 2 + 1)
+
+#define INT_MAX     __INT_MAX__
+#define INT_MIN     (-INT_MAX - 1)
+#define UINT_MAX    (INT_MAX * 2U + 1U)
+
+#define LONG_MAX    __LONG_MAX__
+#define LONG_MIN    (-LONG_MAX - 1L)
+#define ULONG_MAX   (LONG_MAX * 2UL + 1UL)
+
+#define LLONG_MAX   __LONG_LONG_MAX__
+#define LLONG_MIN   (-LLONG_MAX - 1LL)
+#define ULLONG_MAX  (LLONG_MAX * 2ULL + 1ULL)
+
+#define U8_MAX      UCHAR_MAX
+#define S8_MAX      SCHAR_MAX
+#define S8_MIN      SCHAR_MIN
+#define U16_MAX     USHRT_MAX
+#define S16_MAX     SHRT_MAX
+#define S16_MIN     SHRT_MIN
+#define U32_MAX     UINT_MAX
+#define S32_MAX     INT_MAX
+#define S32_MIN     INT_MIN
+#define U64_MAX     ULLONG_MAX
+#define S64_MAX     LLONG_MAX
+#define S64_MIN     LLONG_MIN
+
+#define UINT8_MAX   U8_MAX
+#define INT8_MAX    S8_MAX
+#define INT8_MIN    S8_MIN
+#define UINT16_MAX  U16_MAX
+#define INT16_MAX   S16_MAX
+#define INT16_MIN   S16_MIN
+#define UINT32_MAX  U32_MAX
+#define INT32_MAX   S32_MAX
+#define INT32_MIN   S32_MIN
+#define UINT64_MAX  U64_MAX
+#define INT64_MAX   S64_MAX
+#define INT64_MIN   S64_MIN
+
 #define CHAR_BIT    8
-#define UINT32_MAX  0xffffffffU
-#define UINT64_MAX  0xffffffffffffffffULL
 
 #if (defined(CONFIG_64BIT) && !defined(CONFIG_SPL_BUILD)) || \
 	(defined(CONFIG_SPL_64BIT) && defined(CONFIG_SPL_BUILD))
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 9467edd65ab..e0443ecac84 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -5,32 +5,6 @@
 #include <linux/printk.h> /* for printf/pr_* utilities */
 #include <limits.h>
 
-#define USHRT_MAX	((u16)(~0U))
-#define SHRT_MAX	((s16)(USHRT_MAX>>1))
-#define SHRT_MIN	((s16)(-SHRT_MAX - 1))
-#define INT_MIN		(-INT_MAX - 1)
-#define LONG_MAX	((long)(~0UL>>1))
-#define LONG_MIN	(-LONG_MAX - 1)
-#define ULONG_MAX	(~0UL)
-#define LLONG_MAX	((long long)(~0ULL>>1))
-#define LLONG_MIN	(-LLONG_MAX - 1)
-#define ULLONG_MAX	(~0ULL)
-
-#define U8_MAX		((u8)~0U)
-#define S8_MAX		((s8)(U8_MAX>>1))
-#define S8_MIN		((s8)(-S8_MAX - 1))
-#define U16_MAX		((u16)~0U)
-#define S16_MAX		((s16)(U16_MAX>>1))
-#define S16_MIN		((s16)(-S16_MAX - 1))
-#define U32_MAX		((u32)~0U)
-#define S32_MAX		((s32)(U32_MAX>>1))
-#define S32_MIN		((s32)(-S32_MAX - 1))
-#define U64_MAX		((u64)~0ULL)
-#define S64_MAX		((s64)(U64_MAX>>1))
-#define S64_MIN		((s64)(-S64_MAX - 1))
-
-#define INT32_MAX	S32_MAX
-
 #define STACK_MAGIC	0xdeadbeef
 
 #define REPEAT_BYTE(x)	((~0ul / 0xff) * (x))
diff --git a/include/stdint.h b/include/stdint.h
index dea83c8226a..90fd2bdee08 100644
--- a/include/stdint.h
+++ b/include/stdint.h
@@ -9,6 +9,6 @@
 #ifndef __UB_STDINT_H
 #define __UB_STDINT_H
 
-#define UINT8_MAX	0xff
+#include <limits.h>
 
 #endif
diff --git a/include/uboot_aes.h b/include/uboot_aes.h
index d2583bed992..592b7dbee43 100644
--- a/include/uboot_aes.h
+++ b/include/uboot_aes.h
@@ -7,6 +7,8 @@
 #ifndef _AES_REF_H_
 #define _AES_REF_H_
 
+#include <errno.h>
+
 #ifdef USE_HOSTCC
 /* Define compat stuff for use in fw_* tools. */
 typedef unsigned char u8;
@@ -107,4 +109,253 @@ void aes_cbc_encrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
 void aes_cbc_decrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
 			    u32 num_aes_blocks);
 
+/* An AES block filled with zeros */
+static const u8 AES_ZERO_BLOCK[AES_BLOCK_LENGTH] = { 0 };
+struct udevice;
+
+/**
+ * struct struct aes_ops - Driver model for AES related operations
+ *
+ * The uclass interface is implemented by AES crypto devices which use driver model.
+ *
+ * Some AES crypto devices use key slots to store the key for the encrypt/decrypt
+ * operations, while others may simply pass the key on each operation.
+ *
+ * In case the device does not implement hardware slots, driver can emulate or simply
+ * store one active key slot at 0 in the driver state and pass it on each underlying
+ * hw calls for AES operations.
+ *
+ * Note that some devices like Tegra AES engine may contain preloaded keys by bootrom,
+ * thus in those cases the set_key_for_key_slot() may be skipped.
+ *
+ * Sequence for a series of AES CBC encryption, one decryption and a CMAC hash example
+ * with 128bits key at slot 0 would be as follow:
+ *
+ * set_key_for_key_slot(DEV, 128, KEY, 0);
+ * select_key_slot(DEV, 128, 0);
+ * aes_cbc_encrypt(DEV, IV1, SRC1, DST1, LEN1);
+ * aes_cbc_encrypt(DEV, IV2, SRC2, DST2, LEN2);
+ * aes_cbc_decrypt(DEV, IV3, SRC3, DST3, LEN3);
+ */
+struct aes_ops {
+	/**
+	 * available_key_slots() - How many key slots this AES device has
+	 *
+	 * @dev			The AES udevice
+	 * @return		Available slots to use, 0 for none
+	 */
+	int (*available_key_slots)(struct udevice *dev);
+
+	/**
+	 * select_key_slot() - Selects the AES key slot to use for following operations
+	 *
+	 * @dev			The AES udevice
+	 * @key_size		Size of the aes key (in bits)
+	 * @slot		The key slot to set as selected
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*select_key_slot)(struct udevice *dev, u32 key_size, u8 slot);
+
+	/**
+	 * set_key_for_key_slot() - Sets the AES key to use for specified key slot
+	 *
+	 * @dev			The AES udevice
+	 * @key_size		Size of the aes key (in bits)
+	 * @key			An AES key to set
+	 * @slot		The slot to load the key at
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*set_key_for_key_slot)(struct udevice *dev, u32 key_size, u8 *key,
+				    u8 slot);
+
+	/**
+	 * aes_ecb_encrypt() - Encrypt multiple blocks of data with AES ECB.
+	 *
+	 * @dev			The AES udevice
+	 * @src			Source data of length 'num_aes_blocks' blocks
+	 * @dst			Destination data of length 'num_aes_blocks' blocks
+	 * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*aes_ecb_encrypt)(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+	/**
+	 * aes_ecb_decrypt() - Decrypt multiple blocks of data with AES ECB.
+	 *
+	 * @dev			The AES udevice
+	 * @src			Source data of length 'num_aes_blocks' blocks
+	 * @dst			Destination data of length 'num_aes_blocks' blocks
+	 * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*aes_ecb_decrypt)(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+	/**
+	 * aes_cbc_encrypt() - Encrypt multiple blocks of data with AES CBC.
+	 *
+	 * @dev			The AES udevice
+	 * @iv			Initialization vector
+	 * @src			Source data of length 'num_aes_blocks' blocks
+	 * @dst			Destination data of length 'num_aes_blocks' blocks
+	 * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*aes_cbc_encrypt)(struct udevice *dev, u8 *iv,
+			       u8 *src, u8 *dst, u32 num_aes_blocks);
+
+	/**
+	 * aes_cbc_decrypt() - Decrypt multiple blocks of data with AES CBC.
+	 *
+	 * @dev			The AES udevice
+	 * @iv			Initialization vector
+	 * @src			Source data of length 'num_aes_blocks' blocks
+	 * @dst			Destination data of length 'num_aes_blocks' blocks
+	 * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+	 * @return		0 on success, negative value on failure
+	 */
+	int (*aes_cbc_decrypt)(struct udevice *dev, u8 *iv,
+			       u8 *src, u8 *dst, u32 num_aes_blocks);
+};
+
+#define aes_get_ops(dev)	((struct aes_ops *)(dev)->driver->ops)
+
+#if CONFIG_IS_ENABLED(DM_AES)
+
+/**
+ * dm_aes_get_available_key_slots - How many key slots this AES device has
+ *
+ * @dev			The AES udevice
+ * Return:		Available slots to use, 0 for none, -ve on failure
+ */
+int dm_aes_get_available_key_slots(struct udevice *dev);
+
+/**
+ * dm_aes_select_key_slot - Selects the AES key slot to use for following operations
+ *
+ * @dev			The AES udevice
+ * @key_size		Size of the aes key (in bits)
+ * @slot		The key slot to set as selected
+ * Return:		0 on success, -ve on failure
+ */
+int dm_aes_select_key_slot(struct udevice *dev, u32 key_size, u8 slot);
+
+/**
+ * dm_aes_set_key_for_key_slot - Sets the AES key to use for specified key slot
+ *
+ * @dev			The AES udevice
+ * @key_size		Size of the aes key (in bits)
+ * @key			An AES key to set
+ * @slot		The slot to load the key at
+ * Return:		0 on success, negative value on failure
+ */
+int dm_aes_set_key_for_key_slot(struct udevice *dev, u32 key_size, u8 *key, u8 slot);
+
+/**
+ * dm_aes_ecb_encrypt - Encrypt multiple blocks of data with AES ECB.
+ *
+ * @dev			The AES udevice
+ * @src			Source data of length 'num_aes_blocks' blocks
+ * @dst			Destination data of length 'num_aes_blocks' blocks
+ * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+ * Return:		0 on success, negative value on failure
+ */
+int dm_aes_ecb_encrypt(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+/**
+ * dm_aes_ecb_decrypt - Decrypt multiple blocks of data with AES ECB.
+ *
+ * @dev			The AES udevice
+ * @src			Source data of length 'num_aes_blocks' blocks
+ * @dst			Destination data of length 'num_aes_blocks' blocks
+ * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+ * Return:		0 on success, negative value on failure
+ */
+int dm_aes_ecb_decrypt(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+/**
+ * dm_aes_cbc_encrypt - Encrypt multiple blocks of data with AES CBC.
+ *
+ * @dev			The AES udevice
+ * @iv			Initialization vector
+ * @src			Source data of length 'num_aes_blocks' blocks
+ * @dst			Destination data of length 'num_aes_blocks' blocks
+ * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+ * Return:		0 on success, negative value on failure
+ */
+int dm_aes_cbc_encrypt(struct udevice *dev, u8 *iv, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+/**
+ * dm_aes_cbc_decrypt - Decrypt multiple blocks of data with AES CBC.
+ *
+ * @dev			The AES udevice
+ * @iv			Initialization vector
+ * @src			Source data of length 'num_aes_blocks' blocks
+ * @dst			Destination data of length 'num_aes_blocks' blocks
+ * @num_aes_blocks	Number of AES blocks to encrypt/decrypt
+ * Return:		0 on success, negative value on failure
+ */
+int dm_aes_cbc_decrypt(struct udevice *dev, u8 *iv, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+/**
+ * dm_aes_cmac - Hashes the input data with AES-CMAC, putting the result into dst.
+ * The key slot must be selected already.
+ *
+ * @dev			The AES udevice
+ * @key_size		Size of the aes key (in bits)
+ * @src			Source data of length 'num_aes_blocks' blocks
+ * @dst			Destination for hash result
+ * @num_aes_blocks	Number of AES blocks to encrypt
+ * Return:		0 on success, negative value on failure.
+ */
+int dm_aes_cmac(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
+
+#else
+
+static inline int dm_aes_get_available_key_slots(struct udevice *dev)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_select_key_slot(struct udevice *dev, u32 key_size, u8 slot)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_set_key_for_key_slot(struct udevice *dev, u32 key_size, u8 *key,
+					      u8 slot)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_ecb_encrypt(struct udevice *dev, u8 *src, u8 *dst,
+				     u32 num_aes_blocks)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_ecb_decrypt(struct udevice *dev, u8 *src, u8 *dst,
+				     u32 num_aes_blocks)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_cbc_encrypt(struct udevice *dev, u8 *iv, u8 *src,
+				     u8 *dst, u32 num_aes_blocks)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_cbc_decrypt(struct udevice *dev, u8 *iv, u8 *src,
+				     u8 *dst, u32 num_aes_blocks)
+{
+	return -ENOSYS;
+}
+
+static inline int dm_aes_cmac(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks)
+{
+	return -ENOSYS;
+}
+
+#endif /* CONFIG_DM_AES */
+
 #endif /* _AES_REF_H_ */