| Age | Commit message (Collapse) | Author |
|---|
|
This function is currently a misnomer at times as we have cases where it
passes arguments to the image. In preparation for making that be a more
common case rename this function to jump_to_image(...). In order to do
this, rename jump_to_image in board_init_r(...) to jumper so that we do
not have a conflict.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Reword the commit message, adding missing cases of
jump_to_image_no_args()]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Use the new symbol to refer to any 'SPL' build, including TPL and VPL
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
As part of bringing the master branch back in to next, we need to allow
for all of these changes to exist here.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d42223cbb8c86280a083cc3c93e6426, reversing
changes made to 2ee6f3a5f7550de3599faef9704e166e5dcace35.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Remove <common.h> from this board vendor directory and when needed
add missing include files directly.
Acked-by: Jason Liu <jason.hui.liu@nxp.com>
Acked-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Use proper project name in DTs, messages and READMEs.
Signed-off-by: Michal Simek <michal.simek@amd.com>
|
|
At this point, the remaining places where we have a symbol that is
defined as CONFIG_... are in fairly odd locations. While as much dead
code has been removed as possible, some of these locations are simply
less obvious at first. In other cases, this code is used, but was
defined in such a way as to have been missed by earlier checks. Perform
a rename of all such remaining symbols to be CFG_... rather than
CONFIG_...
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This is always defined to 16K, so we move this over to
include/fsl_validate.h to start with. Next, we rename this from CONFIG_
to FSL_. Coalesce the various comments around this definition to be in
fsl_validate.h as well to explain the usage.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The rest of the unmigrated CONFIG symbols in the CONFIG_SYS namespace do
not easily transition to Kconfig. In many cases they likely should come
from the device tree instead. Move these out of CONFIG namespace and in
to CFG namespace.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Migrate all of COFIG_SYS_FSL* to the CFG_SYS namespace.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Migrate all of COFIG_SYS_MPC* to the CFG_SYS namespace.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
caam driver model enabled in spl for secure boot.
fsl_rsa_mod_exp driver enabled in spl for validating uboot image.
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
|
|
As things stand currently, there is only one PowerPC platform that
enables the options for CHAIN_OF_TRUST. From the board header files,
remove a number of never-set options. Remove board specific values from
arch/powerpc/include/asm/fsl_secure_boot.h as well. Rework
include/config_fsl_chain_trust.h to not abuse the CONFIG namespace for
constructing CHAIN_BOOT_CMD. Migrate all of the configurable addresses
to Kconfig.
If any platforms are re-introduced with secure boot support, everything
required should still be here, but now in Kconfig, or requires migration
of an option to Kconfig.
Cc: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
asm/mmu.h include is currently guarded by CONFIG_ADDR_MAP ifdef because
the header is only present on arm and powerpc. In order to remove the
dependency on this header and the associated ifdef, move init_addr_map()
declaration to init.h, since it is only called during the common init
sequence.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
|
|
Move this header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move env_set() over to the new header file.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Uboot prompt must not be available while running
secure boot. TO ensure this bootdelay must be set
to -2.
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
|
|
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Enable validation of boot.scr script prior to its execution dependent
on "secureboot" flag in environment. Disable fall back option to
nor/qspi boot in case of secure boot. Also enable "secureboot=y"
flag in environment for ARM based platforms instead of bootcmd.
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Tested-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
This header includes things that are needed to make driver build. Adjust
existing users to include that always, even if other dm/ includes are
present
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Use CONFIG_ARCH_LS1021A instead.
Signed-off-by: York Sun <york.sun@nxp.com>
|
|
With entry_point now being an unsigned long we need to adapt the last
two debug prints to use %lX not %X.
Fixes: 11e1479b9e67 ("SPL: make struct spl_image 64-bit safe")
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Override jump_to_image_no_args function to include validation of
u-boot image using spl_validate_uboot before jumping to u-boot image.
Also define macros in SPL framework to enable crypto operations.
Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.
Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.
Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Chain of Trust is enabled for ARM platforms (LS1021 and LS1043).
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
bootdelay = 0 (To disable Boot Prompt)
bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
