Some SOCs, specifically the ones in the C29x familiy can have
multiple security engines. This patch adds a system configuration
define which indicates the maximum number of SEC engines that
can be found on a SoC.
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.
Move these options to Kconfig and tidy up board configuration:
CONFIG_FIT
CONFIG_OF_BOARD_SETUP
CONFIG_OF_SYSTEM_SETUP
CONFIG_FIT_SIGNATURE
CONFIG_FIT_BEST_MATCH
CONFIG_FIT_VERBOSE
CONFIG_OF_STDOUT_VIA_ALIAS
CONFIG_RSA
Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.
Note: Masahiro's moveconfig.py script is amazing.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
Kconfig options must defined in the defconfig files. Since RSA_SOFTWARE_EXP
relies on CONFIG_DM, unless it is set in kconfig we cannot enable RSA.
Remove the hacks which enable CONFIG_DM in header files and update the
defconfig.
Signed-off-by: Simon Glass <sjg@chromium.org>
PAMU driver basic support for usage in Secure Boot.
In secure boot PAMU is not in bypass mode. Hence to use
any peripheral (SEC Job ring in our case), PAMU has to be
configured.
The patch reverts commit 7cad2e38d6.
The Header file pamu.h and few functions in driver have been derived
from Freescale Libos.
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Chain of Trust is enabled for PowerPC platforms for Secure Boot.
CONFIG_BOARD_LATE_INIT is defined.
In board_late_init(), fsl_setenv_chain_of_trust() is called which
will perform the following:
- If boot mode is non-secure, return (No Change)
- If boot mode is secure, set the following environmet variables:
bootdelay = 0 (To disable Boot Prompt)
bootcmd = CONFIG_CHAIN_BOOT_CMD (Validate and execute Boot script)
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
A function is created to detrmine if the boot mode is secure
or non-secure for differnt SoC's.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
There are two phases in Secure Boot
1. ISBC: In BootROM, validate the BootLoader (U-Boot).
2. ESBC: In U-Boot, continuing the Chain of Trust by
validating and booting LINUX.
For ESBC phase, there is no difference in SoC's based on ARM or
PowerPC cores.
But the exit conditions after ISBC phase i.e. entry conditions for
U-Boot are different for ARM and PowerPC.
PowerPC:
If Secure Boot is executed, a separate U-Boot target is required
which must be compiled with a diffrent Text Base as compared to
Non-Secure Boot. There are some LAW and TLB settings which are
required specifically for Secure Boot scenario.
ARM:
ARM based SoC's have a fixed memory map and exit conditions from
BootROM are same irrespective of boot mode (Secure or Non-Secure).
Thus the current Secure Boot functionlity has been split into
two parts:
CONFIG_CHAIN_OF_TRUST
This will have the following functionality as part of U-Boot:
1. Enable commands like esbc_validate, esbc_halt
2. Change the environment settings based on bootmode, determined
at run time:
- If bootmode is non-secure, no change
- If bootmode is secure, set the following:
- bootdelay = 0 (Don't give boot prompt)
- bootcmd = Validate and execute the bootscript.
CONFIG_SECURE_BOOT
This is defined only for creating a different compile time target
for secure boot.
Traditionally, both these functionalities were defined under
CONFIG_SECURE_BOOT. This patch is aimed at removing the requirement
for a separate Secure Boot target for ARM based SoC's.
CONFIG_CHAIN_OF_TRUST will be defined and boot mode will be
determine at run time.
Another Security Requirement for running CHAIN_OF_TRUST is that
U-Boot environemnt must not be picked from flash/external memory.
This cannot be done based on bootmode at run time in current U-Boot
architecture. Once this dependency is resolved, no separate
SECURE_BOOT target will be required for ARM based SoC's.
Currently, the only code under CONFIG_SECURE_BOOT for ARM SoC's is
defining CONFIG_ENV_IS_NOWHERE
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
CONFIG_CMD_BLOB must be defined in case of Secure Boot. It was
earlier defined in all config files. The definition has been
moved to a common file which is included by all configs.
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Acked-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
The old mail address will stop working soon.
Update it all the files
Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@xilinx.com>
Erratum A-009663 workaround requires to set DDR_INTERVAL[BSTOPRE] to 0
before setting DDR_SDRAM_CFG[MEM_EN] and set DDR_INTERVAL[BSTOPRE]
to the desired value after DDR initialization has completed.
When DDR controller is configured to operate in auto-precharge
mode(DDR_INTERVAL[BSTOPRE]=0), this workaround is not needed.
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Reviewed-by: York Sun <york.sun@nxp.com>
In a number of places we had wordings of the GPL (or LGPL in a few
cases) license text that were split in such a way that it wasn't caught
previously. Convert all of these to the correct SPDX-License-Identifier
tag.
Signed-off-by: Tom Rini <trini@konsulko.com>
DDR errata-A008378 applies to LS1021-20-22A-R1.0, T1023-R1.0,
T1024-R1.0, T1040-42-20-22-R1.0/R1.1, it has been fixed on
LS102x Rev2.
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
move arch/powerpc/include/asm/fsl_errata.h to include/fsl_errata.h
to make it public for both ARM and POWER SoCs.
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
[York Sun: fix soc.h path in fsl_errata.h]
Reviewed-by: York Sun <yorksun@freescale.com>
Unify serial_ppc, and use the generic binding.
Signed-off-by: Thomas Chou <thomas@wytron.com.tw>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Add TODO comment]
Signed-off-by: Tom Rini <trini@konsulko.com>
A number of headers define functions as "extern inline" which is
causing problems with gcc5. The reason is that starting with
version 5.1, gcc defaults to the standard C99 semantics for the
inline keyword.
Under the traditional GNU inline semantics, an "extern inline"
function would never create an external definition, the same
as inline *without* extern in C99. In C99, and "extern inline"
definition is simply an external definition with an inline hint.
In short, the meanings of inline with and without extern are
swapped between GNU and C99.
The upshot is that all these definitions in header files create
an external definition wherever those headers are included,
resulting in multiple definition errors at link time.
Changing all these functions to "static inline" fixes the problem
since this works as desired in all gcc versions. Although the
semantics are slightly different (a static inline definition may
result in an actual function being emitted), it works as intended
in practice.
This patch also removes extern prototype declarations for the
changed functions where they existed.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Remove __ilog2_u64 and ffs4 from powerpc bitops to align with the
kernel implementation.
Use the generic __ffs64 instead of a custom powerpc implementation.
Cc: York Sun <yorksun@freescale.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Jagan Teki <jteki@openedev.com>
qe-tdm is muxed with diu, if hwconfig setted as qe-tdm,
assign muxed pins to qe-tdm, then delete diu node from
device tree.
Signed-off-by: Zhao Qiang <qiang.zhao@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The fsl_dtsec.h & fsl_tgec.h & fsl_fman.h can be shared on both ARM
and PPC, move it out of ppc to include/, and change the path in
drivers accordingly.
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Signed-off-by: Gong Qianyu <Qianyu.Gong@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
This reverts commit 8fe11b8901.
I'll add support to lwmon5 in the next patch and will remove
support for the broken lcd4_lwmon5 as well.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
This has not been converted to Generic Board, so should be removed.
(See doc/README.generic-board for details.)
Remove CONFIG_LWMON5 references.
(Also, remove undefined CONFIG_WD_MAX_RATE while I am here.)
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Stefan Roese <sr@denx.de>
ISBC Key Extension feature is not applicable for RAMBOOT
as there is no way to retrieve the CSF Header and validated
IE Key table from SRAM once CPC has been disabled.
The feature is only applicable in case of NOR SECURE BOOT.
Code Cleanup:
The SECURE_BOOT specific defines have been moved from
arch-ls102xa/config.h to
arm/include/asm/fsl_secure_boot.h
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Recently the FMan Port and MAC compatibles were changed.
This patch aligns the FMan Port and MAC compatibles
to the new FMan device tree binding document.
The FMan device tree binding document can be found in the Linux kernel:
./Documentation/devicetree/bindings/powerpc/fsl/fman.txt
This patch doesn't affect legacy compatibles support.
Signed-off-by: Igal Liberman <igal.liberman@freescale.com>
Tested-by: Xing Lei <xing.lei@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
gpio.h - Added missing copyright in few files.
rsa-mod-exp.h - Corrected copyright in the file.
fsl_sec.h - Added missing license in files
drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
For running Chain of Trust when doing Secure Boot from NAND,
the Bootscript header and bootscript must be copied from NAND
to RAM(DDR).
The addresses and commands for the same have been defined.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Secure Boot Target is added for NAND for P3041.
For mpc85xx SoCs, the core begins execution from address 0xFFFFFFFC.
In case of secure boot, this default address maps to Boot ROM.
The Boot ROM code requires that the bootloader(U-boot) must lie
in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is
configured as SRAM. U-Boot binary will be located on SRAM configured
at address 0xBFF00000.
In the U-Boot code, TLB entries are created to map the virtual address
0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM.
Signed-off-by: Saksham Jain <saksham@freescale.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Correct the value CONFIG_USB_MAX_CONTROLLER_COUNT macro to 1
for p1025 as it has one USB controller
Signed-off-by: Nikhil Badola <nikhil.badola@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
MAC1 acts as 1G/10G dual-role MAC on T1024. We introduce
macro SET_FMAN_RX_10G_TYPE2_LIODN for 10G MACs which have
same Port ID and same offset of address with 1G MAC.
Update it to match with the setting of fman in t1024 device
tree, otherwise there is no 'fsl,liodn' in
/proc/device-tree/soc@ffe000000/fman@400000/port@88000/
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
defconfig files are added and SFP version for these platforms
is updated.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
To replicate:
1. add to include/configs/p1_p2_rdb_pc.h "#define CONFIG_CMD_GPIO"
2. run `make P1020RDB-PC_defconfig`
3. run CROSS_COMPILE=powerpc-linux- make
and you will get:
common/built-in.o: In function `do_gpio':
u-boot/common/cmd_gpio.c:186: undefined reference to `gpio_request'
u-boot/common/cmd_gpio.c:194: undefined reference to `gpio_direction_input'
u-boot/common/cmd_gpio.c:195: undefined reference to `gpio_get_value'
u-boot/common/cmd_gpio.c:200: undefined reference to `gpio_get_value'
u-boot/common/cmd_gpio.c:203: undefined reference to `gpio_direction_output'
u-boot/common/cmd_gpio.c:209: undefined reference to `gpio_free
Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
Signed-off-by: Oleksandr G Zhadan <oleks@arcturusnetworks.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The SD clock could be generated by platform clock or peripheral
clock for some platforms. This patch adds peripheral clock
support for T1024/T1040/T2080. To enable it, define
CONFIG_FSL_ESDHC_USE_PERIPHERAL_CLK.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Cc: York Sun <yorksun@freescale.com>
Cc: Pantelis Antoniou <panto@antoniou-consulting.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Add adapter card type identification support by reading
FPGA STAT_PRES1 register SDHC Card ID[0:2] bits. To use this function,
define CONFIG_FSL_ESDHC_ADAPTER_IDENT.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Cc: York Sun <yorksun@freescale.com>
Cc: Pantelis Antoniou <panto@antoniou-consulting.com>
[York Sun: resolve conflicts in README.fsl-esdhc]
Reviewed-by: York Sun <yorksun@freescale.com>
Freescale PCIe controllers v3.0 and later need to set bit
CFG_READY to allow all inbound configuration transactions
to be processed normally when in EP mode. However, bit
CFG_READY has been moved from PCIe configuration space to
CCSR PCIe configuration register comparing previous version.
The patch is to set this bit according to PCIe version.
Signed-off-by: Ed Swarthout <Ed.Swarthout@freescale.com>
Signed-off-by: Roy Zang <tie-fei.zang@freescale.com>
Signed-off-by: Minghuan Lian <Minghuan.Lian@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Add a delay of 1 microsecond before issuing soft reset to the
controller to let ongoing ULPI transaction complete.
This prevents corruption of ULPI Function Control Register which
eventually prevents phy clock from entering to low power mode
Signed-off-by: Nikhil Badola <nikhil.badola@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The memac for PHY management on little endian SoCs is similar on big
endian SoCs, so we modify the driver by using I/O accessor function to
handle the endianness, so the driver can be reused on little endian
SoCs, we introduce CONFIG_SYS_MEMAC_LITTLE_ENDIAN for little endian
SoCs, if the CONFIG_SYS_MEMAC_LITTLE_ENDIAN is defined, the I/O access
is little endian, if not, the I/O access is big endian. Move fsl_memac.h
out of powerpc include.
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Signed-off-by: York Sun <yorksun@freescale.com>
1. Default environment will be used for secure boot flow
which can't be edited or saved.
2. Command for secure boot is predefined in the default
environment which will run on autoboot (and autoboot is
the only option allowed in case of secure boot) and it
looks like this:
#define CONFIG_SECBOOT \
"setenv bs_hdraddr 0xe8e00000;" \
"esbc_validate $bs_hdraddr;" \
"source $img_addr;" \
"esbc_halt;"
#endif
3. Boot Script can contain esbc_validate commands and bootm command.
Uboot source command used in default secure boot command will
run the bootscript.
4. Command esbc_halt added to ensure either bootm executes
after validation of images or core should just spin.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
esbc_validate command uses various IP Blocks: Security Monitor, CAAM block
and SFP registers. Hence the respective CONFIG's are enabled.
Apart from these CONFIG_SHA_PROG_HW_ACCEL and CONFIG_RSA are also enabled.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Freescale sfp has been used for mpc8xxx. It will be used
for ARM-based SoC as well. This patch moves the CCSR defintion of
sfp_regs to common include. This patch also defines ccsr_sfp_regs
definition for newer versions of SFP.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Modify CONFIG_USB_MAX_CONTROLLER_COUNT value to 1 on P1022DS.
As ETSEC2 and USB2 are muxed; thus if ETSEC2 is enabled, the
system bus hangs on USB2 if ETSEC2 is enabled but "usb start"
command is issued. Hence making default controller count to 1
to avoid system hang.
Signed-off-by: Nikhil Badola <nikhil.badola@freescale.com>
Reviewed-by: Yusong Sun <yorksun@freescale.com>
The code provides framework for heterogeneous multicore chips based on StarCore
and Power Architecture which are chasis-2 compliant, like B4860 and B4420
It will make u-boot recognize all non-ppc cores and peripherals like
SC3900/DSP CPUs, MAPLE, CPRI and print their configuration in u-boot logs.
Example boot logs of B4860QDS:
U-Boot 2015.01-00232-geef6e36-dirty (Jan 19 2015 - 11:58:45)
CPU0: B4860E, Version: 2.2, (0x86880022)
Core: e6500, Version: 2.0, (0x80400120)
Clock Configuration:
CPU0:1600 MHz, CPU1:1600 MHz, CPU2:1600 MHz, CPU3:1600 MHz,
DSP CPU0:1200 MHz, DSP CPU1:1200 MHz, DSP CPU2:1200 MHz, DSP CPU3:1200 MHz,
DSP CPU4:1200 MHz, DSP CPU5:1200 MHz,
CCB:666.667 MHz,
DDR:933.333 MHz (1866.667 MT/s data rate) (Asynchronous), IFC:166.667 MHz
CPRI:600 MHz
MAPLE:600 MHz, MAPLE-ULB:800 MHz, MAPLE-eTVPE:1000 MHz
FMAN1: 666.667 MHz
QMAN: 333.333 MHz
Top level changes include:
(1) Top level CONFIG to identify HETEROGENUOUS clusters
(2) CONFIGS for SC3900/DSP components
(3) Global structures like "cpu_type" and "MPC85xx_SYS_INFO"
updated for dsp cores and other components
(3) APIs to get DSP num cores and their Mask like:
cpu_dsp_mask, cpu_num_dspcores etc same as that of PowerPC
(5) Code to fetch and print SC cores and other heterogenous
device's frequencies
(6) README added for the same
Signed-off-by: Shaveta Leekha <shaveta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
This is required at present for device tree control. The ppc4xx does support
GPIOs but does not seem to have a proper driver. So this file is empty.
Signed-off-by: Simon Glass <sjg@chromium.org>
Era property is added in the crypto node in device tree.
Move the code to do so from arch/powerpc/mpc8xxx/fdt.c to
drivers/sec/sec.c so that it can be used across arm and
powerpc platforms having crypto node.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
[York Sun: Fix commit message indentation]
Reviewed-by: York Sun <yorksun@freescale.com>
Some Freescale SoCs like T1020 and T1040 have an integrated
L2 Switch. The L2 Switch ports may be connected to Ethernet PHYs
over SGMII and QSGMII.
Signed-off-by: Codrin Ciubotariu <codrin.ciubotariu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The number of supported serdes protocols on Freescale SoCs
has increased over time. Until now, an u64 variable have been
initialized on boot with the configured protocols. However,
since this number has increased (enum srds_prtcl has more
than 64 values), 64 bits are no longer sufficient to hold track
of all the configured protocols.
This patch replaces the u64 map values with static arrays.
To keep track of the number of serdes protocols, the
SERDES_PRCTL_COUNT vale has been added at the end of
enum srds_prtcl. This value must always be the last one.
Signed-off-by: Codrin Ciubotariu <codrin.ciubotariu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
CONFIG_SYS_PBI_FLASH_BASE is defined for Secure Boot on C29X
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
If CONFIG_OF_CONTROL is enabled, lib/fdtdec.c is compiled.
It includes <asm/gpio.h> and then <asm/gpio.h> includes
<asm/arch/gpio.h>. As a result, all the SoCs that enable
CONFIG_OF_CONTROL must have <asm/arch/gpio.h>.
The right fix would be to split the lib/fdtdec.c to remove
dependency on GPIO.
This commit adds a dummy <asm/arch/gpio.h> to support OF_CONTROL
for mpc85xx platform. A file mpc85xx_gpio.h exists in
arch/powerpc/include/asm. The defintions in that file conflict
with the ones in asm-generic/gpio.h. Hence a dummy header file
has been added. This will be removed after FDT-GPIO stuff is
fixed correctly.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>